This could get educational. ;-) We're both correct. A problem might be too many programs with the same or similar names. Since Margaret manages a Windows network, I presumed she was using TRACERT.exe and not a Traceroute.exe program. Here are the assumptions I'm working with. Windows TRACERT.exe sends ICMP packets and receives ICMP error messages. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wcetcpip/html/cerefTracert.asp You can use Tracert.exe to send ICMPv6 or ICMP Echo Request messages to produce command-line report information about each router that is crossed and the roundtrip time (RTT) for each hop. By default, tracert queries for both IPv4 and IPv6 addresses, and uses the addresses that the operating system (OS) returns. You can override this behavior by using the -4 and -6 options. Linux sends UDP datagrams and receives ICMP error messages. http://www.die.net/doc/linux/man/man8/traceroute.8.html This program attempts to trace the route an IP packet would follow to some internet host by launching UDP probe packets with a small ttl (time to live) then listening for an ICMP "time exceeded" reply from a gateway. And to top it all off, Traceroute programs can use ICMP for sending too, with the appropriate 'switch'. -----Original Message----- From: George J. Perkins [mailto:[log in to unmask]] Sent: Thursday, September 25, 2003 9:56 AM To: [log in to unmask] Subject: Re: MSU Internet Access Problems? On Wed, 24 Sep 2003, Margaret Wilson quoted a personal reply from Don Bosman to her earlier message, which in turn was based on a suggestion of mine to use traceroute instead of ping: > [...] > ACD has fiber to campus, efectively making them a segment on 'our' network, > so they should be able to ping the gateway. You should have been able to > ping via your ACD/MSU account, but not through ACD's own network. Since > Traceroute uses pings it shouldn't be working from off campus either. > [...] Traceroute does not use pings, which are ICMP packets (ECHO_REQUEST sent, ECHO_RESPONSE returned) by default, it uses UDP packets (on many systems one can choose, however, to alter the default and send the ICMP "ECHO" family packets instead). What I forgot in my initial suggestion was that the responses traceroute listens for are ICMP TIME_EXCEEDED and/or UNREACHABLE packets (depending on which is appropriate), so even though the UDP packets it's sending out may get through an ICMP block, the ICMP packets it's listening for may not. There are network utilities available which use repeated TCP or UDP connection attempts in order to simulate pings in an environment where ICMP is not useful/useable. Many hacker toolkits make use of them (though actual hackers tend to use other features beyond the simple "can I get through to system A?" functionality). ------------------------------------------------------------------------- George J Perkins http://www.pa.msu.edu/people/perkins/ 1209B BPS Bldg, MSU Phone: 517-355-9200 ext 2567 East Lansing, MI 48824-2320 FAX: 517-353-4500