LinuxCommandLibrary

scamper

Perform active Internet measurement probes

TLDR

Execute the standard option (traceroute) to a destination

$ scamper -i [192.0.2.1]
copy

Execute two actions (ping and traceroute) on two different targets
$ scamper -I "[ping] [192.0.2.1]" -I "[trace] [192.0.2.2]"
copy

Ping several hosts with UDP, use a specific port number for the first ping and increase it for each subsequent ping
$ scamper -c "[ping] -P [UDP-dport] -d [33434]" -i [192.0.2.1] -i [192.0.2.2]
copy

Use the Multipath Discovery Algorithm (MDA) to determine the presence of load-balanced paths to the destination and use ICMP echo packets to sample with a maximum of three attempts, write the result to a warts file
$ scamper -O [warts] -o [path/to/output.warts] -I "[tracelb] -P [ICMP-echo] -q [3] [192.0.2.1]"
copy

Execute a Paris traceroute with ICMP to a destination and save the result in a compressed warts file
$ scamper -O [warts.gz] -o [path/to/output.warts] -I "[trace] -P [icmp-paris] [2001:db8:dead:beaf::4]"
copy

Record all ICMP packets that arrive at a specific IP address and have a specific ICMP ID in a warts file
$ scamper -O [warts] -o [path/to/output.warts] -I "sniff -S [2001:db8:dead:beef::6] icmp[icmpid] == [101]"
copy

SYNOPSIS

scamper [OPTIONS] [COMMAND [ARGS...]]
scamper -I <input_file> -o <output_file> -D <data_type> [OPTIONS]

PARAMETERS

-I <filename>
    Specifies an input file containing target IP addresses or hostnames for measurements.

-o <filename>
    Specifies the output file where measurement results will be stored.

-D <data_type>
    Determines the type of data to collect (e.g., tr for traceroute, ping for ping, paris-tr for Paris traceroute).

-c <count>
    Sets the number of probes or queries to send for each target.

-O <options>
    Provides additional, comma-separated options specific to the chosen data collection type (e.g., tr.max-hops=30).

-p <procs>
    Specifies the number of parallel probing processes or threads to run concurrently.

-i <interface>
    Selects a specific network interface for sending probes.

-s
    Directs measurement output to standard output (stdout) instead of a file.

-v
    Enables verbose output, showing more details about the execution process.

-V
    Displays the scamper version information and exits.

DESCRIPTION

scamper is a sophisticated command-line tool designed for active Internet topology discovery and measurement. Unlike simpler utilities like traceroute, scamper can conduct multiple concurrent measurements, offering various probing methods including ICMP, UDP, and TCP. It is commonly used by network researchers to map the Internet's structure, identify network paths, and diagnose connectivity issues on a large scale.

It supports multiple output formats, most notably "warts" (Wide Area Reverse Traceroute Storage), which is optimized for storing large volumes of path data, but also JSON and CSV for easier processing. scamper allows for precise control over probing parameters, making it a powerful tool for detailed network analysis beyond basic reachability checks. Its ability to perform parallel measurements significantly speeds up large-scale data collection.

CAVEATS

scamper typically requires root privileges to perform raw socket operations for its measurements.
It can generate significant network traffic, especially when conducting large-scale topology scans, which might impact network performance or trigger rate limits.
Its native "warts" output format is a binary format that may require dedicated tools or scamper itself for parsing and analysis, making direct human readability challenging.

COMMON DATA TYPES (<B>-D</B> OPTION)

The -D option specifies the type of measurement to perform:
tr: Performs standard traceroute measurements.
ping: Conducts simple ping measurements to check reachability.
paris-tr: Executes Paris traceroute, a variant designed to identify paths more accurately, even with load-balancing.
warts-dump: Used for processing existing "warts" files, often to convert them to other formats like JSON or CSV when combined with -s and appropriate parsing tools.

WARTS FILE FORMAT

The "warts" (Wide Area Reverse Traceroute Storage) format is scamper's native binary output format. It is specifically optimized for storing large volumes of active measurement data, particularly Internet paths collected by traceroute-like tools. Due to its binary nature, it's not human-readable directly and typically requires scamper itself or companion tools like scamper-parse (often distributed with scamper) to extract and convert the data into more accessible formats like JSON or CSV.

HISTORY

scamper was primarily developed at CAIDA (Center for Applied Internet Data Analysis) as a robust and scalable tool for active Internet topology measurement. It evolved from earlier research tools like skitter and capm. Its development has been driven by the need for more accurate, efficient, and parallelizable methods to map the global Internet infrastructure for academic and research purposes. The introduction of its specialized "warts" output format has been a key innovation, enabling the storage and efficient analysis of vast amounts of path-based measurement data.

SEE ALSO

traceroute(8), ping(8), mtr(8), nping(1)

Copied to clipboard