nanog mailing list archives
Re: Traceroute and random UDP ports
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Tue, 12 Aug 2008 19:57:21 -0400
On Aug 12, 2008, at 7:54 PM, Glen Kent wrote:
The outgoing packets from traceroute are sent towards the destination using UDP and very high port numbers, typically in the range of 32,768 and higher. This is because no one is gernally expected to run UDP services up there, so when the packet finally reaches the destination, traceroute can tell that it got to the end (because the ICMP changes from "TTL exceeded" to "port unreachable"). My question is: What if the receiver is actually listening on one of the "random" UDP ports? What would happen in such cases?
Depends on what is running there.Given people randomizing things like DNS ephemeral ports, if they're not careful, it will probably happen more often.
Also, why do we increase the UDP port number with each subsequent traceroute packet that is sent?
So you know which hop sent the packet back. -- TTFN, patrick
Current thread:
- Traceroute and random UDP ports Glen Kent (Aug 12)
- Re: Traceroute and random UDP ports Patrick W. Gilmore (Aug 12)
- Re: Traceroute and random UDP ports John Kristoff (Aug 13)
- Re: Traceroute and random UDP ports Jeff Aitken (Aug 13)
- Re: Traceroute and random UDP ports Crist Clark (Aug 13)
- Re: Traceroute and random UDP ports Joe Abley (Aug 13)
- Re: Traceroute and random UDP ports Matthew Luckie (Aug 13)
- Re: Traceroute and random UDP ports Jeff Aitken (Aug 13)