Traceroute can be implemented in several different ways. Two key things
that it needs are the ability to receive ICMP TTL expired messages, and
the ability to detect whether it has reached its final destination
(usually UDP packet to a high unused port). The latter is usually the
least important of the two.
If the network has blocked ICMP messages all together (not just echo,
echo-reply), then this will included the inability to receive TTL
expired messages from intermediate routers within. Even TCP traceroute
will fail to determine the IP addresses of intermediate hops, though it
may safely reach the final destination, and can gather the actual number
of hops.
-- steve
> -----Original Message-----
> From: nico@securite.org [mailto:nico@securite.org] On Behalf Of
Nicolas
> FISCHBACH
> Sent: Wednesday, November 28, 2001 9:31 AM
> To: Gert Doering
> Cc: cisco-nsp@puck.nether.net
> Subject: Re: [nsp] Cisco ios traceroute VS. windows tracert ?
>
> Gert Doering wrote:
> >
> >
> > Some people block ICMP, then IOS/unix traceroute works - some other
> > people block UDP, then tracert works, some people block both, and
you're
> > out of luck figuring out what else they broke in their networks.
> >
> > (Yes - I do not like the idea of traceroute being filtered. I'm a
> > network builder, and it's *SO* important to figure out what's wrong
if
> > people complain "I can't reach www.yahoo.com").
>
> In that case you can/should use :
> - tcptraceroute (http://michael.toren.net/code/tcptraceroute/)
> - hping (http://www.hping.org/)
> - ...
>
> Nico.
> --
> Nicolas FISCHBACH (nico@securite.org) <http://www.securite.org/nico/>
> Senior IP&Security Engineer - Professional Services - COLT Telecom AG
> Securite.Org Team <http://www.securite.org/>
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:55 EDT