RE: Strange traceroute output on Road Runner for an RFC 1918 address

From: Ian Webb (iwebb@carolina.rr.com)
Date: 07/22/02 

From: "Ian Webb" <iwebb@carolina.rr.com>
To: "'Hani Mustafa'" <hani.mustafa@silksys.com>, <security-basics@securityfocus.com>
Date: Mon, 22 Jul 2002 11:06:38 -0400

Oh. I'd thought the ingress/egress filtering was being done on the
individual cable modems as well. I realize I should have said 'local'
instead of 'non-routable', oops. What I'm still wondering is why my
traceroute goes that far into RR's network, especially since it doesn't
seem to confuse things for me to use 192.168.0.0/24 addresses on my
local network. (I get the same traceroute, but with a third RR host,
with 192.168.0.1 and so forth) Is this just an artifact of the way
Windows is routing? What's confusing me is that the hosts my traceroute
goes through are public, routable IP addresses. Am I missing something
here? Thanks to all who've replied so far -- this has been quite
informative.

-----Original Message-----
From: Hani Mustafa [mailto:hani.mustafa@silksys.com]
Sent: Monday, July 22, 2002 12:19 PM
To: Ian Webb; security-basics@securityfocus.com
Subject: Re: Strange traceroute output on Road Runner for an RFC 1918
address

More often than not, network admins would set the egress/ingress filters
for these addresses where it leaves/enters the network to/from the
internet (rather than to/from customers).

Ian Webb <iwebb@carolina.rr.com> wrote :

> I get the following output when I do a traceroute from my Windows XP
> machine, which is directly connected to a Road Runner cable modem
> (Motorola Surfboard), to 192.168.100.1:
>
> C:\>tracert 192.168.100.1
>
> Tracing route to 192.168.100.1 over a maximum of 30 hops
>
> 1 * * * Request timed out.
> 2 62 ms 125 ms 66 ms 24.93.66.37
> 3 87 ms 220 ms * 24.93.66.150
> 4 * 24.93.66.177 reports: Destination host unreachable.
>
> This seems weird to me, since 192.168.100.1 is an RFC 1918 local
address
> space. I can't think of any valid reason that a packet destined for it
> would go *two* hops into Road Runner's network before getting a
> destination host unreachable. Is there something I'm missing?
>
> Thanks,
> Ian
~Hani Mustafa

Relevant Pages

  • Re: setting up a 10.1 box to become a router
    ... What I do with network or internet related problems is to follow the OSI ... First I look if the machine is on and if there are any other strange ... Next I will see if there is some sort of network connection possible. ... Then I will do a traceroute from other places. ...
    (alt.os.linux.suse)
  • Re: my iptables rules, need suggestions and advice
    ... I'm not sure but maybe just a joke or `traceroute` consume the network ... 1072 TCP extensions for long-delay paths. ... They are contributing the network infrastructures. ... To spoof or not to spoof, ...
    (comp.os.linux.security)
  • Re: New thread, broadcom 802-11 related
    ... It can now ping all the machines on my local network. ... And while it can resolve a tracerouted address, the traceroute itself is blocked before it gets to my router. ... The routing table on the lappy isn't sensible either after all this by hand stuff but I don't think thats it when I can ping all the locals, and ATM I'm ssh -X into 'wireless' which is an alias for diablo that hits the wireless ports address, from this machine. ...
    (Fedora)
  • Re: Blocked incoming ICMP, getting outgoing ICMP [3] Destination Unreachable
    ... The real LBL traceroute ... icmp error in reponse to an icmp packet. ... icmp time exceeded in response to an icmp echo or echo reply. ... had created a b0rken network stack that could be kicked over by sending ...
    (comp.security.firewalls)
  • Re: load balance ordinary traffic
    ... > I have a FreeBSD 4.8-stable machine with multiple network interfaces. ... This is unlikely to work with cable modems. ... You have a better shot with DSL, if you pay for multiple DSL lines. ...
    (freebsd-net)
Quantcast