Posts Tagged ‘traceroute’

How Traceroute Works Its Magic

Friday, March 6th, 2009

Do you wonder about how traceroute works? Here is how the traditional traceroute works…

TTL
Time To Live (TTL) is a part of the IP header, it is designed to prevent packets from looping forever.
When you send a packet, each router (hop) on the way will decrement the TTL value by one.
When the TTL value reaches zero (0), the packet is said to be ‘expired’ and is discarded.
The router that discards this packet will send an ICMP ‘Time Exceeded’ back to the sender.

By launching a ‘traceroute’ in linux you will send a series of UDP packets towards your target with an TTL starting at 1, and increased with 1 until the target is reached.

Fully explained, let us say you have this path to 10.0.1.2

  1. 10.0.5.1
  2. 172.16.1.1
  3. 10.0.0.3
  4. 192.168.100.1
  5. 172.16.18.9
  6. 10.0.1.2

By sending a packet with TTL one, then 10.0.5.1 will send you an ICMP Time Exceeded – and you have the first line in the traceroute.
TTL is set to 2 on the next packet, 172.16.1.1 will reply with ICMP Time Exceeded and you can see hop number two.

This method of tracerouting depends on the practise of sending ICMP packets back when the TTL has expired and the packet is discarded, when the packet it only discarded you will often see just a * * * in the traceroute, this also happens if the path is down. That’s usually when you do not reach your target.

How to setup a GRE tunnel on a Cisco Router

Tuesday, January 13th, 2009

Hey peeps, it has been a while now…
Sorry about that, I have had a lot of things on my mind lately.
Sometimes I also have issues figuring about a new subject to write about, but I will try to take on more advanced networking as someone requested it per email.  If you want me to write about something or need help with anything, don’t hesitate to contact me.

So, let’s warm up the new year with an easy tutorial on how to setup a GRE tunnel on a Cisco router.

Consider this scenario:
Router1 = 172.16.1.1
Router2 = 192.168.0.1

The routing between these routers are fixed so that they can reach each other, like on the internet.
Router2 will have the network 10.0.10.0/24 routed to it via a GRE tunnel.
The address on the tunnel interfaces will be 10.0.0.1 and 10.0.0.2 for Router1 and Router2 respectively.

Router1 configuration:

Router1(config)#interface Tunnel 0
Router1(config-if)#tunnel source 172.16.1.1
Router1(config-if)#tunnel destination 192.168.0.1
Router1(config-if)#tunnel mode gre ip
Router1(config-if)#ip address 10.0.0.1 255.255.255.252
Router1(config-if)#no shutdown
Router1(config-if)#exit
Router1(config)#ip route 10.0.10.0 255.255.255.0 10.0.0.2

Router1(config)#interface Tunnel 0
Router1(config-if)#tunnel source 192.168.0.1
Router1(config-if)#tunnel destination 172.16.1.1
Router1(config-if)#tunnel mode gre ip
Router1(config-if)#ip address 10.0.0.2 255.255.255.252
Router1(config-if)#no shutdown
Router1(config-if)#exit
Router1(config)#ip route 10.0.10.0 255.255.255.0 Null 0

You can now setup addresses within 10.0.10.0/24 on any interface you want and use them like as they were routed to your router directly.
The traceroute from Router2 to Router1 should look something like this:

Router2#traceroute 10.0.0.1

Type escape sequence to abort.
Tracing the route to 10.0.0.1

1 10.0.0.1 8 msec 8 msec 8 msec

Voila, we got routing over GRE!