What does having * * * mean in the command traceroute ? and How can you cope with that situation?

Question

this is the result of my traceroute

    traceroute   www.google.com
traceroute to www.google.com (216.58.211.228), 30 hops max, 60 byte packets
 1  192.168.1.1 (192.168.1.1)  1.061 ms  1.709 ms  2.262 ms
 2  * * *
 3  10.103.5.41 (10.103.5.41)  41.594 ms  43.136 ms  44.617 ms
 4  172.29.24.33 (172.29.24.33)  50.849 ms  51.574 ms  52.316 ms

What does having * * * mean in the command traceroute? and How can you cope with that situation?

Cope with what situation? What is it that you think is happening on this route? — joeqwerty, Oct 31 '15 at 18:29
I'd be more concerned about those routers on the path which did respond. All of them have RFC1918 addresses. That makes me wonder how many layers of NAT the connection goes through. — kasperd, Oct 31 '15 at 21:13

score 5 · Accepted Answer · answered Oct 31 '15 at 17:44

5

It means that the affected host (in your example, the second one) did not reply to the traceroute. As by default traceroute uses an UDP port, you can change the discovery protocol to use ICMP/PING using the "-I" option. Apart that, you can not do anything more.

answered Oct 31 '15 at 17:44

shodanshok

44,038
6
98
162

It remained the same problem 2 * * * – Karim Michel Oct 31 '15 at 17:47
2

@KarimMichel Sure it did. Why would anything you change on your end fix a configuration on a router somewhere else? – TomTom Oct 31 '15 at 18:09
It remained the same problem !!!! – Karim Michel Nov 01 '15 at 22:21

Konrad Gajewski · Answer 2 · 2019-09-28T13:37:55.517

5

It means that a packet with a tweaked TTL did not return an appropriate ICMP TTL exceeded packet, or that those packets were lost on the way back, within the given period traceroute waits for them. This CAN mean, that the host on the way is not generating them properly, if at all.

There is little you can do about this. You can change the protocol traceroute uses for its discovery (as described by shodanshok), or increase the timeout (traceroute -w 15 for example). Also try to reduce the number of requests sent (-N 5).

P.S. You can also try to use some tool to utilise RECORD_ROUTE for example hping3. But I cannot give you any more details as I have never been able to use it.

edited Sep 28 '19 at 13:37

answered Oct 31 '15 at 18:05

Konrad Gajewski

1,498
3
15
29

2

But basically you live with the fact that someone on the way configured a router to not send out ICMP replies. There are some seriously bad admins out there that do not understand that ICMP actually has uses. Nothing you can do - except if it is your machine there (and I talk of the one that does not answer). Then fix the configuration. – TomTom Oct 31 '15 at 18:09
Oh how I hate routers with ICMP echo turned off. – Konrad Gajewski Oct 31 '15 at 18:11
oooof nooo ! It remained the same problem 2 * * * – Karim Michel Nov 01 '15 at 15:06
Is it that you are trying to find out the address of this hop? Maybe the hop does not exist at all? Have you thought about that? – Konrad Gajewski Nov 01 '15 at 15:45
It remained the same problem – Karim Michel Nov 01 '15 at 22:21
Why do you want it to work in the first place? Maybe there is some other way of getting what you want? – Konrad Gajewski Nov 02 '15 at 15:35
I want that stars disappear *** – Karim Michel Nov 02 '15 at 15:57
2

`traceroute www.google.com | grep -v "* * *"` – Konrad Gajewski Nov 02 '15 at 16:11
no ! I want the server to return me a ICMP_message !!!!!!! – Karim Michel Nov 02 '15 at 17:29
Ok. Maybe you would settle for something different than a TTL exceeded? – Konrad Gajewski Nov 02 '15 at 17:39
ooooff It remained the same problem – Karim Michel Nov 03 '15 at 18:48

What does having * * * mean in the command traceroute ? and How can you cope with that situation?

2 Answers2