Trace Utility to Trace IP Packet Path

Environment: C#

User Level: Advanced


This trace utility traces the path of an IP packet. To understand the process, its important to understand the ICMP protocol we are going to use for this purpose.

ICMP Protocol

The Internet Protocol (IP) is used for host-to-host datagram service in a system of interconnected networks. Occasionally, a destination host will communicate with a source host; for example, it is used to report an error in datagram processing. For such purposes, the Internet Control Message Protocol (ICMP) is used. ICMP uses the basic support of IP as if it were a higher-level protocol; however, ICMP is actually an integral part of IP, and must be implemented by every IP module.

ICMP messages are sent in several situations; for example,

  • When a datagram cannot reach its destination.
  • When the gateway does not have the buffering capacity to forward a datagram.
  • When the gateway can direct the host to send traffic on a shorter route.

The Internet Protocol is not designed to be absolutely reliable. The purpose of these control messages is to provide feedback about problems in the communication environment, not to make IP reliable. There are still no guarantees that a datagram will be delivered or a control message will be returned. Some datagrams may still be undelivered without any report of their loss. The higher-level protocols that use IP must implement their own reliability procedures if reliable communication is required.

The ICMP messages typically report errors in the processing of datagrams. To avoid the infinite regress of messages about messages and so forth, no ICMP messages are sent about ICMP messages. Also, ICMP messages are only sent about errors in handling fragment zero of fragemented datagrams. (Fragment zero has the fragment offeset equal zero.)

Basics of the Trace Utility

Apart from other fields, each ICMP header consists of a field called Time to Live (TTL). The TTL field is decremented at each machine in which the datagram is processed. Thus, if my packet routes through Machine A-> Machine B-> Machine C, and if I set the initial TTL to 3, TTL at B it would be 2 and at C it would be 1. If the gateway processing a datagram finds the TTL field is zero, it discards the datagram. The gateway also notifies the source host via the time exceeded message.

Thus, to get our utility working, we send a packet containing an echo request to the destination machine with an increasing TTL number, starting from 1. Each time the TTL goes to zero, the machine that was currently processing the datagram returns the packet with a time-exceeded message. We remeber the IP of this machine and send the packet back with an incremented TTL. We repeat this until we successfully receive an echo reply.

You can compile the .cs file on command line by using the command

csc Trace.cs

and running it.


Questions? Send them to me at

About the Author

Sanjay Ahuja is a Bachelor of Engineering and has done his CDAC from Pune, India. He is currently working as a consultant for Verizon.


Download source and application -- 5 KB


  • Shows IP routing info, from RADB.

    Posted by priiyank_kansal1984 on 12/01/2005 06:24am

    how can i get IP Routing Information For a particular IP from RADB Using C#

  • Recognize Limitations

    Posted by Legacy on 07/20/2002 12:00am

    Originally posted by: Keith Brigode

    This sort of trace is good in certain types of networks, but is dependant upon IP addressable devices. This may be true in very small or very old networks. Unfortunately most of the networks today have all sorts of virtual devices that will not respond. So this utility will give you some basic information regarding the entry and exit of some facility, but it will not tell you what is going on within. Many problems today exist in switches etc, none of which will respond.

Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Today's agile organizations pose operations teams with a tremendous challenge: to deploy new releases to production immediately after development and testing is completed. To ensure that applications are deployed successfully, an automatic and transparent process is required. We refer to this process as Zero Touch Deployment™. This white paper reviews two approaches to Zero Touch Deployment--a script-based solution and a release automation platform. The article discusses how each can solve the key …

  • Live Event Date: February 25, 2015 @ 2:00 p.m. ET / 11:00 a.m. PT Secure Shell (SSH) keys provide unmitigated access for privileged users and applications. However, managing and securing these critical privileged credentials poses a real challenge for organizations, putting sensitive data at risk. In fact, more than 50% of organizations report experiencing an SSH Key related compromise. Check out this upcoming eSeminar and join Adam Bosnian, EVP of Global Business Development at CyberArk, as he discusses the …

Most Popular Programming Stories

More for Developers

RSS Feeds

Thanks for your registration, follow us on our social networks to keep up-to-date