The clever trick
Traceroute discovers each router along the path to a destination. It does this by exploiting the time to live field, a counter that every router decrements by one. When the counter hits zero, the router discards the packet and sends back an ICMP time exceeded message.
Step by step
- Traceroute first sends a probe with time to live set to one. The first router decrements it to zero and replies, revealing hop one.
- The next probe uses time to live two, so the second router replies, revealing hop two.
- Each round increases time to live by one until the destination itself responds.
The round trip time of each reply estimates latency to that hop. Some routers do not send time exceeded messages or rate limit them, so traceroute shows stars for those hops. Paths can also differ per packet because of load balancing, which is why consecutive runs sometimes list different intermediate routers.
Key idea
Traceroute increments the time to live so each router in turn returns a time exceeded message, revealing the path.