0
I was reading the manpage for traceroute, and I noticed it accepts a port argument.
I thought traceroute worked only with ICMP. What does it do with the port?
zneak
Posted 2010-07-26T23:31:18.923
Reputation: 989
How does traceroute with ports work?
Answers
1
Traceroute (classical mode) works by sending UDP packets to a high, theoretically unused UDP port, changing the time to live (TTL) for each packet so that routers along the way notice that it has timed out and return ICMP time exceeded messages. Traceroute then prints those messages out until it gets a message from the destination host denying the connection.
You can change the port in case the default port is in use (thus preventing that last hop from working because the packet is silently accepted).
There is a wealth of information in the man page for traceroute on your standard Linux distro.
Slartibartfast
Posted 2010-07-26T23:31:18.923
Reputation: 6 899
1
That's in case ICMP is blocked somewhere along the way.
You could for example use port 80 (http) because almost any firewall will allow it to pass through.
Kenny Rasschaert
Posted 2010-07-26T23:31:18.923
Reputation: 992
ICMP does not use a port since it does not have a place for a port. It is encapsulated with an IP datagram only. You will find the port option only on UDP and TCP datagrams. To block ICMP echo, you would explicitly block the type and code. – djshortbus – 2010-07-27T00:55:34.067