-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathindex.html
142 lines (110 loc) · 6.95 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
<!DOCTYPE html>
<html>
<head>
<meta charset='utf-8'>
<meta http-equiv="X-UA-Compatible" content="chrome=1">
<meta name="description" content="Tracebox : A Middlebox Detection Tool">
<link rel="stylesheet" type="text/css" media="screen" href="stylesheets/stylesheet.css">
<title>Tracebox</title>
</head>
<body>
<!-- HEADER -->
<div id="header_wrap" class="outer">
<header class="inner">
<div id="banner_links">
<a id="forkme_banner" href="https://github.com/tracebox">View on GitHub</a>
<a id="api_banner" href="http://tracebox.org/lua_doc">Lua API</a>
</div>
<h1 id="project_title">Tracebox</h1>
<h2 id="project_tagline">A Middlebox Detection Tool</h2>
</header>
</div>
<!-- MAIN CONTENT -->
<div id="main_content_wrap" class="outer">
<section id="main_content" class="inner">
<h3>
<a id="tracebox" class="anchor" href="#tracebox" aria-hidden="true"><span class="octicon octicon-link"></span></a>Tracebox</h3>
<p>Middleboxes are widely deployed on the Internet mostly at the edge of the
network, in enterprise and home networks. Middleboxes plays therefore an
important role -- even if they are often criticized -- in today's Internet.
Unfortunately, the widespread of middlebox contributed to the ossification of
the Internet making it very difficult to innovate. As an example, Multipath
TCP, a recent extension to TCP, includes a complex mechanism which
constitute the major part of the protocol to deal with those middleboxes.</p>
<p>Middleboxes manipulates traffic for purposes other than simple packet
forwarding and often transparently to the end-user (e.g. NAT, transparent
proxies, DPI, etc.). Detecting such middleboxes is difficult today. </p>
<p>Tracebox is a tool that allows to detect middleboxes on
any paths, i.e., between a source and any destination. Tracebox can be viewed
as a tool similar to traceroute as it uses ICMP replies to identify changes in
the packets. The fact that tracebox is able to detect middleboxes comes from
the observation that ICMP messages are often not as defined in
RFC792. Indeed it is quite common to receive a ICMP
Time-to-Live exceeded message with the original datagram instead of 64
bits as described in the standard. This is caused by operating systems
configured to reply with full ICMP (e.g., Linux, Cisco IOS-XR, etc.) as well as
the ICMP Multi-Part Messages extension that standardize the fact
that routers using MPLS tunnels replies and ICMP message containing the full
datagram.</p>
<p>The tool is presented in the following paper:
Gregory Detal, Benjamin Hesmans, Olivier Bonaventure, Yves Vanaubel and Benoit Donnet. <em><a href="http://inl.info.ucl.ac.be/publications/revealing-middlebox-interference-tracebox">Revealing Middlebox Interference with Tracebox</a></em>. In Proceedings of the 2013 ACM SIGCOMM conference on Internet measurement conference, October 2013.</p>
<h3>
<a id="install" class="anchor" href="#install" aria-hidden="true"><span class="octicon octicon-link"></span></a>Install</h3>
<p>Tracebox is available in <a href="https://hub.docker.com/r/matttbe/tracebox">Docker Hub</a>. Please note that by default, when used in Docker, Tracebox will be executed from a net namespace behind a NAT. It is possible to change this behaviour but in other words, this will add one entry at the beginning of the list, most likely with the IP <code>172.17.0.1</code> set on <code>docker0</code> interface on the host. Tracebox in Docker can be executed like that:</p>
<pre><code>$ docker run -it --rm matttbe/tracebox:latest -h
$ docker run -it --rm -v "${PWD}:${PWD}" -w "${PWD}" matttbe/tracebox:latest -f my_capture.pcap -p 'IP/tcp{dst=80}/MPCAPABLE/raw("12345678901234567890")' www.multipath-tcp.org
</code></pre>
<p>Tracebox is also available on Mac OS X using <a href="http://brew.sh">Homebrew</a> with <code>brew install tracebox</code>. Yosemite and El Capitan users need to first ensure they installed the full command line developer tools provided by Apple using <code>xcode-select --install</code></p>
<p>Source can be found at <a href="http://www.github.com/tracebox/tracebox">http://www.github.com/tracebox/tracebox</a>.</p>
<p>Tracebox requires:</p>
<ul>
<li>The development package of libpcap, (lib)lua >= 5.1, json-c (or libjson).</li>
<li>Automake, autoconf and libtool.</li>
</ul>
<p>To build Tracebox:</p>
<pre><code>$ ./bootstrap.sh
$ make
$ sudo make install
</code></pre>
<h3>
<a id="usage" class="anchor" href="#usage" aria-hidden="true"><span class="octicon octicon-link"></span></a>Usage</h3>
<p>There are two possible ways to use tracebox either with the python scripts (see some samples scripts in /tracebox/examples) or with the default binary. The later only send one TCP probe and look for changes in the path. The following example sends a TCP SYN probe (to port 80 by default) with the TCP Maximum Segment Size, Multipath TCP and Window Scale options. The output shows that a middlebox close to the server removes the last two options and change the MSS value.</p>
<pre><code># tracebox -n -p IP/TCP/MSS/MPCAPABLE/WSCALE bahn.de
tracebox to 81.200.198.6 (bahn.de): 64 hops max
1: 130.104.228.126 IP::CheckSum
2: 130.104.254.229 IP::TTL IP::CheckSum
3: 193.191.3.85 IP::TTL IP::CheckSum
4: 193.191.16.21 IP::TTL IP::CheckSum
5: 195.69.144.123 IP::TTL IP::CheckSum
6: 145.254.5.158 IP::TTL IP::CheckSum
7: 88.79.13.62 IP::TTL IP::CheckSum
8: 81.200.194.234 IP::TTL IP::CheckSum
9: 81.200.197.9 IP::TTL IP::CheckSum
10: 81.200.198.6 TCP::CheckSum IP::TTL IP::CheckSum TCPOptionMaxSegSize::MaxSegSize -TCPOptionMPTCPCapable -TCPOptionWindowScale
</code></pre>
<h3>
<a id="support-or-contact" class="anchor" href="#support-or-contact" aria-hidden="true"><span class="octicon octicon-link"></span></a>Support or Contact</h3>
<p>Feedback or comments are welcome <a href="https://github.com/oliviertilmans" class="user-mention">@oliviertilmans</a></p>
<h3>
<a id="acknowledgment" class="anchor" href="#acknowledgment" aria-hidden="true"><span class="octicon octicon-link"></span></a>Acknowledgment</h3>
<p>This work has been partially funded by the FP7 EU project <a href="http://www.change-project.eu/">CHANGE</a> and <a href="http://www.ict-mplane.eu/">mPlane</a>.</p>
</section>
</div>
<!-- FOOTER -->
<div id="footer_wrap" class="outer">
<footer class="inner">
<p>Published with <a href="http://pages.github.com">GitHub Pages</a></p>
</footer>
</div>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
try {
var pageTracker = _gat._getTracker("UA-40269957-1");
pageTracker._trackPageview();
} catch(err) {}
</script>
</body>
</html>