On 2 Mar 2001, at 17:39, mouss wrote:
> assume my IP address is 10.0.0.1, and that of your router is 10.0.0.1.
> I can't send you any message, so I can't traceroute over your router.
>
> If I can traceroute through your router, then I can ping, telnet and the rest.
> If I can't, there is no reason my traceroute returns your address.
Not quite - with traceroute as you are sending the packets to the end point
past the router with the TTL set to 1 higher each time then you're not actually
sending data to the router with the private IP, it's just that at that point the
router returns the ICMP packet with a source of 10.0.0.1 and if you don't
have a rule at the firewall preventing this packet coming in then you see it,
even though you can't actually ping/tracert/connect to that router IP address
(as the address is in your subnet and so packets don't leave via your
gateway).
The private IP doesn't affect packets going *through* it as your machine is
simply sending packets to the next router upstream to the destination, it's
only each host in the route that needs to know how to get it to the next one.
Everything now makes sense since I've seen the replies on this list, and I
now understand more about IP than I did before.
Dan
---
D.C. Crichton email: [EMAIL PROTECTED]
Senior Systems Analyst tel: +44 (0)121 706 6000
Computer Manuals Ltd. fax: +44 (0)121 606 0477
Computer book info on the web:
http://computer-manuals.co.uk/
Want to earn money? Join our affiliate network!
http://computer-manuals.co.uk/affiliate/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
