I'm the only one on my local network and I'm seeing ICMP traffic (destination unreachable) on my network....Why is this? I don't believe that any ICMP traffic besides redirect traffic is good especially if you are not the one initiating it. For some odd reason, my default gateway is attempting to ping my client as shown in the screenshot.
Can anyone tell me why this is occurring? asked 01 Oct '14, 20:25  Beldum |
One Answer:
You (or some application on your Windows System) were trying to send TCP packets to 30.7.159.198 and your gateway 172.200.20.1 didn't know how to get there (Host unreachable: The target host should be adjacent but isn't) If you want to find out who is trying to connect, you might use an elevated netstat -o and figure out which application is trying to connect. Regards Matthias, answered 01 Oct '14, 22:02  mrEEde edited 01 Oct '14, 23:01 |
Hello, How is it that you know from the information provided that something on my Windows System was trying to send TCP packets to 30.7.159.198? Where did you find that information? Thanks for your assistance.
The ICMP packet contains the original IP packet that triggered this 'error message'. so in the hexadecimal part of the packet you see another 4500 which is the start of the IP packet 001C is the length (28 bytes) 7F06 says it's a TCP packet and the TTL when the packet was seen is 127. With the initial TTL of windows being 128 this means that only 1 router had routed this packet (= decremented the TTL) .
It would have been easier to spot if you had captured the full packets ;-)
Gosh I wish I knew how to use this wireshark tool as well as you. Thanks mrEEde!