Tony Nugent wrote:
>
> On Tue Aug 29 2000 at 20:14, John Sage wrote:
>
Thanks ;-) Done, I think..
>
> > > When I traceroute to DNS4.CP.MSFT.NET then
> > >
> > > 12 194.ATM4-0.GW3.SEA1.ALTER.NET (146.188.201.29) 348.981 ms * 347.277 ms
> > > 13 157.130.177.154 (157.130.177.154) 389.490 ms * *
> > > 14 207.46.129.14 (207.46.129.14) 397.272 ms * *
> > > 15 * * *
> > > 16 * * *
> > > 17 * * *
> > > 18 * * *
> >
> > This is very interesting. When I do a traceroute, I get where we are
> > wanting to go, and when I look at your results, you're getting one hop
> > away before it goes dead. The next hop after 207.46.129.14 is
> > dns5.cp.msft.net at 207.46.138.12 -- this seems *very* odd.
>
> This is exactly what you see when you attempt to traceroute through
> a network (using ttl as a "hop count"), but the routers are refusing
> (or can't) reply to the originating host.
In this context, are the "routers" out at 207.46.129.14?
I was wondering if this is what I was inferring from the traceroute, but
why would Arshad's packets be dropped, while mine and other's are being
accepted?
> One example is when the unidentified routers are firewalls and/or
> have no public IP addresses (only private, internet-unroutable IPs)
> on any of their network interfaces.
Or are the "routers" back at Arshad's and this is a firewalling issue at
his end?
We haven't gotten as far as to determine if *anything* is working, or
what is working, if some connections are..
Kind of going about this bass-ackwards, as usual for these sorts of
posts..
> It is not all that unusual to make routers secure by denying direct
> access to them by anything from outside the internal network, by not
> giving them publically accessible IP numbers on any of their
> interfaces. They can still merrily route packets, no problem.
> (Neat trick, works very well).
Or, to change ends as it were, do you think this is a configuration
issue at 207.46.129.14? Is there something about Arshad's source
addresses that's getting them dropped?
> Cheers
> Tony
> -=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-
> Tony Nugent <Tony@growzone.com.au> Systems Administrator, RHCE
> GrowZone OnLine (a project of) GrowZone Development Network
> POBox 475 Toowoomba Oueensland Australia 4350 Ph: 07 4637 8322
> -=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-
- John
-- John Sage FinchHaven, Vashon Island, WA, USA http://www.finchhaven.com/ mailto:jsage@finchhaven.com And remember: it's spelled l-i-n-u-x but it's pronounced "Linux" - To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org
This archive was generated by hypermail 2b29 : Thu Aug 31 2000 - 21:00:31 EST