Can someone elaborate on what's going on here?

Caporegime
Joined
26 Aug 2003
Posts
37,491
Location
Leafy Cheshire
I've been noticing random internet slowdown/dropouts at work, and seem to have found what I believe to be the cause, however a few things are confusing me about the stats (from pathping):

Code:
Windows PowerShell
Copyright (C) 2009 Microsoft Corporation. All rights reserved.

PS C:\Users\Elliott.Cummings> pathping www.jolt.co.uk

Tracing route to jolt.co.uk [84.234.17.86]
over a maximum of 30 hops:
  0  C-EF-UK-IT020.eazyfoneltd.com [10.1.2.101]
  1  10.1.2.1
  2  89-105-106-49.fluidata.co.uk [89.105.106.49]
  3  10.0.0.137
  4  89-105-125-3.fluidata.co.uk [89.105.125.3]
  5  77-89-165-25.fluidata.co.uk [77.89.165.25]
  6  77-89-165-22.fluidata.co.uk [77.89.165.22]
  7  83-223-115-33.as29017.net [83.223.115.33]
  8  ae0.core-1.lhc.lon.uk.as29017.net [89.145.125.53]
  9  linx-brocade1.netrino.co.uk [195.66.225.18]
 10  bs1-core.netrino.co.uk [84.234.19.5]
 11  bruce.ferrago.net [84.234.17.86]

Computing statistics for 275 seconds...
            Source to Here   This Node/Link
Hop  RTT    Lost/Sent = Pct  Lost/Sent = Pct  Address
  0                                           C-EF-UK-IT020.eazyfoneltd.com [10.
1.2.101]
                                0/ 100 =  0%   |
  1    0ms     0/ 100 =  0%     0/ 100 =  0%  10.1.2.1
                                0/ 100 =  0%   |
  2    0ms     0/ 100 =  0%     0/ 100 =  0%  89-105-106-49.fluidata.co.uk [89.105.106.49]
                                0/ 100 =  0%   |
  3   ---    100/ 100 =100%   100/ 100 =100%  10.0.0.137
                                0/ 100 =  0%   |
  4   41ms     0/ 100 =  0%     0/ 100 =  0%  89-105-125-3.fluidata.co.uk [89.105.125.3]
                                0/ 100 =  0%   |
  5   26ms     0/ 100 =  0%     0/ 100 =  0%  77-89-165-25.fluidata.co.uk [77.89.165.25]
                                0/ 100 =  0%   |
  6   30ms     0/ 100 =  0%     0/ 100 =  0%  77-89-165-22.fluidata.co.uk [77.89.165.22]
                                0/ 100 =  0%   |
  7   28ms     0/ 100 =  0%     0/ 100 =  0%  83-223-115-33.as29017.net [83.223.115.33]
                                0/ 100 =  0%   |
  8   26ms     0/ 100 =  0%     0/ 100 =  0%  ae0.core-1.lhc.lon.uk.as29017.net [89.145.125.53]
                                0/ 100 =  0%   |
  9   36ms     0/ 100 =  0%     0/ 100 =  0%  linx-brocade1.netrino.co.uk [195.66.225.18]
                                0/ 100 =  0%   |
 10   27ms     0/ 100 =  0%     0/ 100 =  0%  bs1-core.netrino.co.uk [84.234.19.5]
                                0/ 100 =  0%   |
 11   24ms     0/ 100 =  0%     0/ 100 =  0%  bruce.ferrago.net [84.234.17.86]

Trace complete.
PS C:\Users\Elliott.Cummings>

as you can see, hop 3 is obviously problematic, question are why? and how if I'm getting 100% loss, is traffic getting beyond it?
 
Soldato
Joined
11 Jul 2007
Posts
2,524
It's not loss, They are purposefully blocking Pings.
The connection actually looks pretty good there - Maybe your local WiFi or a web proxy server issue?
 
Caporegime
OP
Joined
26 Aug 2003
Posts
37,491
Location
Leafy Cheshire
It's not loss, They are purposefully blocking Pings.
The connection actually looks pretty good there - Maybe your local WiFi or a web proxy server issue?

It's our corporate network, no WiFi involved in any step from this host. And my traffic isn't going out through our proxy, this is direct.

The problem that does seem to arise when WAN connectivity drops out is that 89.105.106.49 (our packet combiner for the three ADSL2+ lines) stops replying to pings (it usually replies).

I'm insistent that the problem lies outside of my administration and that it is with our service provider Fluidata, however they say that they see no faults.

The other thing I can't quite get my head around is why once we have hit two public hops, (89.105.106.50 and 89.105.106.49), we then appear to hit a private IP range again. I know it shouldn't cause any issues, but it seems rather odd.
 
Last edited:
Soldato
Joined
27 Feb 2003
Posts
7,171
Location
Shropshire
The other thing I can't quite get my head around is why once we have hit two public hops, (89.105.106.50 and 89.105.106.49), we then appear to hit a private IP range again. I know it shouldn't cause any issues, but it seems rather odd.

Is your packet combiner a Cisco router or something similar?

It could be that Fluidata have put IPs on the "internal" interfaces on the bonded connections.
 
Man of Honour
Joined
30 Jun 2005
Posts
9,515
Location
London Town!
Bear in mind hop 3 is privately addressed, quite possible it's simply lack of a route which is causing the apparent loss, routing traffic through it could be just fine. I've seen the same in the past, a few service providers occasionally foolishly use private IPs in the path (a few I've worked for even, some staff get an idea in their head that it's alright and nobody ever gets round to correcting it.

It should 'work' just fine, it just breaks a few little things like traces (as you're seeing) and path MTU discovery...
 
Caporegime
OP
Joined
26 Aug 2003
Posts
37,491
Location
Leafy Cheshire
The issue I think we are having is that the 10.0.0.x range exists on both sides of our perimeter (89.105.106.49 is the WAN address of our packet combiner, and 10.0.0.0/29 is our DMZ). Would this be causing any looping with routing?
 
Man of Honour
Joined
30 Jun 2005
Posts
9,515
Location
London Town!
The issue I think we are having is that the 10.0.0.x range exists on both sides of our perimeter (89.105.106.49 is the WAN address of our packet combiner, and 10.0.0.0/29 is our DMZ). Would this be causing any looping with routing?

No, it'll just break ping/trace to the remote subnet, traffic will still route through it just fine though...
 
Back
Top Bottom