The journey of an internet packet: Exploring networks with traceroute

Original Article ↗ Hacker News Discussion ↗

Traceroute capabilities and “sorcery”

  • Several comments highlight that traceroute/tracert can reveal much more than basic internal routing.
  • With good DNS naming and public maps (datacenters, undersea cables, nuclear plants, shipment records), people suggest you can infer physical locations of routers, data centers, energy sources, and AI infrastructure.
  • There is interest in advanced traceroute talks (including “weaponized” techniques), but some are hard to locate.

Protocol details and correctness of explanations

  • Multiple replies criticize the article’s technical accuracy and diagrams (e.g., odd IP layout, missing subnets, confusing use of loopbacks vs link IPs).
  • Debate over traceroute’s packet types: classic Unix traceroute often uses UDP, Windows tracert uses ICMP, and modern implementations support multiple protocols.
  • Some note that application traffic rarely uses ICMP, so relying on ICMP-only tests can mislead troubleshooting.

Limitations of traceroute

  • Emphasis that traceroute shows where TTL-expired packets elicited ICMP messages, not a guaranteed exact path. Each probe may traverse different routes (ECMP, asymmetric routing).
  • Many routers and firewalls drop or deprioritize ICMP, leading to * * * even when connectivity is fine.
  • Traceroute does not expose devices below IP (optical amplifiers, DWDM, physical loops) or within encapsulations (MPLS, segment routing, VPNs), so large segments may appear as a single hop.
  • Disabling ping only blocks ICMP echo; full ICMP blocking can break networks, yet many organizations still do it for “security.”

Use in operations and better tools

  • Network operators report they do care about traceroute anomalies and sometimes adjust routing or complain to vendors.
  • Others say consumer ISPs often ignore low-level traceroute-based complaints.
  • mtr and more sophisticated tools (e.g., UDP/port-variation techniques, Trippy) are favored for diagnosing ECMP issues and intermittent loss.

Networking knowledge and education

  • Strong sentiment that many developers and even senior engineers lack basic networking and DNS understanding.
  • Some defend simple traceroute explainers as useful for teaching, while others argue that literature and better talks already exist.
  • Several recommend learning beyond the OSI model, including real-world behaviors like GeoDNS, anycast, BGP, and path MTU.