• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1848
  • Last Modified:

tracert 1st hop is 192.0.2.100

I have a Windows Server 2003r2 running Sql 2000, I am having problems with programs that are supposed to be making reqests to the apps on this server, while trying to trouble shoot I ran a trace route to the program, the first hop is 192.168.0.100, this confuses me as my gateway is 192.168.0.1, I also ran a traceroute to Yahoo.com, Google.com etc. Always the first hop is the same. First hop of a tracerout should always be the Gateway shouldn't?? I'm just wondering if whatever is causing my path out to be different is also causing my problems with the Apps.
0
arkmat
Asked:
arkmat
  • 13
  • 7
  • 7
8 Solutions
 
Lieven EmbrechtsCommented:
your concerns are correct, an incorrectly defined network (ip/dns) can cause a lot of problems.
eg. if there are several adapters, windows will choose at random.

first have a look in the network connections to see if there are other physical or virtual network adapters and look at the settings.  also an 'ipconfig /all' dos command gives a good overview.
please post it here.
a 'route print' dos command gives a good overview what routes are connected to which adapter.  please also post.
0
 
arkmatAuthor Commented:
C:\Documents and Settings\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : SERVER1
   Primary Dns Suffix  . . . . . . . : MFMC.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : MFMC.local

Ethernet adapter Local Area Connection 4:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS
 VBD Client) #2
   Physical Address. . . . . . . . . : 00-18-8B-37-51-C0
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.0.8
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1
   DNS Servers . . . . . . . . . . . : 192.168.0.3
   NetBIOS over Tcpip. . . . . . . . : Disabled

 
0
 
arkmatAuthor Commented:
The 192.168.0.100 is not listed here at all!!!!



Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>route print

IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 18 8b 37 51 c0 ...... Broadcom BCM5708C NetXtreme II GigE (NDIS V
D Client) #2 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.8     20
     10.10.xx.xxx  255.255.255.255     192.168.0.xx      192.168.0.8      1
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
      192.168.0.0    255.255.255.0      192.168.0.8      192.168.0.8     20
      192.168.0.8  255.255.255.255        127.0.0.1        127.0.0.1     20
    192.168.0.255  255.255.255.255      192.168.0.8      192.168.0.8     20
    199.4.xxx.xxx  255.255.255.255     192.168.0.xx     192.168.0.8      1
        224.0.0.0        240.0.0.0      192.168.0.8      192.168.0.8     20
  255.255.255.255  255.255.255.255      192.168.0.8      192.168.0.8      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
     10.10.xx.xxx  255.255.255.255     192.168.0.xx       1
    199.4.xxx.xxx  255.255.255.255     192.168.0.xx       1

C:\Documents and Settings\Administrator>

C:\Documents and Settings\Administrator>




0
Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

 
Lieven EmbrechtsCommented:
nothing unusual.
the persistent route to 10.10.X.X seems unneccesery to me since it goes to the gateway address.

can you show a tracert ?
0
 
Lieven EmbrechtsCommented:
also an 'arp -a' would help to see what fysical interfaces are connected to the ip addresses.
(same physical interface?)
0
 
arkmatAuthor Commented:
10.10.xx.xx is a tunnel to one of the apps,

   Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>tracert www.google.com

Tracing route to www.l.google.com [209.85.225.104]
over a maximum of 30 hops:

  1   121 ms   194 ms   172 ms  192.0.2.100
  2   221 ms   173 ms   174 ms  dist1-vlan50.tul2ok.sbcglobal.net [69.152.80.66]

  3   121 ms   163 ms   172 ms  bb1-g5-0-2.tul2ok.sbcglobal.net [69.152.81.56]
  4   123 ms   163 ms   172 ms  ppp-151-164-52-94.rcsntx.swbell.net [151.164.52.
94]
  5   167 ms   130 ms   171 ms  72.14.197.109
  6   241 ms   165 ms   173 ms  72.14.233.65
  7   102 ms   164 ms   173 ms  216.239.47.121
  8   265 ms   166 ms   174 ms  209.85.253.173
  9   280 ms   166 ms   170 ms  209.85.241.29
 10   118 ms   176 ms   164 ms  66.249.95.138
 11   258 ms   173 ms   173 ms  iy-in-f104.1e100.net [209.85.225.104]

Trace complete.

C:\Documents and Settings\Administrator>arp -a

Interface: 192.168.0.8 --- 0x10003
  Internet Address      Physical Address      Type
  192.168.0.1           00-23-5e-2d-ee-45     dynamic
  192.168.0.3           00-1e-c9-e6-79-ab     dynamic

0
 
QlemoC++ DeveloperCommented:
192.0.2.100 might be the "public" IP address of your gateway, or an transfer network for DSL router. It is not that unusual that an other interface as the internal one answers on a traceroute.

