arkmat
asked on
tracert 1st hop is 192.0.2.100
I have a Windows Server 2003r2 running Sql 2000, I am having problems with programs that are supposed to be making reqests to the apps on this server, while trying to trouble shoot I ran a trace route to the program, the first hop is 192.168.0.100, this confuses me as my gateway is 192.168.0.1, I also ran a traceroute to Yahoo.com, Google.com etc. Always the first hop is the same. First hop of a tracerout should always be the Gateway shouldn't?? I'm just wondering if whatever is causing my path out to be different is also causing my problems with the Apps.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The 192.168.0.100 is not listed here at all!!!!
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>rou te print
IPv4 Route Table
========================== ========== ========== ========== ========== =========
Interface List
0x1 .......................... . MS TCP Loopback interface
0x10003 ...00 18 8b 37 51 c0 ...... Broadcom BCM5708C NetXtreme II GigE (NDIS V
D Client) #2 - Packet Scheduler Miniport
========================== ========== ========== ========== ========== =========
========================== ========== ========== ========== ========== =========
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.8 20
10.10.xx.xxx 255.255.255.255 192.168.0.xx 192.168.0.8 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.8 192.168.0.8 20
192.168.0.8 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.8 192.168.0.8 20
199.4.xxx.xxx 255.255.255.255 192.168.0.xx 192.168.0.8 1
224.0.0.0 240.0.0.0 192.168.0.8 192.168.0.8 20
255.255.255.255 255.255.255.255 192.168.0.8 192.168.0.8 1
Default Gateway: 192.168.0.1
========================== ========== ========== ========== ========== =========
Persistent Routes:
Network Address Netmask Gateway Address Metric
10.10.xx.xxx 255.255.255.255 192.168.0.xx 1
199.4.xxx.xxx 255.255.255.255 192.168.0.xx 1
C:\Documents and Settings\Administrator>
C:\Documents and Settings\Administrator>
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>rou
IPv4 Route Table
==========================
Interface List
0x1 ..........................
0x10003 ...00 18 8b 37 51 c0 ...... Broadcom BCM5708C NetXtreme II GigE (NDIS V
D Client) #2 - Packet Scheduler Miniport
==========================
==========================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.8 20
10.10.xx.xxx 255.255.255.255 192.168.0.xx 192.168.0.8 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.8 192.168.0.8 20
192.168.0.8 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.8 192.168.0.8 20
199.4.xxx.xxx 255.255.255.255 192.168.0.xx 192.168.0.8 1
224.0.0.0 240.0.0.0 192.168.0.8 192.168.0.8 20
255.255.255.255 255.255.255.255 192.168.0.8 192.168.0.8 1
Default Gateway: 192.168.0.1
==========================
Persistent Routes:
Network Address Netmask Gateway Address Metric
10.10.xx.xxx 255.255.255.255 192.168.0.xx 1
199.4.xxx.xxx 255.255.255.255 192.168.0.xx 1
C:\Documents and Settings\Administrator>
C:\Documents and Settings\Administrator>
nothing unusual.
the persistent route to 10.10.X.X seems unneccesery to me since it goes to the gateway address.
can you show a tracert ?
the persistent route to 10.10.X.X seems unneccesery to me since it goes to the gateway address.
can you show a tracert ?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
10.10.xx.xx is a tunnel to one of the apps,
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>tra cert www.google.com
Tracing route to www.l.google.com [209.85.225.104]
over a maximum of 30 hops:
1 121 ms 194 ms 172 ms 192.0.2.100
2 221 ms 173 ms 174 ms dist1-vlan50.tul2ok.sbcglo bal.net [69.152.80.66]
3 121 ms 163 ms 172 ms bb1-g5-0-2.tul2ok.sbcgloba l.net [69.152.81.56]
4 123 ms 163 ms 172 ms ppp-151-164-52-94.rcsntx.s wbell.net [151.164.52.
94]
5 167 ms 130 ms 171 ms 72.14.197.109
6 241 ms 165 ms 173 ms 72.14.233.65
7 102 ms 164 ms 173 ms 216.239.47.121
8 265 ms 166 ms 174 ms 209.85.253.173
9 280 ms 166 ms 170 ms 209.85.241.29
10 118 ms 176 ms 164 ms 66.249.95.138
11 258 ms 173 ms 173 ms iy-in-f104.1e100.net [209.85.225.104]
Trace complete.
