网友:julius - 2007年02月01日 星期四 23:31| 删除
关于ping和trace命令,有2个发现
首先是ping和trace的不同,虽然都是ICMP协议,但是可以有ping过trace不过或者相反的情况
再一个是pc的ping&trace和UNIX/router的不同,曾发生过某些节点前者不能过但后者却能够过的情况,当时也和同事讨论过,也没讨论出个子丑寅卯来
不知道这有啥解释么?
关于你的第一个问题,是很正常的,因为ping和traceroute的原理不同,
对于ping,发送的是一个echo request包,类型为 8 0,当被ping者接到相关icmp包的时候,根据实际情况,逻辑是,就发回 reply 0 0,逻辑否,则根据具体情况发出一些其他的信息,总结起来的说,是看目的是否能及时的把icmp reply包送回到源,一当路径上的某个节点把reply包给deny掉了,就肯定ping不通了,比如会是time out,
下面是对ping的一些debug 输出,debug ip pa de 100,access-list 100 permit icmp any any,
1、这个是ping通的
Sending 5, 100-byte ICMP Echos to 192.168.100.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/51/68 ms
R4(config)#
*Mar 1 00:03:20.579: IP: tableid=0, s=172.16.14.2 (local), d=192.168.100.1 (Serial1/0), routed via FIB
*Mar 1 00:03:20.583: IP: s=172.16.14.2 (local), d=192.168.100.1 (Serial1/0), len 100, sending
*Mar 1 00:03:20.587: ICMP type=8, code=0
*Mar 1 00:03:20.639: IP: tableid=0, s=192.168.100.1 (Serial1/0), d=172.16.14.2 (Serial1/0), routed via RIB
*Mar 1 00:03:20.643: IP: s=192.168.100.1 (Serial1/0), d=172.16.14.2 (Serial1/0), len 100, rcvd 3
*Mar 1 00:03:20.647: ICMP type=0, code=0
2、有路由,ping不通的,我在R1上做了如下设置
access-list 100 deny icmp any any
access-list 100 permit ip any any
int s1/0
ip access-group 100 in
然后在R4上 do debug ip pa de 100
R4(config)#do ping 192.168.100.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.2, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
R4(config)#do debug ip pa de 100
IP packet debugging is on (detailed) for access list 100
R4(config)#
R4(config)#
R4(config)#do ping 192.168.100.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.2, timeout is 2 seconds:
U
*Mar 1 00:21:11.031: IP: tableid=0, s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), routed via FIB
*Mar 1 00:21:11.035: IP: s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), len 100, sending
*Mar 1 00:21:11.039: ICMP type=8, code=0
*Mar 1 00:21:11.075: IP: tableid=0, s=172.16.14.1 (Serial1/0), d=172.16.14.2 (Serial1/0), routed via RIB
*Mar 1 00:21:11.079: IP: s=172.16.14.1 (Serial1/0), d=172.16.14.2 (Serial1/0), len 56, rcvd 3
*Mar 1 00:21:11.083: ICMP type=3, code=13-----tcp/ip 上看出,3 13代码暗示着由于过滤,通讯被禁止
下面是有路由,因为reply包被deny而time out的,
我把R1上的acl设置改成
access-list 100 deny icmp any any
access-list 100 permit ip any any
int s1/0
ip access-group 100 out
R4(config)#do ping 192.168.100.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.2, timeout is 2 seconds:
*Mar 1 00:25:15.735: IP: tableid=0, s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), routed via FIB
*Mar 1 00:25:15.735: IP: s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), len 100, sending
*Mar 1 00:25:15.735: ICMP type=8, code=0.
总结起来,ping能否成功有三个必要条件,1、互相有到达对端的路由,2、echo包没被禁止,3、别time out掉(这个实验不好做,本来想通过设置timeout时间为10ms来做,哈哈,最小是1s.)
对于traceroute,本质可以理解为hop by hop的ping,但这个ping和上面讲的ping不一样,这个ping和我们的ping命令不同,traceroute包发出去后,途经的每个站点都会发回一个 类型代码为11 0的icmp 包回去,到了终点,才回发送一个代码为3 3的icmp包回到源,下面是一个traceroute的debug 输出
R4(config)#do tracer 192.168.100.2
Type escape sequence to abort.
