Traffic generator producing unwanted ICMP host unreachable

hfakoor222 · ‎05-27-2022

The traffic is reaching from the generator to R3 as per wireshark and check on ingress interface of R3 the numbers are going up, so this part is ok.

There's full connectivity around the topology.

However there's icmp reply unreachable with code 2 and code 3 error

R3 can ping the traffic generator

the icmp reply says unreachable from r3 to traffic gen

Here's wireshark output of a packet going from Generator to R3 with no problems, I post the reply packet below- the IPV6 flag I don't believe is significant

wireshark is showing ICMP dest unreachable from R3 back to Traffic generator

ICMP packet

From internet I find out

Code 2 (protocol unreachable) and code 3 (port unreachable) are sent by the end host, and indicates that there is a problem on the host itself, such as port not open, process not running and so on.

conolidated view of packet above showing the addressing source/destination reversed as it's an icmp (reply I assume)

here is addressing of traffic generator

Packet information at source - it's a basic packet

here is R3 show run

R3#sh run
Building configuration...

Current configuration : 1416 bytes
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface FastEthernet0/0
ip address 172.16.20.3 255.255.255.0
duplex half
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
bandwidth 128
ip address 172.16.23.3 255.255.255.0
ip accounting precedence input
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router eigrp 1
network 1.0.0.0
network 172.16.0.0
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Null0
no ip http server
no ip http secure-server
!
!
!
no cdp log mismatch duplex
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
end

MHM Cisco World · ‎05-27-2022

https://sid-500.com/2017/08/28/ping-request-timed-out-vs-destination-host-unreachable/

hfakoor222 · ‎05-27-2022

I included a debug on R3 ingress interface for 172.16.10.4 packets

It looks like packets are getting through on the interface

So I read online

When a device realizes that a packet cannot be delivered to its destination, the device sends an ICMP Unreachable message. To help determine the root cause of why the packet cannot be delivered, the ICMP Unreachable message includes one of five code field values to convey the reason for the failure. For instance, in Figure 5-1, assume that Fred is trying to connect to the web server, called Web. Table 5-3, following the figure, lists the key ICMP Unreachable message codes, along with an example set of circumstances from Figure 5-1 that would result in each Unreachable code.

Table 5-3 ICMP Unreachable Codes (Continued)

Unreachable Code	Meaning	Example
Protocol Unreachable	The packet reached the destination host, but the host is not running that transport layer protocol.
Port Unreachable	The packet is delivered to the destination host, but there is no process listening on the destination port.

https://www.ccexpert.us/routing-switching/icmp-unreachable.html

The detailed debugging on interface s1/2 shows 'FIB IPv4.. packet routing failed'

Hence now what do? I'm not sure why I'm receiving this icmp issue

MHM Cisco World · ‎05-27-2022

you use HDLC instead you must use PPP in serial interface.
HDLC protocol is IPv6 and real packet is IPv4, this is why I suspect with HDLC, change it to PPP and try again.

MHM Cisco World · ‎05-27-2022

do you try after change from HDLC to PPP ?

David Ruess · ‎05-27-2022

Hello,

Is the traffic generator capable of returning a ping reply? Can it respond to requests?

-David

Harold Ritter · ‎05-27-2022

Hi @hfakoor222 ,

The protocol in the IP packet you are sending towards R3 is "IPv6 hop-by-hop option". This is invalid and this is most probably why the router sends a protocol/port unreachable in response. It should be ICMP. Please correct that and retry.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

hfakoor222 · ‎05-27-2022

Ok I will see where I need to tweak it to remove that, I'm not sure why it's even popping up

hfakoor222 · ‎05-27-2022

The error messages above noted 'protocol unreachable'

When I defined a Layer 4 protocol int the tarffic generator the message disappeared.

hfakoor222 · ‎05-27-2022

I needed to define a layer 4 protocol to get it to work properly. The TCP is giving me suspected retransmission errors, it's a stateless TCP based on how the traffic generator is created and so I am not sure if it has something to do with this, or another issue ~ maybe I can play around with the ACK flags?

It seems the IPV6 hop behavior was related to not defining a layer 4 protocol.

I don't believe this particular generator does much data beyond hex and word, although it has several transport protocols.