Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
11479
Views
5
Helpful
3
Replies

Traceroute through a tunnel interface

Go to solution
marcusbrutus
Level 1
Level 1

‎08-06-2010 08:57 PM - edited ‎03-04-2019 09:20 AM

Hi,

Just wish to ask the below.

1. If i do a traceroute from a workstation directly connected to a router, to a destination that goes through the tunnel interface L0 of that same router, will the tunnel interface IP show on the traceroute results?

2. If the destination workstation is directly connected to another router where the tunnel terminates, will the tunnel endpoint IP appear in the traceroute results?

Thanks.

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
milan.kulik
Level 10
Level 10
In response to Giuseppe Larosa

‎08-07-2010 08:57 AM

Hi Giuseppe,

it's even a little more complicated.

The tunnel endpoint IP address should  be visible twice in the traceroute output.

See https://supportforums.cisco.com/message/3143453#3143453

for details.

BR,

Milan

View solution in original post

3 Replies 3

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-07-2010 04:17 AM

Hello Mark,

if we think of a GRE point to point tunnel it works like an envelope that inside carries the user packets.

traceroute works by sending UDP packets with destination = traceroute destination using an high UDP port.

First series of packets are sent out with TTL=1 PC default gateway answers with an ICMP unreachable (TTL expired) as the packet cannot be delivered to intended destination.

Second series of traceroute probe packets are sent out with TTL=2, sender PC default gateway decrease TTL to 1 recomputes IPv4 header and sends the packet encapsulated in a GRE header to the tunnel endpoint router.

The tunnel endpoint router decapsulates the packet detects TTL=1 and so it knows that it cannot deliver the packet to the intended destination.

The tunnel endpoiint router prepares an ICMP unreachable (TTL expired) packet to be sent back to traceroute probe sender and consulting its own IP routing table discovers that it has to send the packet over a GRE tunnel this allows to choice the source address of the ICMP unreachable message that should be the one in direction to original source.

So the PC that has sent the traceroute probes  should see:

its own default gateway

IP address of the tunnel endpoint (remote router) on the GRE tunnel towards sender PC default gateway

the IP address of destination PC

the destination PC will send back an ICMP packet with a different code (protocol unreachable) when probe TTL=3

if no ip unreachable is configured on any interface used as a source for sending ICMP unreachables on the path you will see a * for that next-hop meaning no answer has been received

Hope to help

Giuseppe

0 Helpful

Go to solution
milan.kulik
Level 10
Level 10
In response to Giuseppe Larosa

‎08-07-2010 08:57 AM

Hi Giuseppe,

it's even a little more complicated.

The tunnel endpoint IP address should  be visible twice in the traceroute output.

See https://supportforums.cisco.com/message/3143453#3143453

for details.

BR,

Milan

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to milan.kulik

‎08-07-2010 11:06 AM

Hello Milan,

thanks for your correction

that thread is interesting as it shows exactly what the original poster of this thread was asking and provides explanation for the observed behaviour

rated as it deserves

Best Regards

Giuseppe

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card