论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2009-09-16 16:59 |只看该作者 |倒序浏览

C:\Documents and Settings\wangsu>tracert www.baidu.com

Tracing route to www.a.shifen.com [121.14.88.14]
over a maximum of 30 hops:

  1             51.24.168.192.localhost [192.168.24.51]
  2    2 ms    2 ms    2 ms  10.10.10.2
  3    6 ms    4 ms    3 ms  120.36.156.161
  4    5 ms    1 ms    3 ms  61.154.236.97
  5    5 ms    2 ms    3 ms  61.154.238.177
  6    3 ms    4 ms    3 ms  61.154.236.14
  7 12 ms 12 ms 11 ms  202.97.40.198
  8 14 ms 14 ms 14 ms  121.14.72.101
  9 15 ms 15 ms 14 ms  121.14.72.162
10 14 ms 15 ms 17 ms  121.14.72.182
11 13 ms 15 ms 14 ms  121.14.88.14

Trace complete.

抓取数据包的过程：
3 28810.098860  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
4 28810.098860  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
5 28810.098860  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
6 28811.098860  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
7 28811.098860  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
8 28811.098860  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
9 28812.098860  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
10 28812.098860  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
11 28812.098860  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
12 28813.114485  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
13 28813.114485  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
14 28813.114485  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
15 28814.114485  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
16 28814.114485  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
17 28814.114485  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
18 28815.114485  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
19 28815.114485  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
20 28815.114485  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
21 28816.114485  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
22 28816.114485  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
23 28816.130110  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
24 28817.176985  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
25 28817.192610  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
26 28817.192610  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
27 28818.208235  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
28 28818.208235  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
29 28818.223860  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
30 28819.239485  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
31 28819.239485  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
32 28819.255110  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
33 28820.270735  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
34 28820.270735  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14
35 28820.286360  {IPv4:42897} CHENGANG 121.14.88.14 ICMP ICMP:Echo Request Message, From 192.168.24.203 To 121.14.88.14

分析：
Icmp: Echo Request Message, From 192.168.24.203 To 121.14.88.14
Icmp: Echo Reply Message, From 121.14.88.14 To 192.168.24.203
Icmp: Time Exceeded Message eg：61.154.238.177 send “time exceeded message”
Traceroute程序的设计是利用ICMP及IP header的TTL（Time To Live）栏位（field）。首先，traceroute送出一个TTL是1的IP datagram（其实，每次送出的为3个40字节的包，包括源地址，目的地址和包发出的时间标签）到目的地，当路径上的第一个路由器（router）收到这个datagram时，它将TTL减1。此时，TTL变为0了，所以该路由器会将此datagram丢掉，并送回一个「ICMP time exceeded」消息（包括发IP包的源地址，IP包的所有内容及路由器的IP地址），traceroute 收到这个消息后，便知道这个路由器存在于这个路径上，接着traceroute 再送出另一个TTL是2 的datagram，发现第2 个路由器...... traceroute 每次将送出的datagram的TTL 加1来发现另一个路由器，这个重复的动作一直持续到某个datagram 抵达目的地。当datagram到达目的地后，该主机并不会送回ICMP time exceeded消息，因为它已是目的地了，那么traceroute如何得知目的地到达了呢？
　　Traceroute在送出UDP datagrams到目的地时，它所选择送达的port number 是一个一般应用程序都不会用的号码（30000 以上），所以当此UDP datagram 到达目的地后该主机会送回一个「ICMP port unreachable」的消息，而当traceroute 收到这个消息时，便知道目的地已经到达了。所以traceroute 在Server端也是没有所谓的Daemon 程式。
　　Traceroute提取发 ICMP TTL到期消息设备的IP地址并作域名解析。每次，Traceroute都打印出一系列数据,包括所经过的路由设备的域名及 IP地址,三个包每次来回所花时间。
　　Traceroute 有一个固定的时间等待响应(ICMP TTL到期消息)。如果这个时间过了，它将打印出一系列的*号表明：在这个路径上，这个设备不能在给定的时间内发出ICMP TTL到期消息的响应。然后，Traceroute给TTL记数器加1，继续进行。

本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u3/102483/showart_2053917.html

文库|博客

tianhongress

白手起家

论坛徽章:: 0

2楼 [报告]

发表于 2009-12-13 01:18 |只看该作者

好贴。。学习

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

返回列表

Chinaunix › 论坛 › IT运维 › 网络技术 › 网络技术文档中心 › traceroute学习

traceroute学习 [复制链接]