Trying to help someone with a situation where TCP connections get mysteriously dropped after a few minutes for no apparent reason (this happens even with non idle connections). Both client and server running linux and doing good outside of this case.
There's every reason to suspect some faulty router in between is doing it (there's some NAT involved).
How do I find which router is dropping the connection ?
Any tool like tcptraceroute but that'd keep a TCP connection open and keep probing it until it gets dropped ? (at which point we know who the culprit is)
I previously stated that tracing an established connection is impossible to do.
This, however, is wrong.
lcamtuf created the
0tracetool that allows TCP tracerouting using packets that match an established connection.There is an improved version called intrace, and also Python version by Jon Oberheide.
The idea is to sniff for packets for a specified connection, then inject packets with matching TCP sequence numbers while increasing the TTL (just like usual
traceroutedoes).With several tries and some luck, you might be able to find the hop that starts to drop packets, as this hop will also drop your tracing packets.