Traceroute

Traceroute is a simple tool to show the network route from your computer to a remote destination. It does this by utilizing the IP protocol's time to live (TTL) field in order to elicit an ICMP TIME_EXCEEDED response from each gateway along the path.

If you just want to know how long it takes to get between your computer and a remote destination, it is much better to use the ping tool, since that will send more packets and will be much better at showing fluctuations in the round-trip time taken (see outputs below). That is why I will be using a computer in Austin, TX, U.S.A., which is using a VPN in Amsterdam, Netherlands, as this helps highlight the difference.

Time To Live (TTL)

The TTL field can be confusing because, with respect to ping and traceroute, it does not actually represent "time" but the number of hops the packet can traverse before dying. Having a TTL ensures that packets don't somehow keep traversing the net in an infinite loop. TTL with regards to a DNS server configuration, does mean the a "true" time period that a result should be cached for before the domain needs to be requeried.

Installation On Ubuntu 14.04

Traceroute 1.9.2

sudo apt-get install inetutils-traceroute -y

Traceroute 2.0.19

sudo apt-get install traceroute -y
For the purposes of this tutorial, I am using traceroute 2.0.19. You can check your version with:
traceroute --version

Running Traceroute

Find the path between you and a remote address, simply enter the IP address, or the domain name, of the server you wish to find the path to after the traceroute command. E.g. 

traceroute 8.8.8.8

Example Traceroute Output

traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  10.8.0.1 (10.8.0.1)  328.239 ms  328.166 ms  328.159 ms
 2  37.139.23.1 (37.139.23.1)  328.165 ms  328.168 ms  328.216 ms
 3  83.231.213.61 (83.231.213.61)  328.279 ms adm-b4-link.telia.net (62.115.44.245)  328.098 ms  328.085 ms
 4  ae-5.r03.amstnl02.nl.bb.gin.ntt.net (129.250.4.186)  328.139 ms  328.173 ms adm-bb4-link.telia.net (213.155.137.168)  328.053 ms
 5  hbg-bb2-link.telia.net (80.91.246.209)  487.713 ms 81.20.67.134 (81.20.67.134)  328.096 ms  487.737 ms
 6  s-bb4-link.telia.net (80.239.147.169)  666.192 ms  187.284 ms s-bb4-link.telia.net (80.91.251.42)  213.305 ms
 7  72.14.238.153 (72.14.238.153)  178.400 ms 209.85.253.249 (209.85.253.249)  378.281 ms 72.14.238.153 (72.14.238.153)  213.019 ms
 8  google-ic-130575-s-b3.c.telia.net (213.248.93.198)  378.162 ms  213.208 ms  378.012 ms
 9  209.85.250.192 (209.85.250.192)  212.993 ms 216.239.43.122 (216.239.43.122)  213.113 ms 216.239.49.30 (216.239.49.30)  212.844 ms
10  209.85.253.180 (209.85.253.180)  212.970 ms 209.85.254.13 (209.85.254.13)  212.861 ms  212.852 ms
11  209.85.251.255 (209.85.251.255)  377.852 ms 72.14.235.229 (72.14.235.229)  377.845 ms 209.85.249.40 (209.85.249.40)  377.747 ms
12  google-public-dns-a.google.com (8.8.8.8)  592.627 ms  557.859 ms 216.239.46.15 (216.239.46.15)  557.865 ms
If 30 hops (the default maximum) is not enough to get to your destination, you can increase it with the
-m
flag. E.g
traceroute -m 60 8.8.8.8
The three numbers after the IP address of the gateway are the roundtrip times the three packets took. If you're wanting to check latencies, it is better to use ping instead.

Example Ping Output

PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=50 time=166 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=50 time=169 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=50 time=409 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=50 time=625 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=50 time=530 ms
64 bytes from 8.8.8.8: icmp_seq=6 ttl=50 time=168 ms
64 bytes from 8.8.8.8: icmp_seq=7 ttl=50 time=483 ms
64 bytes from 8.8.8.8: icmp_seq=8 ttl=50 time=458 ms
64 bytes from 8.8.8.8: icmp_seq=9 ttl=50 time=521 ms
64 bytes from 8.8.8.8: icmp_seq=10 ttl=50 time=160 ms
--- 8.8.8.8 ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9011ms
rtt min/avg/max/mdev = 160.952/369.554/625.686/174.005 ms

I'm Seeing Stars!

If you see start to see the

*
character in your traceroutes, it means there is a problem with the route to the host.

Technically, the
*
characters are called asterisks

Refernces

updated:
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments ( Atom )