traceroute/udp issue

[Chris Johnson]

My laptop can not seem to traceroute using nat. I am running ipnat on 4.11-stable (code is new as of today) My router is running the same. I cant seem to traceroute using udp, if i -P icmp it will work fine. I have no ipfw rules blocking this and have tried with 0 firewall rules and still got nothing. Below is a few outputs from tcpdump and my ipnat.rules. Thanks


I ran a traceroute to google.com from my laptop, below are the outputs of tcpdump -i <interface> udp from while the trace was running.
Also note that i have net.inet.ip.stealth enabled so you wont see the first hop from my laptop to my router. But i have tried disabling this and it does not make a difference. Also i can traceroute fine from the router itself and from another box behind the router. Also i wanted to add that the laptop also has a public ip address along with ipv6 and when i -s public_addy i can trace fine. The router itself also runs zebra/bgpd.

The Traceroute 

traceroute to google.com (216.239.57.99), 64 hops max, 44 byte packets
 1  * * *
 2  * * *
 3  * * *
 4  * *^C



Laptop during traceroute

tcpdump: listening on ed1
13:12:06.536437 1.10.8.2.33566 > 216.239.39.99.33439: udp 16
13:12:06.958107 bleh.wacky.ws.2195 > ns1.wacky.ws.domain:  28002+ PTR? 99.39.239.216.inaddr.arpa. (44)
13:12:07.065390 ns1.wacky.ws.domain > bleh.wacky.ws.2195:  28002 NXDomain 0/1/0 (104)
13:12:07.066478 bleh.wacky.ws.3651 > ns1.wacky.ws.domain:  28003+ PTR? 2.8.10.1.in-addr.arpa. (39)
13:12:07.067610 ns1.wacky.ws.domain > bleh.wacky.ws.3651:  28003 NXDomain 0/1/0 (103)
13:12:08.066818 bleh.wacky.ws.3495 > ns1.wacky.ws.domain:  28004+ PTR? 11.97.130.67.in-addr.arpa. (43)
13:12:08.068268 ns1.wacky.ws.domain > bleh.wacky.ws.3495:  28004 1/2/2 (145)
13:12:08.068920 bleh.wacky.ws.3673 > ns1.wacky.ws.domain:  28005+ PTR? 10.97.130.67.in-addr.arpa. (43)
13:12:08.070104 ns1.wacky.ws.domain > bleh.wacky.ws.3673:  28005 1/2/2 (149)
13:12:11.546509 1.10.8.2.33566 > 216.239.39.99.33440: udp 16

Router during traceroute


tcpdump: listening on rl0
13:14:49.078748 ma-rockland-cuda1h-204.albyny.adelphia.net.33568 > 216.239.39.99.33439: udp 16 [ttl 1]
13:14:49.159051 ma-rockland-cuda1h-204.albyny.adelphia.net.1282 > nscache1.albyny.adelphia.net.domain:  60589+ PTR? 99.39.239.216.in-addr.arpa. (44)
13:14:49.235372 nscache1.albyny.adelphia.net.domain > ma-rockland-cuda1h-204.albyny.adelphia.net.1282:  60589 NXDomain 0/1/0 (104) (DF)
13:14:49.235751 ma-rockland-cuda1h-204.albyny.adelphia.net.4579 > nscache1.albyny.adelphia.net.domain:  60590+ PTR? 201.103.164.69.in-addr.arpa. (45)
13:14:49.255934 nscache1.albyny.adelphia.net.domain > ma-rockland-cuda1h-204.albyny.adelphia.net.4579:  60590 1/3/3 (203) (DF)
13:14:50.256171 ma-rockland-cuda1h-204.albyny.adelphia.net.4785 > nscache1.albyny.adelphia.net.domain:  60591+ PTR? 2.96.168.68.in-addr.arpa. (42)
13:14:50.278134 nscache1.albyny.adelphia.net.domain > ma-rockland-cuda1h-204.albyny.adelphia.net.4785:  60591 1/3/3 PTR[|domain] (DF)
13:14:54.086174 ma-rockland-cuda1h-204.albyny.adelphia.net.33568 > 216.239.39.99.33440: udp 16 [ttl 1]



ifconfig output oflaptop

ed1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 1.10.8.2 netmask 0xffffff00 broadcast 1.10.8.255
        inet6 fe80::204:5aff:fea1:f7cf%ed1 prefixlen 64 scopeid 0x6 
        inet6 2001:x:x::x prefixlen 48 
        inet x.x.x.x netmask 0xff000000 broadcast 67.255.255.255
        ether 00:04:5a:a1:f7:cf
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active


ipnat.rules from the router

map rl0 1.10.8.0/24 -> 0.0.0.0/32

Thank you
-- 
Christopher Johnson - <wacky at wacky.ws>