It's not so much that they block ICMP (tho some do), it's more that the router does not prioritize processing packets with an expired TTL. Doing so requires generating an ICMP TTL Expired packet in reply. The original packet could be anything. Many traceroutes use UDP or ICMP and have options for TCP as the initial packet. My favorite traceroutes as problem reports are the ones in a word document where they've pasted a screenshot of a command shell. On Sat, May 11, 2019 at 6:47 AM Mike Bolitho via Outages < outages@outages.org> wrote:
Anyone on this list who hasn't read this needs to. I used to work break/fix at Level 3. I cannot tell you how many times otherwise smart engineers misunderstood or misread traceroute results. Seems like PingPlotter results are generally used as the "gotcha" evidence. Most ISPs rate limit and full on block ICMP.
Read this
https://www.nanog.org/meetings/nanog47/presentations/Sunday/RAS_Traceroute_N...
_______________________________________________ Outages mailing list Outages@outages.org https://puck.nether.net/mailman/listinfo/outages