2.3k views

Traceroute reports a possible route that is taken by packets moving from some host $A$ to some other host $B$. Which of the following options represents the technique used by traceroute to identify these hosts:

1. By progressively querying routers about the next router on the path to $B$ using $\text{ICMP}$ packets, starting with the first router
2. By requiring each router to append the address to the $\text{ICMP}$ packet as it is forwarded to $B$. The list of all routers en-route to $B$ is returned by $B$ in an $\text{ICMP}$ reply packet
3. By ensuring that an $\text{ICMP}$ reply packet is returned to $A$ by each router en-route to $B,$ in the ascending order of their hop distance from $A$
4. By locally computing the shortest path from $A$ to $B$
edited | 2.3k views
0
@habibkhan Isn't option c also correct
0
@Kapilp Isn't option c also correct
+3

(A) is the correct option
traceroute = ICMP + TTL + UDP

+3

Q. -> In IP packet there is a option of Record Route. So why could it not be used for tracing all routers in  Traceroute command ?

Ans - Because  It can list up to 9 routers only.
0
Traceroute command is user level application  program in UNIX. for using the record route option of IP we have to associate it with an application program like PING program.Moreover I dont think record route is much effeciant because it can list upto 9 routers only.

@chhotu, correct if I am wrong.
0

Traceroute command is user level application  program in UNIX. for using the record route option of IP we have to associate it with an application program like PING program.

I did not get you. Could you please explain it ?

0
@Manu Thakur

Can you tell how it works?
0
+2
if someone struggling how traceroute works
0

This might help ....

0
@chhotu Traceroute and recordroute are different, In traceroute, the sender is going to know about all the routers present between sender and receiver. We haven't actually sent any packet we are just checking how many routers present in between, by the help of ICMP, TTL, and UDP. Overall the sender wants to know about routers, every time the sender may not get the same path so routers could be changed.
While in Record route the receiver wants to know from which routers his/her packet has arrived. We use option for that but at max, we couldn't use 40B, So we can save up to 9 routers ip addresses.

(A) Traceroute works by sending packets with gradually increasing $\text{TTL}$ value, starting with $\text{TTL}$ value of $1$. The first router receives the packet, decrements the $\text{TTL}$ value and drops the packet because it then has $\text{TTL}$ value zero. The router sends an $\text{ICMP}$ Time Exceeded message back to the source. The next set of packets are given a $\text{TTL}$ value of $2,$ so the first router forwards the packets, but the second router drops them and replies with $\text{ICMP}$ Time Exceeded. Proceeding in this way, traceroute uses the returned $\text{ICMP}$ Time Exceeded messages to build a list of routers that packets traverse, until the destination is reached and returns an ICMP Echo Reply message.

edited
+14
What is wrong with Option C ? A seems incorrect to me !

Also it does not query routers directly , about next routers ! It sends ICMP packet to destination !
0

It progressively queries routers by setting hop limits, and ICMP Time Exceeded message is returned rather than ICMP Reply.

+3
It does not progressively query,

because there is not gurantee that icmp packet will always same the take same path..
+7

Yeah, C is correct. It cannot query from from one router about next router via ICMP reply packet.
Explained the process correctly!

0

If you are sequentially increasing the TTL values to see what routers will reject it then what you would call it? I presume "Progressively". But I totally agree the line :"querying routers about the next router on the path to B" is surely ambiguous but atleast option A tells us how tracert works which is progressively rather than just one packet which option C suggests.

0

In C its not given only one packet, its given that one ICMP reply packet from each router. C seems to be unambiguous?

+9
C)
By ensuring that an ICMP reply packet is returned to A by each router en-route to B, in the ascending order of their hop distance from A

Isn't this is equal to exactly what Tracerout  does ? It sends ICMP packet in acending order of hop distance using TTL ahead ? When those packets return we know the path.
As path maybe different this packets are send 3 times, Still I don't think we can not gurantee that same path will be taken always.
+9

@Akash Kanase Option C is saying  "ICMP reply packet is returned to A"  which is wrong. TTL exceeded is not ICMP reply packet, it is ICMP error message.

+1
C should be correct. @Sachin ICMP reply packet contains ICMP message and "error message" is one of the type of message which ICMP can transmit.
+1

There's ambiguity in option A in "querying routers about the next router on the path to B" and a mistake in option C "ICMP reply packet is returned to A" as when TTL hits 0, reply packet is not sent rather an error message is sent to the source.

