Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

tracert command returns timed out

Tags:

traceroute

tracert returns requested time out. What I understand from this is the packets lost some where on the network.

Does it mean the issue is with the ISP or with the hosting provider or my windows system?

10     *        *        *     Request timed out.
11     *        *        *     Request timed out.
12     *        *        *     Request timed out.
13     *        *        *     Request timed out.
14     *        *        *     Request timed out.
15     *        *        *     Request timed out.
16     *        *        *     Request timed out.
17     *        *        *     Request timed out.
18     *        *        *     Request timed out.
19     *        *        *     Request timed out.
20     *        *        *     Request timed out.
21     *        *        *     Request timed out.
22     *        *        *     Request timed out.
23     *        *        *     Request timed out.
24     *        *        *     Request timed out.
25     *        *        *     Request timed out.
26     *        *        *     Request timed out.
27     *        *        *     Request timed out.
28     *        *        *     Request timed out.
29     *        *        *     Request timed out.
30     *        *        *     Request timed out.

The first 9 were successful.

like image 419
Raghav Avatar asked Jun 28 '13 03:06

Raghav


People also ask

What does a result of * * * mean during a traceroute?

You might notice one or more lines of your traceroute output is listed only with an asterisk (*). This means that the program did not receive any response from the router at that hop.

What causes traceroute to fail?

There are several possible reasons a traceroute fails to reach the target server: The traceroute packets are blocked or rejected by a router in the path. Usually, the router immediately after the last visible hop is the one causing the blockage. Check the routing table and the status of this device.

What are the three times in traceroute?

Round Trip Time (RTT) Results When running the traceroute command, you are sending data to each hop three times. The first column is the amount of time it took the first time, the second is for the second attempt, and the third is for the last attempt.

Why might a traceroute test stop before reaching the destination?

Destination net unreachable Traceroute is useful as a troubleshooting tool, and can tell you if a packet has been stopped on the network. If this occurs you will see the error Destination net unreachable. This error is often caused by a misconfiguration in the router settings, or an IP address that doesn't exist.


2 Answers

I can't see the first 9 hops but if they are all the same then you may have a firewall configuration issue that prevents the packets from either getting out or getting back.

Try again turning off your firewall (temporarily!). The other option is that your ISP may drop ICMP traffic as a matter of course, or only when they are busy with other traffic.

ICMP (the protocol used by traceroute) is of the lowest priority, and when higher priority traffic is ongoing the router may be configured to simply drop ICMP packets. There is also the possibility that the ISP drops all ICMP packets as a matter of security since many DOS (Denial of Service) attacks are based on probing done with ICMP packets.

like image 61
John Faulkner Avatar answered Nov 27 '22 15:11

John Faulkner


Some routers view all pings as a Port-Scan, and block for that reason. (as the first step in any attack is determining which ports are open.) However, blocking ping packets / tracert packets, etc. is only partially effective at mitigating a Denial-of-service attack, as such an attack could use ANY PROTOCHOL it wanted (such as by using TCP or UDP packets, etc.) So long as there is an open port to receive the packet on the machine targeted for Denial-Of-Service. For example, if we wanted to target an http server, we only need use an intercepting proxy to repeatedly send a null TCP packet to the server on port 80 or port 8080, since we know that these are the two most common ports for http. Likewise, if the target machine is running an IRCd, we know the port is most likely 6667 (unless the server is using SSL), which would be the most common port for that kind of service. Therefore, dropping ping packets does not prevent a DdOS attack- it just makes that type of attack a bit more difficult.

like image 26
John Doe Avatar answered Nov 27 '22 14:11

John Doe