dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
3517

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

NOYB

Premium Member

TTL Info From Default Gateway

Why does the Comcast default gateway not return TTL expiration info so trace route can see it?

1 * * * Request timed out.
2 12 ms 11 ms 11 ms 68.87.218.93
3 11 ms 11 ms 11 ms 68.87.216.49
4 13 ms 11 ms 11 ms 68.87.216.29
5 13 ms 11 ms 14 ms 68.87.216.18
6 11 ms 12 ms 11 ms 68.87.69.146

What is Comcast trying to hide?

dadkins
Can you do Blu?
MVM
join:2003-09-26
Hercules, CA

dadkins

MVM

It's just set to not respond to pings. Mine does it too!

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

NOYB

Premium Member

No, that's not it. It does respond to pings.

Pinging 71.193.176.1 with 32 bytes of data:

Reply from 71.193.176.1: bytes=32 time=8ms TTL=64
Reply from 71.193.176.1: bytes=32 time=10ms TTL=64
Reply from 71.193.176.1: bytes=32 time=12ms TTL=64
Reply from 71.193.176.1: bytes=32 time=10ms TTL=64

Ping statistics for 71.193.176.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 8ms, Maximum = 12ms, Average = 10ms
K Patterson
Premium Member
join:2006-03-12
Columbus, OH

1 recommendation

K Patterson

Premium Member

The first hop in your trace route (assuming you have a modem without a router) is the IP address of the upstream card in the CMTS that supports your upstream. Comcast (and some others) block it from responding to pings, and I've heard that the intent is to prevent DDOS attacks.

There can be and usually are several subnets on a given card, so the card IP is not the same as the default gateway IP.

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

NOYB

Premium Member

First of all do you guys even understand how tracert works? Reason I ask is because you all keep referring to the possibility that the Comcast default gateway/router is configured not to respond to ping requests. There are two problems with this line of thought though.

1) Tracert does not ping the Comcast default gateway/router or any other system along the path to the destination.
2) I know and have shown that the Comcast default gateway/router does respond to pings.

Any other thoughts?

regtrerer
@67.163.x.x

1 edit

regtrerer to NOYB

Anon

to NOYB
"First of all do you guys even understand how tracert works?"

Kpatterson knows how it works, he was pretty correct in saying that first hop isn't your gateway's ip.

Your first hop is set not to respond to pings. That is not your gateway. End of discussion.

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

NOYB

Premium Member

He and you both apparently do not understand out tracert works. Because if you did you wouldn't be saying my first hop is set not to respond to pings as being the cause for tracert not seeing it. As I stated earlier tracert does not ping the gateway/router/first hop or any other hop in the path to the destination. Tracert pings the destination address and ONLY the destination address.

Why do people who don’t have a clue insist on disseminating incorrect and misleading information?
K Patterson
Premium Member
join:2006-03-12
Columbus, OH

1 recommendation

K Patterson to NOYB

Premium Member

to NOYB
Each network segment can support many subnets. I am a RR user, and they allow others access to their network. There are typically 10 subnets visible on the cable at my location.

The default gateways are not physical pieces of equipment. They are IP addresses that are associated with a hardware address in the CMTS. When the TCP/IP stack in your computer wants to send a packet, it first has to learn what physical address to send it do. To do this, it uses a process called ARP to learn the physical address associated with the destination IP. If the eventual destination is not on the subnet, then your TCP/IP stack puts the eventual destination IP in the TCP/IP (layer 3) header, and the physical address of the default gateway in the physical(layer 2) header.

Since there are usually several subnets whose default gateways are associated with a single physical address, the IP that is returned when you do a tracert or ping is not the IP of the default gateway but the IP assigned to the Upstream card in the CMTS. However, since Comcast has configured the CMTS to not respond to tracert/ping in this situation you actually get no response.
K Patterson

K Patterson to NOYB

Premium Member

to NOYB
said by NOYB:

He and you both apparently do not understand out tracert works. Because if you did you wouldn't be saying my first hop is set not to respond to pings as being the cause for tracert not seeing it. As I stated earlier tracert does not ping the gateway/router/first hop or any other hop in the path to the destination. Tracert pings the destination address and ONLY the destination address.

Why do people who don’t have a clue insist on disseminating incorrect and misleading information?
My information is absolutely correct. Yes, tracert (Windows version) sends a series of ICMP packets addressed to the destnation address. The first packet (set of three, normally) has its TTL set to one, the second to 2, etc.

When the TTL goes to zero at a router, the router discards the packet. If the router is configured to inform the sender that the packet has been discarded, the router control program (CPU) is told, and it generates a new packet addressed to the sender.

If it is not so configured, it doesn't.

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

NOYB to K Patterson

Premium Member

to K Patterson
"Comcast has configured the CMTS to not respond to tracert/ping in this situation you actually get no response"

How many times do I have to say this. Tracert DOES NOT PING the CMTS or any other system along the path to the destination. You're barking up the wrong tree.
Expand your moderator at work

Epikos
Surpass the Usual or Ordinary
Premium Member
join:2003-07-27
Vancouver, WA

1 recommendation

Epikos to NOYB

Premium Member

to NOYB

Re: TTL Info From Default Gateway

Ok. K Patterson spelled it out very clearly for you, and now I’m going to try as well.

This is exactly how traceroute works:
Tracert determines the path taken to a destination by sending Internet Control Message Protocol (ICMP) Echo Request messages to the destination with incrementally increasing Time to Live (TTL) field values.

