ramesh c wrote: > > I got access list as follows on my router > > access-list 100 permit icmp host any host xyz ttl-exceed > access-list 100 deny icmp any any > > when I do a traceroute from host xyz,I get reply only from some > hosts .
You should get a reply from routers in the path to the end system host with this access list, unless they have access lists also, or some other method of hiding hops. Whether you'll get a reply from the end system depends on which Traceroute you are using. A Cisco router uses a UDP message to a large UDP port number for Traceroute. Microsoft uses ICMP echo (ping). The echo reply would be denied with the access list that you have. > The Hitcounts on deny icmp icmp increases.the > access-group is applied to the "in" > > > Am I missing any other icmp messages? Yes, many. Here's a list: Type Code Meaning 0 0 Echo reply (ping reply) 3 x Destination unreachable (generic category) 3 0 Network unreachable 3 1 Host unreachable 3 2 Protocol unreachable 3 3 Port unreachable 3 4 Fragmentation was needed and the DF bit was set 3 5 Source route failed 3 13 Packet administratively prohibited 4 0 Source quench* 5 x Redirect (generic category) 5 0 Redirect datagrams for the network 5 1 Redirect datagrams for the host 5 2 Redirect datagrams for the type of service and network 5 3 Redirect datagrams for the TOS and the host 8 0 Echo (ping) 11 x Time exceeded (generic category) 11 0 Time-to-live (TTL) exceeded 11 1 Fragment reassembly time exceeded 12 0 Parameter problem * Per RFC 1812, a router should not originate source quench messages. A host may send source quench messages, however, per RFC 1122. > Is there a way to allow > all icmp messages for the host? Sure, just do a permit and leave off the specific ICMP message type. _______________________________ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com > > Cheers > > > _____________________________________________________________ > Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for > $19.95/year. > http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=60621&t=60602 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
