How PingPlotter Works


At its heart, PingPlotter is a trace route utility.  It's souped up and on steroids, but the basic data it collects is based on the theory of trace route.

A ping packet is an IP packet requesting that a copy of its contents be echoed back to the sender. When you "ping" a site, you send over an echo request and that site responds back that it received it. The amount of time it takes for the packet to get to that site, and then return to you, is the ping time, or latency. In general, the lower this is, the better your connection to the site. This time is usually specified in milliseconds (1/1000 of a second).

One of the parameters on a ping packet (and any packet, but we're only talking about ping here) is something called "Time to live" (TTL).  TTL is an IP header field designed to keep packets from running in loops, essentially forever, throughout a network (this can happen when there is a route change, and the routers involved don't all know the same information as new information is being replicated out). Initially it's usually set to somewhere between 64 and 255, and is reduced by 1 every time it passes through a server.

If the TTL should ever reach zero, the packet has expired, and the router that it's passing through will send it back to the source.  Again, this happens so that packets don't get caught in an endless loop.

Trace route plays with this TTL number on outgoing packets. It first sends out a packet with a TTL of 1. The first router that sees this decrements it to 0, and then sends it back. It also sends back its own IP address with the packet, and DNS is used to do a lookup for an actual domain name.

Ok, so next, traceroute sends out a packet with a TTL of 2 so it can find out what the next computer in the route is. Then it sends out a packet with a TTL of 3. This process is repeated until the final destination is reached. At that point, you know the entire path the packet has traversed to reach the destination computer/router. Each server/router in this chain is called a hop.

This method can help us determine the route a packet takes, but if we time each of these packets, we also know how long it takes for a packet to make it from our source PC, to that router, and then back again.  This is called latency.

The last hop in a (successful) trace route is actually the round-trip time to the destination server. This is an important concept to understand. You don't add up all the times between you and the destination host - as that time has already been added. The time to the last hop in the chain is exactly the same as is if you'd used a ping utility to that host. So a trace route utility is actually two utilities - ping AND trace route.

PingPlotter speeds up this process by sending out packets to the first 35 servers in the route all at the same time.  This makes a HUGE difference in overall speed.  It also means that the network conditions for each hop are very similar - so the numbers are better compared.