Traceroute is known as a network tool originally written by Van Jacobson to determine whether routing problems exist on the your network. It can be used to determine which path IP packets are taking to get from your computer to the remote computer.
Also, traceroute should not be used on a network without routers and it is not really useful unless there are at least two routers in the network. When you think international network (internet) has thousands routers and it make traceroute so useful for the internet.
Consequently, If you have multiple paths to a certain address and you want to know what exact path is taken, this is the best tool for you.
TTL is explained like Time To Live. When a TCP packet is sent, its TTL is set, which is the number of routers (hops) it can pass through before the packet is discarded. As the packet passes through a router the TTL is decremented until, when the TTL reaches zero, the packet is destroyed and an ICMP "time exceeded" message is returned. The return message's TTL is set by the terminating router when it creates the packet, and decremented normally.
Traceroute
Implementations
Windows uses an ICMP(Internet Control Message
Protocol)-only traceroute-called 'tracert'.
UNIX, Linux and BSD based systems use a UDP for
traceroute.
Lets consider below figure for traceroute on
windows;
Windows "tracert"
- Computer Anakin runs the tracert command at the command line.
- The user types the word tracert followed by the destination address, which can be either a name or an IP address, and presses the enter.
For example:
c:\> tracert 10.10.10.20
c:\> tracert 10.10.10.20
- Anakin, tracert command creates 3 ICMP echo (ICMP type '8') messages with the time to live in the IP Header set to 1 and addresses the packets set to the Obi’s IP address
- Anakin starts a timer and sends the three messages to Obi.
- Anakin waits for a response. This response will be:
- An ICMP Time Exceeded message - this means the host responding is not the destination.
- An ICMP Destination Unreachable - this means the host responding doesn't know how to get to the destination IP address in the traceroute packets.
- The computer on which the messages die because the time to live expired sends back ICMP Time Exceeded (ICMP Type '11') responses. These messages indicate to Anakin that the traceroute messages have not yet reached the destination Obi.
- After Anakin receives those Time Exceeded messages, It increments the TTL number by one and send again.
- When the destination computer (Obi) receives the packets, it sends back an ICMP Reply (ICMP type '0') and the traceroute program stops.
But Windows and Linux set their TTL value in default, while linux use it as 64, Windows use it like 128. For this reason, when we try to ping from our windows pc to remote windows, we are seeing TTL value under the 128 and per each hop, TTL value decreases one.
On the other hand, If you use linux and tried to ping windows pc, you will see TTL value under 64.
Consequently,
when pinging from windows to linux (check figure);
64 - hop numbers = Ping TTL value > except your default gateway.
when pinging from windows to windows;
128 - hop numbers = Ping TTL value > except your default gateway.
On the other hand, If you use linux and tried to ping windows pc, you will see TTL value under 64.
Consequently,
when pinging from windows to linux (check figure);
64 - hop numbers = Ping TTL value > except your default gateway.
when pinging from windows to windows;
128 - hop numbers = Ping TTL value > except your default gateway.
Please do not hesitate to ask any question about Traceroute with using my e-mail.
No comments:
Post a Comment