[ih] inter IMP hackery [was Recently restored and a small ARPANET was run using simulated IMP hardware, ]

[Jack Haverty]

Two other relevant recollections came to mind...

Mike Brescia was for a while a human Internet NOC.  He would watch the
Internet (specifically the gateways under our control), and the gateways
reported various anomalies they detected.

Another "who's looking over my shoulder" MikeNOC incident occurred when
someone was apparently just bringing up a new TCP implementation
(somewhere in the Midwest IIRC).  Mike noticed that the gateways were
getting lots of checksum errors, but only from one host.  So he captured
some "bad" datagrams, noticed swapped bytes somewhere, looked up the
host info in the NIC, and emailed the relevant contact person
recommending swapping the particular header byte fields.   Shortly
thereafter, he received email something like "Hey, thanks, that was the
problem!"    A little while later, after the programmer realized the
suggestion had come from 1000 miles away, Mike received another email,
"How the hell did you do that?".

Such monitoring activity continued.  Much later, we created a tool that
was used to capture packets as they pased through an IMP, and send them
back to Cambridge for analysis.  We used that feature (not sure if it
was the existing feature or we had to add some code) to capture IP
datagrams, basically the IP header plus at least some of the next level
protocol.   It was invaluable within DDN to help various user systems
come online with their brand-new TCP-based implementations by big
government contractors.   We could look at datagrams as they entered or
exitted a host, rather than just at a gateway, which usually wasn't in
the host-host path at that stage of DDN evolution anyway.

Word about the tool spread around, and before long there were network
customers who refused to purchase IMPs unless they also got the
monitoring tool.   So it became an official product - the BBNCC "Remote
Datascope".

Moral - Protocols and algorithms are great, but tools make networks work.

/Jack

On 9/7/20 3:49 PM, Craig Partridge via Internet-history wrote:
> On Mon, Sep 7, 2020 at 12:55 PM the keyboard of geoff goodfellow via
> Internet-history <internet-history at elists.isoc.org> wrote:
>
>> i.e. was there a "precursor" to some kind of SNMP capability that allowed
>> UCLA-NMC to peer inside IMPs or hosts?
>>
> There was certainly something as Bernie Cosell published RFC 218 to say
> that the format of reporting status reporting was changing from text to
> binary.
>
> RFC 381 (Walden and McQuillan) lists information the host could extract
> from its local IMP about the state of the network.
>
> Much much later there were tools such as the Host Monitoring Protocol
> (HMP), which despite its name, was used to monitor BBN routers.  See
> IEN-197 and RFC-869 and view the contents of the messages as rough
> guidance.  I wrote an implementation of HMP in late 1984 or early 1985 and
> discovered the data I got back did not conform to RFC-869 in any way, shape
> or form.
>
> Fond memory. The first HMP packet I sent was to 128.89.01 from the Sun
> workstation on my desk. 128.89.01 was the BBN router between our interior
> Ethernet (vs. net 8, which was our internal ARPANET) and ARPANET.  I got no
> reply, so I read through my code, thought it was right, and tried again.
> My phone rang -- it was Mike Brescia asking if I was trying to send an HMP
> packet to his router.  I said yes, and his reply was, "you've got the bytes
> swapped in the password field."  Better than ICMP!
>
> Craig