What is the range of ports that is usually used in the traceroute command?

Question

I wanted to know if there is a range which is usually used for destination port that is used in traceroute command. Like the starting address for destination port is 33434. but is there some standard range which is preferred for traceroute ?

Answer 1

Using UDP for traceroute is considered by some poor practice, because UDP is supposed to be a data-carrying application protocol. ICMP ECHO_REQUEST is the preferred method, though there is no standard. The main reason to use ICMP is that UDP can carry a payload, so allowing it through a firewall has greater security implications; for the end-user it's more likely to be blocked. It's also possible for an application to use the UDP ports resulting in potentially unwanted side-effects. Despite the preference for ICMP, classic traceroute(1) and its decedents all use UDP, including the implementations shipped with Mac OS X, most Linux distros, the BSDs and Cisco IOS.

For these UDP implementations the port number is incremented by 1 for each probe so the highest port number for any given run is equal to 33434 + (max-ttl * probes-per-hop - 1). The default setting for max-ttl is usually 32 or 64, depending on the implementation. The default probes-per-hop is usually 1 or 3. Using the more liberal defaults of 64 and 3, the range would be 33434-33625. In practice a max-ttl of 32 is usually more than enough in which case the range would be 33434-33529.

Also note that IANA has allocated only port 33434 to traceroute, but it has left 33435-33655 unallocated.

---

For info on ICMP vs. UDP see: Why do some common traceroute implementations default to using UDP probes?

Answer 2

After googling I found out that 33434 is the port that is used as the base port for traceroute.

The range goes to 33434 + (max-ttl * numberofprobes - 1), that usually means

• max-ttl = 30
• numberofprobes = 3

Answer 3

Traceroute works by sending ICMP packets, which are their own protocol entirely. No ports.

In more detail - traceroute sends ICMP echo packets starting with a TTL of 1. That causes the packet to return a failure at the first router. Then a TTL of 2 - which brings it to the second router. TTL is increased until the destination is reached. The set of routers found along the way is the traced route.