[EMAIL PROTECTED] wrote:
On Sun, 2 Apr 2006, Rich Adamson wrote:
end-to-end path. Each step through the tracert process does nothing
more then issue an icmp echo request, measuring the response time
and displaying it.
maybe on windows it does icmp echo but no unix does this (at least
not by default). i recommend you study what unix traceroute actually
does. :)
I'm very heavy (professionally) into protocol analysis, and yes unix
does rely on icmp to perform the traceroute. (icmp pkt type 11, code 0)
If you're a non-believer, put an access list on all icmp traffic and
see if your traceroute continues to function. :)
I said unix doesn't rely on icmp echo (might want to actually read the
message next time :)
I can block icmp echo and unix traceroute will function perfectly fine.
-Dan
Dan,
Not that I want to get into this thread, but traceroute uses a mixture
of UDP and ICMP. It uses UDP for the initial packets and then listens
for ICMP responses from each gateway.
man traceroute:
"
This program attempts to trace the route an IP packet would follow to
some internet host by launching UDP probe packets with a small ttl (time
to live) then listening for an ICMP "time exceeded" reply from a
gateway. We start our probes with a ttl of one and increase by one
until we get an ICMP "port unreachable" (which means we got to
"host") or hit a max (which defaults to 30 hops & can be changed with
the -m flag). Three probes (change with -q flag) are sent at each ttl
setting and a line is printed showing the ttl, address of the gateway
and round trip time of each probe. If the probe answers come from
different gateways, the address of each responding system will be
printed. If there is no response within a 5 sec. timeout interval
(changed with the -w flag), a "*" is printed for that probe.
"
ICMP echo is also COMPLETELY different from TIME_EXCEEDED. Blocking
echo (or echo response) is an admins choice. Blocking TIME_EXCEEDED is
just not very nice!
For reference:
http://www.iana.org/assignments/icmp-parameters
0 Echo Reply [RFC792]
8 Echo [RFC792]
11 Time Exceeded [RFC792]
--
Kristian Kielhofner
_______________________________________________
--Bandwidth and Colocation provided by Easynews.com --
Asterisk-Users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
