Why does the same router picks different routes based on source ip?

Question

I'm pinging the same IP in two different PCs with two different ISPs. With one ISP, I get a reply, with the other I do not.

When running tracert to the IP, I see that with both ISPs that the packet is going through the same router at one point.

At that point with the first ISP the packet is forwarded to the correct next router, with the other ISP - it routes to a wrong router which throws the packet away.

My question is this: Why would a router choose where to forward a packet based on the source IP of the packet? In both cases the packet had the same destination IP, and the router chose differently based on the ISP.

Is this something common?

Answer 1

It is indeed possible to route packets based on their source address:

https://en.wikipedia.org/wiki/Source_routing
https://en.wikipedia.org/wiki/Policy-based_routing

Here are some examples for Cisco routers:

http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfpbr_ps1835_TSD_Products_Configuration_Guide_Chapter.html

As to why a network administrator would choose to do so... only he can tell.

Answer 2

Sounds like an ip-based firewall. If the source packets are from a known "bad" network drop them on the floor. This is actually pretty common practice. If an ISP is a source of a lot of SPAM or attempted attacks, you simply firewall out their IP block. There are even services that attempt to provide lists of Black Hat ISP's for companies as this game of "whack-a-mole" can take up a lot of time.

http://en.wikipedia.org/wiki/Blacklist_(computing)

The other reason this might be happening is for load balanced servers, often the hash algorithm used is based on the source IP address. This is pretty common for access to heavily used websites. Is it actually a second router that is dropping the packets or merely a downed host?