Question : traceroute using UDP

I'm trying to implement traceroute using UDP. I know how tracework works except for some details of how and when different packets should be sent. From what I know, for determining the path traversed by packets in order to reach a destination, UDP probe packets are launched with incremental TTLs as well as listening for "time exceeded" ICMP replies. Additionally, nodes are probed until receiving "port unreachable" ICMP response or having hit a maximum number of hops (some value). My question is, if TTL = 1 packet reaches the next hop and ICMP reply is sent back, and then a second packet with TTL = 2 is sent to determine the second hop and so on, until "port unreachable" ICMP packet is returned from the destination, will the packet with TTL larger than 1 pass through the first hop? Does each router need to set a condition to allow those packets with larger TTLs to let it pass with ICMP reply or let it pass without reply and what happens to those packets that passes the router? Only the first one will reach the destination and traceroute will terminate soon after ICMP reply is returned. Could someone tell me how these work? I tried to find a link to a traceroute applet but they were all broken links... If someone can provide such a link along with explanation, I'd be grealy appreciated.

Not sure if I chose the right topic area so if this kind of question should be asked elsewhere, let me know as well. Thanks.

Answer : traceroute using UDP

The following link explains how ping and traceroute work:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00800a6057.shtml

In short, traceroute sends UDP packets to the DESTINATION IP using an invalid port number to obtain each result.

The first time packets are sent to the DESTINATION IP, the TTL (Time To Live) of the packet is set to 1. When the packet reaches the first router, the TTL is decremented by one (making the TTL 0) and the router sends back an ICMP Time Exceeded message back to the IP that originated the Traceroute.

The second packets are sent, once again, to the DESTINATION IP... this time with the TTL of the packet set to 2. The packet passes through the first router, which decrements the TTL by one (making the TTL 1). The packet then reaches the second router, which also decrements the TTL by one (making the TTL 0), and the second router now sends the ICMP Time Exceeded message back to the IP that originated the Traceroute.

This goes on throughout the life of the traceroute until either the TTL starting value has exceeded the maximum allowed for the Traceroute program (usually 30) or the destination IP has been reached.

When the destination IP has been reached, a different kind of ICMP packet is returned to the originator because the port requested is invalid.

There are many more details to this described in the article I gave you above, but that is the gist of it.

Hope this helps.

Netelligen

Random Solutions

Network topology - Hub or switch?

How to have Apache authenticate against Mac OS X Open Directory (10.5)

Wireless Router and Satellite connection ... wireless connection not working

User unable to retrieve Comcast email from the office network

netcat redirect question / example wanted

how to change the ip adrress in unix

Qwest for MPLS and Internet

Cisco VPN connection to PIX 506: AddRoute failed to add a route: code 87

Where is the offset in the DNS compression measured from?

DHCP Scope VLAN