A friend of mine who has SuSE 10.1 and a Linksys router (I think an older BEFSR41) is complaining that either the router or Linux is blocking traceroute. I have both SuSE 10.0 and SuSE 10.1 and a newer Linksys router and traceroute from my systems through the router work fine. I know that he allows ICMP, and he can successfully ping other systems, but traceroute simply stops at the router. However he can successfully do a traceroute from a Windows box. -- Jerry Feldman <gaf@blu.org> Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
Jerry Feldman wrote:
A friend of mine who has SuSE 10.1 and a Linksys router (I think an older BEFSR41) is complaining that either the router or Linux is blocking traceroute. I have both SuSE 10.0 and SuSE 10.1 and a newer Linksys router and traceroute from my systems through the router work fine.
I know that he allows ICMP, and he can successfully ping other systems, but traceroute simply stops at the router. However he can successfully do a traceroute from a Windows box.
If he can traceroute from Windows,then the problem is likely not the router. This is where ethereal comes in handy.
On Tuesday, 30 May 2006 12:41, Jerry Feldman wrote:
I know that he allows ICMP, and he can successfully ping other systems, but traceroute simply stops at the router. However he can successfully do a traceroute from a Windows box.
Windows tracert differs from *nix traceroute. Windows uses ICMP packets. Unix variants use a UDP packet with a port set to a high number (typically 33435). Check to see what UDP ports are allowed in and out.
On Tuesday 30 May 2006 1:52 pm, Sargon wrote:
On Tuesday, 30 May 2006 12:41, Jerry Feldman wrote:
I know that he allows ICMP, and he can successfully ping other systems, but traceroute simply stops at the router. However he can successfully do a traceroute from a Windows box.
Windows tracert differs from *nix traceroute.
Windows uses ICMP packets. Unix variants use a UDP packet with a port set to a high number (typically 33435).
Check to see what UDP ports are allowed in and out. Actually, the default port is UDP 33434. I had him open that port up in his router. I didn't realize that Windows traceroute uses ICMP. In any case, I'll have him take a look with ethereal. -- Jerry Feldman <gaf@blu.org> Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
On Tuesday 30 May 2006 14:23, Jerry Feldman wrote:
Actually, the default port is UDP 33434. I had him open that port up in his router. I didn't realize that Windows traceroute uses ICMP. In any case, I'll have him take a look with ethereal.
Have you tried mtr, Jerry? Example: ~> /usr/sbin/mtr www.google.com My ISP's routers are configured to defeat *nix traceroute... very uninformative. But mtr cuts right through that garbage every time. Try it, you'll like it! ;-) Carl
On Tuesday, 30 May 2006 13:23, Jerry Feldman wrote:
Actually, the default port is UDP 33434.
Oops. Yep. Sorry about that. <mumbling about Monday mornings and not enough caffeine>
I had him open that port up in his router. I didn't realize that Windows traceroute uses ICMP. In any case, I'll have him take a look with ethereal.
Once he opens that port, things should work. But a check with Ethereal is always recommended.
On Tuesday 30 May 2006 2:32 pm, Sargon wrote:
On Tuesday, 30 May 2006 13:23, Jerry Feldman wrote:
Actually, the default port is UDP 33434.
Oops. Yep. Sorry about that.
<mumbling about Monday mornings and not enough caffeine>
I had him open that port up in his router. I didn't realize that Windows traceroute uses ICMP. In any case, I'll have him take a look with ethereal.
Once he opens that port, things should work. But a check with Ethereal is always recommended. He said he did open that port on my suggestion, but I am not even sure he did that properly. I'll have him run ethereal and also try mtr. -- Jerry Feldman <gaf@blu.org> Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
Sargon wrote:
On Tuesday, 30 May 2006 12:41, Jerry Feldman wrote:
I know that he allows ICMP, and he can successfully ping other systems, but traceroute simply stops at the router. However he can successfully do a traceroute from a Windows box.
Windows tracert differs from *nix traceroute.
Windows uses ICMP packets. Unix variants use a UDP packet with a port set to a high number (typically 33435).
Check to see what UDP ports are allowed in and out.
How does Windows use ICMP for traceroute? Traceroute depends on the error message generated when "time to live" expires. Error messages are not supposed to be generated for ICMP packets.
On Tuesday, 30 May 2006 13:25, James Knott wrote:
How does Windows use ICMP for traceroute? Traceroute depends on the error message generated when "time to live" expires. Error messages are not supposed to be generated for ICMP packets.
Windows sens out an ICMP packet with a TTL of 1, and increments every succeeding packet by 1 until it receives an ICMP type 0, code 0 (ICMP reply). For more info, check out Cisco's Web site (I think this is viewable by those without an Cisco account). http://www.cisco.com/warp/public/105/traceroute.shtml#gen
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2006-05-30 at 13:41 -0400, Jerry Feldman wrote:
A friend of mine who has SuSE 10.1 and a Linksys router (I think an older BEFSR41) is complaining that either the router or Linux is blocking traceroute. I have both SuSE 10.0 and SuSE 10.1 and a newer Linksys router and traceroute from my systems through the router work fine.
I know that he allows ICMP, and he can successfully ping other systems, but traceroute simply stops at the router.
I have the same behaviour from my SuSE 9.3 to my 7.3 through my Comtrend 536+: I can not traceroute from one to the other, although ping works perfectly. I have not tried tracing an external server... wait... yes, that one works, I just traced to lists.suse.com in 14 hops.
However he can successfully do a traceroute from a Windows box.
