0
I was reading the manpage for traceroute
, and I noticed it accepts a port
argument.
I thought traceroute
worked only with ICMP. What does it do with the port?
0
I was reading the manpage for traceroute
, and I noticed it accepts a port
argument.
I thought traceroute
worked only with ICMP. What does it do with the port?
1
Traceroute (classical mode) works by sending UDP packets to a high, theoretically unused UDP port, changing the time to live (TTL) for each packet so that routers along the way notice that it has timed out and return ICMP time exceeded messages. Traceroute then prints those messages out until it gets a message from the destination host denying the connection.
You can change the port in case the default port is in use (thus preventing that last hop from working because the packet is silently accepted).
There is a wealth of information in the man page for traceroute on your standard Linux distro.
1
That's in case ICMP is blocked somewhere along the way.
You could for example use port 80 (http) because almost any firewall will allow it to pass through.
ICMP does not use a port since it does not have a place for a port. It is encapsulated with an IP datagram only. You will find the port option only on UDP and TCP datagrams. To block ICMP echo, you would explicitly block the type and code. – djshortbus – 2010-07-27T00:55:34.067