Solved

Traceroute returning same destination multiple times

Posted on 2006-10-28
6
3,353 Views
Last Modified: 2008-08-14
Trying to get some clarification, I've tried other sources but no real answer. I'm performing a traceroute to a device with a NAT'd address that is connected via VPN Tunnel, for each device that is hidden, I am recieving the destination IP. Is this normal behaviour or is there something wrong. Could this affect performance between the two devices?

Tracing route to 192.168.63.36 over a maximum of 30 hops

  1     6 ms     6 ms     6 ms  10.199.1.101
  2     7 ms     8 ms     7 ms  10.199.1.2
  3     8 ms     7 ms     7 ms  10.219.12.1
  4    14 ms    11 ms    11 ms  10.219.13.1
  5    15 ms    10 ms    11 ms  192.168.63.36
  6    12 ms    11 ms    11 ms  192.168.63.36
  7    11 ms    10 ms    11 ms  192.168.63.36
  8    12 ms    11 ms    11 ms  192.168.63.36
  9   144 ms    12 ms    11 ms  192.168.63.36
 10    13 ms    11 ms    11 ms  192.168.63.36
 11    12 ms    11 ms    12 ms  192.168.63.36

Trace complete.
0
Comment
Question by:cfbros
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 17826296
How many hops to you expect to see? If going through a VPN tunnel, I would not expect to see more than 2.
It appears to be a routing loop, but I would not expect to see the actual destination IP as the responder if it was..
Can you explain your topology a little more? Perhaps a little ascii drawing?
0
 

Author Comment

by:cfbros
ID: 17826370
The number of hops is correct, it is the destination response that i am concerned about. Also, after the 10.219.12.1 response, the rest is on the recipients end and I do not know what the topology is. They claim that this is what I'm suppose to be seeing but I have concerns when I see the destination address responding for each device.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 17826536
Umm, why can't it just be as simple as "They are NATting their replies to you so you specifically don't see any of their topology"?

What exactly is the problem (what does not work)?

Cheers,
-Jon
0
Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

 
LVL 57

Expert Comment

by:giltjr
ID: 17826609
The--Captain hit the nail on the head.  The 5th hop is the 1st point within the 'real' network and they are replacing the source IP addresss on the ICMP (ping) messages so that you can't map out the internal network.
0
 

Author Comment

by:cfbros
ID: 17826719
That I understand, but the question that I'm asking is, should the devices all respond with the NAT'd address?
0
 
LVL 16

Accepted Solution

by:
The--Captain earned 500 total points
ID: 17827327
>should the devices all respond with the NAT'd address?

No.  Assuming this is what's going on, the NAT box lies to you when it sees IPs that match the NAT rules - that's the whole point.

0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question