From: Steve Ohnmacht (gs.ohnmacht@gmail.com)
Date: Mon May 16 2005 - 21:58:00 GMT-3
From what I understand working with both windows and *nix boxes...
Windows "tracert" used icmp and unix "traceroute" uses udp. It makes
sense that IOS uses udp as well, due to the fact that IOS is unix like
per se. Also, certain versions of traceroute on unix will allow you to
use icmp as well if you specify... Good observation Long!
On 5/16/05, Long Kwok <lkwok@ccieunix.com> wrote:
> Hi, Looks like cisco IOS does use UDP when you use traceroute command
> from a cisco IOS . Example topology needed to reference is IE 2 , R1
> sends traceroute to LAN behind R5 , only combination I have been able to
> find to stop is to put filter as close as possible to source of
> traceoute , if the below ACL (only line 40 ) is placed on R5's inbound
> serial interface , when you Trace from R1 it looks as if trace gets
> through successfully , this is trace with filter on R2 , the next hop
> for R1 to reach R5's remote networks , no form of blocking icmp stops
> IOS traceroute command , as I can see only udp as you see there is 12
> matches ?? Any other methods or thoughts regarding Traceroute ? Wonder
> if linux or windows box also uses UDP as transport for traceroute
> function as it appears that cisco IOS only uses udp ??
>
> TIA , Long
>
> Extended IP access list DENY-TRACEROUTE
>
> 10 deny icmp any any time-exceeded
>
> 20 deny icmp any any port-unreachable
>
> 40 deny udp any 192.10.1.0 0.0.0.255 (12 matches)
>
> 50 deny udp 192.10.1.0 0.0.0.255 any
>
> 60 permit ip any any (65 matches)
>
> Rack1R2#
>
> Type escape sequence to abort.
>
> Tracing the route to 192.10.1.254
>
> 1 132.1.0.2 !A * !A
>
> Rack1R1#
>
> Rack1R1#
>
> Rack1R1#
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:58 GMT-3