Traceroute command principle ()

Basic traceroute commands

This command is used to test the network layer connectivity between two TCP/IP systems and display each hop address in the transmission path, also known as path tracing. If the traceroute command is successfully tested, we can observe a complete communication path between the source host and the target host, and clearly observe each hop information of the path; this command can also accurately output the communication delay time from the test package to each hop.

If the test fails, you can also identify which hop device cannot forward the route. This tool can also test whether the route is the best path and whether asymmetric paths exist, powerful test capability in complex topology.

 

Basic Principles of traceroute commands

When the router receives an I p datagram, if its t l field is 0 or 1, the router does not forward the datagram (the target host that receives the datagram can send it to the application because it does not need to forward the datagram. However, in general, the system should not receive data packets whose t l field is 0 ). On the contrary, the router discards the datagram and sends an I c m p "timeout" message to the source machine.

Traceroute: it sends an I p datagram with t l field 1 to the target host. The first router that processes this data packet minus the t l value by 1, discards the data packet, and returns a timeout I c m p packet. In this way, the address of the first vro in the path is obtained. Then the traceroute program sends a copy.

The t l value is 2, so that we can get the address of the second router. Continue this process until the datagram arrives at the target host. However, even if the target host receives an I p datagram with a t l value of 1, it will not discard the datagram and generate a timeout I c m p packet, this is because the datagram has reached its final destination.

The traceroute program sends a u d p datagram to the target host, but it selects an impossible value as the u d p port number (greater than 30 000 ), this makes it impossible for any application on the target host to use this port. When the data is reported, the destination host's u d p module generates an I c m p packet with the "port inaccessibility" error. In this way, the traceroute program needs to distinguish whether the received I c m p packets are time-out or the ports are inaccessible, to determine when to end (when the destination host is received when the port cannot reach the ICMP packet ).

 

The traceroute command uses the UDP high port to send multiple detection packets to the target host in sequence. It uses the method of adding the test packet TTL to detect each hop node in the communication path. The intermediate node responds to the ICMP timeout message of the source host, the target host responds to the message that the ICMP port of the source host cannot reach. By receiving these ICMP messages, the source host learns each hop address from the source to the target.

If you perform traceroute tests over the internet, you may not be able to obtain complete intermediate node information. This is because some nodes are deployed with security policies and the traceroute UDP port or ICMP error message is rejected.

Traceroute command principle ()