nanog mailing list archives

Re: simple question as always..

From: Toshio Shigematsu <toshio () ioc dnp co jp>
Date: Wed, 11 Mar 1998 11:59:52 +0900

From: Danny McPherson <danny () genuity net>
Subject: Re: simple question as always.. 
Date: Mon, 09 Mar 1998 18:33:56 -0700
Message-ID: <199803100133.BAA06340 () ice genuity net>

Hi,

tatsuya> could someone explain to me why I can ping but traceroute
tatsuya> seems to have problem reaching it.

The combination of a firewall (permitting ICMP echo replies/requests, but 
filtering your UDP traceroute probes) .. and a traceroute client that 
doesn't correctly handle (IMO) the response (ICMP Type 3, Code 13: 
Communication Administratively Prohibited).


tracert with WindowsNT4.0 uses ICMP ECHO messages for probing packets.
Hence one might go through the filtering router boxes. :)

tatsuya> I was told once that traceroute required each router on the
tatsuya> way to KNOW something whereas ping does not.
tatsuya> I just can not recall what this something is and I am
tatsuya> intend to find out.

traceroute ends its probing when it receives a ICMP port unreachable
message. Filtered by an IP gateway like cisco boxes, it receives 
Communication Administratively Prohibited messages and continues 
probing by incrementing IP TTL.

-------
Toshio Shigematsu

Current thread:

simple question as always.. Tatsuya Kawasaki (Mar 09)
- <Possible follow-ups>
- simple question as always.. mhirse (Mar 09)
  - Re: simple question as always.. Tatsuya Kawasaki (Mar 09)
- Re: simple question as always.. Danny McPherson (Mar 09)
  - Re: simple question as always.. Toshio Shigematsu (Mar 10)