?
Solved

Traceroute returning same destination multiple times

Posted on 2006-10-28
6
Medium Priority
?
3,700 Views
Last Modified: 2008-08-14
Trying to get some clarification, I've tried other sources but no real answer. I'm performing a traceroute to a device with a NAT'd address that is connected via VPN Tunnel, for each device that is hidden, I am recieving the destination IP. Is this normal behaviour or is there something wrong. Could this affect performance between the two devices?

Tracing route to 192.168.63.36 over a maximum of 30 hops

  1     6 ms     6 ms     6 ms  10.199.1.101
  2     7 ms     8 ms     7 ms  10.199.1.2
  3     8 ms     7 ms     7 ms  10.219.12.1
  4    14 ms    11 ms    11 ms  10.219.13.1
  5    15 ms    10 ms    11 ms  192.168.63.36
  6    12 ms    11 ms    11 ms  192.168.63.36
  7    11 ms    10 ms    11 ms  192.168.63.36
  8    12 ms    11 ms    11 ms  192.168.63.36
  9   144 ms    12 ms    11 ms  192.168.63.36
 10    13 ms    11 ms    11 ms  192.168.63.36
 11    12 ms    11 ms    12 ms  192.168.63.36

Trace complete.
0
Comment
Question by:cfbros
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 17826296
How many hops to you expect to see? If going through a VPN tunnel, I would not expect to see more than 2.
It appears to be a routing loop, but I would not expect to see the actual destination IP as the responder if it was..
Can you explain your topology a little more? Perhaps a little ascii drawing?
0
 

Author Comment

by:cfbros
ID: 17826370
The number of hops is correct, it is the destination response that i am concerned about. Also, after the 10.219.12.1 response, the rest is on the recipients end and I do not know what the topology is. They claim that this is what I'm suppose to be seeing but I have concerns when I see the destination address responding for each device.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 17826536
Umm, why can't it just be as simple as "They are NATting their replies to you so you specifically don't see any of their topology"?

What exactly is the problem (what does not work)?

Cheers,
-Jon
0
Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

 
LVL 57

Expert Comment

by:giltjr
ID: 17826609
The--Captain hit the nail on the head.  The 5th hop is the 1st point within the 'real' network and they are replacing the source IP addresss on the ICMP (ping) messages so that you can't map out the internal network.
0
 

Author Comment

by:cfbros
ID: 17826719
That I understand, but the question that I'm asking is, should the devices all respond with the NAT'd address?
0
 
LVL 16

Accepted Solution

by:
The--Captain earned 2000 total points
ID: 17827327
>should the devices all respond with the NAT'd address?

No.  Assuming this is what's going on, the NAT box lies to you when it sees IPs that match the NAT rules - that's the whole point.

0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question