Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1774
Views
10
Helpful
2
Replies

Debug Traceroute: Port unreachable

Go to solution
Kevin18
Level 1
Level 1

‎02-10-2023 05:12 AM - last edited on ‎02-12-2023 10:04 PM by Community Manager

Hello

My Assignment is: Use

traceroute and debug (standby)

commands to verify your network functionality.

So I use the command

debug ip icmp.

After that

traceroute 221.221.221.254(Destination IP).

Screenshot 2023-02-10 135927.png

The port is unreachable. But if I use "ping 221.221.221.254", it is working.

Kevin18_0-1676034315009.png

Here is my network

Kevin18_1-1676034409019.png

How can I solve this problem? If u need any other information, just tell me.

Thank you

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎02-10-2023 08:50 PM - last edited on ‎02-12-2023 10:06 PM by Community Manager

Hey Kevin,

Your network is working properly and what you see in

 debug ip icmp

is perfectly expected.

The traceroute tool has a gotcha: How does it know that it finally reached the end destination and can stop running (terminate)? It can detect the intermediary routers by sending out packets with TTL 1, displaying the incoming ICMP TTL Exceeded messages, and progressively increasing the TTL - that's all okay. But the end destination may have multiple IP addresses and may decide to respond from a different IP address than the one you're performing traceroute to. If your termination detection for traceroute was based on expecting a response from the same IP address you're doing traceroute to, you could end up with the traceroute never terminating.

So traceroute uses a different trick: It sends out UDP segments destined to high ports that are very likely closed on the destination device (no process is listening on them), and of course, it packages those UDP segments into IP packets with gradually increasing TTL. By definition, UDP payload is never processed on intermediary devices, only on the destination host. Intermediary routers do not process UDP payload. Only when the IP packets arrive at their true destination when their TTL is high enough, the destination host starts processing the UDP segments inside them, but when it finds out they are destined to a closed UDP port, it will send back an ICMP Port Unreachable message.

So the traceroute implementation you're looking at is expecting two types of ICMP messages to come back:

  • ICMP TTL Exceeded messages come from intermediary routers and indicate to traceroute it needs to keep running and increasing the TTL
  • ICMP Port Unreachable messages come from the final destination and signal traceroute that the TTL is sufficient and it can stop

Hence, what you see is 100% correct.

Please feel welcome to ask further!

Best regards,
Peter

 

View solution in original post

2 Replies 2

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎02-10-2023 08:50 PM - last edited on ‎02-12-2023 10:06 PM by Community Manager

Hey Kevin,

Your network is working properly and what you see in

 debug ip icmp

is perfectly expected.

The traceroute tool has a gotcha: How does it know that it finally reached the end destination and can stop running (terminate)? It can detect the intermediary routers by sending out packets with TTL 1, displaying the incoming ICMP TTL Exceeded messages, and progressively increasing the TTL - that's all okay. But the end destination may have multiple IP addresses and may decide to respond from a different IP address than the one you're performing traceroute to. If your termination detection for traceroute was based on expecting a response from the same IP address you're doing traceroute to, you could end up with the traceroute never terminating.

So traceroute uses a different trick: It sends out UDP segments destined to high ports that are very likely closed on the destination device (no process is listening on them), and of course, it packages those UDP segments into IP packets with gradually increasing TTL. By definition, UDP payload is never processed on intermediary devices, only on the destination host. Intermediary routers do not process UDP payload. Only when the IP packets arrive at their true destination when their TTL is high enough, the destination host starts processing the UDP segments inside them, but when it finds out they are destined to a closed UDP port, it will send back an ICMP Port Unreachable message.

So the traceroute implementation you're looking at is expecting two types of ICMP messages to come back:

  • ICMP TTL Exceeded messages come from intermediary routers and indicate to traceroute it needs to keep running and increasing the TTL
  • ICMP Port Unreachable messages come from the final destination and signal traceroute that the TTL is sufficient and it can stop

Hence, what you see is 100% correct.

Please feel welcome to ask further!

Best regards,
Peter

 

Go to solution
Kevin18
Level 1
Level 1
In response to Peter Paluch

‎02-11-2023 05:23 AM

Thank you Peter Paluch. This piece of information was unknown for me and it is very helpful.

0 Helpful
Top