Show HN: How did your computer reach my server?

I realized I had never seen this sort of thing on the web before.

Search for: "looking glass bgp" and you'll find some[1]. One of the first CGI programs I wrote nearly three decades ago (ugh...) was a Perl script that wrapped traceroute and streamed the results via server push[2]. Everything old is new again. :-)

That said, your site has a very nice presentation.

BTW, ipv4 TTL is dejure seconds even though it's defacto hop count since no router takes more than a second and the minimum decrement is 1 (except middleboxes which wish to remain hidden won't decrement at all). Also, Linux/Unix traceroute by default use UDP to a high numbered (and usually closed) port for probe packets instead since UDP historically is less likely to be dropped/filtered than ICMP.

Aside: asking how traceroute works is one of my interview questions, most people don't know (if they do the question is no good) and many are unable to figure it out from first principles no matter how many questions I answer about TCP/IP. I still think being able to figure it out is a reasonable problem solving question.

1. e.g. https://www.bgplookingglass.com/

2. https://www.oreilly.com/openbook/cgi/ch06_06.html

Cool project! Two suggestions, one serious, one frivolous:

- I wonder if you could get more accurate results by using TCP or UDP instead of ICMP. I think traditional traceroute has an option to use UDP, mtr [1] can use TCP or UDP, and tcptraceroute [2] can use TCP.

- This would be a perfect fit for some Talking Heads references. "And you may ask yourself, well, how did I get here?" [3]

[1] https://github.com/traviscross/mtr

[2] https://linux.die.net/man/1/tcptraceroute

[3] https://en.wikipedia.org/wiki/Once_in_a_Lifetime_(Talking_He...

Since you're in the weeds with traceroute you might appreciate this one (if you haven't seen it already):

traceroute bad.horse

Hey Lexi,

Total side note, your other post (about cpu.land) is at exactly 1337 upvotes now :D https://share.cleanshot.com/ktVWL2pr

How fitting.

Cool! I was nervous it was gonna show my Tor circuit o_o

Unfortunately so many nodes ignore traceroute packets that it basically said my exit node connected to Linode and then Linode connected to your computer. I have the same experience with forward traceroutes, my router replies, my server replies, and if I'm lucky, one node in my ISP's network. The rest is locked up tight.

Good work, a nice site explaining the traceroute is very handy! I could see myself using this to explain what traceroute is for various technicians I'm training to maintain corporate networks.

(Now if only I could figure out how to enable traceroute to work on each hop from a given workstation through corporate cisco access switch, core switch, BGP tunnel to aws transit gateways, and eventually land at the VPC route table on the EC2 instance, then i might actually be able to call myself a network guy)

You are working on a lot more cool things than I was when I was 17. Rock on! If you enjoyed "I, Robot" I recommend Ted Chiang's "Stories of Your Life and Others". The movie Arrival was based of one of the short stories in this collection.

This is incredible, Lexi. I have had a lot of fun learning about the low levels of networking; there are so many interesting details. Documenting those — and making them so intuitive, like you do here — is amazing.

Keep up the amazing work!

I found about "Lying for Money" on your website a few months ago when you posted your CPU thing. Thanks that was totally worth a read. I recommend you "When Mckinsey comes to town" (the book) in a similar vein, that was entertaining in human mischief as well.

Most of the really cool things on the interwebs started just like this.

Kudos and carry on!

Really awesome project!

A technical nitpick though: Routes can be asymmetric—going across one path in one direction and another for the opposite. This means that your tool potentially doesn't show the route packets from the user took to reach your server, but rather the route packets took from your server to reach the user. I believe that querying with BGP looking glass tools would allow you to construct the route in either direction, but it is maybe a bit less cool looking than the real-time traceroute that is a result of actual traffic.

This is absolutely amazing <3

The narrative based traceroute in green is something I’ve never seen before. How many providers, like CDNs, did you take the time to map into a narrative?

This feels targeted towards folks who kind of already understand computers. It be cool to repackage this in a way that can show non-technical people the stuff they take for granted. The mountains that move on a user’s behalf under every keystroke is humbling.

One of my favorite books on this topic is Interconnections: Bridges, Routers, Switches, and Interconnections by Radia Perlman if you haven’t come across it.

Great job!

I was reminded of working at a company in 1996... we had windows 95(!) with Trumpet WinSock and a dial-up modem (24k, IIRC). I was just learning how all this stuff worked and fit together. I stumbled on a traceroute screen that would slowly drip out each hop and... it was magical to me. Suddenly realizing the idea of 'a big global network' I'd read about was actually... right at my fingertips, and I could see which computers my traffic was being routed through... that kept me up at night for a while. Not sure I'll say it was life-changing, but it sort of felt like it for a bit at that time :)

Nice work, Lexi. Let me add that your design skills are pretty excellent as well.

Nice. I'm wearing black jeans and I'm always surprised by how little developers know about basic networking. I was always interested in it but also learnt about it at uni. I don't remember all the details, of course, but just generally knowing what routing is, what IP is etc. pays dividends when building anything that runs on networks/internet.

