[SOLVED] Super Weird Trace Route

[psi]

High ping 1000ms of 4G modem made me use

tracert www.steampowered.com

:

1 Router
2 private ip
3 private ip
4 internet provider (greece)
5 north america
6 frankfurt
7 italy
8 akamaitechnologies.com (again NA?)

Suppose not a virus/trojan, but provider makes hops to north america and back to italy? This is crazy. Speed is spent on hops.

 

[bill001g]

It all depends on what the latency between the hops relaly is. If it added 100ms each time it made the crossing then it might be true. The total time for the tracert you show should be almost 500ms unless the ISP has found a way to exceed the speed of light.

It is almost impossible to find the location of ip addresses just by the IP itself. Many times these are listed based on where the company that owns them is registered. Sometime you can guess because it is very common for ISP to airport city codes in the dns names. This though doesn't really mean a lot since the ISP may not keep the DNS information since a router does not use the names it always is passing routing information via lists of ip addresses.

Now it is technically possible for data to take a poor path. All ISP routers in the internet are connected via a routing protocol called BGP, The path is more designed by a engineer than the router picking the best path. Although there are other routing protocols that can actually calculate and determine the lowest latency BGP more uses the concept of hop count. It is designed for network stability and is depenedent on the person who designs things more than the router. Also a lot of the path is based on legal agreements between ISP on who can use what fibers rather than technical limitations.

So how fast is the path really tells you the informaiton.....and to make things even more confusing the path to a site can be different than the path coming back. To see the actual path you must do tracert from both ends.

 

[psi]

So the provider could have some clumsy agreements, though it's hard to believe. For curiosity I pinged another site but in EU.

tracert www.markett.se
Tracing route to www.markett.se [xxx.14.xxx.20]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  Router
  2    32 ms    27 ms    29 ms  10.2xxxxxx
  3    43 ms    29 ms    46 ms  10.2xxxxxxx
  4    37 ms    28 ms    27 ms  10.2xxxxxxx
  5    47 ms    36 ms    33 ms  10.2xxxxxx137
  6    28 ms    41 ms    35 ms  10.2xxxxxxx07
  7     *        *        *     Request timed out.
  8    79 ms   322 ms   135 ms  10.xx.72.185
  9     *       33 ms     *     ISP
10   978 ms  1022 ms     *     ISP
11  1091 ms   922 ms   707 ms  seabone.net
12   444 ms     *      862 ms  seabone.net [xxxxxxx.34.116]
13     *        *      942 ms  link.telia.net [62.11.xx.x]
14   811 ms   757 ms  1092 ms  link.ip.twelve99.net [62.1.xxxx.88]
15   867 ms     *      978 ms  link.ip.twelve99.net [xxxxxxxxx.36]
16  1015 ms  1096 ms   970 ms  twelve99.net [xxxxxxxxx.113]
17   791 ms   972 ms  1012 ms  c.telia.net [213.xxxxxxx.254]
18   709 ms   799 ms   859 ms  xxxxxx.240.12
19   550 ms   485 ms   318 ms  remote24.se [xxx.14.xx.20]

No north america involved this time. Though these ms are problem.

 

[hang-the-9]

Contact your ISP, 4G connections have much higher ping times than almost anything aside from maybe satellite. Since all the pings happen after the ISP they need to check the connections and see why they are slower than you think they should be or are normal.

 

[Ralston18]

Just out of curiousity I ran the same tracert's.

Results:

Tracing route to www.steampowered.com [104.105.35.177]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms MyRouter [192.168.1.1]
2 14 ms 14 ms 11 ms 96.120.104.105
3 11 ms 13 ms 7 ms 24.124.179.73
4 12 ms 11 ms 10 ms 68.87.128.173
5 12 ms 13 ms 26 ms ae-13-ar01.capitolhghts.md.bad.comcast.net [68.87.168.61]
6 11 ms 10 ms 10 ms 96.110.235.17
7 17 ms 14 ms 13 ms be-31431-cs03.ashburn.va.ibone.comcast.net [96.110.40.25]
8 12 ms 12 ms 12 ms be-1313-cr13.ashburn.va.ibone.comcast.net [96.110.34.154]
9 19 ms 18 ms 17 ms be-301-cr12.newark.nj.ibone.comcast.net [96.110.36.114]
10 16 ms 17 ms 17 ms be-1412-cs04.newark.nj.ibone.comcast.net [96.110.35.93]
11 19 ms 17 ms 18 ms be-1401-cr01.newark.nj.ibone.comcast.net [96.110.36.94]
12 19 ms 17 ms 19 ms be-10203-cr02.newyork.ny.ibone.comcast.net [68.86.85.186]
13 19 ms 17 ms 17 ms be-1102-cs01.newyork.ny.ibone.comcast.net [96.110.38.33]
14 17 ms 17 ms 17 ms be-3102-pe02.111eighthave.ny.ibone.comcast.net [96.110.38.226]
15 24 ms 17 ms 23 ms 50.242.150.154
16 24 ms 21 ms 24 ms ae2.coresite-ewr3.netarch.akamai.com [23.203.156.177]
17 18 ms 17 ms 16 ms a104-105-35-177.deploy.static.akamaitechnologies.com [104.105.35.177]

Tracing route to www.markett.se [185.14.241.20]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms MyRouter [192.168.1.1]
2 11 ms 11 ms 9 ms 96.120.104.105
3 11 ms 11 ms 11 ms 24.124.179.73
4 13 ms 11 ms 10 ms 68.87.128.173
5 11 ms 12 ms 9 ms ae-13-ar01.capitolhghts.md.bad.comcast.net [68.87.168.61]
6 10 ms 10 ms 11 ms 68.85.133.137
7 14 ms 14 ms 12 ms be-31431-cs03.ashburn.va.ibone.comcast.net [96.110.40.25]
8 13 ms 12 ms 13 ms be-2311-pe11.ashburn.va.ibone.comcast.net [96.110.32.130]
9 13 ms 13 ms * ash-b1-link.telia.net [62.115.51.193]
10 15 ms 15 ms 12 ms ash-bb2-link.ip.twelve99.net [62.115.123.124]
11 * * * Request timed out.
12 104 ms 105 ms 102 ms kbn-bb4-link.ip.twelve99.net [80.91.254.90]
13 * * * Request timed out.
14 105 ms 105 ms 103 ms s-b6-link.ip.twelve99.net [62.115.139.107]
15 103 ms 111 ms 111 ms remote24-ic-332939-s-b6.c.telia.net [213.248.92.254]
16 101 ms 101 ms 102 ms 185.14.240.121
17 107 ms 104 ms 100 ms web8.remote24.se [185.14.241.20]

Slows around hop 11 - 12.

Would it be a bit more helpful if OP's tracert's were run without the apparent IP address redactions?

I understand that the routes/hops are likely to change. Still what are all those 10.2.xxxxxx IP's? Seems strange to me.