http://www.cisco.com/en/US/docs/ios/mpls/command/reference/mp_m1.html#wp1013846
> Not so accurate, in an MPLS network you can disable the process which > copies > the IP TTL from the header to the label and vice verse. By doing that you > are "hiding" the MPLS core routers from a traceroute operation. > > As for an IP network you can either discard or drop an ICMP type 8 (echo > request) > And by that block the traceroute operation, The user will get asterisks > marks instead of the IP of the router. > > MTC. > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Hector Herrera > Sent: Saturday, October 10, 2009 9:55 PM > To: Jason Alex > Cc: [email protected] > Subject: Re: [c-nsp] Hidiing a traceroute > > On Sat, Oct 10, 2009 at 12:21 PM, Jason Alex <[email protected]> wrote: >> Dear All, >> I want to hide a traceroute hops inside my network >> i know you can hide the traceroute inside an MPLS network >> >> can we hide also the traceroute inside an IP network >> >> Thanks In advance >> >> Regards >> Jason >> CCIE#24775 > > An MPLS network hides the network hops because as far as the packet is > concerned, the MPLS network is a tunnel with no router hops. > > To hide a traceroute inside a L3 network, you need to block ICMP > TTL-expired messages from the hops you want to hide. However, the > hops will still be visible since every router decrements the TTL by > one, and the traceroute source will notice it is missing TTL-expired > messages from your hidden hops. > > Hector > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 8.5.421 / Virus Database: 270.14.9/2427 - Release Date: 10/10/09 > 06:39:00 > > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
