Star Wars Traceroute
(Lots of hits direct to this page, see Here for why it is down)
(New! IPV6 version working!. Here is a condensed version. Do it yourself with -m 100 on linux, -h 100 on windows to get the full monty) Obiwan.beaglenetworks.net
Bored in the blizzard in Boston; I was inspired by my IRC friend ‘Plazma’ constantly making fun of my reverse dns of scrye.net I came up with this pretty neat hack.
It is accomplished using many vrfs on (2) Cisco 1841s. For those less technical, VRFs are essentially private routing tables similar to a VPN. When a packet destined to 216.81.59.173 (AKA obiwan.scrye.net) hits my main gateway, I forward it onto the first VRF on the “ASIDE” router on 206.214.254.1. That router then has a specific route for 216.81.59.173 to 206.214.254.6, which resides on a different VRF on the “BSIDE” router. It then has a similar set up which points it at 206.214.254.9 which lives in another VPN on “ASIDE” router. All packets are returned using a default route pointing at the global routing table. This was by design so the packets TTL expiration did not have to return fully through the VRF Maze. I am a consultant to Epik Networks who let me use the Reverse DNS for an unused /24, and I used PowerDNS to update all of the entries through mysql. This took about 30 minutes to figure out how to do it, and about 90 minutes to implement. All VRFs and DNS were generated by a PHP script.
Disclaimer: I am not a very elegant programmer. I can do whatever I need to. I think very linearly and do not plan very well. Below is the code I used to generate the VRFs.
Traceroute posted below for posterity.
$BASE="206.214.251.";
$NUMBER=1;
while ($NUMBER<250) {
$VLAN=$NUMBER+199;
$VLAN2=$NUMBER+203;
$NH = $NUMBER+5;
$SRCIP = $NUMBER+4;
$ASIDE="
vrf definition FOO$NUMBER
rd 10:$NUMBER
address-family ipv4
int fa0/0.$VLAN
encap dot1q $VLAN
vrf forwarding FOO$NUMBER
ip addr $BASE$NUMBER 255.255.255.252
ip route vrf FOO$NUMBER 216.81.59.173 255.255.255.255 $BASE$NH
ip route vrf FOO$NUMBER 0.0.0.0 0.0.0.0 216.81.59.175 global
int fa0/0.$VLAN2
encap dot1q $VLAN2
vrf forwarding FOO$NUMBER
ip addr $BASE$SRCIP 255.255.255.252
";
$DSTNUMBER=$SRCIP+1;
$DSTIP2=$SRCIP+5;
$VLAN3=$VLAN2+4;
$OUTIP=$DSTIP2-1;
echo "VLAN2 is $VLAN2 VLAN3 is $VLAN3\n";
$BSIDE="
vrf definition FOO$NUMBER
rd 10:$NUMBER
address-family ipv4
int fa0/0.$VLAN2
encap dot1q $VLAN2
vrf forwarding FOO$NUMBER
ip addr $BASE$DSTNUMBER 255.255.255.252
ip route vrf FOO$NUMBER 216.81.59.173 255.255.255.255 $BASE$OUTIP
ip route vrf FOO$NUMBER 0.0.0.0 0.0.0.0 216.81.59.175 global
int fa0/0.$VLAN3
encap dot1q $VLAN3
vrf forwarding FOO$NUMBER
ip addr $BASE$DSTIP2 255.255.255.252
";
$tmp = `echo "$ASIDE" >> OUT1.TXT`;
$tmp = `echo "$BSIDE" >> OUT2.TXT`;
$NUMBER=$NUMBER+8;
}
