Traceroute: Difference between revisions
No edit summary |
No edit summary |
||
| Line 21: | Line 21: | ||
Routers which [[firewall]] traceroute packets (either by protocol or by Time-to-live) appear as a *. In [[FreeBSD]] a STEALTH mode can be turned on which prevents a forwarded packet to be decremented by one causing no [[ICMP]] Time Exceeded message to be sent causing the computer to be omitted in a traceroute. | Routers which [[firewall]] traceroute packets (either by protocol or by Time-to-live) appear as a *. In [[FreeBSD]] a STEALTH mode can be turned on which prevents a forwarded packet to be decremented by one causing no [[ICMP]] Time Exceeded message to be sent causing the computer to be omitted in a traceroute. | ||
mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool. There are also several GUI versions of traceroute available that will include the geographic position of each host. | |||
Revision as of 11:44, 24 October 2005
Traceroute is a program to trace the routers between two computers on the Internet. The program was written by Van Jacobson. It uses raw sockets to output and receive UDP and ICMP packets. It is prone to faulty data and should not be trusted completely.
In detail and in the default mode traceroute outputs UDP packets on a high UDP port (starting at 32768 + 666) and incrementing the port number by one per packet sent. The packet includes a timestamp (obscured in OpenBSD) and the IP Time-to-live starts at 1 and increments by one every three packets. At each router that the packets reach with the Time-to-live of 1 a ICMP Time Exceeded (type 11) message is sent back (see RFC 791 page 6).
Another mode for traceroute is to use the ICMP protocol instead of the UDP packets, the ICMP type used is 8 (ECHO REQUEST) (see ping). In ICMP mode no ports are used since the protocol does not support it.
A sample traceroute:
$ traceroute www.yashy.com traceroute to mail.yashy.com (206.248.137.44), 64 hops max, 40 byte packets 1 * * * 2 ae2-200.ffm4-j.mcbone.net (62.104.198.228) 46.601 ms 46.218 ms 47.653 ms 3 t2a4-p8-2.de-fra.eu.bt.net (166.49.147.169) 46.621 ms 45.928 ms 46.692 ms 4 t2c2-ge6-0.de-fra.eu.bt.net (166.49.172.12) 45.956 ms 47.142 ms 46.439 ms 5 t2c2-p3-0.uk-glo.eu.bt.net (166.49.208.102) 68.83 ms 66.141 ms 66.159 ms 6 t2c2-p4-2.uk-eal.eu.bt.net (166.49.208.13) 67.817 ms 66.317 ms 65.847 ms 7 t2c2-p4-0.us-ash.eu.bt.net (166.49.164.62) 142.317 ms 140.801 ms 142.35 ms 8 equinixexchange.peer1.net (206.223.115.30) 139.271 ms 139.238 ms 141.776 ms 9 OC48-POS0-0.wdc-sp2-cor-1.peer1.net (216.187.115.234) 139.534 ms 140.229 ms 141.74 ms ...
Routers which firewall traceroute packets (either by protocol or by Time-to-live) appear as a *. In FreeBSD a STEALTH mode can be turned on which prevents a forwarded packet to be decremented by one causing no ICMP Time Exceeded message to be sent causing the computer to be omitted in a traceroute.
mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool. There are also several GUI versions of traceroute available that will include the geographic position of each host.