But I think the process of trace route is more properly described in option C.

Which option between A and C should be the correct answer?

+2
• But when actual message goes ,then there can be multiple paths?

YES, there can be multiple paths .

see here , Traceroute

can also report -->  (A , R1 , R2 , R5 , B) (very less chances but still it can report like this )

can also report --> (A , R1 , R2 , R3 , B)  --> in most of the cases you will get this

can also report --> (A , R1 , R4 , R5 , B)  --> in most of the cases you will get this

Which path does traceroute  report?

Ans : In most of the time Traceroute is going to give you correct route (path) but still there is chances that Traceroute will not report you the correct path. for better understanding You can see the result of Traceroute command by typing it many times most of the time you might get different route and some time same route .    :)

for windows :  tracert www.gateoverflow.in

for linux : traceroute www.gateoverflow.in

Explanation : Even though Traceroute is going to give Router at number of hops but when you put all them (router) together they need not form any path , But the chances are that we are going to send dummy packet immediately (within a fraction of second -> can see in my previous comment image ) therefore basic assumption is that routes will not change so dynamically (i.e. in 1 ms the route might not change ) the entire procedure might take 1 second , so most of the cases we get the perfect route AND Its is not always guaranteed which means you could also expect that there is something wrong is this . (like above image )

Traceroute is mainly used by Sender side to get  to know the route .

FOR EXACT Route go for Record Route which is used by Network Admin & they can find the exact route . They will send only one packet and this one packet will go only through  one route and they will find the exact route  BUT in Traceroute we are sending many packets and they may take different route therefore every time we get a router which is at so and so hops and if you all them put together then they might not even form a path .

I hope NOW its clear to you .    :)

+3

@reena_kandari Yes you are right , but Most of the time packet is send within fraction of a second (can see image below time is in ms )so in this case

no gurantee that packet will take the same path every time.

guarantee*

Very less chances are there that it will happen. (Yes it can : in that case we get path which is not always possible )

@Tuhin ICMP message types are

• Message Types

3  Destination Unreachable

4  Source Quench

5  Redirect

8  Echo

11  Time Exceeded

12  Parameter Problem

13  Timestamp

15  Information Request

16  Information Reply

In Option C "ICMP reply packet is returned to A"  which is wrong bcz TTL exceeded(ICMP TIME_EXCEEDED) is not ICMP reply packet, it is ICMP (11 Time Exceeded) error message.

In Option A : using ICMP packets

ICMP packets which is  => ICMP (11 Time Exceeded) message or packet

So Correct Option : A

0

Even if we assume "reply packet" does not mean "warning packet", how is (a) correct?

It was suggested that ICMP Type 11 code 0 "TTL Expired" message be improved to allow the next hop router to be returned to the sender, but as far as I know this was never implemented in traceroute. This means that the "progressively quering routers about the next router" clause of option (a) does not make sense.

Traceroute is a little program that can run in any Internet host. When the user specifies a destination hostname, the program sends multiple packets towards that destination. As these packets work their way towards the destinations, they pass through a series of routers. When a router receives one of these packets, it sends a little message back to the source. This message contains the name and address of the router. More specifically, suppose there are N-1 routers between the source and the destination. Then the source will send N packets into the network, with each packet addressed to the ultimate destination. These packets are also marked 1 through N, with the first of the N packets marked 1 and the last of the N packets marked N. When the nth router receives the nth packet marked n, the router destroys the packet and sends a message to the source. And when the destination host receives the Nth packet, the destination destroys it as well but again returns a message back to the source. The source records the time that elapses from when it sends a packet until when it receives the corresponding return message; it also records the name and address of the router (or the destination host) that returns the message. In this manner, the source can reconstruct the route taken by packets flowing from source to destination, and the source can determine the round-trip delays to all the intervening routers. Traceroute actually repeats the experiment just described three times, so the source actually sends 3*N packets to the destination.

The above is taken from Kurose and Ross.

The [RFC 1393] describes traceroute in detail.

