Hello, Before learning How Traceroute works, First let me tell you Traceroute & Ping are the standard tools to identify the issues in a network, Sometimes ping doesn?t tell you everything, but Traceroute shows where the actual problem is, Traceroute will display all the Hostnames & Ip address of the routers in between your computer to the destination IP address, Try to Traceroute www.facebook.com.
Ping & Traceroute Both works under ICMP protocol.
How Traceroute works?
Traceroute uses TTL which stands for Time To Live which is in IP packet, TTL is used to prevent the Loop in a network, When IP packet forward from one router to another, It decrements the TTL Value by one, When the TTL value will be Zero, The packet will be discarded.
Traceroute sends three packets for each HOP to get a Round trip time.
TTL field initially set to 1 in the three packets, After that the first router generates an ICMP Time Exceeded message to the sender.
The sender records the round-trip delay in timestamp field and IP address of a router, and another set of packets is sent, this time with the TTL set to 2.
The second router discards the packets, and another ICMP Time Exceeded?message is sent back. The process is repeated until the destination host is reached.
ICMP Echo (ping), then the Type field takes a value of 8.
If it's an ICMP Echo Reply (ping reply) then it would take a value of 1.