Ping works, traceroute doesn't

Discussion in 'Linux Networking' started by Sean Evans, Aug 10, 2003.

  1. Sean Evans

    Sean Evans Guest

    I have an odd problem, which is more of a nuisance than anything else,
    but I'd still like to solve. I've successfully gotten my SpeedStream
    1024 PCI wireless card working under Redhat 9 and I'm able to browse,
    e-mail and ping, but traceroute will not work.

    Here's the ping output for yahoo.com:
    [[email protected] user]# ping yahoo.com
    PING yahoo.com (66.218.71.198) 56(84) bytes of data.
    64 bytes from w1.rc.vip.scd.yahoo.com (66.218.71.198): icmp_seq=1
    ttl=241 time=85.2 ms
    64 bytes from w1.rc.vip.scd.yahoo.com (66.218.71.198): icmp_seq=2
    ttl=241 time=86.5 ms
    64 bytes from w1.rc.vip.scd.yahoo.com (66.218.71.198): icmp_seq=3
    ttl=241 time=85.2 ms

    --- yahoo.com ping statistics ---
    3 packets transmitted, 3 received, 0% packet loss, time 2015ms
    rtt min/avg/max/mdev = 85.222/85.677/86.548/0.660 ms

    And here's the traceroute:
    [[email protected] user]# traceroute yahoo.com
    traceroute to yahoo.com (66.218.71.198), 30 hops max, 38 byte packets
    1 * * *
    2 * * *
    3 * * *

    And, finally, the routing table:
    [[email protected] user]# route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref
    Use Iface
    192.168.254.0 0.0.0.0 255.255.255.0 U 0 0
    0 wlan0
    169.254.0.0 0.0.0.0 255.255.0.0 U 0 0
    0 wlan0
    127.0.0.0 0.0.0.0 255.0.0.0 U 0 0
    0 lo
    0.0.0.0 192.168.254.56 0.0.0.0 UG 0 0
    0 wlan0

    The second entry in the routing table looks odd to me, but I haven't
    the slightest idea how that is being set or even if it is correct.
    Has anyone experienced this before?
     
    Sean Evans, Aug 10, 2003
    #1
    1. Advertisements

  2. Sean Evans

    Bit Twister Guest


    does traceroute -I work?
     
    Bit Twister, Aug 10, 2003
    #2
    1. Advertisements

  3. Sean Evans

    Sean Evans Guest

    Yes! I still get the *** for the first hop, but then it works
    perfectly well after that. Is there a reason you can think of that
    ICMP works but UDP doesn't?
     
    Sean Evans, Aug 10, 2003
    #3
  4. Yes! I still get the *** for the first hop, but then it works
    There are plenty of reason for which a traceroute might not display
    anything for some hops.
    Some routers simply drop the packets without no notification
    when ttl=0.
    Some others even drop packets with ttl<=n, with n>0.

    Did you try to wait more that the 3 first hops ?
    It would be really surprising if you get nothing for all the hops
    (ie if you get 30 lines of * * *)
     
    Christophe Le Gal, Aug 10, 2003
    #4
  5. If you had a firewall blocking outbound UDP packets on ports 33434 -
    33524 you would see precisely that.

    I have had to have a bit of a fight with firewall admins in the past to
    get traceroute permitted. They use Windows and configure the firewall so
    that their traceroute (which used ICMP) works and I have to convince
    them that the *nix one is different (and not all implementations have
    the -I flag).

    Regards, Ian
     
    Ian Northeast, Aug 10, 2003
    #5
  6. If you had a firewall blocking outbound UDP packets on ports 33434 -
    What are you talking about ?
    My traceroute is using ICMP and I thought that it was the same for all
    linux traceroute. Do you mean that some traceroute (and yours)
    use UDP by default ?
     
    Christophe Le Gal, Aug 10, 2003
    #6
  7. I might ask you the same question. All *nix traceroute implementations
    that I have seen use UDP by default. Some implementations support
    sending ICMP packets instead as an extension. Some, for instance the one
    SuSE ship, do not.

