• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1279
  • Last Modified:

Router blocks tracert's ICMP requests other than the final hop?

Here's a weird one for you guys.  It's not causing me any problems, but it's peculiar.  Why is it that when I run a tracert from any machine connected in my home network, the only host that responds is my router, and the machine that I am tracing to.  For example:
C:\Documents and Settings\bill.LAN>tracert www.google.ca

Tracing route to www.l.google.com [72.14.207.104]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  192.168.1.1
  2     *        *        *     Request timed out.
  3     *        *        *     Request timed out.
  4     *        *        *     Request timed out.
  5     *        *        *     Request timed out.
  6     *        *        *     Request timed out.
  7     *        *        *     Request timed out.
  8     *        *        *     Request timed out.
  9    35 ms    37 ms    34 ms  72.14.207.104

Trace complete.

It seems to determine the correct number of hops to each site, and I can understand certain hops along the way not responding to ICMP echo, but no matter where I trace none of them respond.  This happens both from my XP Pro machine and my Windows 2003 server.  I am only running through an el-cheapo D-Link 514 router, and can't see anything that it could be doing to cause this.  I'm stumped!  I thought for a moment that perhaps my ISP was doing some weird traffic shaping of some sort, however when I connect directly to the modem it traces fine!

C:\Documents and Settings\bill.LAN>tracert 72.14.207.104 -d

Tracing route to 72.14.207.104 over a maximum of 30 hops

  1     *        *        *     Request timed out.
  2     7 ms     6 ms     9 ms  64.59.181.242
  3    50 ms    32 ms    33 ms  66.163.76.73
  4    53 ms    30 ms    32 ms  66.163.66.14
  5    32 ms    44 ms    31 ms  198.32.245.6
  6    33 ms    34 ms    47 ms  66.249.94.96
  7    34 ms    33 ms    43 ms  72.14.236.134
  8    78 ms    32 ms    33 ms  72.14.207.104

Trace complete.


Can anyone else think of a reason this might be happening?  I know it's something in the router, but I have no clue what setting is causing this.
0
Bill_Fleury
Asked:
Bill_Fleury
  • 5
  • 2
  • 2
  • +1
1 Solution
 
Bill_FleuryAuthor Commented:
By the way, the reason for tracing by IP when connected directly to the cable modem is I run dns on my w2k3 server here, and didn't bother putting my ISP's dns settings in.  Connected through the router using the same command, I get the same results:

C:\Documents and Settings\bill.LAN>tracert 72.14.207.104 -d

Tracing route to 72.14.207.104 over a maximum of 30 hops

  1    <1 ms    <1 ms    <1 ms  192.168.1.1
  2     *        *        *     Request timed out.
  3     *        *        *     Request timed out.
  4     *        *        *     Request timed out.
  5     *        *        *     Request timed out.
  6     *        *        *     Request timed out.
  7     *        *        *     Request timed out.
  8     *        *        *     Request timed out.
  9    58 ms    35 ms    35 ms  72.14.207.104

Trace complete.

0
 
zyclonixCommented:
The way traceroute works is that it sends an echo request to the end host with a Time to Live starting at 0 and working its way up until it gets an echo reply from the end host. TTL is in the IP packet header, when a packet goes through a layer 3 device it will decrease the TTL by one. When a device receives a packet with a TTL of 0 it will send back an ICMP TTL expired message to the sending host and drop the packet, which prevents packets with no desintation from roaming around the internet forever. It's the TTL expired messages that traceroute displays as intermediate hops.

The reason that you aren't seeing all the intermediate hops but you do see the last one is that the last hop responds with an echo-reply message and not a TTL exceeded.

To fix this you need to set your router to allow ICMP Time to Live Exceeded packets.
0
 
JimsZCommented:
Is your machine you are doing the tracert off of set up as DMZ?  It could be the plug and play within the router only sending the information back from the site you are actually connecting to.  Set it as DMZ and you will probably receive all tracert information.  
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 
Bill_FleuryAuthor Commented:
Thanks for the responses.

Zyclonix - I had thought traccert simply did a ping to each host along the route.  I have verified your posting, which makes sense to me know.  

http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/tracert.mspx?mfr=true

However, what doesn't make sense is my router used to allow TTL Exceeded packets, now I just have to find out why it doesn't now.  Any idea's on a Dlink DI-514?

JimsZ- Yes and no.  I wasn't running DMZ when I posted this, however after reading your response I tried while in DMZ, and it gives me the same results.

0
 
zyclonixCommented:
When did this change, and what were the circumstances of the change? Did you do any upgrades, patches, etc on any of these systems?
0
 
Bill_FleuryAuthor Commented:
I don't believe it's anything to do with the systems themselves, as it's two different operating systems and two completely different sets of hardware, however I will connect a linux box and test to see if it happens on that as well.  Not quite sure when it changed, just noticed it the other day.  It's quite a trivial problem, just trying to get my head wrapped around why. If you have any suggestions I can try them, otherwise I'm going to reset my router to defaults and see if it does the same thing- it's quite possible it's done this since new and I just didn't notice. :-)
0
 
NopiusCommented:
The problem is really strange and it seems the root cause is in your D-Link.

Linux box uses different 'traceroute' and it may work there.
All unixes use 'UDP' for sending direct packet to each hop, while Windows uses ICMP.

0
 
JimsZCommented:
Try using pathping and see if it comes back with each of the hops then
0
 
Bill_FleuryAuthor Commented:
C:\Documents and Settings\bill.LAN>pathping www.google.ca

Tracing route to www.l.google.com [64.233.167.147]
over a maximum of 30 hops:
  0  bill.lan.billfleury.com [192.168.1.3]
  1  192.168.1.1
  2     *        *        *
Computing statistics for 50 seconds...
            Source to Here   This Node/Link
Hop  RTT    Lost/Sent = Pct  Lost/Sent = Pct  Address
  0                                           bill.lan.billfleury.com [192.168.1
.3]
                                0/ 100 =  0%   |
  1    0ms     0/ 100 =  0%     0/ 100 =  0%  192.168.1.1
                              100/ 100 =100%   |
  2  ---     100/ 100 =100%     0/ 100 =  0%  bill.lan.billfleury.com [0.0.0.0]

Looks like the same result.
0
 
NopiusCommented:
What about traceroute from Linux? Does it work?
0
 
Bill_FleuryAuthor Commented:
Haven't had a chance to throw a linux box on yet, soon as I get a chance I will and will post results.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 5
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now