It works on the principle of TTL.Router decrements TTL while processing and if TTL is zero it drops the Packet and sends ICMP Error Time Exceeded Mesage back to source HOST. In the ICMP Reply Message source IP is of Router which drops the packet.
Now host which runs Trace route leverage out of this property. It sends packet with destination addr of remote host and TTL =1. In reply it know IP of first HOP(router) it saves the IP and details and send next Packet with TTL 2 and keep incrementing TTL until it reaches Remote host .
every router in path must have respinded to source host and We got list of all HOPS on ROUTE.
Q)What kind of message are send in traceroute?How can we determine when we've reached the destination?
In windows :
It sends ICMP echo Request with incrementing TTLs .ICMP Error TIme Exceeded signifies intermediate
and ICMP echo reply signifies Host is reached
In Unix like OS
Traceroute sends UDP datagrams to the destination host, but it chooses the destination UDP port number to be an unlikely value (larger than 30,000),
making it improbable that an application at the destination is using that port.
This causes the destination host's UDP module to generate an ICMP "port unreachable" error
when the datagram arrives. Traceroute differentiate between the received ICMP messages—time exceeded versus port unreachable—to know when it's done.
Q Why cant we use IP record route option (RR). instead of Trace Route?
Ans:
- Not all routers have supported the record route option.
- The room allocated for options in the IP header isn't large enough today to handle most routes. There is room for only nine IP addresses in the IP header options field. In Today's world its not enough
No comments:
Post a Comment