    What traceroute is this that you have?

    I am talking about the outgoing packets of course. The response are
    always ICMP.

    Regards, Ian
     
    Ian Northeast, Aug 10, 2003
    #7
  8. Sean Evans

    James Knott Guest

    How does this work, given that traceroute relies on icmp messages for the
    ttl timeout on udp messages. Icmp messages aren't supposed to be sent,
    when an icmp message fails.

    --

    Fundamentalism is fundamentally wrong.

    To reply to this message, replace everything to the left of "@" with
    james.knott.
     
    James Knott, Aug 10, 2003
    #8
  9. The SuSE man page isn't particularly detailed. It doesn't explicitly
    state that it uses UDP (it doesn't say it uses ICMP either). However, if
    you look at the description of the "-p" option you will see it refers to
    the destination UDP port number.

    What gave you the idea that it was using ICMP?

    Regards, Ian
     
    Ian Northeast, Aug 10, 2003
    #9
  10. From the "TCP/IP Applications FAQ" -
    http://www.private.org.il/mini-tcpip.faq.html and also posted to
    comp.protocols.tcp-ip:

    The catch is that the original ICMP specifications dictated that ICMP
    errors should not be sent as replies to ICMP packets, so old routers
    would not respond
    correctly to Microsoft's TRACERT. The spec has since been revised so
    that ICMP errors are not sent as replies to ICMP error packets only,
    which better solves the problem of errors bouncing back and forth across
    the net.

    Sorry, I don't know the RFC number.

    I find ICMP traceroute to be a bit more useful than the traditional
    variety. It gets through more firewalls. Even more useful is a program
    called tcptraceroute which, as the name suggests, uses TCP. If you're
    tracing the path to a machine which you are attempting to connect to
    using TCP, it is reasonable to assume that any firewall in the way will
    permit TCP packets to the port in question - or at least if it does not
    then this is probably the problem you are chasing. Whereas if, for
    instance, I run a UDP or ICMP traceroute from my mail exchange to a
    remote mail exchange I am having trouble contacting, I may run across a
    firewall which prevents the traceroute from working but would not
    prevent the actual SMTP connection. If I use tcptraceroute on port 25 I
    know that this is not so, and if I hit a firewall it is probably the
    problem.

    As our mail exchanges run SuSE, I have got three traceroutes installed -
    the SuSE one, a BSD based one which has -I for ICMP, and tcptraceroute.

    Regards, Ian
     
    Ian Northeast, Aug 10, 2003
    #10
  11. Sean Evans

    Sean Evans Guest

    Chris: Yes, I was getting asterisks for all 30 hops.
    Ian: It could very well be my wireless router that's causing the
    problem. I'll try opening a UDP port and try a traceroute through it.


    Thanks for all the rapid responses everyone! It truly is appreciated.

    Sean
     
    Sean Evans, Aug 10, 2003
    #11
  12. Sure. I wrote this assuming that traceroute used icmp packets.
    It this was the case, we can expect that if ping works, traceroute
    will display at least one line.
     
    Christophe Le Gal, Aug 11, 2003
    #12
  13. Don't know anymore :)
    Before I sent a follow-up to your post I even checked with ngrep that
    traceroute was using ICMP. I probably read to quickly the output
    (which contained both icmp and udp packet, but I probably mixed up
    the UDP packets due to DNS request, since I use traceroute without
    -n, and the output packets)
    Anyway I re-check and, of course, my traceroute is, indeed, sending
    UDP packet (and I received ICMP answer packets). Since I believe
    networking is an exact science, I assume that it was already the
    case yesterday and that I've simply made a mistake.

    Thanks for teaching me something new. Your argumentation about
    not sending icmp error notification in reply to icmp packet is
    convicing.
     
    Christophe Le Gal, Aug 11, 2003
    #13
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.