Traceroute is a function to find out the path a packet takes to get
to the destination. It can be a implemented as a command line interface or a graphical
interface (e.g. web-based).
You can use the www.viewtheip.com traceroute tool right online from your web browser.
Traceroute uses CMP echo request packets to find the
path. It sends an echo reply with the IP TTL (time to live) value set to one to the destination.
The TTL field describes how many seconds the packet may survive in the
internet. Since the measurement in seconds doesn't make any sense, each router has to decrement
the TTL value at least by one. If it is one after decrementing, the packet has to be discarded.
The same happens, when TTL is one after the decrement and the destination network is not directly
attached to the router.
When the first router sees the packet with TTL 1 it decrements it by one,
sees it's zero, and have to discard the packet. As a result of the discard, it sends an ICMP destination
unreachable message with reason "TTL expired" back to the source address. The source address of the
ICMP error message is obviously the first router address. Now the source sends another packet with
TTL=2, which passes the first router. If the destination network is directly attached to the first
router, it will reach the destination. If not it will end at the second router for the same reason
as the first packet at the first router. This can be extended over up to 254 routers (maximum TTL).
Most implementations of traceroute add a reverse name lookup to the process
for each router IP-address.
As an additional function the packet can be sent as an tcp/http or other application request which results
in information which applications are running on the destinations machine.
Some even more extended traceroutes add a geographical analysis to it using longitude/latitude values
given in own databases or derived from several WHOIS requests.