6 Episode.IV (206.214.251.1) 68.642 ms 67.307 ms 67.005 ms 7 A.NEW.HOPE (206.214.251.6) 65.986 ms 68.502 ms 68.708 ms 8 It.is.a.period.of.civil.war (206.214.251.9) 67.067 ms 70.139 ms 66.52 9 Rebel.spaceships (206.214.251.14) 70.214 ms 70.192 ms 71.622 ms 10 striking.from.a.hidden.base (206.214.251.17) 71.427 ms 74.206 ms 11 have.won.their.first.victory (206.214.251.22) 71.665 ms 70.434 ms 7 12 against.the.evil.Galactic.Empire (206.214.251.25) 69.218 ms 70.621 13 During.the.battle (206.214.251.30) 69.059 ms 68.931 ms 69.981 ms 14 Rebel.spies.managed (206.214.251.33) 77.247 ms 72.757 ms 77.61 15 to.steal.secret.plans (206.214.251.38) 71.224 ms 71.164 ms 69.543 16 to.the.Empires.ultimate.weapon (206.214.251.41) 68.744 ms 68.824 17 the.DEATH.STAR (206.214.251.46) 72.316 ms 74.551 ms 66.354 ms 18 an.armored.space.station (206.214.251.49) 69.413 ms 70.334 ms 6 19 with.enough.power.to (206.214.251.54) 66.182 ms 66.627 ms 71.23 20 destroy.an.entire.planet (206.214.251.57) 71.926 ms 71.266 ms 70. 21 Pursued.by.the.Empires (206.214.251.62) 67.298 ms 65.956 ms 66. 22 sinister.agents (206.214.251.65) 65.020 ms 67.806 ms 70.508 ms 23 Princess.Leia.races.home (206.214.251.70) 68.894 ms 71.147 ms 71 24 aboard.her.starship (206.214.251.73) 72.130 ms 71.093 ms 74.026 25 custodian.of.the.stolen.plans (206.214.251.78) 68.568 ms 67.939 ms 26 that.can.save.her (206.214.251.81) 67.063 ms 69.874 ms 68.889 m 27 people.and.restore (206.214.251.86) 70.395 ms 70.144 ms 28 freedom.to.the.galaxy (206.214.251.89) 66.098 ms 65.432 ms 29 0-------------------0 (206.214.251.94) 75.931 ms 74.159 ms 80.012 30 0------------------0 (206.214.251.97) 73.026 ms 73.403 ms 73.256 31 0-----------------0 (206.214.251.102) 83.602 ms 82.079 ms 70.743 32 0----------------0 (206.214.251.105) 70.459 ms 69.403 ms 68.782 m 33 0---------------0 (206.214.251.110) 68.516 ms 72.472 ms 71.811 ms 34 0--------------0 (206.214.251.113) 69.056 ms 65.981 ms 68.202 ms 35 0-------------0 (206.214.251.118) 66.790 ms 71.556 ms 74.292 ms 36 0------------0 (206.214.251.121) 68.286 ms 71.042 ms 71.587 ms 37 0-----------0 (206.214.251.126) 72.702 ms 71.785 ms 72.442 ms 38 0----------0 (206.214.251.129) 78.143 ms 74.411 ms 72.828 ms 39 0---------0 (206.214.251.134) 69.692 ms 66.187 ms 67.369 ms 40 0--------0 (206.214.251.137) 69.184 ms 70.678 ms 67.445 ms 41 0-------0 (206.214.251.142) 70.383 ms 68.220 ms 67.543 ms 42 0------0 (206.214.251.145) 67.593 ms 72.970 ms 73.220 ms 43 0-----0 (206.214.251.150) 70.964 ms 69.082 ms 70.831 ms 44 0----0 (206.214.251.153) 73.856 ms 71.848 ms 70.311 ms 45 0---0 (206.214.251.158) 71.517 ms 69.204 ms 69.538 ms 46 0--0 (206.214.251.161) 68.076 ms 68.179 ms 67.620 ms 47 0-0 (206.214.251.166) 68.738 ms 70.518 ms 68.757 ms 48 00 (206.214.251.169) 68.281 ms 70.225 ms 74.811 ms 49 I (206.214.251.174) 70.203 ms 71.668 ms 71.672 ms 50 By.Ryan.Werber (206.214.251.177) 68.900 ms 71.461 ms 72.297 ms 51 When.CCIEs.Get.Bored (206.214.251.182) 75.816 ms 73.957 ms 71.333 ms 52 read.more.at.beaglenetworks.net (206.214.251.185) 70.254 ms 73.799 ms
