LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-16-2015, 01:02 PM   #1
vicky007aggrwal
Member
 
Registered: Aug 2012
Posts: 95

Rep: Reputation: Disabled
traceroute error


I'am able to connect between two machines via ssh on port 22.But when i am doing the traceroute to my 2nd machine from my first machine , it is reporting the below error


Can someone please help in understand that why is it so , if i'm able to do ssh to my second machine that means it is reachable via the network then why my traceroute is showing asterick(*) even when i have disabled the firewall

OS details - Centos 6

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
traceroute 30.3.33.111
traceroute to 30.3.33.111 (30.3.33.111), 30 hops max, 60 byte packets



1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 
Old 07-16-2015, 01:49 PM   #2
ferrari
Senior Member
 
Registered: Sep 2003
Location: Auckland, NZ
Distribution: openSUSE Leap
Posts: 3,781

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
You haven't told us anything about your network topology. I assume that your machines are connected within the same subnet on a LAN? Then traceroute won't show any gateway hops, since the destination is directly reachable (resolved by ARP), so the traceroute packets are sent directly to the host in question. Since the router is not needed to route the packet, it won't show up as a hop. Now why your target host rejects the ICMP packets sent is a another matter again. I would review 'man traceroute' for other options.
 
Old 07-16-2015, 01:58 PM   #3
vicky007aggrwal
Member
 
Registered: Aug 2012
Posts: 95

Original Poster
Rep: Reputation: Disabled
sorry for not sharing the complete details ..

I m using AWS virtual machines where my machines are in same VPC but in different subnets .

By default ping is disabled in AWS instances.

Does the traceroute also uses the ping command philosophy or there is any other issue ..please guide me
 
Old 07-16-2015, 05:18 PM   #4
ferrari
Senior Member
 
Registered: Sep 2003
Location: Auckland, NZ
Distribution: openSUSE Leap
Posts: 3,781

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Similar question asked here that might answer your question. Note the last comment to making sure that UDP ports are allowed (which traceroute uses by default). BTW, if you read the man page for traceroute, you'll note that it is possible to test with other protocol types, including the -T option for probing with TCP SYN packets.
 
Old 07-16-2015, 05:33 PM   #5
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Yawnstown, Ohio
Distribution: Mojave
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
OS level firewall. By default, Windows/RHEL instances do respond to ICMP
RHEL and CentOS are "close enough" to warrant a check of the firewall rules on the target host.
 
Old 07-16-2015, 06:14 PM   #6
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,842

Rep: Reputation: 1472Reputation: 1472Reputation: 1472Reputation: 1472Reputation: 1472Reputation: 1472Reputation: 1472Reputation: 1472Reputation: 1472Reputation: 1472
Very likely the network has ICMP disabled.

Traceroute works by generating ICMP traffic - starting with a timeout of 1, then it waits for a return ICMP packet with "time exceeded" status from a gateway. Then it increments the count, and tries again.

If no reply after a rather long timeout, it will increment anyway, and try (this is reported with the *).

If the network has ICMP disabled, then you never get a reply.

The manpage on traceroute lists several alternatives to try to handle that:

-T option, to use TCP, the default target port is 80 (so if the target doesn't have a web server it doesn't work well - try other ports, 22, or whatever you used for a known service...)

-U option, to use UDP.

In both cases, random data is sent, so sometimes the service on the target could get confused...

As usual, refer to the manpage for details..

Last edited by jpollard; 07-16-2015 at 06:22 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] no route to host connect socket error..ping and traceroute ok mgard Linux - Kernel 1 01-17-2010 04:32 AM
traceroute linuxguy08 Linux - Server 1 08-12-2009 06:26 PM
Traceroute Rinish Linux - Networking 3 07-26-2006 03:52 AM
traceroute mint567 Linux - Networking 3 11-23-2003 02:37 PM
Using Traceroute david0321 Linux - Networking 9 12-25-2002 04:09 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration