Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Possible to Ping but not Trace

Im troubleshooting an issue within my network.

I can ping a destination within my router

but I can not trace to it.

My trace just fails along the path

I was under the impression that

both trace and ping use ICMP packets?

2 REPLIES

Re: Possible to Ping but not Trace

that is correct both use ICMP, but differ in ICMP types.

http://iptables-tutorial.frozentux.net/chunkyhtml/a6339.html

U might have an ACL, or if in MPLS network have traceroute disabled ( best practice).

HTH

Sam

Cisco Employee

Re: Possible to Ping but not Trace

Hi,

Just an additional comment: Cisco routers will use UDP packets for the traceroute. Only the "TTL expired in transit" answer is ICMP. You can see this from an extended traceroute:

R1#traceroute

Protocol [ip]:

Target IP address: 1.1.1.1

Source address:

Numeric display [n]:

Timeout in seconds [3]:

Probe count [3]:

Minimum Time to Live [1]:

Maximum Time to Live [30]:

Port Number [33434]: <-------- UDP port 33434

Loose, Strict, Record, Timestamp, Verbose[none]:

Type escape sequence to abort.

Tracing the route to 1.1.1.1

The first packet will be sent to UDP port 33434 and each subsequent packet will have the UDP port number increased by one (33435, 33436, ...). In case your traceroute starts from a router, do not block those UDP packets and also allow the ICMP TTL expired packets in return, as described in the previous post.

Hope this helps! Please use the rating system.

Regards, Martin

130
Views
4
Helpful
2
Replies
CreatePlease to create content