Russ-
This behavior occurs when the router has lost its connection (and the
corresponding route) to the downstream subnet. So, tpa-max attempts to
deliver to CHI-Cisco01, which doesn't know what to do with the packet, and
returns it to tpa-max, which is it's default route. I've seen this most
frequently with dedicated modem lines that drop frequently, but I would
imagine it would happen with other media. Hope this makes it clearer.
-scott
Scott S. Blake, Senior Support Engineer
NeTegrity, Inc.
blake @
security .
com
-- Begin original message --
> From: Russ <Russ .
Cooper @
RC .
on .
ca>
> Date: Wed, 27 Nov 1996 04:01:43 -0500
> Subject: Looping TRACERT?
> To: "'Firewalls Mailing List'" <firewalls @
GreatCircle .
COM>
>
> Sorry for the off-topic post...
> *
> I like to think of myself as someone who has a pretty good grasp on
> routing, but tonight I came across something which I didn't understand.
> I'd appreciate it if someone could explain this one to me.
> *
> I was trying to connect to www.CIAC.com, but the browser was just
> sitting there hanging trying to connect and eventually reported the
> operation timed out. So I did a tracert to it and around hop 15, the
> tracert started looping between two routers.
> *
> 15 130 ms 151 ms 140 ms tpa-max.THOUGHTPORT.NET [206.41.176.10]
> 16 130 ms 140 ms 140 ms CHI-Cisco01.thoughtport.COM
> [199.171.236.1]
> 17 190 ms 140 ms 141 ms tpa-max.THOUGHTPORT.NET [206.41.176.10]
> 18 130 ms 140 ms 140 ms CHI-Cisco01.thoughtport.COM
> [199.171.236.1]
> 19 150 ms 160 ms 150 ms tpa-max.THOUGHTPORT.NET [206.41.176.10]
> 20 140 ms 160 ms 140 ms CHI-Cisco01.thoughtport.COM
> [199.171.236.1]
> 21 140 ms 150 ms 150 ms tpa-max.THOUGHTPORT.NET [206.41.176.10]
> 22 151 ms 160 ms 140 ms CHI-Cisco01.thoughtport.COM
> [199.171.236.1]
> 23 141 ms 160 ms 160 ms tpa-max.THOUGHTPORT.NET [206.41.176.10]
> 24 140 ms 130 ms 150 ms CHI-Cisco01.thoughtport.COM
> [199.171.236.1]
> 25 150 ms 161 ms 140 ms tpa-max.THOUGHTPORT.NET [206.41.176.10]
> 26 140 ms 181 ms 170 ms CHI-Cisco01.thoughtport.COM
> [199.171.236.1]
> 27 160 ms 161 ms 180 ms tpa-max.THOUGHTPORT.NET [206.41.176.10]
> 28 200 ms 171 ms 150 ms CHI-Cisco01.thoughtport.COM
> [199.171.236.1]
> 29 160 ms 181 ms 350 ms tpa-max.THOUGHTPORT.NET [206.41.176.10]
> 30 190 ms 251 ms 240 ms CHI-Cisco01.thoughtport.COM
> [199.171.236.1]
> *
> So I get the Thoughtport Tech Admin on the phone (4:00am and he's in
> his office, and he's answering his phone???). I tell him what's up, and
> he says that if CIAC is down, then this type of action would be
> normal???
> *
> Normal? I don't understand, why would two routers be pointing to each
> other just because a route is down? Maybe its something real basic that
> I'm missing here because I figured there was a problem, but I just
> can't figure out why they would be pointing to each other and not
> simply timing out. Is this the type of stuff we can look forward to
> when we have redundant routes and parallel Firewalls?
> *
>
> Cheers,
> Russ
> R.C. Consulting, Inc. - NT/Internet Security Consulting
> mailto:Russ .
Cooper @
RC .
on .
ca <-- *note the new address*
>
>
-- End original message --
Scott S. Blake, Senior Support Engineer
NeTegrity, Inc.
blake @
security .
com
Follow-Ups:
References:
|
|
