Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
511
Views
1
Helpful
3
Replies

Traceroute isn't working on a barebones network with three 3850s

Go to solution
BruteForce
Level 1
Level 1

‎03-10-2023 01:56 PM

I'm having some traceroute issues on a live network so I set up a super simple lab and traceroute still isn't working even though I can ping across the whole network and use 'ip route x.x.x.x' to see how routes are known.

I have a DN1 which connects to CN1; both use a p2p link on port gi1/0/23. CN1 also connects to DN2; another p2p link and both use gi1/0/24. Here's some configs. I don't have any ACLs set. No VRFs either. 
-----
-CN1's router ospf 1.

router ospf 1
router-id 10.10.10.1
passive-interface default
no passive-interface GigabitEthernet1/0/23
no passive-interface GigabitEthernet1/0/24
network 10.10.10.1 0.0.0.0 area 0

-interface GigabitEthernet1/0/23
description Uplink1_To_DN1
no switchport
ip address 20.20.20.1 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf network point-to-point
ip ospf 1 area 0
end


-interface GigabitEthernet1/0/24
no switchport
ip address 20.20.20.5 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf network point-to-point
ip ospf 1 area 0
end

-CN1_Lab#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

10.0.0.0/32 is subnetted, 3 subnets
C 10.10.10.1 is directly connected, Loopback1
O 10.10.10.2 [110/2] via 20.20.20.2, 22:15:14, GigabitEthernet1/0/23
O 10.10.10.3 [110/2] via 20.20.20.6, 22:11:19, GigabitEthernet1/0/24
20.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 20.20.20.0/30 is directly connected, GigabitEthernet1/0/23
L 20.20.20.1/32 is directly connected, GigabitEthernet1/0/23
C 20.20.20.4/30 is directly connected, GigabitEthernet1/0/24
L 20.20.20.5/32 is directly connected, GigabitEthernet1/0/24

-CN1_Lab#sh ip ospf database

OSPF Router with ID (10.10.10.1) (Process ID 1)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count
10.10.10.1 10.10.10.1 1648 0x8000005C 0x006B97 5
10.10.10.2 10.10.10.2 1254 0x8000003E 0x007F5E 3
10.10.10.3 10.10.10.3 1339 0x8000003F 0x006869 3

-----

Here's the same info for DN1.

-DN1_Lab#sh run | s router
router ospf 1
router-id 10.10.10.2
passive-interface default
no passive-interface GigabitEthernet1/0/23
network 10.10.10.2 0.0.0.0 area 0

-interface GigabitEthernet1/0/23
description CN1_P2P1
no switchport
ip address 20.20.20.2 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf network point-to-point
ip ospf 1 area 0
end

 

-DN1_Lab#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

10.0.0.0/32 is subnetted, 3 subnets
O 10.10.10.1 [110/2] via 20.20.20.1, 22:19:00, GigabitEthernet1/0/23
C 10.10.10.2 is directly connected, Loopback1
O 10.10.10.3 [110/3] via 20.20.20.1, 22:15:00, GigabitEthernet1/0/23
20.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 20.20.20.0/30 is directly connected, GigabitEthernet1/0/23
L 20.20.20.2/32 is directly connected, GigabitEthernet1/0/23
O 20.20.20.4/30 [110/2] via 20.20.20.1, 22:19:00, GigabitEthernet1/0/23

-DN1_Lab#sh ip ospf database

OSPF Router with ID (10.10.10.2) (Process ID 1)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count
10.10.10.1 10.10.10.1 1860 0x8000005C 0x006B97 5
10.10.10.2 10.10.10.2 1464 0x8000003E 0x007F5E 3
10.10.10.3 10.10.10.3 1551 0x8000003F 0x006869 3

-----

Same info for DN2.

-interface GigabitEthernet1/0/24
description Uplink1_To_CN1
no switchport
ip address 20.20.20.6 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf network point-to-point
ip ospf 1 area 0
end

-router ospf 1
router-id 10.10.10.3
passive-interface default
no passive-interface GigabitEthernet1/0/24
network 10.10.10.3 0.0.0.0 area 0

-DN2_Lab#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, m - OMP
n - NAT, Ni - NAT inside, No - NAT outside, Nd - NAT DIA
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
H - NHRP, G - NHRP registered, g - NHRP registration summary
o - ODR, P - periodic downloaded static route, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

10.0.0.0/32 is subnetted, 3 subnets
O 10.10.10.1 [110/2] via 20.20.20.5, 22:17:25, GigabitEthernet1/0/24
O 10.10.10.2 [110/3] via 20.20.20.5, 22:17:25, GigabitEthernet1/0/24
C 10.10.10.3 is directly connected, Loopback1
20.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O 20.20.20.0/30 [110/2] via 20.20.20.5, 22:17:25, GigabitEthernet1/0/24
C 20.20.20.4/30 is directly connected, GigabitEthernet1/0/24
L 20.20.20.6/32 is directly connected, GigabitEthernet1/0/24

-DN2_Lab#sh ip ospf database

OSPF Router with ID (10.10.10.3) (Process ID 1)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count
10.10.10.1 10.10.10.1 35 0x8000005D 0x006998 5
10.10.10.2 10.10.10.2 1613 0x8000003E 0x007F5E 3
10.10.10.3 10.10.10.3 1696 0x8000003F 0x006869 3

-----

So now if I'm on DN1 and I do a traceroute to DN2, I should see my first hop (hit the CN), then the DN. For some reason the traceroute doesn't work, and here is the output.

-DN1_Lab#traceroute 20.20.20.6
Type escape sequence to abort.
Tracing the route to 20.20.20.6
VRF info: (vrf in name/id, vrf out name/id)
1 20.20.20.1 2 msec 1 msec 1 msec
2 * * *
3 * * *
4 * * *

Here's the output for sh ip route x.x.x.x, and it looks correct as far as i can tell.

-DN1_Lab#sh ip route 20.20.20.6
Routing entry for 20.20.20.4/30
Known via "ospf 1", distance 110, metric 2, type intra area
Last update from 20.20.20.1 on GigabitEthernet1/0/23, 23:17:31 ago
Routing Descriptor Blocks:
* 20.20.20.1, from 10.10.10.1, 23:17:31 ago, via GigabitEthernet1/0/23
Route metric is 2, traffic share count is 1

-----

Interestingly, if I go to the "CN" and do a traceroute to a DN, like the other end of the point-to-point, traceroute doesn't display anything at all. At least I see the first hop on a DN when doing a traceroute to another DN. Does anyone know where I can even begin to troubleshoot this?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎03-11-2023 09:45 AM

I initially assumed that this was some sort of routing issue. But the routing is quite correct. The reason that traceroute does not work is because you have configured no ip unreachables on the interfaces. The way that traceroute works is that when you get to the destination it responds with a message indicating the destination port is unreachable. But you prevent the unreachable message from being sent.

HTH

Rick

View solution in original post

3 Replies 3

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎03-11-2023 09:45 AM

I initially assumed that this was some sort of routing issue. But the routing is quite correct. The reason that traceroute does not work is because you have configured no ip unreachables on the interfaces. The way that traceroute works is that when you get to the destination it responds with a message indicating the destination port is unreachable. But you prevent the unreachable message from being sent.

HTH

Rick

Go to solution
BruteForce
Level 1
Level 1
In response to Richard Burts

‎03-13-2023 07:57 AM

Thank you, this makes sense. I tested it out on my lab too. I had to do a deeper dive into traceroute to see exactly how it works but now I'm better for it. 

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to BruteForce

‎03-14-2023 11:47 PM

I am glad that my explanation was helpful and that now you have a better understanding of traceroute. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents