Traceroutes going beyond IP being tracerouted.

DiscusZ · ‎03-10-2004

I am seeing a weird problem with Some IPs ona 2691 router (we have a DSL network on one interface) which plugs into a Cataylst switch (We do not manage this our DSL provider does)

anyways I have a /24 on an ISL trunk If I ping 207.x.x.2 (from router, from network, from internet) all works fine.

if I traceroute 207.x.x.6 the traceroute hits 6 and the proceeds to continue past.

What could be causing this. the .2 .6 etc are Computers on the end of a DSL connection

I have been beating my head against the wall for 2 or 3 days now and its starting to hurt <grin>

Any ideas?

I have CEF enabled, IOS is 12.2.17a IP PLUS

Thanks

Georg Pauwen · ‎03-10-2004

Hello,

check if your IP address might get a DNS resolution somewhere else on the Internet. You can go to this site:

http://www.all-nettools.com

and type the IP address in the SmartWhois and/or NsLookup fields. Possibly there is a duplicate DNS entry.

HTH,

Georg

DiscusZ · ‎03-10-2004

There is not.. everything looks fine with DNS

ruwhite · ‎03-11-2004

I assume you mean that traceroute shows hops beyond the host you're trying to traceroute to? In other words, traceroute shows 207.x.x.2, then "unreachables" beyond that? Hmmm.... The only reason that would happen is if the host itself thought it needed to "forward" the traffic for some reason, to something beyond it, to reach the right destination.

If what you're tracerouting to is a cisco router, it might be useful to look at the routing table for that specific address, and make certain it's shown in the routing table as attached to the interface in question (directly connected), etc.

:-)

Russ.W

DiscusZ · ‎03-11-2004

No what is on the other end is a PC on a DSL Connection. So I can assume the person who's PC this is is setup wrong and it does not realize that the packet got there for it and its trying to send it on further.

Jim

ruwhite · ‎03-14-2004

That's the assumption I would make, unless there's a nat device in front of that PC, which would sortof make sense--you're seeing the nat device reply, then the "next hop" is the actual pc, which replies from a private or unroutable address, sot he packets are dumped.

:-)

Russ.W

vcjones · ‎03-15-2004

The only thing which should keep traceroute from stopping at the destination is lack of a response from the destination. If the destination PC does not respond to the traceroute probe packet (or responds in a manner not expected by traceroute) then the traceroute will keep trying to find "further hops" until you reach the "hop distance" limit (which on most traceroutes is configurable).

Things to check:

1- Is the destination PC using the same IP address to respond with (traceroute will only recognize completeion if it comes back with the same IP). This would show up in the trace as an "extra hop."

2- Is a firewall blocking the traceroute probes before they get to the PC (keep in mind there are two flavors of traceroute, one using ICMP the other UDP).

3- Is a firewall blocking the destination PC's response to the traceroute probe? Some security policies do not allow "destination unreachable" ICMP packets to escape.

4- Is a firewall/router/NAT box doing NAT and not recognizing the destination PC's outgoing response as related to the incoming probe and either blocking it or assigning a different NAT?

Note that these all assume you can "ping" the destination PC successfully. If not, then there are other possibilities in addition to look at.

Good luck and have fun!

Vincent C Jones

www.networkingunlimited.com