Difference between functions of the tracert command on a switch and a PC

5

The tracert command is used to discover the gateways that packets pass through from the source host to the destination host, check network connectivity, and locate network faults.
The execution process of the tracert command is as follows:
1. The source host sends a packet with the TTL being 1. After the TTL times out, the first hop sends an ICMP Error message to the source host, indicating that the packet cannot be forwarded.
2. The source host sends a packet with the TTL being 2. After the TTL times out, the second hop sends an ICMP Error message to the source host, indicating that the packet cannot be forwarded.
3. The source host sends a packet with the TTL being 3. After the TTL times out, the third hop sends an ICMP Error message to the source host, indicating that the packet cannot be forwarded.
4. The source host repeats the preceding process until the packet reaches the destination host.
When the tracert command is run on an S series switch (a non-S1700 switch), the switch sends UDP packets. The UDP port number of the three UDP packets starts from 33434 and is incremented by 1 every time the packets pass a hop. When one node on the packet forwarding path has equal-cost routes, the device forwards packets using a flow-based hash algorithm. The packets then are distributed to different links based on the calculation result. A maximum of three IP addresses on the equal-cost routes can be displayed each time.
When the tracert command is run on a PC, the PC sends ICMP packets, which are irrelevant to port number. If a network device on the packet forwarding path has equal-cost routes, the network device performs a flow-based hash operation and the ICMP packets are distributed to only one link, and the IP address of the link is displayed. However, if the network device performs per-packet load balancing, the ICMP packets are distributed to different links on the equal-cost routes.

Other related questions:
How to disable the tracert function on S series switches
S series switches (except the S1700) send ICMP Time Exceeded messages to obtain IP addresses of each hops using tracert. You can disable an interface from sending ICMP Time Exceeded messages to disable the tracert function. The configuration method is as follows: Disable VLANIF 100 from sending ICMP Time Exceeded messages. [HUAWEI] interface vlanif 100 [HUAWEI-Vlanif100] undo icmp ttl-exceeded send

What is the meaning of the tracert command output on an S series switch
For S series switches (except the S1700), the tracert command displays information about the path on which packets are sent from the source to the destination and checks network connectivity. When a fault occurs on the network, you can run this command to locate the fault. This command is used as follows: [HUAWEI] tracert 192.168.10.10 traceroute to 192.168.10.10(192.168.10.10),max hops: 30 ,packet length: 40,press CTRL_C to break 1 10.16.16.12 23 ms 12 ms 6 ms 2 * * * 3 192.168.10.10 5 ms !<10> 5ms !<10> 6ms !<10> The command output is described as follows: 1 indicates the first-hop gateway. The sequence number increases by each hop. By default, the maximum number of hops is 30. 10.16.16.12 indicates the gateway address of the first hop. The IPv4 address following the serial number of each hop is the gateway address of the hop. 23 ms 12 ms 6 ms indicates the time difference between the three sent UDP packets and the received ICMP Time Exceeded or ICMP Destination Unreachable packets. * * * indicates that no ICMP Time Exceeded packet or ICMP Destination Unreachable packet is received on the second-hop device within a specified period. ! indicates an ICMP Destination Unreachable packet. <10> indicates that the value of the Code field in the ICMP packet is 10, which means that the Destination host is administratively prohibited. There are no reachable routes between the destination host and the source address. This packet is sent by the default gateway of the destination host. For the meanings of other values of the Type and Code fields in an ICMP packet, see Chapter 6 in TCP/IP Illustration Volume I.

What is the difference between the WMM mandatory switch and WMM function switch
The WMM function switch controls the entire WMM function of an AP. The entire WMM function includes the WMM mandatory switch and EDCA parameter. The WMM mandatory switch controls whether the terminals that do not support WMM can connect to a WMM-support AP.

Can the USG firewall be traversed by the tracert command?
1. Tracert firewall itself Need to release the ICMP or UDP packet filtering to the local area of the firewall. If Tracert uses ICMP packets, you need to run the ip unreachables enable command to enable sending of ICU destination unreachable packets. 2. Tracert is forwarded through the firewall A. Release the ICMP or UDP packet filtering through the firewall. B. Configure the ICMP timeout packet function (command: ip ttl-expires enable). C. Disable the Tracert packet attack defense function (command: undo firewall defend tracert enable). Description: The UDP port used by the Tracert protocol is: first hop 33434, second hop 33435, third jump 33436 ... and so on (the algorithm is 33434 + N-1 where N is the hop count).

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top