Use Ruby to make a MTU sweep utility (Ping)

[Dale Ackerman]

Hi

I've had a request to make a utility (I want to use Ruby) that does a
MTU sweep looking for black holes in routes. So I need a library or a
way to run ping in both a OS X, Linux and Windows environment. The
utility will ping an IP and continue to increment the package / payload
size until error if any The MTU will be (max_size + 28). Can I use Ruby
to do this? I found a ping gem and the std. lib has ping as well but
very limited in options. What else is there?


Thanks

 

[Phillip Gawlowski]

Hi

I've had a request to make a utility (I want to use Ruby) that does a
MTU sweep looking for black holes in routes. So I need a library or a
way to run ping in both a OS X, Linux and Windows environment. The
utility will ping an IP and continue to increment the package / payload
size until error if any The MTU will be (max_size + 28). Can I use Ruby
to do this? I found a ping gem and the std. lib has ping as well but
very limited in options. What else is there?

You could wrap the OS ping variants (Linux and Mac OS X are probably
identical, since both use the GNU utils, so you only have to check for
Windows) in your own code, and use that.

They all should provide a means to modify packet size (Windows' ping.exe
does), so you can achieve your desired result.

 

[Dale Ackerman]

You could wrap the OS ping variants (Linux and Mac OS X are probably
identical, since both use the GNU utils, so you only have to check for
Windows) in your own code, and use that.

They all should provide a means to modify packet size (Windows' ping.exe
does), so you can achieve your desired result.

How would I wrap the command line utilities from ruby? I am new to the
ruby.

 

[brabuhr]

How would I wrap the command line utilities from ruby? =A0I am new to the
ruby.

Simplistic example:

$ ping
usage: ping [-AaDdfnoQqRrv] [-c count] [-i wait] [-l preload] [-M mask | ti=
me]
[-m ttl] [-p pattern] [-S src_addr] [-s packetsize]
[-t timeout] [-z tos] host
ping [-AaDdfLnoQqRrv] [-c count] [-I iface] [-i wait] [-l preload]
[-M mask | time] [-m ttl] [-p pattern] [-S src_addr]
[-s packetsize] [-T ttl] [-t timeout] [-z tos] mcast-group
$ irb
irb(main):001:0> count =3D 3
=3D> 3
irb(main):002:0> packetsize =3D 128
=3D> 128
irb(main):003:0> host =3D '127.0.0.1'
=3D> "127.0.0.1"
irb(main):004:0> `ping -c #{count} -s #{packetsize} #{host}`
=3D> "PING 127.0.0.1 (127.0.0.1): 128 data bytes\n136 bytes from
127.0.0.1: icmp_seq=3D0 ttl=3D64 time=3D0.171 ms\n136 bytes from 127.0.0.1:
icmp_seq=3D1 ttl=3D64 time=3D0.101 ms\n136 bytes from 127.0.0.1: icmp_seq=
=3D2
ttl=3D64 time=3D0.103 ms\n\n--- 127.0.0.1 ping statistics ---\n3 packets
transmitted, 3 packets received, 0% packet loss\nround-trip
min/avg/max/stddev =3D 0.101/0.125/0.171/0.033 ms\n"

 

[Dale Ackerman]

WOW! Thanks
are those back quotes around the ping command? I guess ruby will just
shell
out and run a command line ?? That's nice... Also how to handle
std-err I am trying to automate the MTU sweep so I want to keep
incrementing the data size and then handle (break) and display the MTU
== max-size + 28 (I think)

 

[Phillip Gawlowski]

WOW! Thanks
are those back quotes around the ping command?

Yup.

 

[Jonathan Nielsen]

If you want to access stderr, look at the ruby api docs for popen3.
It's a little more complicated than the backticks but it'll get you
access to stderr.

-Jonathan Nielsen

 

[Dale Ackerman]

If you want to access stderr, look at the ruby api docs for popen3.
It's a little more complicated than the backticks but it'll get you
access to stderr.

-Jonathan Nielsen

No it looks like the back-ticks will be fine

I have this in a loop

results = `ping -s #{bytes} -c 1 -D #{host}`


the code runs fine localhost and on my godaddy IP hoever it blows up on
another site. But I am not confident I am doing this right so How can I
tell if its my code or a valid black-hole MTU?

Thanks

 

[brabuhr]

I have this in a loop

results =3D `ping -s #{bytes} -c 1 -D #{host}`

the code runs fine localhost and on my godaddy IP =A0hoever it blows up o= n
another site. =A0But I am not confident I am doing this right so How can = I
tell if its my code or a valid black-hole MTU?

"blows up" in what way?

 

[Dale Ackerman]

"blows up" in what way?

I know that was not very descriptive. I meant to say that the ping its
self failed. I think it is a couple of things none of which is an
error.

1.) The target host blocked pings after a certain count example Site5
does this.

2.) My ping loop is running to fast at which point the host declines and
the ping fails

3.) It's a black hole which is what we are trying to detect.

It looks good now I have it working for Linux, Unix, OS X, BSD, and
Windows...


Thanks you all for your help. Oh I'll share code if anyone is
interested. Not a big deal .. . .

-dale