-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,
I'm not sure if this post comes under topic for this list, or right place to clear my networking doubts, so tagging this post "[OT]". I've traceroute-d hundreds of hosts and noticed some of the routers in the routes or endpoint hosts prefer not to respond to traceroute's i.e. not to send a TTL exceeded ICMP packet back to the host. As I don't have any experience of working in a large network, so if someone could tell me sysadmins used to creates such rules in their firewall, like dropping TTL exceeded ICMP packets (dropping such packets in their OUTPUT chain of their *iptables*, if they're running some Linux router) . I used to traceroute in unprivileged user mode, which is using UDP probes. So do these sysadmins prefer blocking ICMP "TTL exceeded" replies for UDP packets, than ICMP "TTL exceeded" for ICMP ECHO packets, hmm... ? Or there is no such thing like blocking ICMP "TTL exceeded" reply associated with a UDP packet, hmm... ? What's the difference between a router and a endpoint host from point-of-view of traceroute ? Why some endpoint host, which has been blocking ICMP "TTL exceeded" for UDP packet, is allowing "traceroute" associated with a UDP packet for a listening port. This I encountered while trying to "traceroute 66.179.175.2". I've posted the whole experience at following URL: http://wahjava.wordpress.com/2007/09/22/why-some-servers-dont-respond-to-default-traceroute/ BtW, above host can be tracerouted using ICMP but not UDP: - -- begin dump -- [EMAIL PROTECTED] ~]$ sudo traceroute -n -I 66.179.175.2 Password: traceroute to 66.179.175.2 (66.179.175.2), 30 hops max, 40 byte packets 1 * * * 2 202.56.215.230 38.221 ms 41.175 ms 43.159 ms 3 122.160.220.154 45.114 ms 47.115 ms 49.081 ms 4 203.101.83.197 51.073 ms * 53.020 ms 5 125.21.167.25 111.045 ms 112.970 ms 115.947 ms 6 208.192.179.97 350.955 ms 321.876 ms 320.912 ms 7 152.63.22.74 331.900 ms 331.915 ms 331.925 ms 8 152.63.96.10 380.930 ms 380.894 ms 380.924 ms 9 152.63.97.21 373.886 ms 375.914 ms 374.944 ms 10 157.130.155.154 375.842 ms 376.888 ms 384.888 ms 11 66.179.168.11 366.902 ms 366.932 ms 366.901 ms 12 66.179.80.100 362.945 ms 362.918 ms 363.908 ms 13 66.179.175.2 376.909 ms 381.914 ms 380.902 ms 14 66.179.175.2 375.000 ms 374.957 ms 373.920 ms - -- end dump -- Thanks in advance. - -- Ashish Shukla "Wah Java !!" आशीष शुक्ल weblog: http://wahjava.wordpress.com/ ,= ,-_-. =. | The desire to be rewarded for one's creativity does | ((_/)o o(\_)) | not justify depriving the world in general of all or | `-'(. .)`-' | part of that creativity. | \_/ | - Richard M. Stallman | We've so many people in India, that we're able to route each network packet manually. - nobotz to wahjava ------------------------------------------------------------------------ Freed.in | Freedom in technology & software | http://freed.in/register ------------------------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFG9tT3Hy+EEHYuXnQRAk1EAKCE6INixke3TjjaB1gnE7UHFeb6hACgpNjc oCoiqr1rl4MJ5uO8m+R5/TQ= =pM3y -----END PGP SIGNATURE----- _______________________________________________ ilugd mailinglist -- [email protected] http://frodo.hserus.net/mailman/listinfo/ilugd Next Event: http://freed.in - September 28-29, 2007 Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/[email protected]/
