<div dir="ltr"><div>Hi All </div><div><br></div><div>have you considered that routers might have different IP addresses on "external facing" and "internal facing" interfaces, hence the discrepancies between outbound and inlound traceroute? </div><div><br></div><div>I would be curious if its the same number of hops each way <br></div><div><br></div><div>Tomasz<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, 15 Jun 2022 at 23:34, Damon Permezel via linux-aus <<a href="mailto:linux-aus@lists.linux.org.au">linux-aus@lists.linux.org.au</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">I am sure I'm not blocking the ping at my (UDM Pro) firewall, but the Fritz!box also has a firewall.<br>
<br>
Because I see the weird 10.20.21.212 hop outbound, I assumed I would see it on inbound, and thus it appeared to be the next hop to fix.<br>
However, no small amount of dorking about with the Fritz!Box has resulted in me figuring out that I need to designate the UDM as "exposed host".<br>
<br>
I know I should have more faith in the Unifi firewall, and I should have been happy to put the UDM into the DMZ, but I always felt marginally less insecure leaving it so that the mystical, inaccessible Fritz!box firewall was also preventing rogue SYNs from molesting my sockets.<br>
<br>
Once I enable "Exposed Host" on the Fritz, pings work, and "mtr" is able to reveal to me that there is no 10.20.21.212 hop inbound. Just outbound.<br>
<br>
The bogon hop still annoys me -- perhaps I need to get a life.<br>
<br>
<br>
Sent with Proton Mail secure email.<br>
------- Original Message -------<br>
On Wednesday, June 15th, 2022 at 15:10, Paul Gear via linux-aus <<a href="mailto:linux-aus@lists.linux.org.au" target="_blank">linux-aus@lists.linux.org.au</a>> wrote:<br>
<br>
<br>
> The existence of that node on the path should not break mtr - it should<br>
> continue trying increased TTLs until it gets to the end node.<br>
> <br>
<br>
> Are you sure you're not blocking ping at your firewall?<br>
> <br>
<br>
> On 15/6/22 14:35, Damon Permezel via linux-aus wrote:<br>
> <br>
<br>
> > Breaks mtr.<br>
> > Im trying to diagnose some issues and the other party insists on mtr<br>
> > working from both sides.<br>
> > Inbound to me the 10.20.21.212 drops all pings and mtr goes no further.<br>
> > The ping is not addressed to 10.20.21.212. It should elicit a ttl<br>
> > expired icmp response.<br>
> > <br>
<br>
> > Thats the main reason this got my attention again.<br>
> <br>
<br>
> _______________________________________________<br>
> linux-aus mailing list<br>
> <a href="mailto:linux-aus@lists.linux.org.au" target="_blank">linux-aus@lists.linux.org.au</a><br>
> <a href="http://lists.linux.org.au/mailman/listinfo/linux-aus" rel="noreferrer" target="_blank">http://lists.linux.org.au/mailman/listinfo/linux-aus</a><br>
> <br>
<br>
> To unsubscribe from this list, send a blank email to<br>
> <a href="mailto:linux-aus-unsubscribe@lists.linux.org.au" target="_blank">linux-aus-unsubscribe@lists.linux.org.au</a>_______________________________________________<br>
linux-aus mailing list<br>
<a href="mailto:linux-aus@lists.linux.org.au" target="_blank">linux-aus@lists.linux.org.au</a><br>
<a href="http://lists.linux.org.au/mailman/listinfo/linux-aus" rel="noreferrer" target="_blank">http://lists.linux.org.au/mailman/listinfo/linux-aus</a><br>
<br>
To unsubscribe from this list, send a blank email to<br>
<a href="mailto:linux-aus-unsubscribe@lists.linux.org.au" target="_blank">linux-aus-unsubscribe@lists.linux.org.au</a></blockquote></div><br clear="all"><br>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div>--<br>GPG key fingerprint: <span>07DF B95B DB58 57B6 9656 682E 830A D092 288E F017</span><br>GPG public key available on pgp(dot)net key server</div></div></div>