08-09-2009 10:01 AM - edited 03-06-2019 07:10 AM
Hi every body.
My book says traceroute on cisco router use udp while the equivalent on windows host is tracert which use icmp.
keeping the above facts in mind, please consider the following case.
h1--sw----R1----sw---- f0/1(R2)
R2:
int f0/1
ip access-group 111 in
access-list 111 deny icmp any any
===================================
R2 will drop any icmp packet that also means ping packets or tracert packet from h1, will be dropped as well. However the packets generated as a result of using tracroute on R1, will not be dropped as traceroute on cisco router use udp. In order to filter these packets, we must configue:
access-list 111 deny udp any any,
Is my understanding correct?
Thanks a lot.
Solved! Go to Solution.
08-09-2009 10:18 AM
Cisco IOS traceroute, like unix traceroute is a UDP-based system. It sends out packets destined to a high UDP port (33434 by default).
Microsoft tracert functions just like a ping. It sends out ICMP echo packets incrementing the TTL in the same fashion.
So depending on access-lists on routers between you and your destination, you may get very different results (and perhaps different paths) depending on which box you run the trace from.
Regards
Hitesh Vinzoda
08-09-2009 12:14 PM
Sarah
"R2 will drop any icmp packet that also means ping packets or tracert packet from h1, will be dropped as well. However the packets generated as a result of using tracroute on R1, will not be dropped as traceroute on cisco router use udp. In order to filter these packets, we must configue:
access-list 111 deny udp any any,
Is my understanding correct?"
Correct although obviously "deny udp any any" will drop a lot of other things as well.
Jon
08-09-2009 01:12 PM
Your understanding is correct. If you are looking for a deeper understanding on ping and traceroute from a Cisco IOS perspective other than your books, I found this URL very useful;
http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00800a6057.shtml
08-09-2009 10:18 AM
Cisco IOS traceroute, like unix traceroute is a UDP-based system. It sends out packets destined to a high UDP port (33434 by default).
Microsoft tracert functions just like a ping. It sends out ICMP echo packets incrementing the TTL in the same fashion.
So depending on access-lists on routers between you and your destination, you may get very different results (and perhaps different paths) depending on which box you run the trace from.
Regards
Hitesh Vinzoda
08-09-2009 12:14 PM
Sarah
"R2 will drop any icmp packet that also means ping packets or tracert packet from h1, will be dropped as well. However the packets generated as a result of using tracroute on R1, will not be dropped as traceroute on cisco router use udp. In order to filter these packets, we must configue:
access-list 111 deny udp any any,
Is my understanding correct?"
Correct although obviously "deny udp any any" will drop a lot of other things as well.
Jon
08-09-2009 01:12 PM
Your understanding is correct. If you are looking for a deeper understanding on ping and traceroute from a Cisco IOS perspective other than your books, I found this URL very useful;
http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00800a6057.shtml
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: