tcpping and Tcptraceroute's use
作者: 2hei 发表于2008年7月26日 19:01 版权声明: 可以转载, 转载时务必以超链形式标明文章原始出处和作者信息及版权声明
http://www.2hei.net/mt/2008/07/tcpping-and-tcptraceroutes-use.html
tcpping使用TCP协议来检测网络状况,与平时使用的ping有所不同,ping使用的是ICMP协议。
tcpping是一个shell脚本,运行需要 tcptraceroute 的支持,所以真正起作用的是tcptraceroute
整体安装比较简单,具体顺序是先安装tcptraceroute,然后创建tcpping脚本。
注意: Tcptraceroute需要libcap和libnet的支持,这里暂不介绍。
假定已经编译好libcap和libnet
1.编译tcptraceroute
./configure --prefix=/usr/local/tcptraceroute --with-libpcap=/usr/local/libpcap --with-libnet=/usr/local/libnet --enable-static
安装好以后把tcptraceroute放到PATH路径,这样tcpping脚本可以找到tcptraceroute。
2.使用、语法
./tcptraceroute
tcptraceroute 1.5beta7
Copyright (c) 2001-2006 Michael C. Toren <mct@toren.net>
Updates are available from http://michael.toren.net/code/tcptraceroute/
Usage: tcptraceroute [-nNFSAE] [-i <interface>] [-f <first ttl>]
[-l <packet length>] [-q <number of queries>] [-t <tos>]
[-m <max ttl>] [-pP] <source port>] [-s <source address>]
[-w <wait time>] <host> [destination port] [packet length]
#tcptraceroute www.google.com
Selected device eth0, address 212.106.15.83, port 40479 for outgoing packets
Tracing the path to www.google.com (64.233.189.99) on TCP port 80 (http), 30 hops max
...
5 219.158.4.82 44.330 ms 44.258 ms 44.032 ms
6 219.158.3.246 54.812 ms 54.760 ms 54.739 ms
7 219.158.3.130 60.441 ms 60.436 ms 60.365 ms
8 219.158.32.230 51.775 ms 49.505 ms 49.407 ms
9 64.233.175.207 60.484 ms 60.637 ms 77.707 ms
10 66.249.94.34 49.639 ms 61.653 ms 54.145 ms
11 hk-in-f99.google.com (64.233.189.99) [open] 50.267 ms 50.059 ms 50.111 ms
和traceroute的区别
#traceroute www.google.com
traceroute: Warning: www.google.com has multiple addresses; using 64.233.189.104
traceroute to www-china.l.google.com (64.233.189.104), 30 hops max, 38 byte packets
...
5 219.158.4.38 (219.158.4.38) 42.247 ms 42.551 ms 42.519 ms
6 219.158.3.58 (219.158.3.58) 42.140 ms 42.107 ms 42.118 ms
7 219.158.3.130 (219.158.3.130) 47.976 ms 47.900 ms 48.013 ms
8 219.158.32.230 (219.158.32.230) 37.038 ms 36.947 ms 37.058 ms
9 64.233.175.207 (64.233.175.207) 48.005 ms 47.987 ms 48.022 ms
10 66.249.94.6 (66.249.94.6) 50.673 ms 66.249.94.34 (66.249.94.34) 46.763 ms 37.104 ms
11 hk-in-f104.google.com (64.233.189.104) 47.841 ms 47.878 ms 47.826 ms
tcpping的使用:
./tcpping
tcpping v1.6 Richard van den Berg <richard@vdberg.org>
Usage: tcpping [-d] [-c] [-C] [-w sec] [-q num] [-x count] ipaddress [port]
-d print timestamp before every result
-c print a columned result line
-C print in the same format as fping's -C option
-w wait time in seconds (defaults to 3)
-r repeat every n seconds (defaults to 1)
-x repeat n times (defaults to unlimited)
See also: man tcptraceroute
http://michael.toren.net/code/tcptraceroute/
使用tcpping
#tcpping -c www.google.com
0 1217065416 50.126 hk-in-f99.google.com (64.233.189.99)
1 1217065417 50.170 hk-in-f99.google.com (64.233.189.99)
2 1217065418 48.035 hk-in-f104.google.com (64.233.189.104)
3 1217065419 47.858 hk-in-f104.google.com (64.233.189.104)
4 1217065420 50.024 hk-in-f99.google.com (64.233.189.99)
5 1217065421 49.756 hk-in-f147.google.com (64.233.189.147)
6 1217065422 50.155 hk-in-f99.google.com (64.233.189.99)
7 1217065423 49.688 hk-in-f147.google.com (64.233.189.147)
可以看到google的几个不同IP。
使用ping
#ping www.google.com
PING www-china.l.google.com (64.233.189.147) 56(84) bytes of data.
