Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Give router name on tracert?

    Scheduled Pinned Locked Moved General pfSense Questions
    9 Posts 4 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mystycs
      last edited by

      Is there a way to give these routers a name like when i do tracert it shows

      5    9 ms    43 ms    10 ms  67.59.245.165
        6    14 ms    17 ms    13 ms  rtr2-ge1-1.mhe.hcvlny.cv.net [67.83.221.5]
        7    *      11 ms    14 ms  451be079.cst.lightpath.net [65.19.99.121]
        8    15 ms    19 ms    24 ms  rtr3-tg10-1.in.nycmnyzr.cv.net [64.15.0.21]

      Those cool domain names next to the ips and so on, Can that be given to routers on pfsense?

      1 Reply Last reply Reply Quote 0
      • stan-qazS
        stan-qaz
        last edited by

        Shouldn't be a problem, just put them in the Host Overrides section of the DNS page.

        pfsense/services_dnsmasq.php

        t310:/home/stan # traceroute cox.net
        traceroute to cox.net (68.99.123.161), 30 hops max, 40 byte packets using UDP
         1  pfsense.home (172.16.0.1)  0.057 ms   0.049 ms   0.039 ms
         2  Cox-Modem.home (10.48.32.1)  9.215 ms   8.985 ms   7.923 ms
         3  172.21.0.204 (172.21.0.204)  11.277 ms   11.449 ms   10.334 ms 
        ...
        ... 
        
        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          to be honest if you gave your pfsense a name and your using it for dns it should be already there.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • stan-qazS
            stan-qaz
            last edited by

            That may work for the pfSense box but not for the upstream unnamed devices like cable modems as seen on my 2nd line of the traceroute above. Without the entry it looks similar to the 3rd line with no useful name, just the IP duplicated.

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              A cable modem would NOT be seen in a trace.. Your double natting there - actually your triple natting.. Why anyone would set something up like that is beyond me..

              But sure you can setup whatever you want for private IP space, you could even over ride the public space with a name if you wanted.

              but cable modems provide an IP from your ISP to the device connected to the cable modem, be it a router or pc - they should not be a hop..  So I would assume you have a cable "gateway" and then some other router or your ISP nats you as well, etc.

              Your first 3 hops are all private IP space.

              You can see in in my trace after pfsense I hit my ISP device on a public IP, not my SB6120 Cable Modem.

              traceroute to www.google.com (74.125.225.112), 30 hops max, 60 byte packets
              1  pfsense.local.lan (192.168.1.253)  0.266 ms  0.216 ms  0.238 ms
              2  c-24-13-176-1.hsd1.il.comcast.net (24.13.176.1)  15.441 ms  15.514 ms  38.060 ms

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              1 Reply Last reply Reply Quote 0
              • stan-qazS
                stan-qaz
                last edited by

                I have my pfSense box connected directly to a Motorola SB6120 which is a straight cable modem as far as I know, no user configuration options aside from a reset button and only a power, coax and single Ethernet port on the back.

                You can view the 6120 modem's internal status pages at 192.168.100.1 but it gives no clue about addressing beyond that so maybe the 10.48.32.1 is the first upstream Cox piece of equipment that has an IP address.

                The network above the pfSense box 172.16.0.1 is out of my control and is whatever Cox Cable has configured.

                Trace with no entry for the cable modem - or  whatever that IP is on line 2:

