You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Use this object to trace route for specific peer IP addresses.

The object processes the traceroute requests from the Signaling Gateway (SG). The traceroute functionality for a peer IP address is invoked by sending a traceroute request message to the Traceroute module. The message contains details of the peer's IP address, which is processed by the TRCRT/Traceroute module.

This object addresses the following scenarios:

  • If the ARS blacklists a server, SIP Signaling Gateway (SIPSG)  sends a traceroute request to log the route for the blacklisted server.
  • When the Gateway-Gateway (GW-GW) TCP connection is lost and cannot be restored, the Gateway Signaling Gateway (GWSG) sends traceroute request to log the route for the peer GW server.
  • When the establishment of a GW-GW connection fails.
  • When a peer IP address is blacklisted by the PathCheck process via the ARS mechanism.

To allow the Internet Control Message Protocol (ICMP) packets from different routers when the traceroute starts, an Access Control List (ACL) entry is configured. As soon as the traceroute output is available, this ACL entry is removed.

Note

For the traceroute utility to work, a higher precedence "IP ACL rule" is created to accept ICMP traffic on the SIP Signaling port. This rule overrides any "deny-all" or "deny-ICMP" User ACL rule configured by the Administrator. This higher precedence "IP ACL rule" is created before the start of traceroute for an endpoint, and is be removed as soon as the traceroute is over. Thus, for the brief duration of traceroute, the ICMP traffic to the Signaling port is allowed from any IP address, even if "deny-ICMP" or "deny-all" User ACL rules are configured in the system. 

 

From the EMA main screen, navigate to All > Address Context > Zone > Traceroute Sig Port.

The Traceroute Sig Port window is displayed.

Traceroute Sig Port window

 

Select the Address Context and the Zone from the dropdown lists.

Adress Context and Zone dropdowns

 

The Edit Traceroute Sig Port window is displayed.

Edit Traceroute Sig Port window

 

Click Save to save the changes, or Undo Edits to cancel the changes.

On saving successfully, the Success Message is displayed.

The descriptions of the parameters displayed are:

Traceroute Sig Port - Parameter Descriptions

ParametersDescription
State

Administrative state of the concerned Security Policy Database entry for Traceroute Sig Port.

  • Disabled (default)
  • Enabled
Probe Method

Traceroute probe method.

  • UDP (default)
  • Icmp

  • No labels