64 bytes from hk-in-f147.google.com (64.233.189.147): icmp_seq=0 ttl=244 time=49.5 ms
64 bytes from hk-in-f147.google.com (64.233.189.147): icmp_seq=1 ttl=244 time=49.5 ms
64 bytes from hk-in-f147.google.com (64.233.189.147): icmp_seq=2 ttl=244 time=49.5 ms
64 bytes from hk-in-f147.google.com (64.233.189.147): icmp_seq=3 ttl=244 time=49.4 ms
64 bytes from hk-in-f147.google.com (64.233.189.147): icmp_seq=4 ttl=244 time=49.5 ms
其他具体的使用方法可以查看脚本的参数
# tcptraceroute --help
tcptraceroute 1.5beta7
Copyright (c) 2001-2006 Michael C. Toren <mct@toren.net>
Updates are available from http://michael.toren.net/code/tcptraceroute/
Usage: tcptraceroute [-nNFSAE] [-i <interface>] [-f <first ttl>]
[-l <packet length>] [-q <number of queries>] [-t <tos>]
[-m <max ttl>] [-pP] <source port>] [-s <source address>]
[-w <wait time>] <host> [destination port] [packet length]
-n
Display numeric output, rather than doing a reverse DNS lookup for each hop. By default, reverse lookups are never attempted on RFC1918
address space, regardless of the -n flag.
-N
Perform a reverse DNS lookup for each hop, including RFC1918 addresses.
-f
Set the initial TTL used in the first outgoing packet. The default is 1.
-m
Set the maximum TTL used in outgoing packets. The default is 30.
-p
Use the specified local TCP port in outgoing packets. The default is to obtain a free port from the kernel using bind(2). Unlike with traditional
traceroute(8), this number will not increase with each hop.
-s
Set the source address for outgoing packets. See also the -i flag.
-i
Use the specified interface for outgoing packets.
-q
Set the number of probes to be sent to each hop. The default is 3.
-w
Set the timeout, in seconds, to wait for a response for each probe. The default is 3.
-S
Set the TCP SYN flag in outgoing packets. This is the default, if neither -S or -A is specified.
-A
Set the TCP ACK flag in outgoing packets. By doing so, it is possible to trace through stateless firewalls which permit outgoing TCP connections.
-E
Send ECN SYN packets, as described in RFC2481.
-t
Set the IP TOS (type of service) to be used in outgoing packets. The default is not to set any TOS.
-F
Set the IP "don't fragment" bit in outgoing packets.
-l
Set the total packet length to be used in outgoing packets. If the length is greater than the minimum size required to assemble the necessary probe
packet headers, this value is automatically increased.
-d
Enable debugging, which may or may not be useful.
下面是tcpping的脚本:
tcpping
tcpping是一个shell脚本,运行需要 tcptraceroute 的支持,所以真正起作用的是tcptraceroute
整体安装比较简单,具体顺序是先安装tcptraceroute,然后创建tcpping脚本。
注意: Tcptraceroute需要libcap和libnet的支持,这里暂不介绍。
假定已经编译好libcap和libnet
1.编译tcptraceroute
./configure --prefix=/usr/local/tcptraceroute --with-libpcap=/usr/local/libpcap --with-libnet=/usr/local/libnet --enable-static
安装好以后把tcptraceroute放到PATH路径,这样tcpping脚本可以找到tcptraceroute。
2.使用、语法
./tcptraceroute
tcptraceroute 1.5beta7
Copyright (c) 2001-2006 Michael C. Toren <mct@toren.net>
Updates are available from http://michael.toren.net/code/tcptraceroute/
Usage: tcptraceroute [-nNFSAE] [-i <interface>] [-f <first ttl>]
[-l <packet length>] [-q <number of queries>] [-t <tos>]
[-m <max ttl>] [-pP] <source port>] [-s <source address>]
[-w <wait time>] <host> [destination port] [packet length]
#tcptraceroute www.google.com
Selected device eth0, address 212.106.15.83, port 40479 for outgoing packets
Tracing the path to www.google.com (64.233.189.99) on TCP port 80 (http), 30 hops max
...
5 219.158.4.82 44.330 ms 44.258 ms 44.032 ms
6 219.158.3.246 54.812 ms 54.760 ms 54.739 ms
7 219.158.3.130 60.441 ms 60.436 ms 60.365 ms
8 219.158.32.230 51.775 ms 49.505 ms 49.407 ms
9 64.233.175.207 60.484 ms 60.637 ms 77.707 ms
10 66.249.94.34 49.639 ms 61.653 ms 54.145 ms
11 hk-in-f99.google.com (64.233.189.99) [open] 50.267 ms 50.059 ms 50.111 ms
和traceroute的区别
#traceroute www.google.com
traceroute: Warning: www.google.com has multiple addresses; using 64.233.189.104
traceroute to www-china.l.google.com (64.233.189.104), 30 hops max, 38 byte packets
...
