I am doing a traceroute to salesforce.com, google.com and I see all the layer hops to my Firewall and then one hop to final destination- which is incorrect. I am not seeing any of the intermediate public hops (and surprisingly not seeing the
Do you know why is this the case? Is this a Firewall config issue?
[root@XXX]# traceroute -T -p 80 www.salesforce.com
traceroute to www.salesforce.com (96.43.148.26), 30 hops max, 60 byte packets
1 10.100.151.252 0.846 ms
2 10.100.1.158 0.435 ms
3 10.100.1.46 0.314 ms
4 10.200.250.9 6.132 ms
5 10.201.1.53 6.363 ms
6 www-was-1.salesforce.com (96.43.148.26)
The Firewall was configured as a transparent Proxy. Hence all TCP /80 & 443 connections were terminated on the Firewall and the firewall sending back proxy response.
Best Answer
How do you know this is incorrect? They might have direct peering or there's a tunnel in that last hop. Alternatively, the NAT router is resetting the TTL, so tracert is no use.