ICMP is specified in [RFC 792]. The most typical use of ICMP is for error reporting.ICMP messages have a type and a code field, and also contain the first 8 bytes of the IP packet that caused the IP message to be generated in the first place (so that the sender can determine which packet is sent that caused the error). Selected ICMP messages are shown below:

ICMP type           Code           Description

0                                 0                   echo reply (to ping)

3                                 0                   destination network unreachable

3                                 1                   destination host unreachable

3                                 2                  destination protocol unreachable

3                                 3                  destination port unreachable

3                                 6                   destination network unknown

3                                  7                  destination host unknown

4                                 0                   source quench (congestion control)

8                                 0                    echo request

10                              0                      router discovery

11                              0                       TTL expired

Traceroute uses ICMP messages. To determine the names and addresses of the routers between source and destination, Traceroute in the source sends a series of ordinary IP datagrams to the destination. The first of these datagrams have a TTL of 1, the second of 2, the third of 3, etc. The source also starts timers for each of the datagrams. When the nth datagram arrives at the nth router, the nth router observers that the TTL of the datagram has just expired. According to the rules of the IP protocol, the router discards the datagram (because there may be a routing loop) and sends an ICMP warning message to the source (type 11 code 0). This warning message includes the name of the router and its IP address. When the ICMP message corresponding to the nth datagram arrives at the source, the source obtains the round-trip time from the timer and the name and IP address from the ICMP message.

0
Good attempt but small correction is required in the answer.
0
Please, can you identify which portion to correct?
0
But there is no gurantee that packet will take the same path every time.
+1

@reena_kandari Yes you are right , but Most of the time packet is send within fraction of a second (can see image below time is in ms )so in this case

no gurantee that packet will take the same path every time.

guarantee*

Very less chances are there that it will happen. (Yes it can : in that case we get path which is not always possible )

@Tuhin ICMP message types are

• Message Types

3  Destination Unreachable

4  Source Quench

5  Redirect

8  Echo

11  Time Exceeded

12  Parameter Problem

13  Timestamp

15  Information Request

16  Information Reply

In Option C "ICMP reply packet is returned to A"  which is wrong bcz TTL exceeded(ICMP TIME_EXCEEDED) is not ICMP reply packet, it is ICMP (11 Time Exceeded) error message.

In Option A : using ICMP packets

ICMP packets which is  => ICMP (11 Time Exceeded) message or packet

So Correct Option : A

0

@RISHABH SHRIVAS:- In option A,Now suppose that we have found all the routers on path from A to B. But when actual message goes ,then there can be multiple paths?Which path does traceroute  report?

+2
• But when actual message goes ,then there can be multiple paths?

YES, there can be multiple paths .

see here , Traceroute

can also report -->  (A , R1 , R2 , R5 , B) (very less chances but still it can report like this )

can also report --> (A , R1 , R2 , R3 , B)  --> in most of the cases you will get this

can also report --> (A , R1 , R4 , R5 , B)  --> in most of the cases you will get this

Which path does traceroute  report?

Ans : In most of the time Traceroute is going to give you correct route (path) but still there is chances that Traceroute will not report you the correct path. for better understanding You can see the result of Traceroute command by typing it many times most of the time you might get different route and some time same route .    :)

for windows :  tracert www.gateoverflow.in

for linux : traceroute www.gateoverflow.in

Explanation : Even though Traceroute is going to give Router at number of hops but when you put all them (router) together they need not form any path , But the chances are that we are going to send dummy packet immediately (within a fraction of second -> can see in my previous comment image ) therefore basic assumption is that routes will not change so dynamically (i.e. in 1 ms the route might not change ) the entire procedure might take 1 second , so most of the cases we get the perfect route AND Its is not always guaranteed which means you could also expect that there is something wrong is this . (like above image )

Traceroute is mainly used by Sender side to get  to know the route .

FOR EXACT Route go for Record Route which is used by Network Admin & they can find the exact route . They will send only one packet and this one packet will go only through  one route and they will find the exact route  BUT in Traceroute we are sending many packets and they may take different route therefore every time we get a router which is at so and so hops and if you all them put together then they might not even form a path .

I hope NOW its clear to you .    :)

0
thanks for you effort:). Got it now
0
MOST WELCOME!!!   :)

Option A

 By progressively querying routers about the next router on the path to B using ICMP packets, starting with the first router Here we simply use the feild called as TTL. For finding out first router from sender we set TTL=1,then we could able to know about firts router.When we use TTL=2,then we can able to understand about two router and so on. That's why option A will be right. Each time TTL=0 , a ICMP packet will be generated from router towards the sender.

1
2