[e2e] Detecting middle boxes

[John Kristoff]

I think my reply to David earlier was lost, but I like the idea of
trying to find ways for the ends to detect middle boxes.  One unoriginal
idea might be to use traceroute style packets using common middle box
altering packet types.  So instead of the typical ICMP/UDP traceroute
packets, use TCP port 25, 53 or 80 packets, increasing the TTL to map
out the route.

The upper layer protocols and application data can be specially encoded
so that the detector can discern what may have been altered with the
resulting unreachable messages.  Obviously the unreachables will only
alert the detector to what may have changed in the IP datagram plus the
following 64 bits, but perhaps that is enough?  If the data returned
differs from one hop to another, you just found a middle box.

However, I suspect for many environments, you wouldn't get the
unreachables back (e.g. strict firewall policies), which would make this
technique unusable.

John