The difference between traceroute and tracert_PHP tutorial

The difference between traceroute and tracert

Recently, when I was reading TCP/IP Detailed Explanation Volume 1, I was a little confused by the traceroute and tracert commands. It turns out that there is a difference between the two.
I captured the packet under Windows, but I couldn’t capture the udp packet. . . .
This is also a reminder to myself that you need to use your brain when reading! ! !

Both are used to detect the IP routed by data packets from source to destination, but their detection methods are different.
Differences:
1. Different application environments
Tracert is applied under windows.
traceroute is applied under linux/BSD/router/UNIX.
Tracert is a commonly used command line tool under Windows, and traceroute under UNIX. They are all based on routing detection of UDP protocol.
Tracert is a traceroute utility used to determine the path taken by an IP datagram to reach a destination. The Tracert command uses IP time-to-live (TTL) fields and ICMP error messages to determine routing from one host to other hosts on the network.
How it works:
The Tracert diagnostic determines the route taken to a target by sending Internet Control Message Protocol (ICMP) echo packets with different IP Time to Live (TTL) values ​​to the target. Each router on the path is required to decrement the TTL on the packet by at least one before forwarding the packet. When the TTL on the packet is reduced to 0, the router should send an "ICMP Timed Out" message back to the source system.
Tracert first sends a response packet with a TTL of 1, and increments the TTL by 1 during each subsequent sending process until the target response or TTL reaches the maximum value to determine the route. Routes are determined by examining "ICMP Timed Out" messages sent back by intermediate routers. Some routers drop packets with expired TTL without asking, which is not visible in the Tracert utility.
The Tracert command prints out the list of proximal router interfaces in the path that returns the "ICMP Timed Out" message in order. If you use the -d option, the Tracert utility does not query DNS on every IP address.
In the following example, the packet must pass through two routers (10.0.0.1 and 192.168.0.1) to reach the host 172.16.0.99. The host's default gateway is 10.0.0.1, and the router's IP address on the 192.168.0.0 network is 192.168.0.1.
　C:>tracert 172.16.0.99 -d
　Tracing route to 172.16.0.99 over a maximum of 30 hops
　1 2s 3s 2s 10,0.0,1
　2 75 ms 83 ms 88 ms 192.168.0.1
　3 73 ms 79 ms 93 ms 172.16.0.99
　Trace complete.
The Traceroute program is designed to use the TTL (Time To Live) field of the ICMP and IP headers. First, traceroute sends an IP datagram with a TTL of 1 (actually, each time it sends three 40-byte packets, including the source address, destination address and time stamp of the packet sent) to the destination, when the first packet on the path When a router receives this datagram, it decrements the TTL by 1. At this time, the TTL becomes 0, so the router will discard this datagram and send back an "ICMP time exceeded" message (including the source address of the IP packet, all contents of the IP packet and the IP address of the router), traceroute After receiving this message, we know that this router exists on this path, and then traceroute sends another datagram with a TTL of 2, and finds the second router... Traceroute adds 1 to the TTL of the datagram sent each time. to discover another router, and this repeated action continues until a certain datagram reaches its destination. When the datagram reaches the destination, the host will not send back the ICMP time exceeded message because it is already the destination. So how does traceroute know that the destination has been reached?
When Traceroute sends UDP datagrams to the destination, the port number it chooses to deliver is a number that is not used by general applications (above 30000), so when the UDP datagram reaches the destination, the host will send Returns an "ICMP port unreachable" message, and when traceroute receives this message, it knows that the destination has been reached. Therefore, traceroute does not have a so-called Daemon program on the server side.
Traceroute extracts the IP address of the device that sent the ICMP TTL expiration message and performs domain name resolution. Each time, Traceroute prints out a series of data, including the domain name and IP address of the routing device it passes through, and the time it takes for each of the three packets to go back and forth.
Traceroute has a fixed time to wait for a response (ICMP TTL expiration message). If this time has passed, it will print a series of * signs to indicate that the device on this path cannot respond with an ICMP TTL Expired message within the given time. Traceroute then adds 1 to the TTL counter and continues.
2. Detection methods and detection data types are different
By default, tracert sends an ICMP request echo packet to the destination address, while traceroute sends UDP data to a certain port (greater than 30000) of the destination address. Report.
Similar points:
1. Both are used to detect the IP routed by data packets from source to destination.
2. Both are detected by setting the TTL value of the sent packet starting from 1 and increasing by 1 successively.

Finally, tcptracetroute sends TCP SYN packets to port 80 to the target, with stronger penetration.

http://www.bkjia.com/PHPjc/1117251.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/1117251.htmlTechArticleThe difference between traceroute and tracert. Recently, I was reminded of the traceroute and tracert commands when I was reading TCP/IP Detailed Explanation Volume 1. After some digging, it turns out there is a difference between the two. I captured the packet under windows,...