14

I'm trying to learn about ip routing and I'm am trying to trace route my own public IP. I just searched my ip online and tried it. the results I got were

> tracert [my_public_ip]

1  <1ms   192.168.100.1
2   4ms   100.64.0.1
3   5ms   10.68.32.220
4   4ms   [my_public_ip]
5   *     Request timed out.
6   4ms   [my_public_ip]

Why am hitting my public IP twice with a router in between that drops the ICMP traceroute packets?

the first is obviously the gateway to my router but what is the second and 3rd IP addresses. they both look like they are private similar to my 192.168.100.* addresses. what are they?. I would expect my router to go reach my public IP immediately as it is my actual IP that my router uses. does NAT fit into this somewhere?

also in a regular traceroute to for example google.com why is it that you don't actually see your public IP as part of the routes. doesn't the packet cross your public IP during NAT?

Improve this question
4
  • One experiment you could try is disconnect the outside feed from your modem (leaving your modem connected to your router), and then run the tracert again to see how far you get. Then you can get a sense of what devices are outside of your home. You can repeat this experiment as far out as you can / are willing to go, if you want. (Also sometimes ISPs with cool tech support will give you details if you ask; and I've also found that in general on-site techs, if you run into one, are much more willing to give up info if you chat them up.)
    – Jason C
    Commented May 9, 2021 at 15:08
  • @JasonC there is no modem connected to a router. I have a single router inside my house it has a 4 ethernet ports and provides wi-fi for everyone in the house. The router has a green cable running out of it which goes all the way out to the power lines in my estate. I'm not sure is the router acting as a modem and router?
    – masonCherry
    Commented May 9, 2021 at 15:44
  • 1
    Sounds like it's probably both in one device; or maybe you don't need a special "modem" for your setup. I can't really give you a specific explanation without knowing more about what you've got there. Configuration and hardware varies a lot from ISP to ISP, depending on the specifics of the actual setup. I didn't mean to confuse anything by assuming your setup was like mine, sorry!
    – Jason C
    Commented May 9, 2021 at 21:13
  • how can I find out more about my setup. I can check the router page 192.168.100.1 but I don't know what details to look for. I'm looking to understand IP routing in a PRACTICAL sense. guides and online explanations are too theoretical and abstract
    – masonCherry
    Commented May 10, 2021 at 18:18

1 Answer 1

Reset to default
31

I would expect my router to go reach my public IP immediately as it is my actual IP that my router uses. does NAT fit into this somewhere?

This looks very much like CGNAT (as in "carrier-grade NAT").

If your ISP uses CGNAT, it means your router doesn't actually have the public IP address anymore – instead it only has private addresses on both sides. (Typically, the "WAN" side will then get an address from the 100.64.0.0/10 range – it's actually a private range that's specifically assigned for CGNAT purposes.)

Also, the CGNAT gateways used by your ISP often have a slightly more complex configuration... and sometimes they have really strange configurations. (Sometimes the only explanation available is "that's how the manufacturer of the CGNAT hardware decided to do it" or even "it made sense at the time".)

For example, even though they still do the job of NAT'ing between your router's address and your real public address, often it's done slightly differently for efficiency – the public addresses aren't actually assigned to the CGNAT gateway itself, but are kind of "virtual" addresses for lack of a better word, and as a result trying to traceroute them doesn't lead anywhere at all.

also in a regular traceroute to for example google.com why is it that you don't actually see your public IP as part of the routes. doesn't the packet cross your public IP during NAT?

Packets cross routers, not addresses. Typically, each router along the way will have multiple addresses – one for each interface – but still counts as 1 hop and will produce only one traceroute response in total.

(Usually the router will respond using an address from the interface that's facing you. So if you somehow traceroute in the opposite direction, the exact same routers will show up as having completely different IP addresses. This is not a guaranteed rule, however.)

So in a simple non-CGNAT scenario, your home router would have both a 192.168.x.x address (on the "LAN" interface) and your public address (on the "WAN" interface). But despite the two addresses it would generate just one traceroute response, which is usually from the 192.168.x.x address.

(Here's a semi-related diagram.)

Improve this answer
9
  • 4
    This is awesome. Also (@OP) consider: You're probably sharing that public IP with other customers, and also it probably isn't guaranteed to be static (most ISPs that I know of anyways will only give you a dedicated, fixed public IP if you pay extra for it); so they've got a bunch of infrastructure between you and whatever has that IP to support that setup, too.
    – Jason C
    Commented May 9, 2021 at 15:06
  • sorry I made a mistake when I said that pinging google.com doesn't show my public IP.
    – masonCherry
    Commented May 9, 2021 at 16:08
  • also when I turn off and on my router my public IP actually changes. what's the explanation for this. like @JasonC said does my ISP just have a bunch of public IP addresses that it just hands out. the IP's are obvious in a similar network the first two octets of the IP I believe are always the same.
    – masonCherry
    Commented May 9, 2021 at 16:11
  • 3
    @MrBrN197 with dynamic IPs there is a IP lease timeout. If you disconnect and reconnect after the timeout runs out you'll get a new IP address from the pool of available addresses assigned by your ISP. But this is a different question so you should create a new question for this. Maybe another stack exchange site would also be better, since these type of question don't fit the scope of super user.
    – Albin
    Commented May 9, 2021 at 17:05
  • DHCP indeed has persistent leases but e.g. PPP doesn't, so it's common that each new PPP connection will get a different address. I'm unfamiliar with cable/DOCSIS, but from what I've heard about how most US ISPs work, they don't really persist address leases at all either, they just give the modem/router a new address from the pool literally every time it's reinitialized. (And same still applies when you're behind CGNAT -- if your router gets a different "pseudo-WAN" IP, it'll of course be mapped to a different public IP.)
    – grawity_u1686
    Commented May 10, 2021 at 6:30

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .