[c-nsp] Network Address Response

Ms Geekgirl msgeekgirl at gmail.com
Fri Jun 26 11:36:42 EDT 2009 

> On Fri, Jun 26, 2009 at 8:11 AM, Ms Geekgirl<msgeekgirl at gmail.com> wrote:
>> On Thu, Jun 25, 2009 at 4:28 PM, Ray Burkholder<ray at oneunified.net> wrote:
>>> I was wondering the reasoning for routers/switches to respond for the
>>> network portion of an ip-address range.
>>>
>>> For example, a router interface A with 10.0.0.1/30 and interface B with
>>> 10.0.0.5/30.
>>>
>>> Generate a ping from a device several hops away on the A side to the B side
>>> network address of 10.0.0.4. The router will respond with an echo reply
>>> with an address of 10.0.0.1.
>>>
>>> Is this expected behaviour? And the reason?
>>>
>>> Ray
>>
>> Yes.
>>
>> By default. you will almost always get a response from the closest interface
>> to the source of the ping (*unless instructed otherwise in each hop's
>> configuration.)
>>
>> In your example, this is what that looks like. Somewhat simplistic and others
>> may have a better response, but here goes...
>>
>> The echo-request is sent from c1 to the IP 10.0.0.5 assigned to intB
>> on dest-rtr.
>> dest-rtr will receive the echo-request on intA, forward to intB.
>>
>> dest-rtr will lookup the best return route to your network. The return route
>> chosen is towards hop2, via intA and the packet is sent out through intA.
>>
>>
>>  |    >     >     >     >    >    path of echo request > |
>>  ^                                                       v
>> [c1-B]----[A-hop1-B]----[A-hop2-B]----[(intA) dest-rtr (intB)]----[A-c2]
>>  ^                                       v
>>  | <    <    <    path of reply  <    <  |
>>
>>
>> If you were to ping c2, the response would come from c2's IP (since this
>> node only has one IP and is the closest to you :)
>>
>> In anticipation of a possible traceroute question, the same applies.
>>
>> If you were to trace to c2, the responses* would all come from the closest
>> interface towards c1. In the above, all the responses would come from the
>> _A_ interfaces of each hop.
>>
>> If c2 were to ping/trace to c1, the responses would come from the _B_
>> interfaces of each hop.
>>
>> I hope that I haven't confused anything and that this was helpful for you.
>>

On Fri, Jun 26, 2009 at 10:04 AM, Geoffrey Pendery<geoff at pendery.net> wrote:
> No, I think he's asking why the router with address 10.0.0.5 responds
> to pings that have a destination IP of 10.0.0.4.  The echo request is
> targeted at a network address, not at the router.
>
> I've also observed this behavior (more than ICMP though - I have a
> router responding to SNMP and being discovered by our configuration
> management team, on the network address of one of its interfaces) and
> would like to know more about why...
>
> -Geoff
>

My apologies. But it still *seems* that I partially answered the
question that was asked.

>>>> Generate a ping from a device several hops away on the A side to the B side
>>>> network address of 10.0.0.4. The router will respond with an echo reply
>>>> with an address of 10.0.0.1.

My noobness is now showing...what did you use to view the replies(just
the router's display response or a sniffer?) The reason I ask is,
wouldn't all devices in network B respond to the broadcast request and
it appears to be from the router's intA (unless they were configured
not to respond??)

Thanks.

- - -
mgg

Like a seedling in the Spring, green and vulnerable.

More information about the cisco-nsp mailing list