C:\Documents and Settings\Administrator>arp -a
Interface: 192.168.0.8 --- 0x10003
Internet Address Physical Address Type
192.168.0.1 00-23-5e-2d-ee-45 dynamic
192.168.0.3 00-1e-c9-e6-79-ab dynamic
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>tra
Tracing route to www.l.google.com [209.85.225.104]
over a maximum of 30 hops:
1 121 ms 194 ms 172 ms 192.0.2.100
2 221 ms 173 ms 174 ms dist1-vlan50.tul2ok.sbcglo
3 121 ms 163 ms 172 ms bb1-g5-0-2.tul2ok.sbcgloba
4 123 ms 163 ms 172 ms ppp-151-164-52-94.rcsntx.s
94]
5 167 ms 130 ms 171 ms 72.14.197.109
6 241 ms 165 ms 173 ms 72.14.233.65
7 102 ms 164 ms 173 ms 216.239.47.121
8 265 ms 166 ms 174 ms 209.85.253.173
9 280 ms 166 ms 170 ms 209.85.241.29
10 118 ms 176 ms 164 ms 66.249.95.138
11 258 ms 173 ms 173 ms iy-in-f104.1e100.net [209.85.225.104]
Trace complete.
C:\Documents and Settings\Administrator>arp
Interface: 192.168.0.8 --- 0x10003
Internet Address Physical Address Type
192.168.0.1 00-23-5e-2d-ee-45 dynamic
192.168.0.3 00-1e-c9-e6-79-ab dynamic
192.0.2.100 might be the "public" IP address of your gateway, or an transfer network for DSL router. It is not that unusual that an other interface as the internal one answers on a traceroute.
However, why do you think that effect is related to your core problem? You wrote that you did a traceroute (internally?) to the SQL Server address. So that server and your test box are on different networks, logically and/or physically?
However, why do you think that effect is related to your core problem? You wrote that you did a traceroute (internally?) to the SQL Server address. So that server and your test box are on different networks, logically and/or physically?
ASKER
Public IP is 99.135.2xx.xxx Netopia Roter is in full bridge mode, ASA5505 is the gateway doing a PPoE connection, ASA IP is 192.168.0.1
the traceroute I was refering to was the program on the other side of the tunnel, not internal.
the traceroute I was refering to was the program on the other side of the tunnel, not internal.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Tracing route to www.l.google.com [209.85.225.104]
over a maximum of 30 hops:
1 121 ms 194 ms 172 ms 192.0.2.100
2 221 ms 173 ms 174 ms dist1-vlan50.tul2ok.sbcglo bal.net [69.152.80.66]
3 121 ms 163 ms 172 ms bb1-g5-0-2.tul2ok.sbcgloba l.net [69.152.81.56]
4 123 ms 163 ms 172 ms ppp-151-164-52-94.rcsntx.s wbell.net [151.164.52.
94]
5 167 ms 130 ms 171 ms 72.14.197.109
6 241 ms 165 ms 173 ms 72.14.233.65
7 102 ms 164 ms 173 ms 216.239.47.121
8 265 ms 166 ms 174 ms 209.85.253.173
9 280 ms 166 ms 170 ms 209.85.241.29
10 118 ms 176 ms 164 ms 66.249.95.138
11 258 ms 173 ms 173 ms iy-in-f104.1e100.net [209.85.225.104]
Trace complete.
over a maximum of 30 hops:
1 121 ms 194 ms 172 ms 192.0.2.100
2 221 ms 173 ms 174 ms dist1-vlan50.tul2ok.sbcglo
3 121 ms 163 ms 172 ms bb1-g5-0-2.tul2ok.sbcgloba
4 123 ms 163 ms 172 ms ppp-151-164-52-94.rcsntx.s
94]
5 167 ms 130 ms 171 ms 72.14.197.109
6 241 ms 165 ms 173 ms 72.14.233.65
7 102 ms 164 ms 173 ms 216.239.47.121
8 265 ms 166 ms 174 ms 209.85.253.173
9 280 ms 166 ms 170 ms 209.85.241.29
10 118 ms 176 ms 164 ms 66.249.95.138
11 258 ms 173 ms 173 ms iy-in-f104.1e100.net [209.85.225.104]
Trace complete.
can you do a ping to 192.0.2.100 and then another arp -a ?
