Traceroute和UDP

  当traceroute命令执行时,从设备的出端口发出3个UDP的报文,目的端口为33434,TTL设置为1。
当第一台设备接收到包时,会将TTL减1,TTL为0,该设备丢弃这个包,并回复ICMP TIME_EXCEEDED信息到源地址。
接着本地设备继续发送3个新的UDP报文,目的端口加1,33435,TTL也加到2。第二台设备将TTL减到0后同样返回超时信息
最终到达最后一台设备时,IP层接收这个包,进到传输层处理,由于报文中没有需要处理的会话,设备返回PORT_UNREACH信息

Since the JUNOS software is based on FreeBSD, it makes sense that the traceroute command
uses User Datagram Protocol (UDP) packets in its operation. Most (if not all) Unix-based systems
follow this format. It is worth investigating, or reviewing, how traceroute actually operates.
When the command is executed, three UDP packets are generated. Each packet uses the supplied
end-host information as the destination IP address. The outgoing interface of the router
is used as the source IP address. The time-to-live (TTL) value is set to 1 and the destination UDP
port is set to 33434. These packets are then sent out into the network.
When the first network device receives the packets, it decrements the TTL field by 1. This results
in a new TTL value of 0, which is unusable by an IP device. The network device drops the packet
and returns an ICMP TIME_EXCEEDED message to the source IP address of the UDP packet (the local
router’s interface). The local router receives these ICMP messages and examines the Source IP
Address field. We’ve now found the first network hop along our path!
The local router now sends out three new UDP packets with the same source and destination
IP addresses. The UDP port number is incremented by 1 to 33435. The TTL is also incremented
by 1 to a new value of 2. The second device along the path repeats the process above by dropping
the packet and returning an ICMP message to the source. This process repeats itself (UDP
port and TTL incrementing each time) for each network device along the path.
When the UDP packets finally reach the end system, they are received and not dropped. After
all, the TTL may be set to 1 at that point, but no forwarding of the packet is involved. The IP network
layer accepts the packet, since the destination IP address is its own interface. The UDP
packet is then passed up to the transport layer. The UDP process examines the destination port
number to determine whether a session is expecting inbound packets on that port. When no
process is found, an ICMP message is again returned to the source IP address. This time, however,
it is a PORT_UNREACHABLE message. When the local router receives this ICMP message, it
knows that it has reached the far-end system and that the system is active at the network and
transport layers.

你可能感兴趣的:(职场,休闲,traceroute)