Home page logo

nanog logo nanog mailing list archives

MPLS ICMP Extensions
From: Leo Bicknell <bicknell () ufp org>
Date: Thu, 14 Aug 2003 13:40:01 -0400

I wanted to get some other opinions on some new features that have
appeared in recent code from the popular vendors.  It appears there
is a new draft, a copy of which can be found at
http://www.watersprings.org/links/mlr/id/draft-ietf-mpls-icmp-01.txt that
allows MPLS enabled boxes to return some additonal information in
a traceroute packet.

That's all well and good, and I can see how that might be amazingly
useful to someone running an MPLS network, however, it seems to
expose data much further than the local network.  Here's a random
example from a traceroute I recently performed (on a Juniper):

traceroute wcg.net
11  hrndva1wcx3-oc48.wcg.net (  91.935 ms  102.652 ms 92.960 ms
     MPLS Label=13198 CoS=0 TTL=1 S=1
12  hrndva1wcx2-oc48.wcg.net (  92.593 ms  92.785 ms 93.119 ms
     MPLS Label=12676 CoS=0 TTL=1 S=1
13  nycmny2wcx2-oc48.wcg.net (  93.273 ms  93.121 ms 93.067 ms
     MPLS Label=12632 CoS=0 TTL=1 S=1
14  nycmny2wcx3-oc48.wcg.net (  104.755 ms  91.949 ms 92.169 ms
     MPLS Label=12672 CoS=0 TTL=1 S=1
15  chcgil1wcx3-oc48.wcg.net (  92.021 ms  91.737 ms 91.684 ms
     MPLS Label=12592 CoS=0 TTL=1 S=1
16  chcgil1wcx3-pos5-0.wcg.net (  175.907 ms  278.144 ms 203.763 ms
     MPLS Label=12695 CoS=0 TTL=1 S=1
17  chcgil1wcx2-oc48.wcg.net (  93.286 ms  93.230 ms 93.593 ms
     MPLS Label=13506 CoS=0 TTL=1 S=1
18  stlsmo3wcf1-atm.wcg.net (  92.780 ms  92.344 ms 92.596 ms

It appears both Cisco and Juniper support this new feature.  The
question I quickly asked both vendors is how do you turn this
behavior off, so the traceroutes appear as they did before this
feature was introduced.  The answer, apparently, is you don't.  You
can either disable TTL processing on your MPLS tunnels (in effect
disabling traceroute), or you can have it output all this extra

The response I'm getting so far from each vendor is they believe
this are the right two options to offer.  Thus, my post here.  I
think there are more people out there who would like to not expose
their MPLS labels, Class of Service info, or anything else this
feature can provide (because, I don't know all of what it can
display), but still allow traceroute to work normally.

If I'm off in the deep end, please tell me so, if not, please tell your
vendor rep you'd like the "icmp no mpls info" knob.

       Leo Bicknell - bicknell () ufp org - CCIE 3440
        PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request () tmbg org, www.tmbg.org

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]