This course is available as a print book on Amazon - only $11.99!
Traceroute is a CLI (Command-line interface)-based tool used to identify the path used by a packet to reach its target. This tool also uses ICMP messages, but unlike ping, identifies every router in a path. Traceroute is useful when troubleshooting network problems because it can help identify where exactly the problem is.
Traceroute sends a series of ICMP echo request packets to a destination. First series of messages has a Time to Live (TTL) parameter set to 1, which means that the first router in a path will discard the packet and send an ICMP Time Exceeded message. TTL is then increased by one until the destination host is reached and an ICMP echo reply message is received. Originating host can then use received ICMP messages to identify all routers in a path.
The traceroute command on Windows is named tracert. On Unix and Cisco IOS traceroute it is invoked using the traceroute command.
Here is an example showing the tracert command in Windows:
Traceroute on Unix-like operating systems
Traceroute command on Unix works slighty different than the Windows version. It uses UDP packets with a large destination port number (33434 to 33534) that is unlikely to be used by any application at the destination host. Like the Windows version of the command, traceroute on Unix uses TTL to get the IP addresses of the intermediary routers. When a destination host is reached, it replies with an ICMP port unreachable message.