Forum Discussion
fLyf5_21542
Nimbostratus
NimbostratusHiding f5 LTM ip address in the traceroute
I have f5-LTM inline device in my network and have got a requirement not to show the device ip address in the traceroute taken from inside network. Could you please help me on this. Device should pass...
epaalx
Cirrus
Cirrus> I don't think it's possible to pass ICMP packets yet have the IP reported as something other than the IP addresses.
traceroute relies on two things:
- originator progressively incrementing ping's TTL this progressively causing TTL==0 condition at each hop (enroute to its destination)
- relying on that hop to return ICMP "Time exceeded" with own IP.
Like any L3 device, a (routing) firewall is obliged to return its own IP, but it doesn't have to - it can act transparent to ping (or TTL) - it's a security issue and a default configuration for (many routing) firewalls. So, OP's question is legitimate and reasonable.
![\"F5](\"https://www.f5.com/content/dam/f5/f5-logo.svg\"){kind=logo}
