For a few days now I started making the interesting observation of a machine intermittently not responding to an ICMP ping, while it still responds to an ICMP based traceroute (specifically set via the -I parameter).
As far as I know both would use ICMP's echo request, so I wouldnt expect any difference there.
Would anyone have an explanation for this?
Best Answer
Most probably the pong from ping is blocked/gets discarded, while traceroute uses an error message form a node/hop to determine the route. Traceroute is not a standard tool, in that it uses a trick to get the information. The trick is to manipulate the TTL, so the hop responds with an ICMP error (ICMP TTL exceeded), and that is why this is possible.