TY - CONF T1 - Revealing Middlebox Interference with Tracebox T2 - ACM/USENIX Internet Measurement Conference (IMC) Y1 - 2013 A1 - Gregory Detal A1 - Benjamin Hesmans A1 - Olivier Bonaventure A1 - Yves Vanaubel A1 - Benoit Donnet KW - middlebox KW - network discovery KW - tracebox AB -

Middleboxes such as firewalls, NAT, proxies, or Deep Pack-et Inspection play an increasingly important role in various types of IP networks, including enterprise and cellular networks. Recent studies have shed the light on their impact on real traffic and the complexity of managing them. Network operators and researchers have few tools to understand the impact of those boxes on any
path. In this paper, we propose tracebox, an extension to the widely used traceroute tool, that is capable of detecting various types of middlebox interference over almost any path.  tracebox sends IP packets containing TCP segments with different TTL values and analyses the packet encapsulated in the returned ICMP messages. Further, as recent routers quote, in the ICMP message, the entire IP packet that they received, tracebox is able to detect any modification performed by upstream middleboxes. In addition, tracebox can often pinpoint the network hop where the middlebox interference occurs. We evaluate tracebox with measurements performed on PlanetLab nodes. Our analysis reveals various types of middleboxes that were not expected on such an experimental testbed supposed to be connected to the Internet without any restriction.

JF - ACM/USENIX Internet Measurement Conference (IMC) ER -