NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
NOYB
Premium Member
2006-Apr-22 11:14 pm
TTL Info From Default GatewayWhy does the Comcast default gateway not return TTL expiration info so trace route can see it?
1 * * * Request timed out. 2 12 ms 11 ms 11 ms 68.87.218.93 3 11 ms 11 ms 11 ms 68.87.216.49 4 13 ms 11 ms 11 ms 68.87.216.29 5 13 ms 11 ms 14 ms 68.87.216.18 6 11 ms 12 ms 11 ms 68.87.69.146
What is Comcast trying to hide? |
|
dadkinsCan you do Blu? MVM join:2003-09-26 Hercules, CA |
It's just set to not respond to pings. Mine does it too! |
|
NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
NOYB
Premium Member
2006-Apr-23 12:06 am
No, that's not it. It does respond to pings.
Pinging 71.193.176.1 with 32 bytes of data:
Reply from 71.193.176.1: bytes=32 time=8ms TTL=64 Reply from 71.193.176.1: bytes=32 time=10ms TTL=64 Reply from 71.193.176.1: bytes=32 time=12ms TTL=64 Reply from 71.193.176.1: bytes=32 time=10ms TTL=64
Ping statistics for 71.193.176.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 8ms, Maximum = 12ms, Average = 10ms |
|
1 recommendation |
The first hop in your trace route (assuming you have a modem without a router) is the IP address of the upstream card in the CMTS that supports your upstream. Comcast (and some others) block it from responding to pings, and I've heard that the intent is to prevent DDOS attacks.
There can be and usually are several subnets on a given card, so the card IP is not the same as the default gateway IP. |
|
NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
NOYB
Premium Member
2006-Apr-23 5:09 pm
First of all do you guys even understand how tracert works? Reason I ask is because you all keep referring to the possibility that the Comcast default gateway/router is configured not to respond to ping requests. There are two problems with this line of thought though.
1) Tracert does not ping the Comcast default gateway/router or any other system along the path to the destination. 2) I know and have shown that the Comcast default gateway/router does respond to pings.
Any other thoughts? |
|
1 edit |
regtrerer to NOYB
Anon
2006-Apr-23 5:39 pm
to NOYB
"First of all do you guys even understand how tracert works?"
Kpatterson knows how it works, he was pretty correct in saying that first hop isn't your gateway's ip.
Your first hop is set not to respond to pings. That is not your gateway. End of discussion. |
|
NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
NOYB
Premium Member
2006-Apr-23 6:38 pm
He and you both apparently do not understand out tracert works. Because if you did you wouldn't be saying my first hop is set not to respond to pings as being the cause for tracert not seeing it. As I stated earlier tracert does not ping the gateway/router/first hop or any other hop in the path to the destination. Tracert pings the destination address and ONLY the destination address.
Why do people who dont have a clue insist on disseminating incorrect and misleading information? |
|
|
1 recommendation |
to NOYB
Each network segment can support many subnets. I am a RR user, and they allow others access to their network. There are typically 10 subnets visible on the cable at my location.
The default gateways are not physical pieces of equipment. They are IP addresses that are associated with a hardware address in the CMTS. When the TCP/IP stack in your computer wants to send a packet, it first has to learn what physical address to send it do. To do this, it uses a process called ARP to learn the physical address associated with the destination IP. If the eventual destination is not on the subnet, then your TCP/IP stack puts the eventual destination IP in the TCP/IP (layer 3) header, and the physical address of the default gateway in the physical(layer 2) header.
Since there are usually several subnets whose default gateways are associated with a single physical address, the IP that is returned when you do a tracert or ping is not the IP of the default gateway but the IP assigned to the Upstream card in the CMTS. However, since Comcast has configured the CMTS to not respond to tracert/ping in this situation you actually get no response. |
|
K Patterson |
to NOYB
said by NOYB:He and you both apparently do not understand out tracert works. Because if you did you wouldn't be saying my first hop is set not to respond to pings as being the cause for tracert not seeing it. As I stated earlier tracert does not ping the gateway/router/first hop or any other hop in the path to the destination. Tracert pings the destination address and ONLY the destination address. Why do people who dont have a clue insist on disseminating incorrect and misleading information? My information is absolutely correct. Yes, tracert (Windows version) sends a series of ICMP packets addressed to the destnation address. The first packet (set of three, normally) has its TTL set to one, the second to 2, etc. When the TTL goes to zero at a router, the router discards the packet. If the router is configured to inform the sender that the packet has been discarded, the router control program (CPU) is told, and it generates a new packet addressed to the sender. If it is not so configured, it doesn't. |
|
NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
to K Patterson
"Comcast has configured the CMTS to not respond to tracert/ping in this situation you actually get no response"
How many times do I have to say this. Tracert DOES NOT PING the CMTS or any other system along the path to the destination. You're barking up the wrong tree. |
|
your moderator at work
hidden :
|
EpikosSurpass the Usual or Ordinary Premium Member join:2003-07-27 Vancouver, WA
1 recommendation |
to NOYB
Re: TTL Info From Default GatewayOk. K Patterson spelled it out very clearly for you, and now Im going to try as well.