                t310:/home/stan # traceroute pfsense.org
                traceroute to pfsense.org (192.207.126.26), 30 hops max, 40 byte packets using UDP
                 1  pfsense.home (172.16.0.1)  0.157 ms   0.143 ms   0.118 ms
                 2  10.48.32.1 (10.48.32.1)  7.883 ms   7.725 ms   9.682 ms
                 3  172.21.0.206 (172.21.0.206)  9.803 ms   9.723 ms   11.726 ms
                 4  70.169.73.45 (70.169.73.45)  11.542 ms   10.452 ms   9.524 ms
                 5  70.169.75.157 (70.169.75.157)  10.977 ms   10.832 ms   10.168 ms
                 6  68.1.5.137 (68.1.5.137)  24.517 ms   23.429 ms   21.318 ms
                 7  68.105.30.150 (68.105.30.150)  25.420 ms   23.726 ms   22.834 ms
                 8  xe-2-2-0.cr2.lax112.us.above.net (64.125.31.194)  22.615 ms   25.782 ms   23.097 ms
                 9  xe-3-1-0.cr2.iah1.us.above.net (64.125.25.54)  48.119 ms   46.022 ms   45.781 ms
                10  xe-3-2-0.cr2.dfw2.us.above.net (64.125.21.137)  47.706 ms   69.883 ms   57.478 ms
                11  xe-0-1-0.er2.dfw2.us.above.net (64.125.27.82)  49.093 ms   46.833 ms   46.674 ms
                12  Core-Nap.us.above.net (64.125.20.26)  57.698 ms   56.656 ms   55.615 ms
                13  * * *
                14  * * *
                -- snip --
                28  * * *
                29  * * *
                30  * * *
                
                1 Reply Last reply Reply Quote 0
                • P
                  phil.davis
                  last edited by

                   2  10.48.32.1 (10.48.32.1)  7.883 ms   7.725 ms   9.682 ms
                   3  172.21.0.206 (172.21.0.206)  9.803 ms   9.723 ms   11.726 ms
                  

                  Those are both in private IP address space. If they are not boxes in your own upstream installation, then that means your ISP is being "naughty" and using private IP address space in their internal network. If those IP addresses, particularly hop 2 that you go to first from pfSense, happen to conflict with your own private address there is trouble.
                  We are seeing this in Nepal nowadays. One ISP seems to use 10.20.0.0/16 address space, so it is just lucky that we didn't choose that for our own intranet. And of course that means we don't get even a dynamic public IP, so we can't have a VPN server, web server… available for connection from outside.
                  When the ISPs run out of public address space to use for their internal routing, they should be using the Carrier Grade NAT address space 100.64.0.0/10

                  As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                  If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                  1 Reply Last reply Reply Quote 0
                  • johnpozJ
                    johnpoz LAYER 8 Global Moderator
                    last edited by

                    Well now that I notice the times, 7 some ms – that points to being outside your lan yes.

                    2  10.48.32.1 (10.48.32.1)  7.883 ms  7.725 ms  9.682 ms

                    I would really contact your ISP about this..  Does inbound unsolicited traffic work?  In other words are they giving you a 1:1 Nat or is inbound traffic blocked to you?

                    IPv4 space is tight yes, but I would assume you have been customer for quite some time..  Should be no reason not to give you a public IP to work with.

                    Have they enabled ipv6?  Guess you could always go with a tunnel if you want to have a public ip for inbound traffic

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.8, 24.11

                    1 Reply Last reply Reply Quote 0
                    • stan-qazS
                      stan-qaz
                      last edited by

                      The Cox Cable tech support folks position is that they are within the RFC 1918 rules with these addresses as they stay on the private Cox Cable system and are not passed to the Internet. There is some discussion of this use of 1918 addresses by Cox but Cox Cable isn't interested in buying a pile of v4 addresses to move the huge number of systems they have set up this way, maybe holding out for IPv6 to make it all go away. It would be a big help if they would at least publish the ranges they are currently using and ones they plan on expanding to so you could pick a safe range for your local network but they don't.

                      Cox Cable's 1918 use topic: http://www.dslreports.com/forum/r28510902-LA-Cox-routing-class-C-over-the-internet-

                      Inbound does work but Cox Cable gets really cranky if you use it for anything server related (www, ftp and other protocols) but so far haven't gotten unhappy about VNC. I can get a static IPv4 address for an rather steep additional price, just not worth it for my needs.

                      IPv6 is promised someday but is still in testing, has been at this stage for a couple years now. They are listing older IPv4 only modems as unsupported now although so that may either indicate some IPv6 progress or just be related to the DOCSIS 2 to 3 cable modem transition.

                      For now I use dyndns to get to my system from outside but with their new rules on activation being such a pain I'm about ready to just stuff my current IP into my personal domain's DNS and hope my home IP doesn't change at an unfortunate time. In four years it has changed once and that was when I moved from a DOCSIS 2 to 3 modem so next time I miss a dyndns activation I'm going to risk it.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.