Any ideas why a tracert (traceroute) to an external host would return with the following:
tracert 10.34.25.23
1 myborderouter.example3.com (10.52.2.41) 1.113 ms 1.103 ms 1.100 ms
2 ae0--931.maincorerouter.example2.com (10.102.65.44) 4.028 ms 4.046 ms 4.042 ms
3 gi0-1.mainrouter.example2.com (10.72.12.85) 6.653 ms 6.661 ms 6.645 ms
4 * * *
5 somebox.example.com (10.34.25.23) 7.361 ms 7.339 ms 8.723 ms
6 somebox.example.com (10.34.25.23) 11.047 ms 10.882 ms 10.802 ms
7 somebox.example.com (10.34.25.23) 8.318 ms 7.076 ms 7.016 ms
When * * * should be: 10.34.25.23 (No other devices between 10.72.12.85 and 10.34.25.23)
ping 10.34.25.23
PING 10.34.25.23 (10.34.25.23) 56(84) bytes of data.
64 bytes from 10.34.25.23: icmp_seq=1 ttl=122 time=8.21 ms
64 bytes from 10.34.25.23: icmp_seq=2 ttl=122 time=8.28 ms
64 bytes from 10.34.25.23: icmp_seq=3 ttl=122 time=7.73 ms
64 bytes from 10.34.25.23: icmp_seq=4 ttl=122 time=7.21 ms
****All Addresses have been changed to not reflect the real addresses.**
Because the fourth host isn't fully handling ICMP (probably due to security reasons and/or misconfiguration).
Traceroute is based on "ICMP Time Exceeded" responses, which are returned when a ICMP packet exceeds its maximum TTL, so an intermediate router discards it; but a router can be configured not to notify the sender of an expired ICMP packet, even if it replies to a ping (which uses different ICMP packet types).
More info here: http://en.wikipedia.org/wiki/Traceroute
Do we all understand that ping and tracert are fundamentally the same. A ping is an ICMP Echo requset with the TTL set to max for the machine(unless somehow overridden).
Tracert uses the same ICMP request, varying the TTL {1,2,3,4,...max}.
If it weren't for the fact that the ping worked I would agree that there was a routing loop. If there were a routing loop the ping should have failed.
@The OP - Ping 10.102.65.44 so we can see what your default TTL is.