Traceroute: A computer Network Diagnostic Tool π οΈ
How does it work! π€
Ping works fine but not traceroute! π€¨
What are the stars in traceroute output! *β£*β£*β£
#Linux #Networking
A Thread π
How does it work! π€
Ping works fine but not traceroute! π€¨
What are the stars in traceroute output! *β£*β£*β£
#Linux #Networking
A Thread π
What is traceroute ?
traceroute tracks the route packets take across an IP network on their way to a given host.
It assists you in troubleshooting nw connectivity issues from your Destination to a Remote destination by using echo packets (ICMP) to visually trace the route.
traceroute tracks the route packets take across an IP network on their way to a given host.
It assists you in troubleshooting nw connectivity issues from your Destination to a Remote destination by using echo packets (ICMP) to visually trace the route.
The syntax -
The cmd traceroute <x> (x here being an IP or hostname) is d most basic version & it will begin to send packets to d designated target. This result will allow u to trace d path of d packets sent from ur machine to each of d systems b/n u & ur desired destination.
The cmd traceroute <x> (x here being an IP or hostname) is d most basic version & it will begin to send packets to d designated target. This result will allow u to trace d path of d packets sent from ur machine to each of d systems b/n u & ur desired destination.
How does it work?
Traceroute uses TTL (Time to Live) field in d IP pkt header. TTL is used to prevent pkts from being forwarded forever when der is a routing loop. Whenever an IP pkt is forwarded by a router, d TTL is decreased by 1. When d TTL is 0, d IP pkt will be discarded.
Traceroute uses TTL (Time to Live) field in d IP pkt header. TTL is used to prevent pkts from being forwarded forever when der is a routing loop. Whenever an IP pkt is forwarded by a router, d TTL is decreased by 1. When d TTL is 0, d IP pkt will be discarded.
As the packet hops from one router to router through to get to its destination, each router is required to decrement the echo packets TTL by a minimum of 1 before proceeding to forward the packet to the next router.
In other words, Time-To-Live is a Hop Counter by design.
In other words, Time-To-Live is a Hop Counter by design.
Letβs look at an example.
Letβs say that from H1 (192.168.1.1) we send a trace to S1 (192.168.3.1). The first IP packet that H1 sends, will have a TTL of 1:
Letβs say that from H1 (192.168.1.1) we send a trace to S1 (192.168.3.1). The first IP packet that H1 sends, will have a TTL of 1:
When R1 receives the IP packet, it will want to forward it to R2 but it has to decrease the TTL from one to zero, as a result, the IP packet will be dropped and R1 will respond to H1 with a TTL exceeded message. H1 will now send a second packet with a TTL of 2:
R1 will decrease the TTL from two to one, forwards it and now R2 has to drop it. R2 will respond with a TTL exceeded message. H1 will now send another IP packet with a TTL of 3:
R1 will decrease the TTL from three to two, R2 decrease it from two to one and R3 will have to drop it. R3 sends the TTL exceeded message to R1. The last IP packet that H1 will send will have a TTL of four:
Each router will decrease the TTL by one, our server on the other end will receive an IP packet with a TTL of one and replies with an ICMP reply to H1. We now know that the destination is reachable and we have learned all routers in our path.
Each IP packet that we send is called a probe. Traceroute can be used with ICMP, UDP and TCP, depending on your operating system.
In Windows the command name is - tracert
To use tracert, type the tracert command followed by the host name of the computer to which you want to trace the route.
To use tracert, type the tracert command followed by the host name of the computer to which you want to trace the route.
Time Outs - The most likely problem that you'll encounter when you use tracert is a timeout during one of the hops. Timeouts are indicated by asterisks where you'd expect to see a time.
Possible Reason - Sometimes, timeouts are caused by temporary problems, so you should try the tracert again to see if the problem persists. If you keep getting timeouts at the same router, the router could be having a genuine problem.
The traceroute cmd on Linux works similar to Windows. One important difference is that it doesnβt use ICMP but UDP. It also allows u to specify the no of IP pkts (probes) you want to send.
For e.g.
# traceroute -N 1 -q 1 192.168.3.1
Where -q sets d no. of probe pkts per hop.
For e.g.
# traceroute -N 1 -q 1 192.168.3.1
Where -q sets d no. of probe pkts per hop.
Traceroute, by default, measures 30 hops of 60-byte packets.
You can tell here where hop one actually landed, and then there are three numerical values. These are known as the Round-Trip Time (RTT), which refers to the amount of time that a given packet takes to reach its destination and route back an ICMP message to the source.
Every packet routes an ICMP error message back to the source when it reaches a device on the network. This action allows traceroute to determine the RTT of that packet and does not necessarily indicate an error.
Sometimes We see only stars (*).
What does that mean?
What do these stars (asterisks) mean?
Were the packets dropped?
Are they timed out?
The same time ping works fine. What could be the reason!
What does that mean?
What do these stars (asterisks) mean?
Were the packets dropped?
Are they timed out?
The same time ping works fine. What could be the reason!
Let me explain.
There r two possibilities -
1st, ICMP/UDP may not be configured. If d traceroute cmd completes successfully & u see these stars, most likely d device dat was hit wasnt configured to reply to ICMP/UDP traffic. This result doesnt mean that d traffic wasn't passed.
There r two possibilities -
1st, ICMP/UDP may not be configured. If d traceroute cmd completes successfully & u see these stars, most likely d device dat was hit wasnt configured to reply to ICMP/UDP traffic. This result doesnt mean that d traffic wasn't passed.
The second possibility is that the packets were dropped due to an issue on the network. These results are usually packet timeouts, or the traffic has been blocked by a firewall.
In the traceroute cmd output few additional annotation can be printed:
!H, !N, !P (host, nw or protocol unreachable)
!S (source route failed)
!F (fragmentation needed)
!X (communication administratively prohibited)
!V (host precedence violation)
!C (precedence cutoff in effect)
!H, !N, !P (host, nw or protocol unreachable)
!S (source route failed)
!F (fragmentation needed)
!X (communication administratively prohibited)
!V (host precedence violation)
!C (precedence cutoff in effect)
β’ β’ β’
Missing some Tweet in this thread? You can try to
force a refresh
γ
