[nsp] RE: No replies on alternate packets of traceroutes
Bruce Pinsky
bep at whack.org
Mon Nov 17 15:12:19 EST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Kashif.Khawaja at Broadwing.com wrote:
| Hi All,
|
| I was wondering if somebody could shed light on whether it is normal
behaviour to not see
| replies on alternate packets in traceroutes from one cisco router to
another e.g.
|
| Lab#trace ip
|
| Target IP address: 100.100.100.1
| Source address:
| Numeric display [n]:
| Timeout in seconds [3]:
| Probe count [3]: 10
| Minimum Time to Live [1]:
| Maximum Time to Live [30]:
| Port Number [33434]:
| Loose, Strict, Record, Timestamp, Verbose[none]:
| Type escape sequence to abort.
| Tracing the route to L0.lab (100.100.100.1)
|
| 1 P4-0.lab (1.1.1.1) 0 msec * 0 msec * 88 msec * 60 msec * 0 msec *
|
| I have verified that layer one is clean. Pings are fine. No drops there.
No particular
| process is shooting up really high. About the only one I see is the IP
Input process
| showing some activity but I guess that is to be expected since these
packets are probably
| being Process switched. Basically, there are a few stable BGP sessions on
each router and
| not a lot of traffic passing through the link or the routers.
|
| Any pointers (even to documents) would be helpful!
|
By default, cisco routers restrict the number of ICMP responses per second.
~ IIRC, unreachables are throttled at two per second. In some versions, you
can disable or adjust the throttling with the command "no ip icmp
rate-limit unreachable"
R1(config)#ip icmp rate-limit unreachable ?
~ <1-4294967295> Once per milliseconds
~ DF code 4, fragmentation needed and DF set
However, keep in mind that this throttling is there to help protect against
DOS attacks so be careful if you tinker.
=========
bep
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (MingW32)
iD8DBQE/uSuiE1XcgMgrtyYRAtuJAKDwkPbK8ZWr5HghLUbZPS+vgaqc0ACeJa5i
jQj5d0feISv8gLaUsQxdDk4=
=epms
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list