However, why do you think that effect is related to your core problem? You wrote that you did a traceroute (internally?) to the SQL Server address. So that server and your test box are on different networks, logically and/or physically?
0
 
arkmatAuthor Commented:
Public IP is 99.135.2xx.xxx Netopia Roter is in full bridge mode, ASA5505 is the gateway doing a PPoE connection, ASA IP is 192.168.0.1
the traceroute I was refering to was the program on the other side of the tunnel, not internal.
0
 
QlemoC++ DeveloperCommented:
Important info - there is a (VPN? GRE?) tunnel in-between ... For a tunnel, you need two devices building it, and hence we have two gateways to consider. Could you show in more detail how that is expected to be handled? Like

MSSQL (ip addr) -- (ip addr) VPN router (ASA) ( ip addr) -- Netopia (bridge)
PC (ip addr) -- (ip addr) VPN router (ip addr) -- DSL router (bridge)

192.0.2.100 is an address out of the IANA test IP pool - no public IP hence, but no private one, too. Also you mentioned 192.168.0.100 being the first hop - is both true, depending on the target you try to ping, or is there a typo somewhere?
0
 
arkmatAuthor Commented:
Tracing route to www.l.google.com [209.85.225.104]
over a maximum of 30 hops:

  1   121 ms   194 ms   172 ms  192.0.2.100
  2   221 ms   173 ms   174 ms  dist1-vlan50.tul2ok.sbcglobal.net [69.152.80.66]

  3   121 ms   163 ms   172 ms  bb1-g5-0-2.tul2ok.sbcglobal.net [69.152.81.56]
  4   123 ms   163 ms   172 ms  ppp-151-164-52-94.rcsntx.swbell.net [151.164.52.
94]
  5   167 ms   130 ms   171 ms  72.14.197.109
  6   241 ms   165 ms   173 ms  72.14.233.65
  7   102 ms   164 ms   173 ms  216.239.47.121
  8   265 ms   166 ms   174 ms  209.85.253.173
  9   280 ms   166 ms   170 ms  209.85.241.29
 10   118 ms   176 ms   164 ms  66.249.95.138
 11   258 ms   173 ms   173 ms  iy-in-f104.1e100.net [209.85.225.104]

Trace complete.
0
 
Lieven EmbrechtsCommented:
can you do a ping to 192.0.2.100 and then another arp -a ?
0
 
QlemoC++ DeveloperCommented:
Your traceroute does not reveal news. Please answer the questions I posed for clearity.
0
 
arkmatAuthor Commented:
192.168.0.100 Was a typo,


C:\Documents and Settings\Administrator>ping 192.0.2.100

Pinging 192.0.2.100 with 32 bytes of data:

Reply from 192.0.2.100: bytes=32 time=26ms TTL=64
Reply from 192.0.2.100: bytes=32 time=9ms TTL=64
Reply from 192.0.2.100: bytes=32 time=8ms TTL=64
Reply from 192.0.2.100: bytes=32 time=8ms TTL=64

Ping statistics for 192.0.2.100:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 8ms, Maximum = 26ms, Average = 12ms

C:\Documents and Settings\Administrator>arp -a

Interface: 192.168.0.8 --- 0x10003
  Internet Address      Physical Address      Type
  192.168.0.1           00-23-5e-2d-ee-45     dynamic
  192.168.0.3           00-1e-c9-e6-79-ab     dynamic
  192.168.0.13          00-19-b9-18-d0-5b     dynamic
  192.168.0.75          00-15-e9-70-a1-20     dynamic


192.168.0.1 is ASA an Gateway
.3 is other Sql server
.13 is workstation, not sure why it shows up?
.75 is DLink appliance for a tunnel
0
 
Lieven EmbrechtsCommented:
so it's not physical, please have a look at and describe the tunnel config.
often a tunnel generates new virtual ip addresses (even with dhcp for tunnel clients)
0
 
arkmatAuthor Commented:
Found something,  I'm looking at the ASA thru the GUI, in the Monitoring section under Routes, I have 3 Static Routes, there are two defaults, the last one is Destination IP: o.o.o.o, Netmask: o.o.o.o, Gateway: 192.0.2.100, Interface: Outside, AD/Metric: [1/0],   Why??????,   The first static is Identical except under Gateway it has my static Public IP, 99.135.xxx.xxx
0
 
Lieven EmbrechtsCommented:
ip 0.0.0.0 means anything, can you find more info about the gateway ?
(is it a network adapter, is it the entry point of the vpn tunnel, ...)

in my experience i try to avoid adding static or persistent routes, the router/firewall policies should correctly route everything.
0
 
QlemoC++ DeveloperCommented:
The single route for 192.0.2.100 sounds strange and unnecessary, but we still lack a lot of infos to really judge on that.

I'm again puzzled. The MSSQL Server has the same network as your client PC (192.168.0.0/24). There should be no tunnel involved at all. Or both tunnel sides use the same network? In any case, if the MSSQL server is on the other side of the tunnel, you should not receive ARPs, as long as you do not use (Layer 2) bridging over the tunnel.

As far as I understand, you tried to do a traceroute from 192.168.0.8 to 192.168.0.3, and expected to see the ASA. In L2 bridge mode, you won't see them. In L3 routing mode, you might see the gateway. That is nothing unusual, as already said.

Still, without more detailed infos about the config you try to use, we can only guess.
0
 
arkmatAuthor Commented:
This is an internal network, the tunnels involved are for apps sending and receiving info. Yes, the Sql or Database server is 192.168.0.3, the image or storage server is 192.168.0.8, No I did Not do a traceroute from .03 to .08, not sure where you got that from. All trace routes have been to the outside of the ASA5505, You do understand that on IP Config the Gateway is 192.168.0.1, which is the inside address of the ASA5505, but in the ASA5505 GUI I found the 192.0.2.100 Gateway listed. I do not understand why the ASA5505 has an inside address of 192.168.0.1 but shows the 192.0.2.100 as a Gateway??
0
 
QlemoC++ DeveloperCommented:
192.0.2.100 is (obviously) the NEXT device after ASA, acting as gateway.

Your question text states:
"I am having problems with programs that are supposed to be making reqests to the apps on this server, while trying to trouble shoot I ran a trace route to the program, the first hop is 192.168.0.100,"
I have read that as you having used traceroute from .8 to .3.
0
 
arkmatAuthor Commented:
As stated above 192.168.0.100 was a typo, I meant 192.0.2.100 I was running a trace route to the program on the other end of the tunnel that is supposed to communicate with the program (or App) on this end of the tunnel. From all trace routes that I've run (obviously) the first hop is the gateway or router, the 2nd hop would be what is the next device after the gateway or router. I currently have a TAC request in with Cisco so they can explain to me why this ASA5505 has the two different IP's for a Gateway. The 192.0.2.100 does not show in the "Show Run" I only found it on the Gui of the ASDM program.
0
 
arkmatAuthor Commented:
After a 2 hour session with Cisco tech support we are still unclear but Cisco is researching and will get back with me, 1st let me apoligize to Qlemo, an ASA5505 by default, does NOT show itself in a trace route as other routers do, so yes the 192.0.2.100 is the next hop out of my router, what is confusing is that address was programmed into my router as a remote route???? That is what Cisco is investigating, even after we took the programming of the remote route out it is still in the trace route???  I did some searching on my own and found this at

http://www.dslreports.com/forum/remark,17027621

Since this is AT&T/SBC Global I'm assuming that this will be the unltimate explaination. I will confirm that and give points as soon as Cisco gets back with me. Thanks in Advance for your help.



Sam Spade tells me:
10/05/06 09:20:29 IP block 192.0.2.100@whois.arin.netTrying 192.0.2.100 at ARINTrying 192.0.2 at ARINInternet Assigned Numbers Authority RESERVED-192 (NET-192-0-0-0-1)                                  192.0.0.0 - 192.0.127.255Internet Assigned Numbers Authority IANA (NET-192-0-2-0-1

:     NET-192-0-0-0-1NetType:    ReassignedComment:    Please see RFC 3330 for additional information.RegDate:Updated:    2002-10-14That is a truncated result. However there is a reference to RFC 3330. To quote from the RFC:

quote:
--------------------------------------------------------------------------------
 192.0.2.0/24 - This block is assigned as "TEST-NET" for use in
documentation and example code. It is often used in conjunction with
domain names example.com or example.net in vendor and protocol
documentation. Addresses within this block should not appear on the
public Internet.

--------------------------------------------------------------------------------

So this is just another block of "unroutable" (which really means, "Not announced in BGP") IP addresses. What AT&T is doing is not entirely clear, but it appears to be entirely valid.

0
 
QlemoC++ DeveloperCommented:
I did understand 192.168.0.100 was a typo, but forgot that to mention when I cited your question. That was not why I cited. But you stated "No I did Not do a traceroute from .03 to .08, not sure where you got that from.", and wanted to show that.

AT&T does not need to use public or unreserved IPs for the transfer network - it is up to them. Your WhoIs research concurs with mine (see Comment 26088524).

Now, I have to ask again: Does this issue be related in any form to the original issue, your app not reachable via tunnel?

0
 
arkmatAuthor Commented:
Honestly I'm not sure now, When I thought I had a problem with the programming of the ASA5505 I assumed that was the cause of the Apps problem, now that I'm fairly sure that there is no problem there I will have to do further research to find that solution. I have an online appointment at 9:00 am &1:00pm CST with the Apps people to try to find where the problem truly lies, but at least I can rule this out, when I talked with them Friday they were blaming this. I will post again after the appointments, Again Thank You.
0
 
arkmatAuthor Commented:
To make a long story short, the program was not installed correctly and was not functioning properly, Apps people installed it, but instead of looking at the problem they just sent me chasing my tail for 2 weeks, when they finally looked at the problem, they fixed it and now all is well. It is so easy to blame the network.  Thanks for all the help.
0
 
QlemoC++ DeveloperCommented:
A shame for the effort it took to chase your own tail. But I'm happy (and you certainly even more) that the problem is fixed.
0
 
Lieven EmbrechtsCommented:
Doing a good chase makes things clearer for you too, so you gain.
Don't forget to document so things keep as clear as they are now.
0
 
arkmatAuthor Commented:
Original problem wasn't a problem after all
0

Featured Post

Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

  • 13
  • 7
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now