Network Operations and Control Wiki
Don't have an account?
Register
Advertisement
Register
in: All

XxHC

Edit

Background: Know: Prerequisites - TTL Recognize:

Up
Previous

Next

Down

Traceroute example: Path from UNSW to www.irtf.org

How traceroute works[]

Concept of traceroute:

Traceroute is a computer network tool used to show the path taken by network packets when travelling from the originating server to the destination one. It can be used in conjunction with the ping tool to diagnose the probable cause of network connection problems. Running a traceroute when your Internet connection does not seem to be working properly can help you decide whether or not to contact your Internet provider.

Traceroute program uses time-to-live (TTL) field and Internet Control Message Protocol (ICMP) messaging (windows) or User Datagram Protocol (UDP) (Unix-like) to measure a path from one host to the destination host.

How traceroute works:

1) base on ICMP echo request.

It works by sending a packet to the intended host with a TTL value of 1. the first router will send back the ICMP "time exceeded" message to the sending host. Then, the traceroute program will send a message with a TTL of 2, then 3,etc. this way it will get information about each router using the information received in the icmp packets andreturns an ICMP Echo Reply message.

2) base on UDP protocol

the same processes with ICMP, but the packets are sent by the type of UDP, not ICMP, and received packet when it reach the destination is ICMP type of 3, not ICMP type of 0.

Stopping criterion:

When a packet reaches the destination, it will be rejected with an ICMP "port unreachable". This is the sign we can stop.

If during the session, you receive * * *, this could mean that that router in the path does not return ICMP messages, it returns messages with a TTL too small to reach your machine or a router with buggy software. After a * * * within the path, traceroute will still increment the TTL by 1, thus still continuing on in the path determination.

Traceroute’ s Security Issues

A common possibility is that the router refuses to send ICMP errors for TTL exceeded in a misguided attempt at security. Because information can be gained about their network infrastructure by doing a traceroute to a particular destination within their network, essentially gaining the upper hand when trying to intrude in the network.

References[]

http://www.ehow.com/how-does_5164102_traceroute-work.html

http://en.wikipedia.org/wiki/Traceroute

http://wiki.answers.com/Q/How_traceroute_works

http://www.cs.bath.ac.uk/ag/CM30078-50123/06b.pdf







Community content is available under CC-BY-SA unless otherwise noted.
Advertisement

Fan Feed

More Network Operations and Control Wiki