Your traceroute does not reveal news. Please answer the questions I posed for clearity.
ASKER
192.168.0.100 Was a typo,
C:\Documents and Settings\Administrator>pin g 192.0.2.100
Pinging 192.0.2.100 with 32 bytes of data:
Reply from 192.0.2.100: bytes=32 time=26ms TTL=64
Reply from 192.0.2.100: bytes=32 time=9ms TTL=64
Reply from 192.0.2.100: bytes=32 time=8ms TTL=64
Reply from 192.0.2.100: bytes=32 time=8ms TTL=64
Ping statistics for 192.0.2.100:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 8ms, Maximum = 26ms, Average = 12ms
C:\Documents and Settings\Administrator>arp -a
Interface: 192.168.0.8 --- 0x10003
Internet Address Physical Address Type
192.168.0.1 00-23-5e-2d-ee-45 dynamic
192.168.0.3 00-1e-c9-e6-79-ab dynamic
192.168.0.13 00-19-b9-18-d0-5b dynamic
192.168.0.75 00-15-e9-70-a1-20 dynamic
192.168.0.1 is ASA an Gateway
.3 is other Sql server
.13 is workstation, not sure why it shows up?
.75 is DLink appliance for a tunnel
C:\Documents and Settings\Administrator>pin
Pinging 192.0.2.100 with 32 bytes of data:
Reply from 192.0.2.100: bytes=32 time=26ms TTL=64
Reply from 192.0.2.100: bytes=32 time=9ms TTL=64
Reply from 192.0.2.100: bytes=32 time=8ms TTL=64
Reply from 192.0.2.100: bytes=32 time=8ms TTL=64
Ping statistics for 192.0.2.100:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 8ms, Maximum = 26ms, Average = 12ms
C:\Documents and Settings\Administrator>arp
Interface: 192.168.0.8 --- 0x10003
Internet Address Physical Address Type
192.168.0.1 00-23-5e-2d-ee-45 dynamic
192.168.0.3 00-1e-c9-e6-79-ab dynamic
192.168.0.13 00-19-b9-18-d0-5b dynamic
192.168.0.75 00-15-e9-70-a1-20 dynamic
192.168.0.1 is ASA an Gateway
.3 is other Sql server
.13 is workstation, not sure why it shows up?
.75 is DLink appliance for a tunnel
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Found something, I'm looking at the ASA thru the GUI, in the Monitoring section under Routes, I have 3 Static Routes, there are two defaults, the last one is Destination IP: o.o.o.o, Netmask: o.o.o.o, Gateway: 192.0.2.100, Interface: Outside, AD/Metric: [1/0], Why??????, The first static is Identical except under Gateway it has my static Public IP, 99.135.xxx.xxx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This is an internal network, the tunnels involved are for apps sending and receiving info. Yes, the Sql or Database server is 192.168.0.3, the image or storage server is 192.168.0.8, No I did Not do a traceroute from .03 to .08, not sure where you got that from. All trace routes have been to the outside of the ASA5505, You do understand that on IP Config the Gateway is 192.168.0.1, which is the inside address of the ASA5505, but in the ASA5505 GUI I found the 192.0.2.100 Gateway listed. I do not understand why the ASA5505 has an inside address of 192.168.0.1 but shows the 192.0.2.100 as a Gateway??
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
As stated above 192.168.0.100 was a typo, I meant 192.0.2.100 I was running a trace route to the program on the other end of the tunnel that is supposed to communicate with the program (or App) on this end of the tunnel. From all trace routes that I've run (obviously) the first hop is the gateway or router, the 2nd hop would be what is the next device after the gateway or router. I currently have a TAC request in with Cisco so they can explain to me why this ASA5505 has the two different IP's for a Gateway. The 192.0.2.100 does not show in the "Show Run" I only found it on the Gui of the ASDM program.
