GNU/Linux traceroute uses the task pid's as the udp source port with the high bit set to make the port less likely to have been used. The destination address is incremented with each hop. At least for the source port, it was designed this way to ensure that two or more users can simultaneously issue traceroutes.

From traceroute.c
* The udp port usage may appear bizarre (well, ok, it is bizarre).
* The problem is that an icmp message only contains 8 bytes of
* data from the original datagram. 8 bytes is the size of a udp
* header so, if we want to associate replies with the original
* datagram, the necessary information must be encoded into the
* udp header (the ip id could be used but there's no way to
* interlock with the kernel's assignment of ip id's and, anyway,
* it would have taken a lot more kernel hacking to allow this
* code to set the ip id). So, to allow two or more users to
* use traceroute simultaneously, we use this task's pid as the
* source port (the high bit is set to move the port number out
* of the "likely" range). To keep track of which probe is being
* replied to (so times and/or hop counts don't get confused by a
* reply that was delayed in transit), we increment the destination
* port number before each probe.

Thats at least the traceroute available to me on Gentoo.

Brandon

Question of the week EP 46

The default base UDP port for traceroute on Linux is 33434.

The traceroute command depends on an open UDP port range of base port (default 33434 unless otherwise specified) + (number of hops) - 1 at the destination host. So if you have 10 hops then you need 33434-33443 open at the destination host, if the base port is default. You can change the base port default using the p switch, if required.