TraceNET (version 2.1)
Copyright:
- Freely available for non-commercial research and educational purposes
- tracenet version 2.1 Copyright (c) 2013 Mehmet Engin Tozal
- Distributed under the Creative Commons Attribution-NonCommercial 3.0 Unported License
- Please send your suggestions and patches to metozal
louisiana
edu
Download: TraceNET
New and Noteworthy:
- Substantial enhancement in the underlying framework including improved efficiency, stable and easy-to-use API, optional fixed-flow-ID probing, record route and loose source routing support
- Richer output information and input parameters
- Concurrency support via multi-threading
- Enhanced subnet inference and subnet mask estimation
- Target file input for batch processing
- Adoption of fixed-flow-identifier whenever the probe destinations do not change. Note that subnet inference with active probing cannot be completely immune to flow based load balancing
- Alternative subnet provision if there is one
- Ability to return the Local Area Network (LAN) information
System Requirements and Notes:
- Tested on 32 bits Linux systems (Ubuntu, Fedora, PlanetLab)
- make tool automatically compiles with g++ -m32 flag to create legitimate executables on 64 bits systems as well. Please make sure gcc-multilib and g++-multilib are installed on 64 bits systems. Note that running the tool on virtual machines may require configuring host/guest system firewalls and virtual interfaces.
- Some systems require the user to have root privileges in order to generate ICMP messages. In such a case, use sudo command
- Please make sure ICMP messages from/to your host are not filtered out by local firewalls
How to Compile and Run:
- > cd download_location_on your_computer
- > tar xzf tracenetV2.0.tar.gz
- > cd tracenet/Release
- > make clean
- > make all
- Just run the executable created in the "Release" folder, e.g., "sudo ./tracenet -t www.google.com"
Note that you can also copy the executable to a folder on the PATH list such as /usr/bin or create a symbolic link.
Sample Output:
# sudo ./tracenet -d www.louisiana.edu Destination IP Hop Target IP Pivot IP SPC SIC Network Number Size : [ Subnet IP Address - Hop Distance List ] [ IP Alias Pair ] --------------- --- --------------- --------------- --- --- ------------------ ---- : ------------------------------------------ ----------------- 130.70.132.67 01 10.110.95.1 10.110.95.1 0 0 10.110.95.0/24 N/A : /* Local Area Network (LAN), System information */ 130.70.132.67 02 129.110.83.42 129.110.83.42 5 2 129.110.83.42/31 2 : [129.110.83.43 - 1, 129.110.83.42 - 2] [ 129.110.83.43 | 10.110.95.1 ] 130.70.132.67 03 129.110.82.108 129.110.82.108 5 3 129.110.82.108/31 2 : [129.110.82.109 - 2, 129.110.82.108 - 3] [ 129.110.82.109 | 129.110.83.42 ] 130.70.132.67 04 129.110.5.97 129.110.5.97 5 8 129.110.5.96/29 3 : [129.110.5.99 - 4, 129.110.5.96 - 4, 129.110.5.97 - 4] [ N/A ] 130.70.132.67 05 129.110.5.86 129.110.5.86 5 10 129.110.5.86/31 2 : [129.110.5.87 - 5, 129.110.5.86 - 5] [ N/A ] 130.70.132.67 06 129.110.5.65 129.110.5.65 6 8 129.110.5.64/29 3 : [129.110.5.70 - 5, 129.110.5.67 - 6, 129.110.5.65 - 6] [ 129.110.5.70 | 129.110.5.86 ] 130.70.132.67 07 208.76.227.223 208.76.227.223 5 2 208.76.227.222/31 2 : [208.76.227.222 - 6, 208.76.227.223 - 7] [ 208.76.227.222 | 129.110.5.65 ] 130.70.132.67 08 74.200.187.21 74.200.187.21 6 5 74.200.187.20/30 2 : [74.200.187.22 - 8, 74.200.187.21 - 9] [ 74.200.187.22 | 208.76.227.174 ] 130.70.132.67 09 74.200.187.6 74.200.187.5 9 5 74.200.187.4/30 2 : [74.200.187.6 - 9, 74.200.187.5 - 10] [ 74.200.187.6 | 74.200.187.6 ] 130.70.132.67 10 74.200.187.5 74.200.187.5 6 5 74.200.187.4/30 2 : [74.200.187.6 - 9, 74.200.187.5 - 10] [ 74.200.187.6 | 74.200.187.6 ] 130.70.132.67 11 208.100.127.34 208.100.127.34 6 3 208.100.127.32/30 2 : [208.100.127.33 - 11, 208.100.127.34 - 12] [ 208.100.127.33 | 74.200.187.5 ] 130.70.132.67 12 * N/A N/A N/A N/A N/A : /* Cannot carry out subnet inference. Unresponsive host, i.e., anonymous, to indirect probes on the path */ 130.70.132.67 13 * N/A N/A N/A N/A N/A : /* Cannot carry out subnet inference. Unresponsive host, i.e., anonymous, to indirect probes on the path */ 130.70.132.67 14 * N/A N/A N/A N/A N/A : /* Cannot carry out subnet inference. Unresponsive host, i.e., anonymous, to indirect probes on the path */ 130.70.132.67 15 * N/A N/A N/A N/A N/A : /* Cannot carry out subnet inference. Maximum consecutive anonymous IP address limit is reached */
Input Parameters:
Short Form | Long Form | Description |
-d | --destination | Final destination IP address or host name. |
-e | --interface | Interface name through which probing/response packets exit/enter (default is the first non-loopback IPv4 interface in the active interface list). Use this option if your machine has multiple network interface cards and you opt for one interface over the others. |
-h | --start-hop | Inclusive starting trace collection hop distance (default is 1). |
