Packets that go through a VPN are "encapsulated." This means that they are packed up and put inside a VPN packet. A traceroute packet has a "TTL" (Time to Live). Every router along the path is supposed to subtract one from theTTL, and when the TTL is zero, the device that has it will drop the traceroute packet and respond to the originating machine. As you do the traceroutes, notice that the router in the center never responds to the traceroute. That is because the traceroute packet is encapsulated. The "outside" packet has a normal TTL, and so the router in the middle never drops the packet. But, the firewall in the middle decrypts the packet, processes it, and sends it on. That firewill will respond to the traceroute. Les paquets qui passent par un VPN sont "encapsulés". Cela signifie qu'ils sont emballés et placés dans un paquet VPN. Un paquet traceroute a un "TTL" (Time to Live). Chaque routeur le long du chemin est censé soustraire un du TTL, et quand le TTL est zéro, le périphérique qui l'a fait tomber le paquet traceroute et répondre à la machine d'origine. Lorsque vous effectuez les traceroutes, notez que le routeur au centre ne répond jamais au traceroute. C'est parce que le paquet traceroute est encapsulé. Le paquet "extérieur" a un TTL normal, et donc le routeur au milieu ne fait jamais tomber le paquet. Mais, le pare-feu au milieu déchiffre le paquet, le traite et l'envoie. Ce feu répondra au traceroute. VPNs and traceroute 1024 1024 100 full 2 1.5 186 full True False firewall0 100 100 180,510 firewall False False 192.168.5.1 0.0.0.0 0.0.0.0 gw lo lo0 100 101 firewall0 lo0 lo 101 False lo0 127.0.0.1 255.0.0.0 0.0.0.0 ip Untagged wan wan0 100 104 firewall0 wan0 wan 104 False wan0 192.168.5.2 255.255.255.0 0.0.0.0 ip Untagged eth eth0 100 102 firewall0 eth0 eth 102 False eth0 192.168.1.1 255.255.255.0 0.0.0.0 ip Untagged eth eth1 100 103 firewall0 eth1 eth 103 False eth1 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged vpn vpn0 100 157 firewall0 vpn0 vpn 157 False Test 192.168.6.2 255.255.255.0 0.0.0.0 ip_only vpn0 192.168.50.1 255.255.255.0 0.0.0.0 ip Untagged vpn vpn1 100 184 firewall0 vpn1 vpn 184 False Secondary 192.168.7.2 255.255.255.0 0.0.0.0 ip_only vpn1 192.168.51.1 255.255.255.0 0.0.0.0 ip Untagged 192.168.2.1 255.255.255.0 192.168.50.2 route 192.168.3.1 255.255.255.0 192.168.51.2 route firewall1 100 105 700,510 firewall False False 192.168.6.1 0.0.0.0 0.0.0.0 gw lo lo0 105 106 firewall1 lo0 lo 106 False lo0 127.0.0.1 255.0.0.0 0.0.0.0 ip Untagged wan wan0 105 109 firewall1 wan0 wan 109 False wan0 192.168.6.2 255.255.255.0 0.0.0.0 ip Untagged eth eth0 105 107 firewall1 eth0 eth 107 False eth0 192.168.2.1 255.255.255.0 0.0.0.0 ip Untagged eth eth1 105 108 firewall1 eth1 eth 108 False eth1 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged vpn vpn0 105 156 firewall1 vpn0 vpn 156 False Test 192.168.5.2 255.255.255.0 0.0.0.0 ip_only vpn0 192.168.50.2 255.255.255.0 0.0.0.0 ip Untagged 192.168.1.1 255.255.255.0 192.168.50.1 route 192.168.3.1 255.255.255.0 192.168.50.1 route firewall2 100 158 430,230 firewall False False 192.168.7.1 0.0.0.0 0.0.0.0 gw lo lo0 158 159 firewall2 lo0 lo 159 False lo0 127.0.0.1 255.0.0.0 0.0.0.0 ip Untagged wan wan0 158 162 firewall2 wan0 wan 162 False wan0 192.168.7.2 255.255.255.0 0.0.0.0 ip Untagged eth eth0 158 