When i “ping” a hostname from my remote website the latency is larger than when I ping the same hostname from localhost (or using the ping command). I use the same machine for both tests. Why is this happening?
Because the network is zero length instead of possibly 12,500 miles, or much more in the case of satellite links, and consists of zero routers instead of possibly dozens.
Related
I'm trying to go through an online course to study for my CCENT and CCNA certification exams, and I've come across a trouble spot.
In the module, he's going over basic network setup, including setting up interfaces, assigning ip addresses, the works.
At the end of the video for that portion, he's testing the connection by pinging a second machine from across the router, and having no issue in doing so, however I can't seem to make it work. Crude ASCII topology drawing below.
Currently, I can ping both ends of the router from either machine, and can ping both machines from the router no problem. What am I missing, or what have I not done in order to be able to ping one machine to the other? I want to make sure I have this working before I move on in the course.
10.0.0.0/25 10.0.0.128/25
|CPU 1|-------G0/0--|R1|--G0/1----------|CPU 2|
R1: G0/0: 10.0.0.1/25
G0/1: 10.0.0.129/25
CPU 1:10.0.0.10/25
default gateway: 10.0.0.1
CPU 2:10.0.0.130/25
default gateway: 10.0.0.129
Are the PCs in question "physical" machines? One common cause for PC to PC ping failure on "Physical" machines is the windows firewall. It would need to be disabled on the remote machine you wish to ping in order to get a response.
Thank you
Please vote on this answer if it was helpful.
I work for a company and we have a device that we are installing in small shops for their payment transactions. This device uses internet connection as the primary connection and in case internet goes down, it fails to 3G connection. During this time there is a downtime for few minutes
But we are having issues, where customers are calling us and says that their site goes down repeatedly throughout the day. When we look into our logs we see that our device has indeed failed over and back a number of times from primary to 3G and back to primary. We advise them that they need to check with ISP and make sure there is no internet drops.
Often customer say that they have consulted with ISP and they seem to say there are no issues from their end.
The only other possible reason that I can think of as to why the device keeps falling is due to faulty cabling. Are there are other way that we can test out that the problem is to do with Internet and not our device?
Perhaps you ought to expand the test routines included in the device, assuming the device has the memory capacity and/or libraries and computing power available.
For example, does your device determine the Internet is down only if it cannot reach a certain IP destination? If so, you may want to expand this by 1) testing to ensure timeouts aren't too short due to upstream congestion, 2) testing another known location such as Google's DNS server 8.8.8.8 when the intended destination IP fails, and 3) testing the internal gateway to determine if the ISP modem/router has rebooted for some reason.
Assuming that the IP address that the domain is mapped to is known, are there any advantages to using this known IP address rather than using the domain? What makes the trace routing decision? Because DNS servers translate the domain names to IP addresses I am compelled to say that using an IP address is quicker, albeit unnoticeable. However, because DNS servers process these requests at a high volume and presumably cache the most popular sites I am also compelled to say that a DNS server might know the fastest route to the server which would result in the domain being slightly quicker. I understand that when I am asking which may be faster this quantification may be at the nanosecond or microsecond scale.
Technically, yes. At least the first time. The first time your computer asks the internet "Where is this domain name located?" and some machine out there responds with its IP address.
However, when it gets this response back it keeps a copy (called caching) so it doesn't have to ask again for a while (these things CAN change, but rarely do)
So, if your computer currently has the IP cached, then they are equal. If you don't currently have it IP is faster, but only for the first time in a few days and only a few seconds
As for the question of how the fastest route is picked. There are several routing protocols, most of which take into account several different factors including load on a connection, bandwidth, latency, jitter, and distance. Several others are also possible. Long story short is that the routers of the internet are constantly telling each other that such and such link is down or I just got a new address connected and they have algorithms that the routers run to figure out which way is best.
N.B. A side note is that IP wont always give you access to a certain website: take for instance a site hosted on a hosting service. They rarely have their own specific IP address, but instead requests for lots of different sites could come into one IP. In this case the domain name being requested is used to determine which site to return to the requester
Both of the examples that you gave are correct. Inputting an IP address directly will bypass the need for a DNS lookup, but the advantage you gain by doing this could be pointless if you use an IP address to a popular website which brings you halfway around the world instead of to a server nearby. Ultimately, you wouldn't benefit enough to make it worth your while, especially since your computer will cache the response you receive from the DNS lookup, making the difference 0.
This question was answered pretty well by #PsychoData but I think there's a few things worth noting and restating here:
When using IP, you bypass DNS which will save you the DNS resolution time on the first call until the TTL (Time To Live) expires. TTL is usually 1 hour. The difference is usually not worth noticing in most applications. If you're only making one call, you won't notice the milliseconds delay. If you make multiple calls, all calls after the first won't have the delay.
When entering a name vs IP you can be calling several different Networking daemons including NetBIOS (\ServerX), DNS FQDN (\ServerX.domain.com), DNS Shortname (\ServerX which MAY get automatically lengthened or guessed to the FQDN \ServerX.domain.com by your OS or DNS server)
Microsoft has two primary Authentication Mechanisms in play with SMB shares: NTLMv2 (NTLMv1 and CHAP are insecure) and Kerberos. Depending on lots of configurations on your client, the server, and the authentication server (Active Directory if in play) and the way you called the name, you may get one or the other. Kerberos is generally faster than NTLMv2, at least for repeated calls, as it gets and keeps an authentication token and doesn't need to reauthenticate via password hash each time.
NetBIOS uses different ports than DNS which can play into network latency due to ACLs/routers/Firewalls.
NetBIOS can actually give you a different answer than DNS because it's a different resolution system. Generally the first PC to boot on a subnet will act as the NetBIOS server and a new server can randomly declare itself to the network as the new NetBIOS master. Also \FileShareServer.domain.com wouldn't come back in a NetBIOS lookup as it's not the machine name (ServerX) but a DNS alias.
There's probably even more that I'm missing here but I think you get the idea that a lot of factors can be in play here.
(please redirect my question to relevant stack site, if I am in wrong place, however here I feel guaranteed to get help)
When playing with traceroute command I want to be sure I am not connecting to virtual host that may be dynamically mapped to a number of geographically dispersed servers(since it does not make much sense to track packets jumping from continents).
So more precisely with concrete example: how to prove with help of nslookup -querytype=NS google.com that google may redirect me to different servers across the world. I tried IPconfig locator for all values returned by nslookup, it always returns same location: California Mountain View.
It seems I don't understand something really important in here. Thanks.
update: tried nslook up from australian server, all the ip adresses still point to same location..
You cannot prove the location of any host. At the very best you can make an educated guess.
Geolocation databases are a big list of IP addresses and where the machines hosting those addresses are believed to be located. But they are just a guess and even the best of them are only 90% accurate to the state/regional level, meaning 10% of the addresses are someplace completely different. I use MaxMind because they have a fairly accurate free version and their commercial versions are not too expensive. They also have a free web-form where you can do 25 lookups per day.
You can use tools like traceroute to see some of the machines between you and your destination. Sometimes they have geographic locations in their DNS names. Sometimes their IP addresses will be listed in Geolocation databases. However, not all routers respond, many segments are virtualized and so their hops/routers are invisible, and firewalls may block the trace before it completes.
DNS databases list the address of the organization who owns an address or domain. DNS names themselves can be anything anyone wants, so even they contain geolocation information, there is no reason to believe it is true. In particular, a router might have a DNS name indicating the destination its connecting to, or even the administrative office responsible for it, and not the physical location of the device itself.
The IP address you are talking to can forward anything it wants to anywhere else it wants and there's absolutely no way you can detect that. So you can only follow the trail up to a point.
To make a good guess for the location of a host, look-up its IP address in a geolocation database, then run a traceroute and look-up the IP address of the last router before the destination. That will get you as close as you can.
I have a network of computers connected in form of a graph.
I want to ping from one computer(A) to another computer(B). A and B are connected to each other through many different ways, but I want to PING via only a particular edges only. I have the information of the edges to be followed during pinging available at both A and B.
How should I do this?
You could source route the ping but the return would choose its own path.
Furthermore, source-routed packets are often filtered due to security concerns. (Not always, they are useful and sometimes even required at edge routers.)
If the machines are under your local administrative control, then you could ensure that source-routed packets are permitted. As long as you are able to start a daemon on machine B, you could also easily enough design your own ping protocol that generates source-routed echo returns.
Well, this is actually done by routing protocols that are configured on the media in between the computers (routers I expect). I think there isn't a way where you can say "use that specific route". The routers have different protocols (OSPF, EIGRP, RIPv2) and they do the load balancing. The only way you would be sure of one specific route is to use static routing, but this isn't dynamically done where your computer decides the route.
This is normal because :
if you would be able to chose a route, DoS would be quite easy to do to kill one route.