Link to home
Start Free TrialLog in
Avatar of cfbros
cfbros

asked on

Traceroute returning same destination multiple times

Trying to get some clarification, I've tried other sources but no real answer. I'm performing a traceroute to a device with a NAT'd address that is connected via VPN Tunnel, for each device that is hidden, I am recieving the destination IP. Is this normal behaviour or is there something wrong. Could this affect performance between the two devices?

Tracing route to 192.168.63.36 over a maximum of 30 hops

  1     6 ms     6 ms     6 ms  10.199.1.101
  2     7 ms     8 ms     7 ms  10.199.1.2
  3     8 ms     7 ms     7 ms  10.219.12.1
  4    14 ms    11 ms    11 ms  10.219.13.1
  5    15 ms    10 ms    11 ms  192.168.63.36
  6    12 ms    11 ms    11 ms  192.168.63.36
  7    11 ms    10 ms    11 ms  192.168.63.36
  8    12 ms    11 ms    11 ms  192.168.63.36
  9   144 ms    12 ms    11 ms  192.168.63.36
 10    13 ms    11 ms    11 ms  192.168.63.36
 11    12 ms    11 ms    12 ms  192.168.63.36

Trace complete.
Avatar of Les Moore
Les Moore
Flag of United States of America image
How many hops to you expect to see? If going through a VPN tunnel, I would not expect to see more than 2.
It appears to be a routing loop, but I would not expect to see the actual destination IP as the responder if it was..
Can you explain your topology a little more? Perhaps a little ascii drawing?
Avatar of cfbros
cfbros

ASKER

The number of hops is correct, it is the destination response that i am concerned about. Also, after the 10.219.12.1 response, the rest is on the recipients end and I do not know what the topology is. They claim that this is what I'm suppose to be seeing but I have concerns when I see the destination address responding for each device.
Avatar of The--Captain
The--Captain
Flag of United States of America image
Umm, why can't it just be as simple as "They are NATting their replies to you so you specifically don't see any of their topology"?

What exactly is the problem (what does not work)?

Cheers,
-Jon
Avatar of giltjr
giltjr
Flag of United States of America image
The--Captain hit the nail on the head.  The 5th hop is the 1st point within the 'real' network and they are replacing the source IP addresss on the ICMP (ping) messages so that you can't map out the internal network.
Avatar of cfbros
cfbros

ASKER

That I understand, but the question that I'm asking is, should the devices all respond with the NAT'd address?
ASKER CERTIFIED SOLUTION
Avatar of The--Captain
The--Captain
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial