traceroute to a subnet broadcast – Answer (1)

certskills
By certskills June 18, 2015 09:05

In this post I’ll start diving into an answer for that latest question about what happens when a host does a tracert command for a subnet broadcast address. You’ll need to check out the question first before most of this post will make sense. Ask questions if you like! Note that reading this post will rule out a couple of the answers from the question, so be warned.

Here’s a repeat of the figure, and the gist of the question. The PC on the left can ping the PC on the right successfully. immediately afterwards, that same PC issues a tracert -2 192.168.1.31 command – and that IP address is the subnet broadcast address on router R3. What happens? How far does the packet go?

First, consider the somewhat limited logic a host uses when forwarding a frame. When a host needs to send an IP packet, and the host is configured with a default gateway setting, the logic boils down to this:

  1. If the destination is in my subnet, send locally
  2. If the destination is not in my subnet, send to the gateway

In this case, the PC’s IP address mask (172.16.3.254/22) implies a range of addresses from 172.16.0.0 – 172.16.3.255. Clearly, destination 192.168.1.31 is in a different subnet, so PC A sends the packet to the default gateway, which resumable would be R2 in this figure.

Of particular importance, note that PC1 has no concept of the idea of whether 192.168.1.31 is or is not a subnet broadcast address. PC A has no information about that subnet at all. So, PC1 could not act any differently.

In this case, because PC A already has an ARP cache entry for its default gateway, PC A sends the packets generated by the tracert command inside an Ethernet frame. The source = PC A MAC, the destination = R2’s MAC, the source IP = PC A’s IP, and the destination IP = 192.168.1.31.

When R2 receives the frame, it sees that the frame is destined to R2’s MAC, so it processes the frame by stripping off the Ethernet header/trailer. Then R2 needs to try and route the packet like it usually would, which is to match the IP routing table, find the best match, take the forwarding details from that routing table entry, and so on. Also, R2 will decrement the Time-to-Live field in the IP header of the packet.
The first several packets generated by PC A’s tracert command will have a TTL of 1, so when R2 decrements the TTL to 0, R2 does the usual action: it discards the packet, and sends an ICMP Time Exceeded message back to PC A. That gives PC1 the info it needs to list R2’s IP address (172.16.0.1) as the first router in the route discovered by this command.

From the description so far, you can rule out the first two answers to the question. Both of the first two answers describe cases in which the tracert command output lists no routers at all, and it will list at least the first router.

Next post, we’ll look at what happens on R3!

Tracert to a subnet broadcast - Answer (2)
Question: Traceroute to a subnet broadcast address - what happens?
certskills
By certskills June 18, 2015 09:05
Write a comment

4 Comments

  1. Allan June 19, 09:57

    will R3 drops the trace/packet? because its a broadcast address? thanks!

    Reply to this comment
  2. Steve @ Sky October 3, 16:01

    R3 will drop the packet because there is no physical address to send the packet to.

    Reply to this comment
View comments

Write a comment

Comment; Identify w/ Social Media or Email

Subscribe

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

Search

Categories