1

As I see in wikipedia, traceroute utility sends a sequence of packets using ICMP protocol in groups of three and with incrementing TTL value to identify the network routers. It also says that Internet Protocol doesn`t guarantee that all the packets take the same route.

So I have three questions:

1- Why are THREE packets sent for each router?

2- What would happen if these three packets with the same TTL value traverse in different routing ways?

3- When these routes can be changed during the time for different packet groups, how can the result be useful?!

Thanks in advance

Saba Jamalian
  • 149
  • 1
  • 1
  • 5

2 Answers2

2

  • It often uses UDP or even TCP (tcptraceroute is often more useful, or the -t option on some implementations) for the outgoing packets- but in all cases relies on ICMP TTL exceeded messages.

  • Traceroute is a clever hack on tcp/ip - not a built-in function to discover routes. It was a clever afterthought.

  • You can specify different numbers of packets to send- doesn't have to be three.

  • As Kowh said - routes can change, but don't necessarily change that often. There are many reasons traceorute may give misleading results - from ICMP having a lower priority, or being blocked entirely - the important part is to understand the mechanics of how it works and what it is and isn't telling you.

gabbelduck
  • 329
  • 1
  • 3
1

  1. The main benefit is to make sure you get a response even with packet loss. Other benefits include getting more data points for round trip time, and seeing if different packets take different routes.

  2. It would print the gateway for each packet.

  3. The point in running a traceroute is to see where the packets go, if your traceroute is showing a constantly varying route, then the rest of your packets are doing the same. Seems to me just as useful to know this as learning your route is essentially static.

    That said, just because the routes aren't prevented from changing, doesn't mean they do. Most of the time when you run traceroute you're going to get the same route. Changing routes happen mostly with transient conditions, e.g. when a given router gets too busy.

Kowh
  • 146
  • 4