Now, do you understand how traceroute works? Is that clear enough? If a router is set to drop ICMP packets, the tracert utility will kick Request Timed Out. This is also referred to as being set to “not respond to ping”. A ping uses ICMP, and if a router drops ICMP packets, it doesn’t ping. If tracert kicks request timed out, its because the router doesn’t respond to ping. WHICH IS THE SAME AS SAYING IT IGNORES ICMP.

Now if you'd like us to go into some more detail, please pull your head out of your ass, listen to what we have to say, and maybe you'll get a better understanding of what it is you're actually asking.

If you'd like some more information, please tell us if you have a so/ho router between your computer and your cable modem. That will explain what it is you're seeing in your tracert results. Otherwise, we’ve answered your question and you don’t like the answer we’ve given.

I'm done.
Epikos

1 recommendation

Epikos to fdbgfdg

Premium Member

to fdbgfdg
He's probably "real good at computers." So of course he already knows the answer to his question. How else could he know we're wrong?
Expand your moderator at work
K Patterson
Premium Member
join:2006-03-12
Columbus, OH

K Patterson to fdbgfdg

Premium Member

to fdbgfdg

Re: TTL Info From Default Gateway

Agreed. He didn't really even read my response where I acknowledged what he now complains of.

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

NOYB to K Patterson

Premium Member

to K Patterson
That is not what you originally stated. Therefore what you originally stated about it being configured not to respond to ping request etc. as being the cause was and is incorrect.

So the question still exists. Why does Comcast have their gateway/router/first hop etc. so configured not to provide TTL expiration info?

What is Comcast trying to hide?

hfdhfd
@67.163.x.x

1 edit

hfdhfd

Anon

":That is not what you originally stated. Therefore what you originally stated about it being configured not to respond to ping request etc. as being the cause was and is incorrect.

So the question still exists. Why does Comcast have their gateway/router/first hop etc. so configured not to provide TTL expiration info?

What is Comcast trying to hide?"

every one of those questions has been answered already.

dadkins
Can you do Blu?
MVM
join:2003-09-26
Hercules, CA

dadkins to NOYB

MVM

to NOYB
Maybe so some script kiddie can't DDoS the head end and kill your neighborhood?

Doesn't matter anyways... your connection goes through fine - don't trip!

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

NOYB to Epikos

Premium Member

to Epikos
"I'm done."

Good, because my question wasn't about how tracert works as I already know that.

And it's not a troll. It's a legit question I'd wanted and answer to. And knowing how tracert works made it obvious the claims of being configured not to respond to pings was not correct cause.
Expand your moderator at work
NOYB

1 edit

NOYB to hfdhfd

Premium Member

to hfdhfd

Re: TTL Info From Default Gateway

“every one of those questions has been answered already. ”

I fail to see in this thread where my two questions have been correctly answered.

Why does Comcast have their gateway/router/first hop etc. so configured not to provide TTL expiration info?

What is Comcast trying to hide?"

dadkins
Can you do Blu?
MVM
join:2003-09-26
Hercules, CA

1 recommendation

dadkins to NOYB

MVM

to NOYB
Call 1-800-COMCAST and ask them...
K Patterson
Premium Member
join:2006-03-12
Columbus, OH

2 recommendations

K Patterson to NOYB

Premium Member

to NOYB
I am not aware of anything they have to hide.

Many months ago a Comcast engineer stated on this forum that the response to expiring packets was shut off to prevent DDOS attacks, as posted in the very first response to you.

It's their equipment, they can configure it as they wish. No, I don't always agree with what they (and others) do, but it isn't my nickel paying the bills and calling the shots.

If it were configured to respond, it would respond with the IP of the upstream card, not the default gateway. For example, my default gateway is 65.24.124.1 The first hop in a tracert is 10.37.224.1

scooby
Premium Member
join:2001-05-01
Schaumburg, IL

scooby to NOYB

Premium Member

to NOYB
said by NOYB:

How many times do I have to say this. Tracert DOES NOT PING the CMTS or any other system along the path to the destination. You're barking up the wrong tree.
Windows tracert (traceroute) does ping the hops along the way. Use a real traceroute utility or linux/mac osx traceroute (which uses UDP packets instead of icmp) and you will get a response from it.

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

NOYB

Premium Member

"Windows tracert (traceroute) does ping the hops along the way."

Believe this to be not correct. According to documentation as well as sniffer traces Windows XP tracert utility definitely does not ping any device other than the final destination.

Is there a trace rout utility for Windows that uses UDP instead of ICMP? Anyone know of one?
Expand your moderator at work

StillLearn
Premium Member
join:2002-03-21
Streamwood, IL

1 edit

StillLearn to NOYB

Premium Member

to NOYB

Re: TTL Info From Default Gateway

I think you are right about the use of the TTL timeouts by tracert.

Standard Ping Plotter has the ability to choose packet types. See »www.pingplotter.com/tuto ··· ngs.html
In my standard version of PingPlotter It is Edit->Options>Packet to reach the setting.

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

NOYB to gffdgd

Premium Member

to gffdgd
TraceRt.txt
17,050 bytes
WinXP Trace Route
How about showing us a sniffer capture of a Windows tracert to www.yahoo.com.

I’ll start it off. Here’s mine attached.

You’ll notice there are no ping request to anything other than the destination address 68.142.226.56 (one of the www.yahoo.com addresses).
Expand your moderator at work