The Traceroute Command
The traceroute command is used to discover the routes that packets actually take when traveling to their destination. The device (for example, a router or a PC) sends out a sequence of User Datagram Protocol (UDP) datagrams to an invalid port address at the remote host.Three datagrams are sent, each with a Time-To-Live (TTL) field value set to one. The TTL value of 1 causes the datagram to "timeout" as soon as it hits the first router in the path; this router then responds with an ICMP Time Exceeded Message (TEM) indicating that the datagram has expired.
Another three UDP messages are now sent, each with the TTL value set to 2, which causes the second router to return ICMP TEMs. This process continues until the packets actually reach the other destination. Since these datagrams are trying to access an invalid port at the destination host, ICMP Port Unreachable Messages are returned, indicating an unreachable port; this event signals the Traceroute program that it is finished.
The purpose behind this is to record the source of each ICMP Time Exceeded Message to provide a trace of the path the packet took to reach the destination. For all the options about this command, see Trace (privileged).
R1#trace 10.2.1.4
Type escape sequence to abort.
Tracing the route to 10.2.1.4
VRF info: (vrf in name/id, vrf out name/id)
1 10.1.1.2 16 msec 20 msec 20 msec
2 10.1.1.6 28 msec 28 msec 16 msec
3 10.1.1.10 64 msec 64 msec 60 msec
4 10.1.4.6 60 msec 68 msec 64 msec
5 10.2.1.4 64 msec 64 msec 72 msec
R1#
*Feb 9 09:22:22.349: ICMP: time exceeded rcvd from 10.1.1.2
*Feb 9 09:22:22.369: ICMP: time exceeded rcvd from 10.1.1.2
*Feb 9 09:22:22.389: ICMP: time exceeded rcvd from 10.1.1.2
*Feb 9 09:22:22.413: ICMP: time exceeded rcvd from 10.1.1.6
*Feb 9 09:22:22.453: ICMP: time exceeded rcvd from 10.1.1.6
*Feb 9 09:22:22.489: ICMP: time exceeded rcvd from 10.1.1.6
*Feb 9 09:22:22.569: ICMP: time exceeded rcvd from 10.1.1.10
*Feb 9 09:22:22.633: ICMP: time exceeded rcvd from 10.1.1.10
*Feb 9 09:22:22.693: ICMP: time exceeded rcvd from 10.1.1.10
*Feb 9 09:22:22.753: ICMP: time exceeded rcvd from 10.1.4.6
*Feb 9 09:22:22.829: ICMP: time exceeded rcvd from 10.1.4.6
R1#
*Feb 9 09:22:22.893: ICMP: time exceeded rcvd from 10.1.4.6
*Feb 9 09:22:22.965: ICMP: dst (10.1.1.1) port unreachable rcv from 10.2.1.4
*Feb 9 09:22:23.037: ICMP: dst (10.1.1.1) port unreachable rcv from 10.2.1.4
*Feb 9 09:22:23.117: ICMP: dst (10.1.1.1) port unreachable rcv from 10.2.1.4
No comments:
Post a Comment