The traceroute program sends UDP packets to the destination host with an incremental TTL (1, 2, 3, etc) to get the intermediate hops info from the ICMP TTL EXPIRED messages.
The “destination reached” condition is an ICMP PORT UNREACHABLE message, because traceroute addresses a random port with an high number (that is: unlikely someone is listening there)
So my question is: is there a technical reason (drawbacks, RFCs, etc.) to use UDP packets rather than using, for instance, ICMP echo request messages (with increasing TTL) and use the echo reply answer as the end condition?
I understand that the ICMP echo reply might be filtered out by firewalls or other net devices in the middle, but I guess this can happen also to UDP packets ;)
traceroute tracks the route packets taken from an IP network on their way to a given host. It utilizes the IP protocol’s time to live (TTL) field and attempts to elicit an ICMP TIME_EXCEEDED response from each gateway along the path to the host.
traceroute supports ICMP and TCP probe packets as well, so you’re more likely can sneak through firewalls, which are more likely than not deployed without consideration. This also means that
traceroute is likely also setuid root on your system. See its man page, especially the part about available methods: http://linux.die.net/man/8/traceroute