Part of Linux Commands Cheat Sheet
Traceroute uses ICMP’s Ping command to find out how many different devices are between the computer initiating the traceroute and the target.
Traceroute command works by manipulating the packets time to live (TTL) value. TTL is the number of times the packet can be rebroadcast by the next host encountered on the network or hops.
Traceroute will start with a TTL value of 1 indicating the packet can only go as far as the next device between the initiator and the target. The receiving device will send back and ICMP type 11, code 0 packet (time exceeded), and the packet is logged.
Then traceroute increase the TTL by 1 and sends another series of packets. These packets will continue to be broadcasted until reaching their expect TTL along the network, then there will be another series of time exceeded packets response.
This continues until the target is reached, and all hops along the way are recorded, creating a list of all devices between the initiating computer and the target.
traceroute 127.0.0.1 traceroute github.com
1 pvg16-spi-acc0-data-b202--vlan204 (10.112.84.193) 0.132 ms 0.124 ms 0.144 ms 2 18.104.22.168 (22.214.171.124) 0.853 ms 0.784 ms 0.792 ms 3 126.96.36.199 (188.8.131.52) 7.064 ms 6.526 ms 6.703 ms 4 172.16.20.13 (172.16.20.13) 6.084 ms 6.499 ms 6.993 ms 5 172.16.20.9 (172.16.20.9) 4.616 ms 4.903 ms 5.206 ms