160 firewall2 eth0 eth 160 False eth0 192.168.3.1 255.255.255.0 0.0.0.0 ip Untagged eth eth1 158 161 firewall2 eth1 eth 161 False eth1 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged vpn vpn0 158 185 firewall2 vpn0 vpn 185 False Secondary 192.168.5.2 255.255.255.0 0.0.0.0 ip_only vpn0 192.168.51.2 255.255.255.0 0.0.0.0 ip Untagged 192.168.1.1 255.255.255.0 192.168.51.1 route 192.168.2.1 255.255.255.0 192.168.51.1 route laptop0 100 140 280,830 laptop False False 192.168.1.1 0.0.0.0 0.0.0.0 gw lo lo0 140 141 laptop0 lo0 lo 141 False lo0 127.0.0.1 255.0.0.0 0.0.0.0 ip Untagged eth eth0 140 142 laptop0 eth0 eth 142 False eth0 192.168.1.3 255.255.255.0 0.0.0.0 ip Untagged laptop1 100 143 800,850 laptop False False 192.168.2.1 0.0.0.0 0.0.0.0 gw lo lo0 143 144 laptop1 lo0 lo 144 False lo0 127.0.0.1 255.0.0.0 0.0.0.0 ip Untagged eth eth0 143 145 laptop1 eth0 eth 145 False eth0 192.168.2.3 255.255.255.0 0.0.0.0 ip Untagged laptop2 100 176 570,0 laptop False False 192.168.3.1 0.0.0.0 0.0.0.0 gw lo lo0 176 177 laptop2 lo0 lo 177 False lo0 127.0.0.1 255.0.0.0 0.0.0.0 ip Untagged eth eth0 176 178 laptop2 eth0 eth 178 False eth0 192.168.3.3 255.255.255.0 0.0.0.0 ip Untagged net_switch0 100 114 180,670 net_switch False False 0.0.0.0 0.0.0.0 0.0.0.0 gw lo lo0 114 115 net_switch0 lo0 lo 115 False lo0 127.0.0.1 255.0.0.0 0.0.0.0 ip Untagged management_interface management_interface0 114 116 net_switch0 management_interface0 management_interface 116 False management_interface0 192.168.1.4 255.255.255.0 0.0.0.0 ip Untagged port port1 114 117 net_switch0 port1 port 117 False port1 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port2 114 118 net_switch0 port2 port 118 False port2 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port3 114 119 net_switch0 port3 port 119 False port3 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port4 114 120 net_switch0 port4 port 120 False port4 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port5 114 121 net_switch0 port5 port 121 False port5 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port6 114 122 net_switch0 port6 port 122 False port6 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port7 114 123 net_switch0 port7 port 123 False port7 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged net_switch1 100 124 700,690 net_switch False False 192.168.2.1 0.0.0.0 0.0.0.0 gw lo lo0 124 125 net_switch1 lo0 lo 125 False lo0 127.0.0.1 255.0.0.0 0.0.0.0 ip Untagged management_interface management_interface0 124 126 net_switch1 management_interface0 management_interface 126 False management_interface0 192.168.2.4 255.255.255.0 0.0.0.0 ip Untagged port port1 124 127 net_switch1 port1 port 127 False port1 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port2 124 128 net_switch1 port2 port 128 False port2 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port3 124 129 net_switch1 port3 port 129 False port3 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port4 124 130 net_switch1 port4 port 130 False port4 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port5 124 131 net_switch1 port5 port 131 False port5 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port6 124 132 net_switch1 port6 port 132 False port6 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port7 124 133 net_switch1 port7 port 133 