Information required on how traceroute works! 1

[shirishlele]

I read in one of the articles here how traceroute works.
The section explains that since higher ports are normally blocked the source machine gets an ICMP destination unreachable message. I was trying to figure out what message I would get if there is no blocked ports but the destination machine does not have a reverse route specified for my network?

Any clues?

 

[ChrisAC]

The same as if you pinged the remote machine and it doesn't have a route back.

You would either get "Destination host unreachable" or "Request timed out".

Both ping and traceroute use icmp. However, be aware when doing traceroutes through Unix/Linux or Cisco IOS. This is why:

We had a customer who had one of their customers connecting to an FTP server on our customers site. They were having some performance problems and so did a traceroute, which showed that the FTP server wasn't reachable. It stopped at the onsite router!! So, they sent us the trace and asked us to look into it. We pinged the FTP server with no problems and did traceroutes to it! No problem! However, a colleague of mine said that he couldn't trace to it and it was stopping at the router, the same as the customers trace. Very odd!!

So, I tried to trace to the FTP servers from some of our routers. Same problem .. stops at the router. But, when tracing from a Windows desktop it was fine!! Eventually we figured it out!! Our colleague who couldn't trace was using Linux on his laptop, and by default it uses UDP to do traceroutes, not ICMP!! Doing the trace again using the -I switch (to use icmp) did the trick and the trace got through to the FTP server. It seems that Cisco IOS is the same (it seems to be Linux based .. very similar).

It turned out that the proxy server in front of the FTP server was actually filtering out UDP!

Strange! I learned something new that day!!

Chris.


Chris.