Kings, Thats what I thought too, but the output from the ASA shows that the opposite. Notice that the traceroute from the Switch, shows the IP Address of the interface facing away from the switch (i.e. facing Router R1), and the reverse traceroute from Router R1 shows the IP Address of the interface facing away from Router R1.
BTW - there's a type on the topology. The IP Address of the ASA inside interface should be 10.100.2.10 not 10.100.2.20 as I typed out in the original email. Mark On Fri, May 20, 2011 at 8:49 PM, Kingsley Charles < [email protected]> wrote: > The TTL packet will use the IP address of the interface through which it > comes out to reach the source. Hence, the O/P is correct here. > > > With regards > Kings > > On Sat, May 21, 2011 at 2:07 AM, Mark Senteza <[email protected]>wrote: > >> Hi, >> >> I've got the ASA set up such that it appears in traceroute output, which >> it does, but in an odd way which I wanted to ask if it was normal behavior. >> >> My network is setup as follows. >> >> *SW-VLAN 20* (10.100.20.11) ------- (10.100.20.2) *Fa0/0.20 - Router R2 - >> Fa0/0.2* (10.100.2.2) -----------(10.100.2.20) *inside - ASA - >> outside*(10.100.1.10) ------------ (10.100.1.1) >> *Fa0/0 - Router R1* >> >> When I trace from the switch (SW) to 1.1.1.1 which is a Loopback IP on >> Router R1, I get the "outside" interface of the ASA appear in the >> traceroute, as opposed to the "inside" interface which I was expecting to >> appear. >> >> Switch-SW01#trace 1.1.1.1 >> >> Type escape sequence to abort. >> Tracing the route to 1.1.1.1 >> >> 1 10.100.20.2 0 msec 0 msec 4 msec >> 2 10.100.1.10 4 msec 0 msec * >> 3 10.100.1.1 0 msec 0 msec * >> >> >> When I trace from Router R1, which is on the outside of the ASA to an IP >> on the switch, I get the "inside" interface of the ASA appear in the >> traceroute, and not the "outside" interface IP. >> >> Router-R1#trace 10.100.20.11 >> >> Type escape sequence to abort. >> Tracing the route to 10.100.20.11 >> >> 1 10.100.2.10 0 msec 0 msec * >> 2 10.100.2.2 0 msec 0 msec 0 msec >> 3 10.100.20.11 0 msec 0 msec * >> >> >> Is this normal behavior ? >> >> >> Mark >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
