Traceroute

By adminRouting and Switching, Traceroute

Traceroute from PC1 (192.168.13.2) to PC2 (192.168.62.2)

  • An IP datagram with a TTL (time to live) of 1 is sent to the destination host
  • The first router to receive the datagram decrements the TTL by one, discards the datagram, and sends back an ICMP time exceeded. This identifies the first router in the path.
  • Traceroute sends another datagram with the TTL of 2. The second router to receive the datagram decrements the TTL by one (the first ICMP TTL was 255, the second one is 254), discards the datagram, and sends back an ICMP time exceeded. This identifies the second router in the path.
  • The process is repeated until the datagram reaches the final destination.

Note to self:

  • The UDP client TTL will increment by one for each packet.
  • The router will decrement the ICMP frame by one.

The process repeats for each router in the path.

Even though the arriving IP datagram has a TTL of 1, the destination host will NOT discard it and generate the ICMP time exceeded since the datagram has reached its final destination. How can it be determined that the destination was reached?

Traceroute sends UDP datagrams to the destination host, but it chooses an unlikely UDP port number (larger than 30,000), making it improbable that an application at the destination uses the port. This causes the destination host’s UDP module to generate an ICMP “port unreachable” error when the datagram arrives. All traceroute needs to do is differentiate between the ICMP messages (time exceeded vs. port unreachable) to know when it’s done.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.