edited by
14,284 views
35 votes
35 votes

Traceroute reports a possible route that is taken by packets moving from some host $A$ to some other host $B$. Which of the following options represents the technique used by traceroute to identify these hosts:

  1. By progressively querying routers about the next router on the path to $B$ using $\text{ICMP}$ packets, starting with the first router
  2. By requiring each router to append the address to the $\text{ICMP}$ packet as it is forwarded to $B$. The list of all routers en-route to $B$ is returned by $B$ in an $\text{ICMP}$ reply packet
  3. By ensuring that an $\text{ICMP}$ reply packet is returned to $A$ by each router en-route to $B,$ in the ascending order of their hop distance from $A$
  4. By locally computing the shortest path from $A$ to $B$
edited by

4 Answers

Best answer
43 votes
43 votes

(A) Traceroute works by sending packets with gradually increasing $\text{TTL}$ value, starting with $\text{TTL}$ value of $1$. The first router receives the packet, decrements the $\text{TTL}$ value and drops the packet because it then has $\text{TTL}$ value zero. The router sends an $\text{ICMP}$ Time Exceeded message back to the source. The next set of packets are given a $\text{TTL}$ value of $2,$ so the first router forwards the packets, but the second router drops them and replies with $\text{ICMP}$ Time Exceeded. Proceeding in this way, traceroute uses the returned $\text{ICMP}$ Time Exceeded messages to build a list of routers that packets traverse, until the destination is reached and returns an ICMP Echo Reply message.

edited by
18 votes
18 votes

Answer is C)

Traceroute is a little program that can run in any Internet host. When the user specifies a destination hostname, the program sends multiple packets towards that destination. As these packets work their way towards the destinations, they pass through a series of routers. When a router receives one of these packets, it sends a little message back to the source. This message contains the name and address of the router. More specifically, suppose there are N-1 routers between the source and the destination. Then the source will send N packets into the network, with each packet addressed to the ultimate destination. These packets are also marked 1 through N, with the first of the N packets marked 1 and the last of the N packets marked N. When the nth router receives the nth packet marked n, the router destroys the packet and sends a message to the source. And when the destination host receives the Nth packet, the destination destroys it as well but again returns a message back to the source. The source records the time that elapses from when it sends a packet until when it receives the corresponding return message; it also records the name and address of the router (or the destination host) that returns the message. In this manner, the source can reconstruct the route taken by packets flowing from source to destination, and the source can determine the round-trip delays to all the intervening routers. Traceroute actually repeats the experiment just described three times, so the source actually sends 3*N packets to the destination.

The above is taken from Kurose and Ross.

The [RFC 1393] describes traceroute in detail.

ICMP is specified in [RFC 792]. The most typical use of ICMP is for error reporting.ICMP messages have a type and a code field, and also contain the first 8 bytes of the IP packet that caused the IP message to be generated in the first place (so that the sender can determine which packet is sent that caused the error). Selected ICMP messages are shown below:

ICMP type           Code           Description

0                                 0                   echo reply (to ping)

3                                 0                   destination network unreachable

3                                 1                   destination host unreachable

3                                 2                  destination protocol unreachable

3                                 3                  destination port unreachable

3                                 6                   destination network unknown

3                                  7                  destination host unknown

4                                 0                   source quench (congestion control)

8                                 0                    echo request

9                                 0                     router advertisement

10                              0                      router discovery

11                              0                       TTL expired

Traceroute uses ICMP messages. To determine the names and addresses of the routers between source and destination, Traceroute in the source sends a series of ordinary IP datagrams to the destination. The first of these datagrams have a TTL of 1, the second of 2, the third of 3, etc. The source also starts timers for each of the datagrams. When the nth datagram arrives at the nth router, the nth router observers that the TTL of the datagram has just expired. According to the rules of the IP protocol, the router discards the datagram (because there may be a routing loop) and sends an ICMP warning message to the source (type 11 code 0). This warning message includes the name of the router and its IP address. When the ICMP message corresponding to the nth datagram arrives at the source, the source obtains the round-trip time from the timer and the name and IP address from the ICMP message.

3 votes
3 votes

According to CISCO:

Source: https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13730-ext-ping-trace.html

So Ans should be A

traceroute command can be used to discover the paths packets take to a remote destination, as well as where routing breaks down.

The purpose behind the traceroute command is to record the source of each ICMP "time exceeded" message in order to provide a trace of the path the packet took to reach the destination.

The device that executes the traceroute command sends out a sequence of User Datagram Protocol (UDP) datagrams, each with incrementing Time-To-Live (TTL) values, to an invalid port address (Default 33434) at the remote host.

First, three datagrams are sent, each with a TTL field value set to 1. The TTL value of 1 causes the datagram to "timeout" as soon as it hits the first router in the path. This router then responds with an ICMP "time exceeded" message which indicates that the datagram has expired.

Next, three more UDP messages are sent, each with the TTL value set to 2. This causes the second router in the path to the destination to return ICMP "time exceeded" messages.

This process continues until the packets reach the destination and until the system that originates the traceroute receives ICMP "time exceeded" messages from every router in the path to the destination. Since these datagrams try to access an invalid port (Default 33434) at the destination host, the host responds with ICMP "port unreachable" messages that indicate an unreachable port. This event signals the traceroute program to finish.

–3 votes
–3 votes

Option A

By progressively querying routers about the next router on the path to B using ICMP packets, starting with the first router

Here we simply use the feild called as TTL.

For finding out first router from sender we set TTL=1,then we could able to know about firts router.When we use TTL=2,then we can able to understand about two router and so on.

That's why option A will be right.

Each time TTL=0 , a ICMP packet will be generated from router towards the sender.

Answer:

Related questions

38 votes
38 votes
2 answers
2
23 votes
23 votes
4 answers
4