Monitoring Troubleshooting an OSPF Network

Previous Table of Contents Next

Another use of trace will be for it to give indications if a link or segment has failed between two points.

In Cisco routers, if the trace command is executed in the router’s privileged EXEC mode, it will prompt you for the supported IP header options to be specified, allowing the router to perform a more extensive range of test options.

trace Command Operation

The trace command generates an outgoing UDP message targeted to a destination device. The UDP packet header contains a PORT value that identifies the upper-layer application for which the packet is destined. Most trace implementations use a port value greater than 30000, a value unlikely to be used by the destination device. Cisco routers use a default port value of 33434.

One unique characteristic of the trace command is that it only reports the path of the outgoing UDP packets. It is possible that the ICMP responses might take a different path than the outgoing UDP messages. There is no guarantee that your trace output reflects the path for both directions.

However, by exercising the loose source route option that is available in an extended trace command, you can create a trace from the source router to a remote router, then back to the source thereby testing both directions.

To discover each hop between the source and destination, trace probes each successive hop to the destination. By default, each hop is probed three times. This probing is done by modifying the IP Time-to-Live (TTL) value. The Time-To-Live (TTL) value is set in the IP header portion of the packet thereby ensuring that packets do not continuously traverse the network.

Step 1: trace Begins

The trace command works by using the error message generated by routers when a datagram exceeds its time-to-live (TTL) value. First, trace probe datagrams are sent out with its TTL value set to 1 (see Figure 8-4). This causes the first router it reaches to reduce the TTL by a factor of 1 to a value of 0. This causes the router (Router B) to discard the probe datagrams and send back a “time exceeded” ICMP error message.

Figure 8-4  trace begins with TTL set to 1.

Each outgoing trace packet can result in one of two ICMP error messages:

  A “time exceeded” error message indicates that an intermediate router has seen and discarded the probe because the TTL value has incremented to 0.
  A “port unreachable” error message indicates that the destination node has received the probe and discarded it because it could not deliver the packet to an application with the value indicated in port field of the packet.

In a Cisco router, if the TTL timer (that is, the timeout in seconds value) goes off before one of the two possible ICMP responses come in, then trace prints an asterisk (*).

Step 2: Source Router Responds

Upon receipt of the ICMP error message, the source router (Router A) will then resend the UDP trace packet but this time it increments the TTL value by adding 1 to it. In the example shown in Figure 8-5, the TTL value will be increased to 2.

Figure 8-5  trace operation.

The UDP trace packet will reach the first router (Router B). This router will decrease the TTL value by one and then forward the packet to the next router (Router C) on the way to the destination device; this is determined by the routing table. Router C reduces the TTL to 0. This causes the router (Router C) to discard the probe datagrams and send back a “time exceeded” ICMP error message.

Step 3: trace Resent

The Trace utility will then resend the packet with the TTL set to a value of 3. This process will be repeated until the destination router is reached (Router D). At which point Router D receives the packet with a valid TTL. As the router examines the packet, it sees the port to which it is destined (hopefully, the port is unused since it can be a random value). Because the port is not found in the router, instead of issuing a “time exceeded” message, it returns the “Port Unreachable” ICMP error message. At which point the source router receives the packet back, deciphers it, and displays the final hop to the network engineer.

The trace command terminates when the destination responds, when the maximum TTL is exceeded, or when the user interrupts the trace with the escape sequence, %%%%.

As with ping, it is a good idea to use the trace command when the network is functioning properly to see how the command works under normal conditions and so you have something to compare against when troubleshooting.

For more detailed information on using the trace and extended trace commands, please refer to the Cisco IOS Configuration Fundamentals Command Reference.

Executing the Extended trace Command in a Cisco Router

The following describes the fields that are unique to the extended trace sequence, as shown in the display:

    OSPF_Router# trace    Protocol [ip]:    Target IP address:    Source address:    Numeric display [n]:    Timeout in seconds [3]:    Probe count [3]:    Minimum Time to Live [1]:    Maximum Time to Live [30]:    Port Number [33434]:    Loose, Strict, Record, Timestamp, Verbose [none]:    Type escape sequence to abort.    Tracing the route to      1 56 msec  52 msec  52 msec      2 56 msec 52 msec 56 msec      3 [AS 65512] 76 msec * 56 msec 

Previous Table of Contents Next

OSPF Network Design Solutions
OSPF Network Design Solutions
ISBN: 1578700469
EAN: 2147483647
Year: 1998
Pages: 200
Authors: Tom Thomas

Similar book on Amazon © 2008-2017.
If you may any questions please contact us: