The WhatRoute README Page
Problems in getting WhatRoute to work?
Credits
WhatRoute owes its existence to the work by Van Jacobsen, Steve
Deering and others who invented the UNIX traceroute command.
The Metrowerks PowerPlant application framework is the basis of WhatRoute. Thanks guys, for taking all the hardwork out of Mac programming.
Fabrizio Oddone has been a major help in reporting/resolving problems. Thanks mate.
kc@nlanr.net has been marvellous in providing me access to their geography database. Visit their website at www.caida.org and check out the range of tools and data that they have for analysing the Internet.
The World Time Zone map used for showing global routes was obtained from the web-site at World Fact Book.
The WASTE engine used to display the results is the work Marco Piovanelli, Dan Crevier and Tim Paustian (who wrote the PowerPlant CWasteEdit class).
I am also extremely grateful for the all the feedback I've had on WhatRoute. I've tried to incorporate many of your ideas into the program and I'm always willing to hear your suggestions and criticisms. Thanks folks.
Trace Internet Paths
The program is designed to find the names of all the routers through
which an IP packet passes on the way from your Macintosh to the
destination host. It can display these paths in tree form, or on a
map of the world. In addition it measures the round-trip time from
your Macintosh to the router thus enabling you to determine slow
links (hops) in the Internet. It can also find dead links - ie
routers that don't respond etc etc. If you have access to a UNIX
machine you should read the man page that accompanies 'traceroute'.
PING Remote Hosts
WhatRoute will Ping remote hosts. In this function a small
packet is sent to a remote host and then the time taken for a reply
to be received is recorded.
DNS Query
The DNS Query function is borrowed from the BIND software. The
results of DNS Query show all the DNS Resource Records associated
with an Internet host or domain. The explanation of this stuff is the
beyond the scope of this document and for further information, I
recommend the O'Reilly book, DNS and BIND.
Popup menus give you the choice of Query Class and Query Type. The different record types are discussed in detail in DNS and BIND
You can also query alternate servers to those specified in your TCP/IP control panel. This uses the BIND 4.9.5 resolver and is seperately configured in the DNS Options dialog. The setup is identical to that required on a UNIX system but is also very similar to the configuration in your Open Transport TCP/IP control panel.
DNS Query is the only function in WhatRoute that uses the BIND resolver. All other functions use the settings from your TCP/IP control panel.
Monitor
WhatRoute includes a port of the UNIX tcpdump command to monitor
activity on a LAN. This function only works if your Macintosh is on
an ethernet LAN
Finger
WhatRoute includes a Finger client. This enables you to find
information about users logged in to other hosts, providing that host
is running a Finger server. A lot of system administrators consider
this to be a security risk, so you may not find this command to be
particularly useful.
To use the command, type user@host.somedomain.com in the text
entry field.
To find all users on a host, type @host.somedomain.com in the text
field.
Whois
This command enables you to find out about people, networks etc who
are registered in the InterNic database.
The default server is rs.internic.net
To get a full list of instructions, clear the text entry field and click the Whois button. This will list the Help file from the Whois server running on rs.internic.net
If you wish to use an alternate server, type @host.somedomain.com after the Whois command
Address Scan
You can scan a network to find all hosts that respond to a PING
command
TELNET Server
WhatRoute can be configured as a TELNET server. This enables you to
log into your Macintosh from a remote machine and execute traceroute,
ping and dnsquery commands.
Selecting Settings|Telnet.. from the Menu bar, will bring up a dialog box that enables you to control access to the server.
You can completely disable the server, and also specify access control lists that permit or restrict hosts from connecting to the server. Further details on the access control lists is available by clicking the Help button on the dialog.
WhatRoute and Internet Config
If you have Internet Config installed, you can make WhatRoute a
helper application for URLs with the format
traceroute://a.b.c/
An example of this usage is to be found in Bill Fishers InterMapper application.
Hardware/Software
Requirements
1. OpenTransport 1.1 or later. WhatRoute does not work with
MacTCP.
2. A network connection - Ethernet or PPP/SLIP
3. A Macintosh computer that uses Colour QuickDraw (68K or
PowerPC)
4. System 7.5.3 or later. WhatRoute has been tested on beta releases
of MacOS 8 and seems to be OK
Usage
Simply type an Internet host name or IP address in the field at the
top of the screen. Press the return key or click the Trace button,
and the window will display the names and IP addresses of all the
routers between you and that host. WhatRoute tries each router 3
times and showsthe round trip time (in milliseconds) it takes for a
packet to be sent to that router from your Macintosh and for a reply
to be returned to you. If there is no reply from the remote host,
WhatRoute will print an * instead of the time.
By default, WhatRoute displays a document containing the names of the hosts you have traced, presented in a tree format. You can close this document, and WhatRoute will still continue to function. If you wish to save the document, previous paths can be recalled next time you run WhatRoute. There is an optional tool bar available for use with the Tree document - The buttons are (I believe) are self explanatory.
If you display the map window, you can get some idea of where abouts on the planet your packets are going.
The other WhatRoute functions, Ping, Query, Finger and Whois all use this same paradigm. Simply enter a host name and press the function button.
What If WhatRoute Doesn't Work
?
Do you have Open Transport installed?
