Traceroute Basics

I'm new at computer networking and trying to understand traceroute by this tutorial:

http://community.spiceworks.com/how_to/show/47298-how-traceroute-works

These are IP packets with a UDP transport packets with a TTL ( time to live ) set to 1. The reason they are sent to one is that once they reach the next hop IP, the packets will expire sending a Time Exceeded message back to the host that sent them.

So if I understand this correctly when TTL=1 then my home router which is the first hop decreases it to 0 and send it to the second router which is my isps gateway which will generate the first Time Exceed message that's how I know it's a hop on the route.

What I don't understand is how do I get the address of the very first router (which is my home router) when the TTL is 1?

Thank you

Polarbear

Posted 2014-04-08T20:40:34.880

Reputation: 1

Answers

Each router on the route decrements the TTL by one and replies with a ICMP Time exceeded if the TTL reaches zero. Your local traceroute extracts the source address and can figure out what router dropped your packet. This is your router if TTL is set to one.

If you are preparing for any kind of tests in Computer networking you should try to answer more questions related to traceroute. Which protocols will be used above IP by traceroute? Why these protocols? What happens if a router does not reply with an ICMP message? What happens if a firewall on the route blocks ICMP? What happens if the route changes while traceroute is running?

user3422070

Posted 2014-04-08T20:40:34.880

Reputation: 501

The very first router receives the packet with a TTL of 1, decrements that by 1 so it is now a TTL of 0. Then the router responds with a time exceeded. Each hop lowers the TTL by one then acts on it.

Source: Traceroute / Implementation on Wikipedia

yoonix

Posted 2014-04-08T20:40:34.880

Reputation: 633