|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Traceroutes to Cisco Routers
From: Frank Knobbe (frank
knobbe.us)
Date: Wed Jun 09 2004 - 17:53:17 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, 2004-06-05 at 05:55, Dieter Sarrazyn wrote:
> Performing the trace with udp packets (default on linux), the router
> answers with it's ip address of the interface closest to you (external
> interface of the router).
> Performing traces with icmp (-I flag in linux, default in windows), the
> router answers with it's ip address that you are tracing to (mostlikely
> the internal interface of the router).
Easily explained: The UDP traceroute works by collecting ICMP
unreachables. In essence, it is working of the lack of UDP responses.
(well, it doesn't expect one, it expects error codes). The ICMP
traceroute does receive a final Echo Reply packet back when the ICMP
Echo Request got delivered.
Multi-homed systems report error conditions from the closest interface
(i.e. WAN i/f says "sorry, can't route from WAN to LAN"). The ICMP Echo
Request is being sent to the LAN i/f, which will then reply with the
ICMP echo.
So, ICMP unreachables in UDP traceroutes come back from the WAN i/f
while the ICMP Echo Reply in the ICMP traceroute comes back from the LAN
i/f.
If the devices filters ICMP, you only get the last hop before the WAN
i/f while you don't get anything from either WAN or LAN i/f of the
device your tracerouting.
Regards,
Frank
PS: (Using WAN and LAN in lieu of external and internal).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQBAx5TcJjGc5ftAw8wRAp8qAJ9BZDTGZuK6liyE7U4wVvq7F5ZUmACeMW1A
xpitYrwJriPAFv+lUATOc1M=
=c9mX
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]