Have you selected 'Open Transport' with 'Network Software Selector' ? - Classic Networking is not Open Transport.
If you are unable to get a response from any hosts on the 'net, you may wish to check with your ISP to see if they allow the use of this kind of utility. Some ISPs block the packet types generated and used by WhatRoute. (ICMP and UDP specifically)
Do any of your other network tools work ? eg Eudora, Netscape, etc etc
Please email me (bryan@whatroute.net) if you are completely stumped.
OPTIONS
WhatRoute provides options that enable you some control over the
operation. In most cases the defaults are satisfactory.
|
General settings for the Traceroute and PING commands | |
|
Enable or disable route mapping on a map of the world. | |
|
Enable or disable the inbuilt Telnet server | |
|
Choose between Open Transport or BIND for name resolution | |
|
Control the amount of data displayed by the Monitor command - Uses the Berkeley Packet Filter |
How does WhatRoute work ?
The idea is an extremely simple one, but it does rely on some
knowledge of the kinds of data packets transmitted over the Internet.
I suggest you read a book on TCP/IP theory to get a good
understanding of the principles involved. However I will attempt to
give a brief (but simplified and maybe partly fictional) description
of the process.
Every IP packet on the Internet has a Time To Live (TTL) field in its header. As the packet passes through a router (the processors that connect networks together), the router decrements the TTL by one. When the value of the TTL reaches 0, the packet is 'dead' and is propogated no further. Normally, TTL is set to to a large value (such as 255) and the packet makes its way to the destination host.
In the traceroute algorithm (as implemented by WhatRoute) a UDP packet is sent with a TTL value of 1. This is the value displayed in the leftmost column on the output display. The first router the packet meets, decrements the TTL and says to itself "Uh oh - this packet just died" and sends an ICMP packet back to the source of the original packet - ie your Macintosh. WhatRoute receives this ICMP packet and retrieves the IP address of the router that sent the reply.
The IP address is then resolved back into its host name (with help from the Domain Name Server) and the hostname and IP address are displayed. Each hop is tried three times and the round trip time taken for that hop is displayed (in milliseconds). If there is no response from the router, WhatRoute displays the time as an '*'. If you see a lot of these, then you are traversing slow links.
After three tries, WhatRoute increments the TTL and tries again, finding new routers each time, and displaying the results as it does.
Eventually a packet will reach the destination host. Instead of replying with a 'Packet Died' message, the target host will respond with a 'Port not available' ICMP message. This message signals completion and WhatRoute reports Trace Complete.
New Features in version 1.7
PING Distribution Graph
MultiPing - successively ping each hop in a trace
LAN monitor - port of the Unix tcpdump command
Address Scan - function for finding all active hosts on a network
ICMP traceroute probes - maybe useful for getting out through a
firewall.
New Features in version 1.5.0
Tree view plotted of the routes followed
Routes plotted on a World Map
Bug Fixes In version 1.4.3
WR 1.4.3 fixes a pretty badly broken 1.4.2
- Trace and Ping fixed. The bug was caused by a very small buffer (4 bytes only!!) being used to retrieve the incoming ICMP packets.
- Telnet server crash fixed. This was caused (I believe at this stage) by calls to malloc and free within threads. I don't believe the MSL library is thread safe but I'm willing to be corrected on this. My temporary fix is to use NewPtr and DisposePtr
New features in version 1.4.2
Finger client
Whois client
Bug Fixes in WR 1.4.2
Time stamps extended to show 4 digit years
TELNET server re-written
Cancel button changed to Stop per Apple Human Interface Guidelines
(Thanks Tog)
New features in version 1.4.1
Choice of DNS Servers when using the Query function. This uses code
ported from BIND 4.9.5
Flood Ping - for those that must!!!
Settable UDP Port for traceroute probes
TELNET Server for using WhatRoute functions remotely
Updated to current releases of
WASTE and
CWASTEEdit
Miscellaneous enhancements and bug fixes.
New In Version 1.3.1
1. Fixed bug that caused WhatRoute to crash while Quitting
2. Added Option to display hostnames and addresses in a fixed
length field in the Trace output.
New In Version 1.3
1. Added PING
2. Added DNS Query
3. Added the WASTE engine for displaying results
4. Added text hi-lighting
Fixed In Version 1.2.1
1. Fixed system crash when hitting the Cancel button.
2. Fixed error when opening endpoints on some models of Mac
3. Added internal DNS cache
4. Added OT Error codes to error messages.
New In Version 1.2
1. Printing - You can print the results of your trace
2. Save - You can save your results to a TEXT file
3. Remember the last 10 hosts you attempted to trace
4. Receive the GURL Apple event
5. Fixed source port of 0 bug.
6. Fixed trace timing problems (sometimes -ve times were
displayed)
7. Better error reporting.
8. Other miscellaneous stuff
New In Version 1.1
1. The return key will activate the Trace button.
2. Esc or Command-. will activate the Cancel Button
3. Option settings are saved when you exit and restored when you next
run the program.
4. The name of the last host pinged is restored when you start
WhatRoute
5. The Set Packet Size Option now works
6. Other miscellaneous fixes and twiddles
Version 1.0
First Release
Please send comments, suggestions etc to: bryan@whatroute.net
Bryan Christianson - August, 2000