traceroute trivia

nerdydad

I happened upon a topic I had never really looked into, so, without a search, how does a traceroute work?

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

paul78

An IP packet is send with increasing TTL set. As the TTL expires, the device that the packet traverses sends back a TTL expired message. The IP packet that is used can be either UDP, TCP, or ICMP. Different OS's may choose to use UDP or TCP depending on their implementation.

That's from memory without a search

Although, I should disclose that I am familiar with traceroute internals.

nerdydad

Wow, the second viewer got it. I was looking at traceroute in MPLS and realized I didn't know how a regular traceroute worked. I asked a few coworkers and they didn't know either. A bunch of really smart people here at TechExams for sure.

CodeBlox

I never knew traceroute would encapsulate in tcp/udp. I always thought it was purely a layer 3 tool. I already knew that it sends ICMP packets with an increasing TTL for each subsequent hop. They talk about that in CCNA studies O_o

paul78

Yeah - I think a lot of Cisco network folks think that because that's how IOS does it. I think IOS use ICMP echo messages or something like that. As I recall, Windows uses ICMP as well.

Most Linux and Unix use a traceroute implementation that uses UDP.

One of the reasons that I prefer using TCP packets instead is that it will usually traverse firewalls which block UDP or ICMP echo.

nerdydad

CodeBlox wrote: »

They talk about that in CCNA studies O_o

Hmmm, I either missed that day or I learned it and forgotten it, which is the case for a lot information. If you don't use it, you lose it, especially when you keep cramming more info in.

RobertKaucher

After our conversation about this I have decided that I am going to write a trace route program in C# and in C as learning experiments. I've never needed to work at such a low level with network protocols so this will be good practice.