[Gllug] OT: Traceroute

Bruce Richardson itsbruce at uklinux.net
Tue Mar 18 16:36:25 UTC 2003 

On Tue, Mar 18, 2003 at 03:19:35PM +0000, Ian wrote:
> Thanks to both of you.  It did actually reach 30 hops :-(
> 
> Strange though, because I can pick up my mail, so it is reaching the
> mail server...
> 
> Can anyone explain this?
> 

Tethys explained it perfectly well.  The server is not unreachable, nor
are the routers connecting you to it (Andrew is in error, there).  Some
of those routers are not sending back the ICMP messages that traceroute
requires to compile its list.

Traceroute is a clever hack that relies on the fact that ip packets have
a TTL (Time To Live) property.  As an ip packet travels across the
Internet, each router that it passes through decrements the packet's Hop
Count by (at least and almost always just) one.  Routers are supposed to
drop packets when the TTL reaches 0.  They should then send an ICMP
message back, reporting the failure of the packet.

The TTL is normally set to something reasonably high (the default varies
from OS to OS and is usually configurable) but traceroute sends out a
sequence of packets to the specified destination, the first one having a
ttl of 1, incrementing the ttl with each subsequent packet.  This means
that each packet fails at an incrementally further-out point along the
path to the destination.  As traceroute receives each ICMP error report,
it performs a DNS lookup on the router that sent it.  This is how the
traced route is discovered.

Now, if any of those routers don't send back a reply (in good time), you
start seeing those * characters.  So they don't mean 'unreachable', they
just mean that no ICMP messages are coming back.  As Tethys explained,
this is usually because of a) a firewall blocking ICMP messages or b)
the router being configured not to send any ICMP messages.

Now, I've been patient but this is explained on the traceroute man page.
Not at the same length but with more than enough information for you to
have filled in the blanks with Google.  Even when I was a newbie to
Linux, I would never have asked your question without checking those two
resources first (which means that I wouldn't have needed to ask this
particular question at all).  So I'd just like to take this opportunity
to say how much it pisses me off that so many people, on this list and
elsewhere, don't make use of basic analytical techniques and the brains
nature endowed them with.  Thank you and good night.

-- 
Bruce

The ice-caps are melting, tra-la-la-la.  All the world is drowning,
tra-la-la-la-la.  -- Tiny Tim.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 261 bytes
Desc: not available
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20030318/801f5dde/attachment.pgp>

More information about the GLLUG mailing list