Linux Common Network Tools: Traceroute of Route scanning

Source: Internet
Author: User

The previous two articles "Linux Common Network Tools: Fping host Scan" and "Linux common Network Tools: hping Advanced Host Scan" are all about the host scan, this article introduces the common route scanning tools traceroute and MTR.

A route scan is primarily a query for the number of hops and data delays that are routed to another host.

Traceroute Basic Use

The principle of the route scanning tool is the time to live (TTL) to achieve. Each time a packet passes through a router, its lifetime is reduced by 1. When it survives at 0 o'clock, the host cancels the packet and transmits an ICMP TTL packet to the issuer of the original packet, and the Routing scan Tool obtains information about each hop route through this loopback ICMP.

Linux traceroute and Windows tracert function similar, the difference is that the tracert of Windows sends ICMP packets, the traceroute of Linux is sending UDP packets.

Because Traceroute uses the UDP protocol, the target port number defaults to 33433, and the generic application does not use this port, so the target host is echoing ICMP.

Traceroute also supports sending TCP and ICMP:

-I  --icmp use                  ICMP ECHO for tracerouting-t  --tcp with                   TCP SYN for tracerouting-p port  

General Linux will default with the Traceroute tool, if not can be installed yum.

The simplest basic usage of traceroute is: traceroute hostname, Example:

# traceroute  192.168.0.99traceroute to 192.168.0.99 (192.168.0.99), hops max, byte packets 1  192.168.2.1 (19 2.168.2.1)  5.642 Ms  5.901 Ms  12.287 MS 2  192.168.0.99 (192.168.0.99)  0.416 Ms  1.193 MS  1.045 ms

Traceroute will test each node three times, so each row will have three time, through this time can be analyzed which route node delay maximum.

Traceroute Tips for use

When you use traceroute some websites, you may not be able to reach the final node, such as:

This is mainly because some servers have blocked UDP packets, so there is no return ICMP.

For hosts with HTTP services, the final node can be obtained with the parameter setting traceroute using the TCP protocol for probing:

Record, for the better of myself!

Linux Common Network Tools: Traceroute of Route scanning

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.