Tony Nugent wrote: > > On Tue Aug 29 2000 at 20:14, John Sage wrote: > Thanks ;-) Done, I think.. > > > > When I traceroute to DNS4.CP.MSFT.NET then > > > > > > 12 194.ATM4-0.GW3.SEA1.ALTER.NET (146.188.201.29) 348.981 ms * 347.277 ms > > > 13 157.130.177.154 (157.130.177.154) 389.490 ms * * > > > 14 207.46.129.14 (207.46.129.14) 397.272 ms * * > > > 15 * * * > > > 16 * * * > > > 17 * * * > > > 18 * * * > > > > This is very interesting. When I do a traceroute, I get where we are > > wanting to go, and when I look at your results, you're getting one hop > > away before it goes dead. The next hop after 207.46.129.14 is > > dns5.cp.msft.net at 207.46.138.12 -- this seems *very* odd. > > This is exactly what you see when you attempt to traceroute through > a network (using ttl as a "hop count"), but the routers are refusing > (or can't) reply to the originating host. In this context, are the "routers" out at 207.46.129.14? I was wondering if this is what I was inferring from the traceroute, but why would Arshad's packets be dropped, while mine and other's are being accepted? > One example is when the unidentified routers are firewalls and/or > have no public IP addresses (only private, internet-unroutable IPs) > on any of their network interfaces. Or are the "routers" back at Arshad's and this is a firewalling issue at his end? We haven't gotten as far as to determine if *anything* is working, or what is working, if some connections are.. Kind of going about this bass-ackwards, as usual for these sorts of posts.. > It is not all that unusual to make routers secure by denying direct > access to them by anything from outside the internal network, by not > giving them publically accessible IP numbers on any of their > interfaces. They can still merrily route packets, no problem. > (Neat trick, works very well). Or, to change ends as it were, do you think this is a configuration issue at 207.46.129.14? Is there something about Arshad's source addresses that's getting them dropped? > Cheers > Tony > -=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=- > Tony Nugent <Tony@growzone.com.au> Systems Administrator, RHCE > GrowZone OnLine (a project of) GrowZone Development Network > POBox 475 Toowoomba Oueensland Australia 4350 Ph: 07 4637 8322 > -=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=- - John -- John Sage FinchHaven, Vashon Island, WA, USA http://www.finchhaven.com/ mailto:jsage@finchhaven.com And remember: it's spelled l-i-n-u-x but it's pronounced "Linux" - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org
