Firewalls: Re: curios traceroute

Firewalls
(September 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: curios traceroute
From:	Chris Lonvick <clonvick @ cisco . com>
Date:	Sun, 08 Sep 1996 21:41:13 -0700
To:	firewalls @ greatcircle . com

Hello All,

Gererally, ISPs don't propogate the destination of RFC-1918 networks through
the Internet.  They usually have a chuckle then zap them from the routing
tables.  What you're seeing is a NAT that doesn't dig into the packet.  NATs
_must_ know to change the IP source and destination addresses.  This,
however, is not the end.  Certain protocols embed the IP addresses into the
packet payload.  For example, to get certain commands to work properly in
ftp, the NAT must know to recognize these types of packets and then reach
inside the payload and change the addresses there as well.  Your traceroute
program is not looking at the IP source/destination addresses but is
utilizing some of the data inside the payload of the packet (which the NAT
is not translating) to generate its report.  Look at the source code of your
traceroute program and RFC-729.

Thanks,
Chris Lonvick
Cisco Systems
Consulting Engineering
+1-713-778-5663

Indexed By Date	Previous:	Re: Firewall-1,Sun,CISCO,Class"B"address From: Nobuhiko Yoshimoto <yoshi @ koto . nikkei . co . jp>
Indexed By Date	Next:	Re: curios traceroute From: Charles Ragan <ragan @ INS . COM>
Indexed By Thread	Previous:	Re: curios traceroute From: peter @ baileynm . com (Peter da Silva)
Indexed By Thread	Next:	Re: curios traceroute From: Charles Ragan <ragan @ INS . COM>