False port7 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged net_switch2 100 163 430,80 net_switch False False 192.168.3.1 0.0.0.0 0.0.0.0 gw lo lo0 163 164 net_switch2 lo0 lo 164 False lo0 127.0.0.1 255.0.0.0 0.0.0.0 ip Untagged management_interface management_interface0 163 165 net_switch2 management_interface0 management_interface 165 False management_interface0 192.168.3.4 255.255.255.0 0.0.0.0 ip Untagged port port1 163 166 net_switch2 port1 port 166 False port1 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port2 163 167 net_switch2 port2 port 167 False port2 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port3 163 168 net_switch2 port3 port 168 False port3 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port4 163 169 net_switch2 port4 port 169 False port4 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port5 163 170 net_switch2 port5 port 170 False port5 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port6 163 171 net_switch2 port6 port 171 False port6 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged port port7 163 172 net_switch2 port7 port 172 False port7 0.0.0.0 0.0.0.0 0.0.0.0 ip Untagged pc0 100 134 90,830 pc False False 192.168.1.1 0.0.0.0 0.0.0.0 gw lo lo0 134 135 pc0 lo0 lo 135 False lo0 127.0.0.1 255.0.0.0 0.0.0.0 ip Untagged eth eth0 134 136 pc0 eth0 eth 136 False eth0 192.168.1.2 255.255.255.0 0.0.0.0 ip Untagged pc1 100 137 600,850 pc False False 192.168.2.1 0.0.0.0 0.0.0.0 gw lo lo0 137 138 pc1 lo0 lo 138 False lo0 127.0.0.1 255.0.0.0 0.0.0.0 ip Untagged eth eth0 137 139 pc1 eth0 eth 139 False eth0 192.168.2.2 255.255.255.0 0.0.0.0 ip Untagged pc2 100 173 260,10 pc False False 192.168.3.1 0.0.0.0 0.0.0.0 gw lo lo0 173 174 pc2 lo0 lo 174 False lo0 127.0.0.1 255.0.0.0 0.0.0.0 ip Untagged eth eth0 173 175 pc2 eth0 eth 175 False eth0 192.168.3.2 255.255.255.0 0.0.0.0 ip Untagged router0 100 110 430,410 router False False 0.0.0.0 0.0.0.0 0.0.0.0 gw lo lo0 110 111 router0 lo0 lo 111 False lo0 127.0.0.1 255.0.0.0 0.0.0.0 ip Untagged eth eth0 110 112 router0 eth0 eth 112 False eth0 192.168.6.1 255.255.255.0 0.0.0.0 ip Untagged eth eth1 110 113 router0 eth1 eth 113 False eth1 192.168.5.1 255.255.255.0 0.0.0.0 ip Untagged eth eth2 110 182 router0 eth2 eth 182 False eth2 192.168.7.1 255.255.255.0 0.0.0.0 ip Untagged 140 142 laptop0 eth0 114 118 net_switch0 port2 laptop0_link_net_switch0 normal 147 163 166 net_switch2 port1 173 175 pc2 eth0 net_switch2_link_pc2 normal 179 134 136 pc0 eth0 114 117 net_switch0 port1 pc0_link_net_switch0 normal 146 137 139 pc1 eth0 124 127 net_switch1 port1 pc1_link_net_switch1 normal 149 143 145 laptop1 eth0 124 128 net_switch1 port2 laptop1_link_net_switch1 normal 150 158 160 firewall2 eth0 163 168 net_switch2 port3 firewall2_link_net_switch2 normal 181 105 109 firewall1 wan0 110 112 router0 eth0 firewall1_link_router0 normal 153 114 119 net_switch0 port3 100 102 firewall0 eth0 net_switch0_link_firewall0 normal 154 100 104 firewall0 wan0 110 113 router0 eth1 firewall0_link_router0 normal 155 124 129 net_switch1 port3 105 107 firewall1 eth0 net_switch1_link_firewall1 normal 152 163 167 net_switch2 port2 176 178 laptop2 eth0 net_switch2_link_laptop2 normal 180 158 162 firewall2 wan0 110 182 router0 eth2 firewall2_link_router0 normal 183 pc1 pc2 SuccessfullyTraceroutes VPN Traceroute Default