I'm trying to understand what this output from traceroute
means. I changed the IP addresses for privacy but retained the public/private IP range distinction.
traceroute.db -e -n 10.1.1.9
traceroute to (10.1.1.9), 30 hops max, 60 byte packets
1 10.0.0.1 0.596 ms 0.588 ms 0.577 ms
2 10.0.0.2 1.032 ms 1.029 ms 1.084 ms
3 10.0.0.3 3.360 ms 3.355 ms 3.338 ms
4 23.0.0.4 3.974 ms 4.592 ms 4.584 ms
5 23.0.0.5 13.442 ms 13.445 ms 13.434 ms
6 45.0.0.6 13.195 ms 12.924 ms 12.913 ms
7 67.0.0.7 52.088 ms 51.683 ms 52.040 ms
8 10.1.1.8 46.878 ms 44.575 ms 44.815 ms
9 10.1.1.9 45.932 ms 45.603 ms 45.593 ms
The first 10.0.* range is inside my organisation. The last 10.1.* range is another site of my organisation. The intermediate addresses belong to various ISPs. I expect that there is some kind of VPN between the two sites, but I don't know much about our network topology.
What I don't understand is how the route can go from a private address through public addresses back into private addresses. Searching led me to Public IPs on MPLS Traceroute, which gives a possible explanation: MPLS. Is MPLS the only possible or most likely explanation? Otherwise what does this tell me about our network infrastructure?
Bonus question for my edification: in this scenario, who is generating the ICMP TTL exceeded packets and if relevant mangling their source and destination addresses?