-j | --end-hop | Inclusive ending trace collection hop distance (default is 64). Trace collection automatically stops if the final destination is reached. |
-m | --attention-message | Probe attention message (default is "NOT an ATTACK"). This maximum 64 bytes long message is put into all probe packets. In case of batch processing having a message with your email address helps ISP network administrators to understand your purpose and contact with you if needed. Suggested message for batch processing is "NOT an ATTACK Packet belongs to AAAAA project at BBBBB contact CCCCC". |
-p | --protocol | Probing protocol [icmp|udp|tcp] (default is icmp). Note that routers are more responsive to ICMP probing. |
-n | --use-network-address | Assume network address, i.e., the address ending with all zeros, as an assignable IP address [true|false] (default is true). Although for prefix lengths less than 31, network address, i.e., the address ending with all zeros, and broadcast address, i.e., the address ending with all ones, are suggested not to be assigned to interfaces, some administrators tend to utilize network addresses. |
-i | --input-file | Input file path (one IP per line, optionally comma or tab separated middle ttl). Lines starting with the sharp (#) symbol are skipped as they are considered to be comments. It is suggested to shuffle the IP addresses in advance to reduce the risk of being considered as a DoS attack. |
-o | --output-file | Output file path (default is the console itself). Warnings are printed out on a single line starting with the sharp (#) symbol. |
-r | --resolve-host-names | Use reverse DNS to resolve host names and show them along with subnet IP addresses [true|false] (default is false). If an IP address has an associated name it is shown in parentheses next to the IP address, otherwise an empty parentheses is shown. |
-l | --explore-lan-explicitly | Discover the IP addresses in the Local Area Network (LAN) [true|false] (default is false). If not true, the program gets the local area network information directly from the system rather than through inference. |
-c | --concurrency | number of concurrent threads, only applicable with -i option (default is 6). |
-f | --fix-flow-id | Use stable flow ID whenever possible [true|false] (default is true). Takes advantage of fixed flow ID against load balancers as in paris-traceroute whenever the destination address does not change. |
-a | --show-alternatives | show alternative subnets if they exist [true|false] (default is true). |
-w | --probe-timeout-period | Maximum milliseconds amount to wait for a probe reply (default is 2500). If you think that the RTT to the destination is more than the default value then increase it. |
-z | --probe-regulating-period | Minimum milliseconds amount to wait between two immediately consecutive probes (default is 50). Useful when routers apply rate limiting. |
-g | --debug | Enable debug. |
-v | --version | Print program version. |
-? | --help | Help |
Output Information:
Column | Description |
Destination IP | Destination IP address given to the program as input. |
Hop | Hop distance to the discovered subnet from the vantage point. |
Target IP | The IP address that is encountered at a particular hop. This column is an exact equivalent of the output of the classical traceroute (or paris-traceroute) tool. |
Pivot IP | An IP address that belongs to the subnet on the path. It is used internally by the subnet inference mechanism. |
SPC | Subnet Positioning Cost is the number of probes used to determine the hop distance to the target subnet and to designate a pivot IP address. |
SIC | Subnet Inference Cost is the number of probes used to infer the target subnet. Note that the total cost depends on many factors including the target subnet configuration, number of unused/unresponsive IP addresses and the number of exterior IP addresses probed before encountering a stopping condition. |
Network Number | The network number that represents the target subnet. It is generated by setting all non-masking bits to zero. |
Size | Number of IP addresses within the target subnet. |
[Subnet IP Address List ] | List of IP addresses within the target subnet and their hop distances from the vantage point. |
[IP Alias Pair] | Two IP addresses that are located on the ingress router of the target subnet. This extra information can be used for router inference. |
Alternative | The alternative subnet that is possible to be the target subnet as well. This is optional and appears at a new line on the console delimited by tilde (instead of colon) and curly braces (instead of brackets). To auto-process the output, the alternative subnet (if exists) is displayed on a separate line below the inferred subnet and starts with a number of spaces (indentation) followed by the keyword "Alternative" and then the alternative subnet number, IP address list, and alias pair follows. Depending on your project you can investigate further to decide the true target subnet however, the program suggests the inferred one by default. |