How Ping and Trace route work

-

Trace Route Process

A . Traceroute sends out 3 ICMP echo packets to the named host, but with a TTL of 1; then with a TTL of 2; then with a TTL of 3 and so on. Traceroute will then get 'TTL expired in transit' message back from routers until the desination host computer finally is reached and it responds with the standard ICMP 'echo reply' packet.

Please note that TTL increment happens till destination is reachable or TTL reaches its maximum value.

Trace route is mainly used in troubleshooting of the networks

Possible ICMP error messages in trace route :

H :- Host unreachable. The router has no route to the target system.

N :- Network unreachable.

P :- Protocol unreachable.

S :- Source route failed. You tried to use source routing, but the router is configured to block source-routed packets.

F :- Fragmentation needed. This indicates that the router is misconfigured.

X :- Communication administratively prohibited.


Trace route explained with snippet:

1 51 ms 59 ms 49 ms 10.176.119.1

2 66 ms 50 ms 38 ms 172.31.242.57

3 54 ms 69 ms 60 ms 172.31.78.130

Here value in ms are round trip time of 3 ICMP echo request and ip address is next hop address


The Ping Process


A. The source host generates an ICMP protocol data unit.


B. The ICMP PDU is encapsulated in an IP datagram, with the source and destination IP addresses in the IP header. At this point the datagram is most properly referred to as an ICMP ECHO datagram, but we will call it an IP datagram from here on since that's what it looks like to the networks it is sent over.

C. The source host notes the local time on it's clock as it transmits the IP datagram towards the destination. Each host that receives the IP datagram checks the destination address to see if it matches their own address or is the all hosts address (all 1's in the host field of the IP address).

D. If the destination IP address in the IP datagram does not match the local host's address, the IP datagram is forwarded to the network where the IP address resides.

E. The destination host receives the IP datagram, finds a match between itself and the destination address in the IP datagram.

F. The destination host notes the ICMP ECHO information in the IP datagram, performs any necessary work then destroys the original IP/ICMP ECHO datagram.
G. The destination host creates an ICMP ECHO REPLY, encapsulates it in an IP datagram placing it's own IP address in the source IP address field, and the original sender's IP address in the destination field of the IP datagram.

H. The new IP datagram is routed back to the originator of the PING. The host receives it, notes the time on the clock and finally prints PING output information, including the elapsed time
The process above is repeated until all requested ICMP ECHO packets have been sent and their responses have been received or the default 2-second timeout expired. The default 2-second timout is local to the host initiating the PING and is NOT the Time-To-Live value in the datagram.


Comments

Post a Comment

Popular posts from this blog

URL FILTERING IN FORTIGATE

-
Image
URL Filtering in PALO ALTO requires configuration of below things,  1 . Interface/Zone configuration  2 . Static route Configuration .  3 . URL Filtering Configuration  4 . Security Policy Configuration  Topology : Interface , Router Config: 1 . Configure the interface which is connected to linux vm in private network and mgmt interface config system interface     edit "port1"         set ip 10.10.9.11 255.255.255.0         set allowaccess ping https ssh http fgfm     next     edit "port2"         set ip 15.15.15.102 255.255.255.0         set allowaccess ping https ssh http     next end 2 . Configure the interface which is connected to internet config system interface     edit "port3"         set ip 10.48.110.206 255.255.255.0         set allowaccess ping https ssh http     next end 3 . Set default route pointing to internet facing interface and route for mgmt network config router static     edit 20         set dst 10.20.
Read more

URL FILTERING IN PALO ALTO FIREWALL

-
Image
URL Filtering in PALO ALTO requires configuration of below things,  1 . Interface/Zone configuration  2 . Static route Configuration .  3 . NAT Configuration  4 . URL Filtering Configuration  5 . Security Policy Configuration  Topology : Interface , Router Config: 1 . Configure the interface which is connected to linux vm in private network and mgmt interface config system interface     edit "port1"         set ip 10.10.9.11 255.255.255.0         set allowaccess ping https ssh http fgfm     next     edit "port2"         set ip 15.15.15.102 255.255.255.0         set allowaccess ping https ssh http     next     edit "port3"         set ip 10.48.110.206 255.255.255.0         set allowaccess ping https ssh http end 2 . Configure the interface which is connected to intenet config system interface     edit "port3"         set ip 10.48.110.206 255.255.255.0         set allowaccess ping https ssh http end 3 . Set default rou
Read more

Packet over SONET/SDH

-
Image
Packet Over SONET/SDH : Many of us use the POS interfaces in the routers . So here we will have one small technical summary about POS(packet over SONET/SDH) POS also known as PPP over SONET/SDH . This is scheme which uses PPP encapsulation to map IP datagrams into the SONET/SDH payload . Why SONET/SDH payload and PPP are used for enacapsulation : Since SONET/SDH is point to point circuit , PPP is well suited here . POS layers : There are three pos layers. They are 1 . Bottom layer : mapping into SONET/SDH 2 . Mid layer - Framing of PPP with HDLC . 3 . Top layer – IP encapsulation into PPP Here I rememember Sridhar G , my mentor in HCL . I created the stream for POS interface and traffic was not success . At that time , he told me to select the HDLC in Agilent RT. For Ethernet , We use some other encapsulation in RT. Please share that info if u know. Operation of POS is : When transmitting : IP -> PPP->FCS generation->Byte stuffing->scrambling-SONET/SDH framing When rec
Read more