ASKER
After a 2 hour session with Cisco tech support we are still unclear but Cisco is researching and will get back with me, 1st let me apoligize to Qlemo, an ASA5505 by default, does NOT show itself in a trace route as other routers do, so yes the 192.0.2.100 is the next hop out of my router, what is confusing is that address was programmed into my router as a remote route???? That is what Cisco is investigating, even after we took the programming of the remote route out it is still in the trace route??? I did some searching on my own and found this at
http://www.dslreports.com/forum/remark,17027621
Since this is AT&T/SBC Global I'm assuming that this will be the unltimate explaination. I will confirm that and give points as soon as Cisco gets back with me. Thanks in Advance for your help.
Sam Spade tells me:
10/05/06 09:20:29 IP block 192.0.2.100@whois.arin.net Trying 192.0.2.100 at ARINTrying 192.0.2 at ARINInternet Assigned Numbers Authority RESERVED-192 (NET-192-0-0-0-1) 192.0.0.0 - 192.0.127.255Internet Assigned Numbers Authority IANA (NET-192-0-2-0-1
: NET-192-0-0-0-1NetType: ReassignedComment: Please see RFC 3330 for additional information.RegDate:Update d: 2002-10-14That is a truncated result. However there is a reference to RFC 3330. To quote from the RFC:
quote:
-------------------------- ---------- ---------- ---------- ---------- ---------- ----
192.0.2.0/24 - This block is assigned as "TEST-NET" for use in
documentation and example code. It is often used in conjunction with
domain names example.com or example.net in vendor and protocol
documentation. Addresses within this block should not appear on the
public Internet.
-------------------------- ---------- ---------- ---------- ---------- ---------- ----
So this is just another block of "unroutable" (which really means, "Not announced in BGP") IP addresses. What AT&T is doing is not entirely clear, but it appears to be entirely valid.
http://www.dslreports.com/forum/remark,17027621
Since this is AT&T/SBC Global I'm assuming that this will be the unltimate explaination. I will confirm that and give points as soon as Cisco gets back with me. Thanks in Advance for your help.
Sam Spade tells me:
10/05/06 09:20:29 IP block 192.0.2.100@whois.arin.net
: NET-192-0-0-0-1NetType: ReassignedComment: Please see RFC 3330 for additional information.RegDate:Update
quote:
--------------------------
192.0.2.0/24 - This block is assigned as "TEST-NET" for use in
documentation and example code. It is often used in conjunction with
domain names example.com or example.net in vendor and protocol
documentation. Addresses within this block should not appear on the
public Internet.
--------------------------
So this is just another block of "unroutable" (which really means, "Not announced in BGP") IP addresses. What AT&T is doing is not entirely clear, but it appears to be entirely valid.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Honestly I'm not sure now, When I thought I had a problem with the programming of the ASA5505 I assumed that was the cause of the Apps problem, now that I'm fairly sure that there is no problem there I will have to do further research to find that solution. I have an online appointment at 9:00 am &1:00pm CST with the Apps people to try to find where the problem truly lies, but at least I can rule this out, when I talked with them Friday they were blaming this. I will post again after the appointments, Again Thank You.
ASKER
To make a long story short, the program was not installed correctly and was not functioning properly, Apps people installed it, but instead of looking at the problem they just sent me chasing my tail for 2 weeks, when they finally looked at the problem, they fixed it and now all is well. It is so easy to blame the network. Thanks for all the help.
A shame for the effort it took to chase your own tail. But I'm happy (and you certainly even more) that the problem is fixed.
Doing a good chase makes things clearer for you too, so you gain.
Don't forget to document so things keep as clear as they are now.
Don't forget to document so things keep as clear as they are now.
ASKER
Original problem wasn't a problem after all
ASKER
Windows IP Configuration
Host Name . . . . . . . . . . . . : SERVER1
Primary Dns Suffix . . . . . . . : MFMC.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : MFMC.local
Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD Client) #2
Physical Address. . . . . . . . . : 00-18-8B-37-51-C0
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.8
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.3
NetBIOS over Tcpip. . . . . . . . : Disabled