How to Use the Command 'scamper' (with Examples)
Scamper is a sophisticated network utility designed to actively probe the Internet, helping users analyze both topology and performance. It incorporates an array of tools, many of which start with sc_
, like sc_warts2text
and sc_ttlexp
. These tools enable users to understand the structure and behavior of Internet paths via various probing methods. Scamper’s versatility makes it a powerful resource for network researchers and engineers aiming to gain insights into routing paths, detect load-balanced routes, and evaluate network performance.
Use Case 1: Execute the Standard Option (Traceroute) to a Destination
Code:
scamper -i 192.0.2.1
Motivation:
The basic use of traceroute in networking is critical for diagnosing path issues, detecting bottlenecks, and understanding the route data packets take through the Internet. This usage can help network administrators identify where data flow might be hindered or unusual routing might be occurring.
Explanation:
scamper
: Invokes the Scamper tool.-i 192.0.2.1
: Specifies the target IP address (192.0.2.1) for the traceroute command.
Example Output:
Tracing the route to 192.0.2.1...
1 203.0.113.1 1.123 ms
2 198.51.100.1 2.456 ms
3 192.0.2.1 3.789 ms
Use Case 2: Execute Two Actions (Ping and Traceroute) on Two Different Targets
Code:
scamper -I "ping 192.0.2.1" -I "trace 192.0.2.2"
Motivation:
Sometimes, a network engineer needs to simultaneously assess connectivity and path both on different targets in the network. Performing both ping and traceroute together facilitates a deeper understanding of latency issues or discrepancies between various nodes.
Explanation:
scamper
: Launches the Scamper utility.-I "ping 192.0.2.1"
: Initiates a ping test to the IP address 192.0.2.1 to check connectivity and latency.-I "trace 192.0.2.2"
: Conducts a traceroute to the IP address 192.0.2.2 to examine the route path.
Example Output:
Ping to 192.0.2.1:
64 bytes from 192.0.2.1: icmp_seq=1 ttl=64 time=0.123 ms
Traceroute to 192.0.2.2:
1 203.0.113.2 1.123 ms
2 192.0.2.2 2.456 ms
Use Case 3: Ping Several Hosts with UDP
Code:
scamper -c "ping -P UDP-dport -d 33434" -i 192.0.2.1 -i 192.0.2.2
Motivation:
In situations where ICMP might be blocked, utilizing UDP for ping operations becomes essential. This functionality is vital for ascertaining reachability to hosts while adjusting the destination port for each subsequent ping, particularly in environments with stringent firewall rules.
Explanation:
scamper
: Runs the Scamper tool.-c "ping -P UDP-dport -d 33434"
: Configures ping with UDP packets starting at destination port 33434.-i 192.0.2.1
: Specifies the first IP address to ping.-i 192.0.2.2
: Specifies the second IP address to ping.
Example Output:
Pinging 192.0.2.1 with UDP packets:
64 bytes from 192.0.2.1: icmp_seq=1 ttl=64 time=1.234 ms
Pinging 192.0.2.2 with UDP packets:
64 bytes from 192.0.2.2: icmp_seq=1 ttl=63 time=2.345 ms
Use Case 4: Use the Multipath Discovery Algorithm (MDA) for Load-Balanced Paths
Code:
scamper -O warts -o path/to/output.warts -I "tracelb -P ICMP-echo -q 3 192.0.2.1"
Motivation:
Network paths are often load-balanced, leading to multiple paths for the same destination. Using MDA is crucial for identifying such diverse paths, which might affect network reliability and performance. This approach helps administrators ensure they have a complete view of potential pathways that data traverses in load-balanced environments.
Explanation:
scamper
: Executes the Scamper utility.-O warts
: Outputs the result in thewarts
format.-o path/to/output.warts
: Specifies the output file path.-I "tracelb -P ICMP-echo -q 3 192.0.2.1"
: Executes trace load-balancing with ICMP echo packets, with a maximum of three attempts specified by-q 3
to the IP address 192.0.2.1.
Example Output:
Results saved to path/to/output.warts:
Multiple paths detected for 192.0.2.1
Path 1: ...
Path 2: ...
Use Case 5: Execute a Paris Traceroute with ICMP
Code:
scamper -O warts.gz -o path/to/output.warts -I "trace -P icmp-paris 2001:db8:dead:beaf::4"
Motivation:
Paris Traceroute is specifically designed to deal with load-balanced paths, unlike traditional traceroute, which may not account for such scenarios correctly. Utilizing ICMP packets, this enables a more precise mapping of the route, crucial for diagnosing complex network topologies.
Explanation:
scamper
: Starts the Scamper tool.-O warts.gz
: Specifies the output should be in compressedwarts
format.-o path/to/output.warts
: Path where the results will be saved.-I "trace -P icmp-paris 2001:db8:dead:beaf::4"
: Initiates a Paris traceroute using ICMP packets to the IPv6 address.
Example Output:
Traceroute to 2001:db8:dead:beaf::4
Path: ...
Data saved in compressed format at path/to/output.warts.gz
Use Case 6: Record All ICMP Packets with a Specific ID
Code:
scamper -O warts -o path/to/output.warts -I "sniff -S 2001:db8:dead:beef::6 icmp[icmpid] == 101"
Motivation:
Recording specific ICMP packets can be invaluable for network troubleshooting and monitoring. This scenario helps network engineers pinpoint exact packet flows based on ICMP IDs, enabling a much finer-grained analysis of packet behavior on the network.
Explanation:
scamper
: Executes the Scamper utility.-O warts
: Denotes that the results are to be saved inwarts
file format.-o path/to/output.warts
: File path for saving output data.-I "sniff -S 2001:db8:dead:beef::6 icmp[icmpid] == 101"
: Specifies the target for sniffing ICMP packets where the ICMP ID is 101.
Example Output:
Monitoring ICMP packets to 2001:db8:dead:beef::6
Captured packets with ICMP ID 101 saved to path/to/output.warts
Conclusion:
Scamper serves as an essential tool in network analysis, offering profound insights into topology and performance through active probing techniques. Its various functionalities, from basic traceroute to advanced multipath discovery and packet sniffing, allow network professionals to diagnose, monitor, and better understand network behaviors, ultimately leading to more efficient and reliable network management.