That I haven't tried - after all, I boot windows about once per quarter... - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFEfI5FtTMYHG2NR9URArnWAJ9896tojhrxKcenMYRe5/N76d3MWwCeNoxC OkWjqcgB9EueiP6UdOKMZFc= =MEbh -----END PGP SIGNATURE-----
On Tuesday 30 May 2006 2:26 pm, Carlos E. R. wrote:
That I haven't tried - after all, I boot windows about once per quarter... I don't think I have booted Windows that often at home. I think that when I decide to put SuSE 10.1 on my desktop box, I'll just wipe out Windows. -- Jerry Feldman <gaf@blu.org> Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2006-05-30 at 14:30 -0400, Jerry Feldman wrote:
On Tuesday 30 May 2006 2:26 pm, Carlos E. R. wrote:
That I haven't tried - after all, I boot windows about once per quarter... I don't think I have booted Windows that often at home. I think that when I decide to put SuSE 10.1 on my desktop box, I'll just wipe out Windows.
I can't. There are certain apps, like tax software, that do not run in Linux. - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFEfJIetTMYHG2NR9URApCDAJoClTqq08oMzHnUXe2FdoY/HX2PRQCeNl9i pBIU31fGP8r+kFWyYdtMg5E= =8H/T -----END PGP SIGNATURE-----
On Tuesday 30 May 2006 2:42 pm, Carlos E. R. wrote:
The Tuesday 2006-05-30 at 14:30 -0400, Jerry Feldman wrote:
On Tuesday 30 May 2006 2:26 pm, Carlos E. R. wrote:
That I haven't tried - after all, I boot windows about once per quarter...
I don't think I have booted Windows that often at home. I think that when I decide to put SuSE 10.1 on my desktop box, I'll just wipe out Windows.
I can't. There are certain apps, like tax software, that do not run in Linux. Actually, some tax routines do run under Crossover Office. But, I do understand.
-- Jerry Feldman <gaf@blu.org> Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2006-05-30 at 15:07 -0400, Jerry Feldman wrote:
I can't. There are certain apps, like tax software, that do not run in Linux. Actually, some tax routines do run under Crossover Office. But, I do understand.
I don't live in the states, remember ;-) - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFEfJ1VtTMYHG2NR9URAgEkAJ9svZdwSCQniXVk5xCGxq6W0GavKQCfaSiR lj+Jl8R3svs1ZADlJeSh77w= =cGMl -----END PGP SIGNATURE-----
On Tuesday 30 May 2006 3:30 pm, Carlos E. R. wrote:
The Tuesday 2006-05-30 at 15:07 -0400, Jerry Feldman wrote:
I can't. There are certain apps, like tax software, that do not run in Linux.
Actually, some tax routines do run under Crossover Office. But, I do understand.
I don't live in the states, remember ;-) Have you tried testing them under cxoffice?
-- Jerry Feldman <gaf@blu.org> Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2006-05-30 at 15:36 -0400, Jerry Feldman wrote:
Have you tried testing them under cxoffice?
No, wine, and no go: it has some access databases, I think. It is really simpler to boot up windows for the time, I don't care that much. One of these years perhaps we will get tax software in linux here. Who knows! - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFEfMWTtTMYHG2NR9URAqY5AJ9xu/G8OOTiXNeIkhxE7qxu321B5ACdH5pb TqqDIfQo6DidB3I5MfZlE6c= =ERaF -----END PGP SIGNATURE-----
On Tuesday 30 May 2006 6:22 pm, Carlos E. R. wrote:
No, wine, and no go: it has some access databases, I think. It is really simpler to boot up windows for the time, I don't care that much. One of these years perhaps we will get tax software in linux here. Who knows! Probably. Fortunately, VM systems are starting to become very viable with Xen, free versions of VMWare, and the the new on-chip virtualization. Xen, today, is still quite limited though. -- Jerry Feldman <gaf@blu.org> Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
On Tue, 2006-05-30 at 15:36 -0400, Jerry Feldman wrote:
On Tuesday 30 May 2006 3:30 pm, Carlos E. R. wrote:
The Tuesday 2006-05-30 at 15:07 -0400, Jerry Feldman wrote:
I can't. There are certain apps, like tax software, that do not run in Linux.
Actually, some tax routines do run under Crossover Office. But, I do understand.
I don't live in the states, remember ;-) Have you tried testing them under cxoffice?
I have tested them and they -don't-work, they might install but they don't run. -- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998
On Tuesday 30 May 2006 13:41, Jerry Feldman wrote:
A friend of mine who has SuSE 10.1 and a Linksys router (I think an older BEFSR41) is complaining that either the router or Linux is blocking traceroute. I have both SuSE 10.0 and SuSE 10.1 and a newer Linksys router and traceroute from my systems through the router work fine.
I know that he allows ICMP, and he can successfully ping other systems, but traceroute simply stops at the router. However he can successfully do a traceroute from a Windows box.
Hmm funny you should mention this.... I have a bunch of routers, Linksys, Dlink and an expensive Xincom. Traceroute works fine on all the routers but the Xincom. Nothing comes back from the traceroute or at least it's all * * * * * HOWEVER........ even when the Xincom is in place, if you do a traceroute from either a Windows machine connected to the same router, OR a windows machine running under VMWare within a linux machine where traceroute is failing, the windows traceroute will work!! Strange.... but if you can do it, have your friend try a Windows machine or maybe some other operating system behind the same router. It is something within Linux that doesn't like what the router is doing to traceroute. I've investigated it a little bit but not exhaustively. Maybe someone here has a clue.
participants (7)
-
Bruce Marshall -
Carl Hartung -
Carlos E. R. -
James Knott -
Jerry Feldman -
Ken Schneider -
Sargon