Explanation/Reference:
Section: Design Methodologies Explanation
Explanation:
On a Cisco router, the traceroute command uses Internet Control Message Protocol (ICMP) Time Exceeded Message (TEM) messages to map the path that a packet takes through a network. The traceroute command works by sending a sequence of messages, usually User Datagram Protocol (UDP) packets, to a destination address. The Time-to-Live (TTL) value in the IP header of each series of packets is incremented as the traceroute command discovers the IP address of each router in the path to the destination address. The first series of packets, which have a TTL value of one, make it to the first hop router, where their TTL value is decremented by one as part of the forwarding process. Because the new TTL value of each of these packets will be zero, the first hop router will discard the packets and send an ICMP TEM to the source of each discarded packet. The traceroute command will record the IP address of the source of the ICMP TEM and will then send a new series of messages with a higher TTL. The next series of messages is sent with a TTL value of two and arrives at the second hop before generating ICMP TEMs and thus identifying the second hop. This process continues until the destination is reached and every hop in the path to the destination is identified. In this manner, the traceroute command can be used to manually build a topology map of an existing network? however, more effective mechanisms, such as Link Layer Discovery Protocol (LLDP) or Cisco Discovery Protocol (CDP), are typically used instead when available.
Some network trace implementations similar to the IOS traceroute command send ICMP Echo messages or Transmission Control Protocol (TCP) synchronization (SYN) packets by default. For example, the tracert command on Microsoft Windows platforms uses ICMP Echo messages by default, instead of ICMP TEMs, to map the path a packet takes through a network. Some implementations offer configuration options to specify the message types used to map the network path of a series of packets. Being able to specify the message type is useful in environments where firewalls or other filtering mechanisms restrict the flow of certain types of packets, such as ICMP Echo messages.
CDP is a Cisco-proprietary network discovery protocol that uses Type-Length-Value (TLV) fields to share data with neighboring Cisco devices. A TLV is a data structure that defines a type of data, its maximum length, and a value. For example, the CDP Device-ID TLV contains a string of characters identifying the name assigned to the device. Each CDP message contains a series of TLV fields, which collectively describe a Cisco device, its configuration, and its capabilities. CDP-enabled devices listen for CDP packets and parse the TLVs to build a table with information about each neighboring Cisco device. The information in the CDP table can be used by other processes on the device. For example, native virtual LAN (VLAN) mismatches are commonly identified based on the information from the CDP table.
Likewise, LLDP uses TLV fields to share data with neighboring network devices. LLDP is an open- standard network discovery protocol specified as part of the Institute of Electrical and Electronics Engineers (IEEE) 802.1AB standard. Because LLDP is designed to operate in a multivendor environment, it specifies a number of mandatory TLVs that must be included at the beginning of each LLDP message.
Any optional TLVs follow the mandatory TLVs, and an empty TLV specifies the end of the series. Most Cisco platforms support both CDP and LLDP.
Reference:
Cisco: Understanding the Ping and Traceroute Commands