traceroute/udp issue
Chris Johnson
wacky at wacky.ws
Fri Feb 11 18:36:17 GMT 2005
My laptop can not seem to traceroute using nat. I am running ipnat on 4.11-stable (code is new as of today) My router is running the same. I cant seem to traceroute using udp, if i -P icmp it will work fine. I have no ipfw rules blocking this and have tried with 0 firewall rules and still got nothing. Below is a few outputs from tcpdump and my ipnat.rules. Thanks
I ran a traceroute to google.com from my laptop, below are the outputs of tcpdump -i <interface> udp from while the trace was running.
Also note that i have net.inet.ip.stealth enabled so you wont see the first hop from my laptop to my router. But i have tried disabling this and it does not make a difference. Also i can traceroute fine from the router itself and from another box behind the router. Also i wanted to add that the laptop also has a public ip address along with ipv6 and when i -s public_addy i can trace fine. The router itself also runs zebra/bgpd.
The Traceroute
traceroute to google.com (216.239.57.99), 64 hops max, 44 byte packets
1 * * *
2 * * *
3 * * *
4 * *^C
Laptop during traceroute
tcpdump: listening on ed1
13:12:06.536437 1.10.8.2.33566 > 216.239.39.99.33439: udp 16
13:12:06.958107 bleh.wacky.ws.2195 > ns1.wacky.ws.domain: 28002+ PTR? 99.39.239.216.inaddr.arpa. (44)
13:12:07.065390 ns1.wacky.ws.domain > bleh.wacky.ws.2195: 28002 NXDomain 0/1/0 (104)
13:12:07.066478 bleh.wacky.ws.3651 > ns1.wacky.ws.domain: 28003+ PTR? 2.8.10.1.in-addr.arpa. (39)
13:12:07.067610 ns1.wacky.ws.domain > bleh.wacky.ws.3651: 28003 NXDomain 0/1/0 (103)
13:12:08.066818 bleh.wacky.ws.3495 > ns1.wacky.ws.domain: 28004+ PTR? 11.97.130.67.in-addr.arpa. (43)
13:12:08.068268 ns1.wacky.ws.domain > bleh.wacky.ws.3495: 28004 1/2/2 (145)
13:12:08.068920 bleh.wacky.ws.3673 > ns1.wacky.ws.domain: 28005+ PTR? 10.97.130.67.in-addr.arpa. (43)
13:12:08.070104 ns1.wacky.ws.domain > bleh.wacky.ws.3673: 28005 1/2/2 (149)
13:12:11.546509 1.10.8.2.33566 > 216.239.39.99.33440: udp 16
Router during traceroute
tcpdump: listening on rl0
13:14:49.078748 ma-rockland-cuda1h-204.albyny.adelphia.net.33568 > 216.239.39.99.33439: udp 16 [ttl 1]
13:14:49.159051 ma-rockland-cuda1h-204.albyny.adelphia.net.1282 > nscache1.albyny.adelphia.net.domain: 60589+ PTR? 99.39.239.216.in-addr.arpa. (44)
13:14:49.235372 nscache1.albyny.adelphia.net.domain > ma-rockland-cuda1h-204.albyny.adelphia.net.1282: 60589 NXDomain 0/1/0 (104) (DF)
13:14:49.235751 ma-rockland-cuda1h-204.albyny.adelphia.net.4579 > nscache1.albyny.adelphia.net.domain: 60590+ PTR? 201.103.164.69.in-addr.arpa. (45)
13:14:49.255934 nscache1.albyny.adelphia.net.domain > ma-rockland-cuda1h-204.albyny.adelphia.net.4579: 60590 1/3/3 (203) (DF)
13:14:50.256171 ma-rockland-cuda1h-204.albyny.adelphia.net.4785 > nscache1.albyny.adelphia.net.domain: 60591+ PTR? 2.96.168.68.in-addr.arpa. (42)
13:14:50.278134 nscache1.albyny.adelphia.net.domain > ma-rockland-cuda1h-204.albyny.adelphia.net.4785: 60591 1/3/3 PTR[|domain] (DF)
13:14:54.086174 ma-rockland-cuda1h-204.albyny.adelphia.net.33568 > 216.239.39.99.33440: udp 16 [ttl 1]
ifconfig output oflaptop
ed1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 1.10.8.2 netmask 0xffffff00 broadcast 1.10.8.255
inet6 fe80::204:5aff:fea1:f7cf%ed1 prefixlen 64 scopeid 0x6
inet6 2001:x:x::x prefixlen 48
inet x.x.x.x netmask 0xff000000 broadcast 67.255.255.255
ether 00:04:5a:a1:f7:cf
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
ipnat.rules from the router
map rl0 1.10.8.0/24 -> 0.0.0.0/32
Thank you
--
Christopher Johnson - <wacky at wacky.ws>
More information about the freebsd-questions
mailing list