Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Bronze

traceroute,tracert,icmp,

Hi every body.

My book says traceroute on cisco router use udp while the equivalent on windows host is tracert which use icmp.

keeping the above facts in mind, please consider the following case.

h1--sw----R1----sw---- f0/1(R2)

R2:

int f0/1

ip access-group 111 in

access-list 111 deny icmp any any

===================================

R2 will drop any icmp packet that also means ping packets or tracert packet from h1, will be dropped as well. However the packets generated as a result of using tracroute on R1, will not be dropped as traceroute on cisco router use udp. In order to filter these packets, we must configue:

access-list 111 deny udp any any,

Is my understanding correct?

Thanks a lot.

3 ACCEPTED SOLUTIONS

Accepted Solutions

Re: traceroute,tracert,icmp,

Cisco IOS traceroute, like unix traceroute is a UDP-based system. It sends out packets destined to a high UDP port (33434 by default).

Microsoft tracert functions just like a ping. It sends out ICMP echo packets incrementing the TTL in the same fashion.

So depending on access-lists on routers between you and your destination, you may get very different results (and perhaps different paths) depending on which box you run the trace from.

Regards

Hitesh Vinzoda

Hall of Fame Super Blue

Re: traceroute,tracert,icmp,

Sarah

"R2 will drop any icmp packet that also means ping packets or tracert packet from h1, will be dropped as well. However the packets generated as a result of using tracroute on R1, will not be dropped as traceroute on cisco router use udp. In order to filter these packets, we must configue:

access-list 111 deny udp any any,

Is my understanding correct?"

Correct although obviously "deny udp any any" will drop a lot of other things as well.

Jon

Hall of Fame Super Bronze

Re: traceroute,tracert,icmp,

Your understanding is correct. If you are looking for a deeper understanding on ping and traceroute from a Cisco IOS perspective other than your books, I found this URL very useful;

http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00800a6057.shtml

3 REPLIES

Re: traceroute,tracert,icmp,

Cisco IOS traceroute, like unix traceroute is a UDP-based system. It sends out packets destined to a high UDP port (33434 by default).

Microsoft tracert functions just like a ping. It sends out ICMP echo packets incrementing the TTL in the same fashion.

So depending on access-lists on routers between you and your destination, you may get very different results (and perhaps different paths) depending on which box you run the trace from.

Regards

Hitesh Vinzoda

Hall of Fame Super Blue

Re: traceroute,tracert,icmp,

Sarah

"R2 will drop any icmp packet that also means ping packets or tracert packet from h1, will be dropped as well. However the packets generated as a result of using tracroute on R1, will not be dropped as traceroute on cisco router use udp. In order to filter these packets, we must configue:

access-list 111 deny udp any any,

Is my understanding correct?"

Correct although obviously "deny udp any any" will drop a lot of other things as well.

Jon

Hall of Fame Super Bronze

Re: traceroute,tracert,icmp,

Your understanding is correct. If you are looking for a deeper understanding on ping and traceroute from a Cisco IOS perspective other than your books, I found this URL very useful;

http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00800a6057.shtml

790
Views
0
Helpful
3
Replies
CreatePlease to create content