[TCLUG] Can ping but not traceroute to a Cisco router?

Mon Sep 24 20:58:03 CDT 2001

Bob Tanner <tanner at real-time.com> wrote:
> 
> I can ping an ethernet interface on a remote Cisco router, but I cannot
> traceroute to it.
> 
> I have seen this behaviour before when a firewall is involved, and when
> some whacky access-list is applied to the interface.
> 
> I was told the interface has no access list applied to it, so what other
> things can I troubleshoot when you can ping but not traceroute to an
> interface?

Traceroute usually uses mangled UDP packets, since responding with an ICMP
error message to an ICMP packet that has a zero TTL would probably be a
really silly thing to do.  Is something not passing UDP?

You can try using hping2, which will let you do all sorts of nasty things
to packets to see what can pass through..

-- 
 _  _  _  _ _  ___    _ _  _  ___ _ _  __   God speed, fair wizard. 
/ \/ \(_)| ' // ._\  / - \(_)/ ./| ' /(__                              
\_||_/|_||_|_\\___/  \_-_/|_|\__\|_|_\ __)                             
[ Mike Hicks | http://umn.edu/~hick0088/ | mailto:hick0088 at tc.umn.edu ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20010924/415edde2/attachment.pgp