• Main Menu
  • How Unix and Windows traceroutes differ


    The Unix/Linux `traceroute` command and the Microsoft Windows `tracert` commands both accomplish the task of tracing network paths, but they do it in slightly different ways.

    Both of these tools for tracing network routes send out a packet wth TTL (Time To Live) set to 1 and report it’s destnation. Then, they send out a packet with TTL=2 and report it’s destination. They continue until the packets reach their final destination or the TTL limit is exceeded.

    The difference is that Unix/Linux `traceroute` uses UDP (User Datagram Protocol) packets to a random high port number, while Microsoft Windows uses ICMP (Internet Control Message Protocol) packets.

    This difference is critical when trying to understand why traceroute sometimes fails. The firewall rulesets and the router Access Control Lists (ACLs) between you and the destination must be examined to determine if they allow UDP high ports (port numbers above 1024) and/or ICMP.

    In addition, the command line options for Microsoft Windows `tracert` differ from the command line options for Unix/Linux `traceroute`. However, the command line options for Unix/Linux `traceroute` also differ between Unix versions. Read the manual page for your Unix/Linux system to explore the troubleshooting options available to you.

    Got Something To Say:

    Your email address will not be published. Required fields are marked *

    6 comments
    1. archit

      30 October, 2013 at 7:33 pm

      what is mean by udp high ports? it has to be some fixed number , means standard udp port isn’t it?

      Reply
      • WillSpencer

        30 October, 2013 at 8:45 pm

        High ports are port numbers above 1,024.

        Reply
        • archit

          31 October, 2013 at 5:46 am

          ya that is ok, so sender use high port but machine which receives this request will receive it on standard UDP port , right?

          it may have close other ports for security reason

          Reply
          • WillSpencer

            31 October, 2013 at 11:45 am

            That’s how most TCP and UDP protocols work: receivers wait on standard low ports and senders transmit on randomly chosen high ports.

            Reply
    2. Washuu

      6 September, 2013 at 8:44 pm

      Very informative. Thank you.

      Reply
    3. Noreaga

      21 August, 2013 at 2:37 pm

      thanks you

      Reply
    Network Layer
    180 queries in 0.553 seconds.