Traceroute

Traceroute A traceroute provides a map of how data on the internet travels from its source to its destination. When you connect with a website, the data you get must travel across multiple devices and networks along the way, particularly routers.

A traceroute plays a different role than other diagnostic tools, such as packet capture, which analyzes data. Traceroute differs in that it examines how the data moves through the internet. Similarly, you can use Domain Name System time to live (DNS TTL) for tracerouting, but DNS TTL addresses the time needed to cache a query and does not follow the data path between routers.

What does Traceroute Do?

A traceroute works by sending Internet Control Message Protocol (ICMP) packets, and every router involved in transferring the data gets these packets. The ICMP packets provide information about whether the routers used in the transmission are able to effectively transfer the data.

What is Traceroute Used For?

An Internet Protocol (IP) tracer is helpful for figuring out the routing hops data has to go through, as well as response delays as it travels across nodes, which are what send the data toward its destination. Traceroute also enables you to locate where the data was unable to be sent along, known as points of failure. You can also perform a visual traceroute to get a visual representation of each hop.

How To Run a Traceroute?

To run traceroute on a Mac or Linux system, do the following:

Open up an instance of Terminal. Type in the phrase “traceroute [hostname]” and press enter.

On a Windows system, you can:

Go to the Start menu. Select Run. Type in “cmd” and then hit “OK.” This initiates a command prompt. Type in “tracert [hostname]” and press enter. The term “hostname” or host is the website you are interested in or the IP address of a server, router, or device. The traceroute reports on this destination point. After the traceroute is done, it terminates on its own.

What Is the Difference Between Ping and Traceroute?

The primary difference between ping and traceroute is that while ping simply tells you if a server is reachable and the time it takes to transmit and receive data, traceroute details the precise route info, router by router, as well as the time it took for each hop.

How To Read a Traceroute Report Hops and Round Trip Times (RTT) The traceroute report lists data pertaining to every router the packets pass through as they head to their destination. The hops get numbered on the left side of the report window. Each line in the report has the domain name—if that was included—as well as the IP address belonging to the router.

There are also three measurements of time, displayed in milliseconds. These tell you the length of time to send the ICMP packets from your computer to that router and back.

Typical Hop Sequence A “hop” refers to the move data makes as it goes from one router to the next. The first hop within the report provides information about the first router, which would be on your local-area network (LAN). The hops that come after provide data about routers controlled by your internet service provider (ISP).

When the ICMP packets get beyond the ISP’s domain, they go to the general internet, and you will likely see that the hop times increase, typically due to geographical distance.

Troubleshooting with Traceroute

What Factors Impact Hop Times? The physical distance between your computer and its final destination is one of the primary factors impacting hop times. This should be kept in mind while network troubleshooting. The bigger the distance, the longer the hop time. Another contributing factor is the kind of connection facilitating each hop. Computers with faster connections, such as those with Gigabit Ethernet (GE), will most likely provide faster hops than those with slower connections.

In addition, the way the data is delivered may make a difference. For example, if data is sent over a wireless router shared between several devices, the round-trip times can be slower than for one dedicated to a single computer via an Ethernet or fiber-optic connection.

How to read traceroute results?

Now that we know a little more about how traceroute works, it’s time to start using it! If you’ve never used traceroute before, things might look a little intimidating at first. Once you learn how to read a traceroute output, though, you can quickly make sense of the results.

Each line of the traceroute output represents one “hop” in the path to a given destination. These hops might be listed as either an IP address or a hostname; traceroute will attempt to resolve the IP address of each hop back to a hostname and display that, if possible. The list begins with the closest router to your computer and ends at either the destination or the last point the traceroute made it to before hitting a maximum number of hops. To the right of each entry is a series of times measured in milliseconds (ms). This is the Round-Trip Time or the amount of time it took for the traceroute packets to reach that hop and receive a reply.

You might notice one or more lines of your traceroute output is listed only with an asterisk (*). This means that the program did not receive any response from the router at that hop. Some organizations choose to block or discard the type of packets that traceroute relies on, either by blocking them with a firewall or configuring routers to discard the packets instead of replying. Traceroute traffic is also considered low-priority; a busy router may process standard data packets rather than reply to your traceroute request.

Do You See an Asterisk? What Does It Mean?

Sometimes, a traceroute has a hard time accessing a device or is unreachable. In these situations, it may show a message saying, “Request timed out,” along with an asterisk. This indicates that the router it reached was configured to deprioritize or automatically reject ICMP packets, which is done because ICMP is not categorized as essential traffic by many routers.

If you get several timeouts in a row, it can be because:

The packets arrived at a router with a firewall that prevents traceroute online requests. The packets arrived at the subsequent router, but they were not able to return to the computer that sent them. The router has a connection problem.

When Does High Latency Matter?

High latency matters whenever you have data that needs to get to its destination without delay to facilitate adequate functionality. For example, if still images are being sent, the latency may not be a big factor. On the other hand, if you are making Voice over Internet Protocol (VoIP) calls or conducting videoconferences, latency can significantly impact the user experience.

You can also use the traceroute report to pinpoint issues with your internet service or network. For instance:

There can be an issue with your network setup if the round-trip times are high for the first entries in the report. If there is an issue, you can use Simple Network Management Protocol (SNMP) to diagnose the problem. This provides information about managed devices on your network. If you use a managed service provider (MSP), you can ask them about what can be causing the problem. You may notice a drop in network speed, and this can be an issue with your service provider. Check your agreement with the ISP before reaching out to support, however, because the speed you are getting may be all that you are entitled to. If you notice latency toward the end of the report, the issue is likely with the destination’s server. This can be your VoIP or videoconferencing provider, for example. If they have a tool like Cisco’s NetFlow, they may be able to pinpoint the issue. Your provider can also use synthetic application performance monitoring (APM) to isolate performance issues.

Are tracert and traceroute the same?

Tracert and traceroute perform virtually identical functions, but the underlying code between the two tools is different. Tracert was created by Microsoft for Windows operating systems, while the earlier traceroute is for Unix-based systems. There are slight differences in the default parameters between the two tools, such as the type of packets used.h