Traceroute working principle Traceroute the simplest basic usage is: The traceroute hostname Traceroute program is designed To use the TTL (Time To Live) field (field) of ICMP and IP header ). First, traceroute sends an IP datasync whose TTL is 1 (in fact, three 40-byte packets are sent each time, including the source address, destination address, and time tag sent by the package) to the destination, when the first router in the path receives the datax, it will reduce the TTL by 1. At this time, the TTL is changed to 0, so the vro will discard the datax and send back an "ICMP time exceeded" message (including the source address of the IP packet, all the content of the IP packet and the IP address of the router). After receiving the message, traceroute will know that the router exists in this path, and then traceroute will send a data packet whose TTL is 2, 2nd vrouters found ...... traceroute adds the TTL of the sent dataphin to 1 to find another vro. This repeated action continues until a dataphin reaches its destination. When datax arrives at the destination, the host does not return the ICMP time exceeded message because it is already the destination. How does traceroute know that the destination has arrived? When Traceroute sends a UDP batch Rams to the destination, the port number it chooses to deliver is a number that is not used by general applications (more than 30000 ), therefore, when the UDP datax arrives at the destination, the host will return an "ICMP port unreachable" message. When traceroute receives the message, it will know that the destination has arrived. Therefore, traceroute does not have a Daemon program on the Server. Traceroute extracts the IP address of the device that sends the icmp ttl expired message for domain name resolution. Each time, Traceroute prints a series of data, including the domain name and IP address of the route device that passes through, and it takes time for three packets to go back and forth. Traceroute has a fixed waiting time for response (icmp ttl expired message ). If this time expires, it prints a series of * numbers indicating that the device cannot send an icmp ttl expiration message response within the specified time on this path. Then, Traceroute adds 1 to the TTL recorder and continues.