HTTP Tracing

One of the most useful tools for troubleshooting in the HTTP/1.1 protocol is the TRACE method, which can provide lots of information for tracing routes between proxy chains.   Although the command is similar to the traceroute command, it is not identical as this tracks hops on the network router level whilst TRACE provides tracking based on the intermediate proxies involved in the route.

What can we use the HTTP TRACE command for?

  • identity the route between the proxies that the HTTP request makes.
  • identify each specific proxy in the chain
  • identify the server software, proxy version on each server
  • identify all versions of HTTP involved in the communication
  • detecting any loops in communication
  • tracking invalid responses and server misconfiguration

The command uses a similar format to the GET command, you pass the target and origin server URL as a parameter.  One important parameter to be aware of is the Max-Forwards: setting which specifies the maximum number of hops that are required.   This header is essential for detecting the presence of infinite loops present in a specified chain of proxies. It’s useful if there are complications like people running VPNs or external proxies like this.  If you do not use this parameter then any request will bounce between the proxies indefinitely.

Another useful facet of the TRACE method is the ability to use the command over a Telnet session which makes it extremely useful for troubleshooting remote sessions.  If you telnet to the first proxy in a chain before issuing the command then  you will get more accurate results.  To specify a particular route then the VIA: header can specify the route that trace will take.

Using the Proxy’s Cache for Troubleshooting

Sometimes an error or problem can appear intermittently, there may be a variety of reasons for this but these can be extremely difficult to troubleshoot.   In such situations the easiest way to find the cause is to examine the cache of the proxy servers which are involved.    It is essential that all key proxies are configured correctly to cache server responses

John Williams
http://identityvoucher.co.uk/

Leave a Reply

Your email address will not be published. Required fields are marked *