>My Question is why I am getting 192.168.226.38 non-route able address >output in traceroute reply? As far as i think these private address >space is not route able on the internet. You are right, it is not routable. However, that does not prevent an ISP from using it for transit addresses on router interfaces. Remember, your (ICMP or UDP) packet is addressed to a.b.c.d, not to 192.168.226.38. However, the TTL happens to hit zero on that interface, so it generates the return ICMP sourced from that address. If the ISP is fully following RFC1918, this wouldn't happen -- you wouldn't see the return packet. The RFC notes: It is strongly recommended that routers which connect enterprises to external networks are set up with appropriate packet and routing filters at both ends of the link in order to prevent packet and routing information leakage. An enterprise should also filter any private networks from inbound routing information in order to protect itself from ambiguous routing situations which can occur if routes to the private address space point outside the enterprise. In practice, many ISPs only filter destination addresses of RFC1918 and not source, so that explains what you are seeing. --woody -------------------------------------------------------------- <b>Costs are climbing and complaints are rising as SPAM overloads your e-mail servers and Inboxes SurfControl E-mail Filter puts the brakes on spam & viruses and gives you the reports to prove it. http://www.securityfocus.com/SurfControl-pen-test2 Download a free trial and see just what's going in and out of your organization. </b>
This archive was generated by hypermail 2b30 : Mon Apr 07 2003 - 09:40:40 PDT