5 219.158.4.38 (219.158.4.38) 42.247 ms 42.551 ms 42.519 ms
6 219.158.3.58 (219.158.3.58) 42.140 ms 42.107 ms 42.118 ms
7 219.158.3.130 (219.158.3.130) 47.976 ms 47.900 ms 48.013 ms
8 219.158.32.230 (219.158.32.230) 37.038 ms 36.947 ms 37.058 ms
9 64.233.175.207 (64.233.175.207) 48.005 ms 47.987 ms 48.022 ms
10 66.249.94.6 (66.249.94.6) 50.673 ms 66.249.94.34 (66.249.94.34) 46.763 ms 37.104 ms
11 hk-in-f104.google.com (64.233.189.104) 47.841 ms 47.878 ms 47.826 ms
tcpping的使用:
./tcpping
tcpping v1.6 Richard van den Berg <richard@vdberg.org>
Usage: tcpping [-d] [-c] [-C] [-w sec] [-q num] [-x count] ipaddress [port]
-d print timestamp before every result
-c print a columned result line
-C print in the same format as fping's -C option
-w wait time in seconds (defaults to 3)
-r repeat every n seconds (defaults to 1)
-x repeat n times (defaults to unlimited)
See also: man tcptraceroute
http://michael.toren.net/code/tcptraceroute/
使用tcpping
#tcpping -c www.google.com
0 1217065416 50.126 hk-in-f99.google.com (64.233.189.99)
1 1217065417 50.170 hk-in-f99.google.com (64.233.189.99)
2 1217065418 48.035 hk-in-f104.google.com (64.233.189.104)
3 1217065419 47.858 hk-in-f104.google.com (64.233.189.104)
4 1217065420 50.024 hk-in-f99.google.com (64.233.189.99)
5 1217065421 49.756 hk-in-f147.google.com (64.233.189.147)
6 1217065422 50.155 hk-in-f99.google.com (64.233.189.99)
7 1217065423 49.688 hk-in-f147.google.com (64.233.189.147)
可以看到google的几个不同IP。
使用ping
#ping www.google.com
PING www-china.l.google.com (64.233.189.147) 56(84) bytes of data.
64 bytes from hk-in-f147.google.com (64.233.189.147): icmp_seq=0 ttl=244 time=49.5 ms
64 bytes from hk-in-f147.google.com (64.233.189.147): icmp_seq=1 ttl=244 time=49.5 ms
64 bytes from hk-in-f147.google.com (64.233.189.147): icmp_seq=2 ttl=244 time=49.5 ms
64 bytes from hk-in-f147.google.com (64.233.189.147): icmp_seq=3 ttl=244 time=49.4 ms
64 bytes from hk-in-f147.google.com (64.233.189.147): icmp_seq=4 ttl=244 time=49.5 ms
其他具体的使用方法可以查看脚本的参数
# tcptraceroute --help
tcptraceroute 1.5beta7
Copyright (c) 2001-2006 Michael C. Toren <mct@toren.net>
Updates are available from http://michael.toren.net/code/tcptraceroute/
Usage: tcptraceroute [-nNFSAE] [-i <interface>] [-f <first ttl>]
[-l <packet length>] [-q <number of queries>] [-t <tos>]
[-m <max ttl>] [-pP] <source port>] [-s <source address>]
[-w <wait time>] <host> [destination port] [packet length]
-n
Display numeric output, rather than doing a reverse DNS lookup for each hop. By default, reverse lookups are never attempted on RFC1918
address space, regardless of the -n flag.
-N
Perform a reverse DNS lookup for each hop, including RFC1918 addresses.
-f
Set the initial TTL used in the first outgoing packet. The default is 1.
-m
Set the maximum TTL used in outgoing packets. The default is 30.
-p
Use the specified local TCP port in outgoing packets. The default is to obtain a free port from the kernel using bind(2). Unlike with traditional
traceroute(8), this number will not increase with each hop.
-s
Set the source address for outgoing packets. See also the -i flag.
-i
Use the specified interface for outgoing packets.
-q
Set the number of probes to be sent to each hop. The default is 3.
-w
Set the timeout, in seconds, to wait for a response for each probe. The default is 3.
-S
Set the TCP SYN flag in outgoing packets. This is the default, if neither -S or -A is specified.
-A
Set the TCP ACK flag in outgoing packets. By doing so, it is possible to trace through stateless firewalls which permit outgoing TCP connections.
-E
Send ECN SYN packets, as described in RFC2481.
-t
Set the IP TOS (type of service) to be used in outgoing packets. The default is not to set any TOS.
-F
Set the IP "don't fragment" bit in outgoing packets.
-l
Set the total packet length to be used in outgoing packets. If the length is greater than the minimum size required to assemble the necessary probe
packet headers, this value is automatically increased.
-d
Enable debugging, which may or may not be useful.
下面是tcpping的脚本:
tcpping
发表一个评论