Understanding Traceroute
3 days ago
- #traceroute
- #ICMP
- #networking
- Traceroute works by exploiting the TTL (Time To Live) field in IP packets to trace the route to a destination.
- It sends UDP packets with increasing TTL values, starting at 1, to trigger ICMP 'Time Exceeded' replies from each hop.
- The implementation involves creating sockets for sending UDP packets and receiving ICMP replies, with raw sockets requiring root privileges.
- Key improvements include checking ICMP types to know when the destination is reached, adding timing for round-trip latency, and sending multiple probes per hop for reliability.
- Limitations of traceroute include asymmetric paths, hidden MPLS tunnels, load balancers, and ICMP rate limiting that can cause '*' in output.