This is exactly how traceroute works: Tracert determines the path taken to a destination by sending Internet Control Message Protocol (ICMP) Echo Request messages to the destination with incrementally increasing Time to Live (TTL) field values.
Now, do you understand how traceroute works? Is that clear enough? If a router is set to drop ICMP packets, the tracert utility will kick Request Timed Out. This is also referred to as being set to not respond to ping. A ping uses ICMP, and if a router drops ICMP packets, it doesnt ping. If tracert kicks request timed out, its because the router doesnt respond to ping. WHICH IS THE SAME AS SAYING IT IGNORES ICMP.
Now if you'd like us to go into some more detail, please pull your head out of your ass, listen to what we have to say, and maybe you'll get a better understanding of what it is you're actually asking.
If you'd like some more information, please tell us if you have a so/ho router between your computer and your cable modem. That will explain what it is you're seeing in your tracert results. Otherwise, weve answered your question and you dont like the answer weve given.
I'm done. |
|
Epikos
1 recommendation |
to fdbgfdg
He's probably "real good at computers." So of course he already knows the answer to his question. How else could he know we're wrong? |
|
your moderator at work
hidden :
|
|
to fdbgfdg
Re: TTL Info From Default GatewayAgreed. He didn't really even read my response where I acknowledged what he now complains of. |
|
NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
to K Patterson
That is not what you originally stated. Therefore what you originally stated about it being configured not to respond to ping request etc. as being the cause was and is incorrect.
So the question still exists. Why does Comcast have their gateway/router/first hop etc. so configured not to provide TTL expiration info?
What is Comcast trying to hide? |
|
1 edit |
hfdhfd
Anon
2006-Apr-23 7:05 pm
":That is not what you originally stated. Therefore what you originally stated about it being configured not to respond to ping request etc. as being the cause was and is incorrect.
So the question still exists. Why does Comcast have their gateway/router/first hop etc. so configured not to provide TTL expiration info?
What is Comcast trying to hide?"
every one of those questions has been answered already. |
|
dadkinsCan you do Blu? MVM join:2003-09-26 Hercules, CA |
to NOYB
Maybe so some script kiddie can't DDoS the head end and kill your neighborhood?
Doesn't matter anyways... your connection goes through fine - don't trip! |
|
NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
to Epikos
"I'm done."
Good, because my question wasn't about how tracert works as I already know that.
And it's not a troll. It's a legit question I'd wanted and answer to. And knowing how tracert works made it obvious the claims of being configured not to respond to pings was not correct cause. |
|
your moderator at work
hidden :
|
NOYB 1 edit |
to hfdhfd
Re: TTL Info From Default Gatewayevery one of those questions has been answered already.
I fail to see in this thread where my two questions have been correctly answered.
Why does Comcast have their gateway/router/first hop etc. so configured not to provide TTL expiration info?
What is Comcast trying to hide?" |
|
dadkinsCan you do Blu? MVM join:2003-09-26 Hercules, CA
1 recommendation |
to NOYB
Call 1-800-COMCAST and ask them... |
|
2 recommendations |
to NOYB
I am not aware of anything they have to hide.
Many months ago a Comcast engineer stated on this forum that the response to expiring packets was shut off to prevent DDOS attacks, as posted in the very first response to you.
It's their equipment, they can configure it as they wish. No, I don't always agree with what they (and others) do, but it isn't my nickel paying the bills and calling the shots.
If it were configured to respond, it would respond with the IP of the upstream card, not the default gateway. For example, my default gateway is 65.24.124.1 The first hop in a tracert is 10.37.224.1 |
|
scooby Premium Member join:2001-05-01 Schaumburg, IL |
to NOYB
said by NOYB:How many times do I have to say this. Tracert DOES NOT PING the CMTS or any other system along the path to the destination. You're barking up the wrong tree. Windows tracert (traceroute) does ping the hops along the way. Use a real traceroute utility or linux/mac osx traceroute (which uses UDP packets instead of icmp) and you will get a response from it. |
|
NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
NOYB
Premium Member
2006-Apr-23 9:59 pm
"Windows tracert (traceroute) does ping the hops along the way."
Believe this to be not correct. According to documentation as well as sniffer traces Windows XP tracert utility definitely does not ping any device other than the final destination.
Is there a trace rout utility for Windows that uses UDP instead of ICMP? Anyone know of one? |
|
your moderator at work
hidden :
|
StillLearn Premium Member join:2002-03-21 Streamwood, IL 1 edit |
to NOYB
Re: TTL Info From Default GatewayI think you are right about the use of the TTL timeouts by tracert. Standard Ping Plotter has the ability to choose packet types. See » www.pingplotter.com/tuto ··· ngs.htmlIn my standard version of PingPlotter It is Edit->Options>Packet to reach the setting. |
|
NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
to gffdgd
How about showing us a sniffer capture of a Windows tracert to www.yahoo.com. Ill start it off. Heres mine attached. Youll notice there are no ping request to anything other than the destination address 68.142.226.56 (one of the www.yahoo.com addresses). |
|
your moderator at work
hidden :
|