Traceroute

nnuyjh569

Traceroute:
Traceroute uses ICMP and the TTL field in the IP header.
Traceroute sends an IP datagram with a TTL of 1 to the destination host. The first router to handle the datagram decrements the TTL, discards the datagram, and sends back the ICMP time exceeded. This identifies the first router in the path. Traceroute then sends a datagram with a TTL of 2, and we find the IP address of the second router. This continues until the datagram reaches the destination host. But even though the arriving IP datagram has a TTL of 1, the destination host won't throw it away and generate the ICMP time exceeded, since the datagram has reached its final destination. How can we determine when we've reached the destination?
Traceroute sends UDP datagrams to the destination host, but it chooses the destination UDP port number to be an unlikely value (larger than 30,000), making it improbable that an application at the destination is using that port. This causes the destination host's UDP module to generate an ICMP "port unreachable" error when the datagram arrives. All Traceroute needs to do is differentiate between the received ICMP messages-time exceeded versus port unreachable-to know when it's done.
The source prot of Traceroute = The PID of Traceroute || 32768
Traceroute yourself with loose source routing(destination IP address is the next route).
Microsoft Windows use ICMP(0x0800 and 0x0000) with TTL incretments by 1 and initial 1 to reach destination, It checks if it reachs the destination by differ the two different ICMP packets(ICMP 0x0B00 and 0x0000).
Example:
C:\Documents and Settings\yjh>tracert www.baidu.com
Tracing route to www.a.shifen.com [119.75.213.50]
over a maximum of 30 hops:
  1     1 ms     1 ms     1 ms  192.168.1.1
  2    87 ms   100 ms    80 ms  123.89.182.1
  3   253 ms   172 ms    99 ms  61.235.76.137
  4     *        *        *     Request timed out.
  5    92 ms   147 ms    59 ms  61.237.113.245
  6   182 ms    74 ms    55 ms  61.237.97.122
  7   445 ms   233 ms   201 ms  61.237.3.2
  8     *      205 ms   179 ms  222.35.251.138
  9   102 ms    88 ms    64 ms  222.35.251.18
10     *        *        *     Request timed out.
11   446 ms   365 ms   274 ms  119.75.213.50
Trace complete.
# 2009-09-17  15:46
               
               
               

本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u3/104229/showart_2056419.html