I felt a lot of pressure to make another Big Giant Thing but didn't really have anything compelling.

Easier said than done, but don't feel like you have to provide a constant flux of interesting things. That kind of pressure ends up being toxic pretty quickly. Do what you enjoy, if it hits an audience, great, but don't feel like you have to make it happen.

Both submitted and previous are cool and very well made. Grants!

Your projects are super inspiring!

Keep up the awesome work, Lexi. You are very skilled and I can tell that you will rise very quickly as an engineer and a teacher

RDAP contains some of the WHOIS information in a machine-readable format. (JSON) Not everything, but I think it's better.

Not everything runs an RDAP server, though; I do wish ICANN/IANA or whoever would enforce that.

Nowadays it's much worse; nearly everything is hidden behind privacy shields, which purport to protect PII. But WHOIS records aren't supposed to contain personal information; they're supposed to contain contact information for network operators.

Network operator info can also be PII. My info is PII, but I have a domain name, so putting my info into WHOIS is putting PII into WHOIS.

The privacy guard just forwards everything to me, minus spam.

(If it's a corporation, I don't think there's a good reason to permit privacy guards. But not all domains are owned by BigCos, yet.)

But WHOIS records aren't supposed to contain personal information; they're supposed to contain contact information for network operators.

Doesn't a whois have to include email, phone number and physical address? For a company that's not really PII, but I don't understand how it wouldn't be considered personal information in the whois for my personal website.

you can make an ad-hoc "parser" that works for 90% of addresses/domains (or you could, ten years ago when I tried). But the remainder are intractable.

Could generative AI help out these days? "Here's a whois, give me [the info I want]:"

Due to internet problems in Egypt earlier today with Telecom Egypt, I had a traceroute to the same destination going via _8_ different paths. Have to say that's twice the higher number of ECMPs I've seen on the internet in the past.

And yes, traffic is routing different ways from my Cairo office to my UK core --London ->Cairo is direct and still suffering massive loss, Cairo->London is now routing via ntt and seems fine. If they haven't fixed it by tomorrow might have to change some local prefs.

It's extremely rare but the data paths can be asymmetrical too. Eg satellite with a ground based uplink.

TY, will read! I touched on this duality in the article actually :)

Yeah, sorry, Hacker News has successfully made my server chug a lot :)

I'm working on it right now and hopefully will be working better soon! In the meantime I've increased timeouts so loading will be longer but it should work better.

Combined with IP source address spoofing, it would probably help greatly with DDoS amplification attacks while only saving up <50% packets for good users.

If you care about time rather than packet count, you can send packets with all reasonable TTL values at once.

Have enough problems with routers not sending normal ttl expired messages

Just use a better client. Takes about 3 seconds to do an mtr -b over 15 responding hops from a server in London to something like 43.249.179.0 in the south pacific.

Yeah, there is actually a whole section about this in the article! Called "Front to Back, Back to Front".

tl;dr in my experience the networks traversed are usually very similar, and the content is relevant and interesting either way around

Back in the days of bang paths, it was interesting to see how different a sender's bang path might be to the bang path for your reply and try to figure out what network connection differences caused the asymmetry.

Shouldn't have anything to do with Enhanced Tracking Protection, but my server is buckling under the traffic pressure! I'm working on it, maybe check back in 40m or so (SORRY!)

Do you have a VPN on as well? It works for me on FF mobile with Enhanced protection

called a "parasitic traceroute"

Ooh, that's compelling. I wonder how that would work for an actual traceroute.

Why?

CSS transforms!

    transform: rotate(-2deg) skew(-2deg);
    transform-origin: bottom left;

Fun story time!

Boise State University, and the University of Idaho are two schools at opposite ends of the state of Idaho. UIdaho in the north is close to Spokane, and almost all of its connectivity comes from Seattle. Boise is closer to Salt Lake so most of its connectivity comes via Portland or Salt Lake City. The middle of the state between the two schools is mountains and very, very little large scale connectivity at all, except there was a small line way bad in the day because the UofIdaho had remote classrooms in the southern part of the state. Sometime in the late 90's a network engineer from BSU and one from UofI realized that they both had switches and routing kit in the same building so they ran an ethernet cable between them.

The effect was catastrophic. It turns out that both networks happily started announcing BPG to each other, which in turn announced the connection to the internet as a whole. Suddenly there was a very short jump between networks in Seattle and networks in Salt Lake City. That poor little t1 (iirc) was absolutely getting saturated. But, interestingly only in one direction. See Boise announced the route, but Idaho didn't so the traffic was effectively only failing in one direction.

Needless to say the cable as disconnected and years later when I worked at the UofIdaho it was still well known that the two networks shouldn't ever be connected again! (Which was ironic because I was working on a program to setup I2 at both universities)

Yes, they are tilted:

    .text h3 {
        margin-top: 60px;
        margin-bottom: -4px;
        transform: rotate(-2deg) skew(-2deg);
        transform-origin: bottom left;
    }