Today i will going to start a discussion on most and the basic topic in the Networking domain and is always been the question in the interview as well. It has been told by many of you guys that Trace route is one of the topics which interview always asked or touched upon.
Before starting with the concept of Trace route in the detail, you should now what trace route actually means. You know packets are being moving from source to destination but you actually don't know which path it follows to reach the destination.
Well Trace route give you the whole path of traffic flow which shows the devices in between the source and the destinations.
What are the main components of Trace route ?
Very valid question, If we are talking about the trace route, please kept in mind about the TTL ( Time to live ) , UDP ( User datagram unit ) and ICMP ( Internet Control Message Protocol ). So TTL is life of the packet sent over the UDP communication from source to destination and the reply is in the form of ICMP protocol.
When to use Trace route ?
There are lot of paths from source to destination in an enterprise network, sometimes we have problems in the network and we really want to divert the traffic from one direction to another but before diverting we need to check the actual path of the traffic from which the traffic flows and it can be check by Trace route.
If i will explain you trace route in detail, then you can say that Trace route, sends a sequence of User Datagram Protocol (UDP) packets which has information about the destination host, you can also have ICMP Echo Request or TCP SYN packets which can also be used in this scenario.
The time-to-live (TTL) value, also known as hop limit, is used in determining the routers in between the path of source and destination.
 |
| Fig 1.1- Traceroute procedure |
Routers hop by hop decrement packets TTL value by 1 when routing , it means when you have TTL value of 2 and you crossed one router in the path, the TTL value decreases by 1 as you passed one hop and then go to next hop, when you reached to 2 hop the TTL value now become zero and discard packets, returning the ICMP error message ICMP Time Exceeded.
It has been there that the common default values for TTL are 128 (Windows OS) and 64 (Unix-based OS).
Did you understand, No ? ok let me explain in another way for you guys ..
Traceroute works by sending packets with gradually increasing TTL value, starting with TTL value of one. The first router receives the packet, decrements the TTL value and drops the packet because it then has TTL value zero. The router sends an ICMP Time Exceeded message back to the source.
The next set of packets are given a TTL value of 2, so the first router forwards the packets, but the second router drops them and replies with ICMP Time Exceeded.
Proceeding in this way, traceroute uses the returned ICMP Time Exceeded messages to build a list of routers that packets traverse, until the destination is reached and returns an ICMP Echo Reply message.
The sender expects a reply within a specified number of seconds. If a packet is not acknowledged within the expected interval, an asterisk is displayed.
The Internet Protocol does not require packets to take the same route towards a particular destination, thus hosts listed might be hosts that other packets have traversed. If the host at hop #N does not reply, the hop is skipped in the output.
The below mentioned diagram actually shows the pictorial representation of the Trace route with full description that how it works from hop to hop. It will actually gives you the full path information of the routers in between source and destination.
May be as per the post it is the basic thing or the basic topic for the network engineers but it is one of the most important topic of " network fundamentals " The traffic flow and the other things are come after this. So it is mandatory for all the network engineers to understand the concept of the Trace route and crack your interview :)
I will come up with the another article which is important as well as Trace route is. the topic is " PING". Some of you guys knows already about the PING but still there are lot of people who are starters and want to know how PING works in the real environment. Please stay in touch and follow our articles and we will come up with the PING article soon.
