How It Works

Increasing the TTL (time-to-live) value of all the packets that have been sent is how traceroute works. The first three of the packets one has sent has the value of one TTL and the successive group of three’s has a value of two and so on. When packets pass through a host, it decrements the TTL by a value of one and forwards it to the succeeding host. When the first group of packets reaches a host, the host then sends back to the sender an ICMP time exceeded (type 11).

The traceroute utility uses the returning packets and then makes a list of where the packets passed en route to their destination. It may not list down the real hosts. It just indicates that the host of the first packets is at one hop, the next at two hops and so on. Internet Protocol (IP) does not guarantee that all batches of packets take the same route.

Traceroute can usually opt to specify the use of ICMP echo request (type 8) instead of ICMP type exceeded. Another version of traceroute is MTR (My Traceroute). It is available for both Unix and Windows systems. Traceroute and all its other implementations rely on ICMP (type 11) packets that are being sent from its origin.

Important Uses

It is often used for troubleshooting. It allows the sender of the packets to identify the route it has taken to reach its destination on the network. It can help in identifying firewalls and anything else that may block access to sites. Traceroute is also used to gather information about a networks infrastructure and ping IP ranges that surround a given host. It may also be used in downloading various kinds of data, and if it is found out that there are multiple routes that can be taken for the same piece of data, one can be able to trace which one will be the fastest to take.

Traceroute and Its Other Forms

  • Layer Four Traceroute (LFT). This is one of those fast traceroute engines. It also has a number of other features, which include AS NUMBERS that lookup through various sources that are reliable, netblock name lookups, and loose source routing. It goes through various configurations of packet filter-based firewalls. The LFT command was first seen in 1998, but it was then known as fft. It was renamed to lft to avoid confusion with fast Fourier transforms (fft)
  • My Traceroute (MTR). It is a computer program that combines the traceroute and ping IP functionality in the same network diagnostic component. MTR tests routers on the path by limiting the number of hops by which each packet may traverse. It regularly repeats this process and keeps a record of response times and hops.

My traceroute is under the license of GNU General Public License (GPL) and works under modern operating systems.

It relies on ICMP time exceeded (type 11) text packets that are back from their routers. It sometimes uses ICMP Echo reply packets once they have already reached their destination.

Basically, traceroute lets the sender in on what path the packets they have sent take. It also allows the sender to choose the fastest route if the packets have more than one option on which it may traverse.

Know more about how a traceroute works and its relationship with terms such as Ping IP , LFT, MTR, and the likes at Network-Tools. A good knowledge of these systems will give you a better outlook on networking and computer programming.

Tags: , , , , , ,