Tracing the route to
*Mar 1 00:47:11.567: IP: tableid=0, s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), routed via FIB
*Mar 1 00:47:11.571: IP: s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), len 28, sending
*Mar 1 00:47:11.571: UDP src=49234, dst=33434
*Mar 1 00:47:11.599: IP: tableid=0, s=172.16.14.1 (Serial1/0), d=172.16.14.2 (Serial1/0), routed via RIB
*Mar 1 00:47:11.603: IP: s=172.16.14.1 (Serial1/0), d=172.16.14.2 (Serial1/0), len 56, rcvd 3
*Mar 1 00:47:11.607: ICMP type=11, code=0
*Mar 1 00:47:20.643: IP: tableid=0, s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), routed via FIB
*Mar 1 00:47:20.643: IP: s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), len 28, sending
*Mar 1 00:47:20.647: UDP src=49235, dst=33435
*Mar 1 00:47:20.707: IP: tableid=0, s=172.16.14.1 (Serial1/0), d=172.16.14.2 (Serial1/0), routed via RIB
*Mar 1 00:47:20.711: IP: s=172.16.14.1 (Serial1/0), d=172.16.14.2 (Serial1/0), len 56, rcvd 3
*Mar 1 00:47:20.715: ICMP type=11, code=0
*Mar 1 00:47:20.719: IP: tableid=0, s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), routed via FIB
*Mar 1 00:47:20.723: IP: s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), len 28, sending
*Mar 1 00:47:20.723: UDP src=49236, dst=33436
*Mar 1 00:47:20.767: IP: tableid=0, s=172.16.14.1 (Serial1/0), d=172.16.14.2 (Serial1/0), routed via RIB
*Mar 1 00:47:20.771: IP: s=172.16.14.1 (Serial1/0), d=172.16.14.2 (Serial1/0), len 56, rcvd 3
*Mar 1 00:47:20.775: ICMP type=11, code=0
*Mar 1 00:47:20.783: IP: tableid=0, s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), routed via FIB
*Mar 1 00:47:20.787: IP: s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), len 28, sending
*Mar 1 00:47:20.791: UDP src=49237, dst=33437
*Mar 1 00:47:20.867: IP: tableid=0, s=172.16.123.2 (Serial1/0), d=172.16.14.2 (Serial1/0), routed via RIB
*Mar 1 00:47:20.871: IP: s=172.16.123.2 (Serial1/0), d=172.16.14.2 (Serial1/0), len 56, rcvd 3
*Mar 1 00:47:20.875: ICMP type=3, code=3
*Mar 1 00:47:26.903: IP: s=192.168.100.4 (Loopback0), d=255.255.255.255, len 71, unroutable
*Mar 1 00:47:26.903: UDP src=57768, dst=53172.16.123.2
*Mar 1 00:47:29.907: IP: tableid=0, s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), routed via FIB
*Mar 1 00:47:29.907: IP: s=172.16.14.2 (local), d=192.168.100.2 (Serial1/0), len 28, sending
*Mar 1 00:47:29.911: UDP src=49238, dst=33438
*Mar 1 00:47:29.987: IP: tableid=0, s=172.16.123.2 (Serial1/0), d=172.16.14.2 (Serial1/0), routed via RIB
*Mar 1 00:47:29.991: IP: s=172.16.123.2 (Serial1/0), d=172.16.14.2 (Serial1/0), len 56, rcvd 3
*Mar 1 00:47:29.995: ICMP type=3, code=3
从输出中可以验证一些东西,比如traceroute进程每跳发出三个探测包,上面也是
中途站点R1的debug 输出
R1(config)#do debug ip pa de 100
IP packet debugging is on (detailed) for access list 100
R1(config)#
*Mar 1 00:47:20.311: IP: tableid=0, s=172.16.14.1 (local), d=172.16.14.2 (Serial1/0), routed via FIB
*Mar 1 00:47:20.315: IP: s=172.16.14.1 (local), d=172.16.14.2 (Serial1/0), len 56, sending
*Mar 1 00:47:20.319: ICMP type=11, code=0
*Mar 1 00:47:29.387: IP: tableid=0, s=172.16.14.1 (local), d=172.16.14.2 (Serial1/0), routed via FIB
*Mar 1 00:47:29.391: IP: s=172.16.14.1 (local), d=172.16.14.2 (Serial1/0), len 56, sending
*Mar 1 00:47:29.395: ICMP type=11, code=0
*Mar 1 00:47:29.467: IP: tableid=0, s=172.16.14.1 (local), d=172.16.14.2 (Serial1/0), routed via FIB
*Mar 1 00:47:29.471: IP: s=172.16.14.1 (local), d=172.16.14.2 (Serial1/0), len 56, sending
*Mar 1 00:47:29.475: ICMP type=11, code=0
目的站点R2的输出
R2(config)#do un all
All possible debugging has been turned off
R2(config)#do debug ip pa de 100
IP packet debugging is on (detailed) for access list 100
R2(config)#
*Mar 1 00:53:49.315: IP: s=172.16.14.2 (Serial1/2.1), d=192.168.100.2, len 28, rcvd 0
*Mar 1 00:53:49.319: UDP src=49251, dst=33437
*Mar 1 00:53:49.319: IP: tableid=0, s=172.16.123.2 (local), d=172.16.14.2 (Serial1/2.1), routed via FIB
*Mar 1 00:53:49.323: IP: s=172.16.123.2 (local), d=172.16.14.2 (Serial1/2.1), len 56, sending
*Mar 1 00:53:49.327: ICMP type=3, code=3
R2(config)#
*Mar 1 00:53:58.447: IP: s=172.16.14.2 (Serial1/2.1), d=192.168.100.2, len 28, rcvd 0
*Mar 1 00:53:58.451: UDP src=49252, dst=33438
*Mar 1 00:53:58.455: IP: tableid=0, s=172.16.123.2 (local), d=172.16.14.2 (Serial1/2.1), routed via FIB
*Mar 1 00:53:58.455: IP: s=172.16.123.2 (local), d=172.16.14.2 (Serial1/2.1), len 56, sending
*Mar 1 00:53:58.459: ICMP type=3, code=3
*Mar 1 00:53:58.587: IP: s=172.16.14.2 (Serial1/2.1), d=192.168.100.2, len 28, rcvd 0
*Mar 1 00:53:58.591: UDP src=49253, dst=33439
由此可以看出,一样的道理,在中间站点上只要禁止代码11 0的icmp包输出,那么traceroute的输出中,关于那个站点就是*号了,或者在路上把代码为3 3 的禁止掉,一样会traceroute不通,而此时,ping通是一点问题都没有的,因为ping没有用到这些类型的icmp包,具体实验就不做了,时间紧张。