When we use the ping command, we usually ignore its parameters, but it is only used to detect network connectivity. However, the ping parameter has a powerful function, which allows us to infer the network topology from the local machine to the destination. (I would like to thank one of our colleagues in the lab for telling me about this function ). The following describes the parameters.
My school website is used as the destination IP address for testing.
The Ping parameter table is as follows:
Description of parameter R: Record Route for Count hops (Record Route)
The following shows the specific process:
Local host IP Address: 211.86.146.109
Destination website IP Address: 202.38.64.9
Note: PingProgramSends an ICMP 8-encoded 0 packet to the specified host. ICMP packets are carried in IP packets. The header length of an IP packet is generally 20 bytes (the option is filled in). If the option is added, the header length can reach 60 bytes, that is, 40 bytes are left except 20 bytes, in addition, the remaining space is added every 4 bytes. After adding the r option to the ping command, you can add the "outbound port" IP address of the route to the 40 bytes of the IP packet. In this case, the remaining space can generally accommodate a maximum of 9 such IP addresses (not 10 ).
In this way, the corresponding network topology can be constructed:
211.86.146.109 --> 211.86.146.1-(router)-202.38.96.31 --> 202.38.96.33-(router)-202.38.64.126 --> 202.38.63.126
To verify whether the size of the IP packet header changes due to the r option, you can use the ethereal packet capture tool to analyze the package:
When the r option is added, its header is:
The length of the header is 20 bytes.
The r option is added:
The size of the header is changed to 60 bytes. In addition, you can find that the IP address of the route is entered into the IP packet.
Is it interesting? Haha