Traceroute
Encyclopedia
traceroute is a computer network
Computer network
A computer network, often simply referred to as a network, is a collection of hardware components and computers interconnected by communication channels that allow sharing of resources and information....

 diagnostic tool for displaying the route (path) and measuring transit delays of packets across an Internet Protocol
Internet Protocol
The Internet Protocol is the principal communications protocol used for relaying datagrams across an internetwork using the Internet Protocol Suite...

 (IP) network.
Traceroute is available on most operating systems.

On the Apple
Apple
The apple is the pomaceous fruit of the apple tree, species Malus domestica in the rose family . It is one of the most widely cultivated tree fruits, and the most widely known of the many members of genus Malus that are used by humans. Apple grow on small, deciduous trees that blossom in the spring...

 Mac
MAC
-Aviation:* Martin's Air Charter, now Martinair* Mean Aerodynamic Chord* Merchant aircraft carrier, used during World War II by Britain and the Netherlands.* Metropolitan Airports Commission, the operator of airports in the Minneapolis-St...

, traceroute is available through opening 'Network Utilities' then selecting 'Traceroute' tab. On Microsoft Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...

 operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...

s it is named tracert. Windows NT
Windows NT
Windows NT is a family of operating systems produced by Microsoft, the first version of which was released in July 1993. It was a powerful high-level-language-based, processor-independent, multiprocessing, multiuser operating system with features comparable to Unix. It was intended to complement...

-based operating systems also provide PathPing
Pathping
PathPing is a network utility supplied in Windows NT and beyond that combines the functionality of ping with that of tracert.It provides details of the path between two hosts and Ping-like statistics for each node in the path based on samples taken over a time period, depending on how many nodes...

, with similar functionality. Variants with similar functionality are also available, such as tracepath on Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...

 installations. For Internet Protocol Version 6
IPv6
Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4...

 (IPv6) the tool sometimes has the name traceroute6.

Implementation

Traceroute sends a sequence of Internet Control Message Protocol
Internet Control Message Protocol
The Internet Control Message Protocol is one of the core protocols of the Internet Protocol Suite. It is chiefly used by the operating systems of networked computers to send error messages indicating, for example, that a requested service is not available or that a host or router could not be...

 (ICMP) echo request packets addressed to a destination host. Determining the intermediate routers traversed involves adjusting the time-to-live
Time to live
Time to live is a mechanism that limits the lifespan of data in a computer or network. TTL may be implemented as a counter or timestamp attached to or embedded in the data. Once the prescribed event count or timespan has elapsed, data is discarded. In computer networking, TTL prevents a data...

 (TTL) aka hop limit Internet Protocol parameter. Frequently starting with a value like 128 (Windows) or 64 (Linux), routers decrement this and discard a packet when the TTL value has reached zero, returning the ICMP error message ICMP Time Exceeded
ICMP Time Exceeded
The Time Exceeded Message is an ICMP message which is generated by a gateway to inform the source of a discarded datagram due to the time to live field reaching zero...

.

Traceroute works by increasing the TTL value of each successive set of packets sent. The first set of packets sent have a hop limit value of 1, expecting that they are not forwarded by the first router. The next set have a hop limit value of 2, so that the second router will send the error reply. This continues until the destination host receives the packets and returns an ICMP Echo Reply message.

Traceroute uses the returned ICMP messages to produce a list of routers that the packets have traversed. The timestamp values returned for each router along the path are the delay (aka latency) values, typically measured in milliseconds for each packet.

Hop 192.168.1.2 Depth 1
Probe status: unsuccessful
Parent:
Return code: Label-switched at stack-depth 1
Sender timestamp: 2008-04-17 09:35:27 EDT 400.88 msec
Receiver timestamp: 2008-04-17 09:35:27 EDT 427.87 msec
Response time: 26.99 msec
MTU: Unknown
Multipath type: IP
Address Range 1: 127.0.0.64 ~ 127.0.0.127
Label Stack:
Label 1 Value 299792 Protocol RSVP-TE

The originating host expects a reply within a specified number of seconds. If a packet is not acknowledged within the expected timeout, an asterisk is displayed. The hosts listed may not be hosts used by other packets. The Internet Protocol does not require that packets between two hosts take the same route. Also note that if the host at hop number N does not reply, the hop will be skipped in the output.

On Unix-like
Unix-like
A Unix-like operating system is one that behaves in a manner similar to a Unix system, while not necessarily conforming to or being certified to any version of the Single UNIX Specification....

 operating systems, the traceroute utility by default uses User Datagram Protocol
User Datagram Protocol
The User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring...

 (UDP) datagram
Datagram
A datagram is a basic transfer unit associated with a packet-switched network in which the delivery, arrival time, and order are not guaranteed....

s with destination port numbers from 33434 to 33534. The traceroute utility usually has an option to specify use of ICMP echo request (type 8) instead, as used by the Windows tracert utility. If a network has a firewall and operates both MS Windows and Unix-like systems, both protocols must be enabled inbound through the firewall.

There are also traceroute implementations that use TCP packets, such as tcptraceroute or layer four traceroute. PathPing
Pathping
PathPing is a network utility supplied in Windows NT and beyond that combines the functionality of ping with that of tracert.It provides details of the path between two hosts and Ping-like statistics for each node in the path based on samples taken over a time period, depending on how many nodes...

 is a utility introduced with Windows NT
Windows NT
Windows NT is a family of operating systems produced by Microsoft, the first version of which was released in July 1993. It was a powerful high-level-language-based, processor-independent, multiprocessing, multiuser operating system with features comparable to Unix. It was intended to complement...

 that combines ping and traceroute functionality. mtr (my traceroute) is an enhanced version of ICMP traceroute which is available for Unix-like and Windows systems. All implementations of traceroute rely on ICMP (type 11) packets being sent to the originator.

The implementations of traceroute shipped with Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...

, FreeBSD
FreeBSD
FreeBSD is a free Unix-like operating system descended from AT&T UNIX via BSD UNIX. Although for legal reasons FreeBSD cannot be called “UNIX”, as the direct descendant of BSD UNIX , FreeBSD’s internals and system APIs are UNIX-compliant...

, NetBSD
NetBSD
NetBSD is a freely available open source version of the Berkeley Software Distribution Unix operating system. It was the second open source BSD descendant to be formally released, after 386BSD, and continues to be actively developed. The NetBSD project is primarily focused on high quality design,...

, OpenBSD
OpenBSD
OpenBSD is a Unix-like computer operating system descended from Berkeley Software Distribution , a Unix derivative developed at the University of California, Berkeley. It was forked from NetBSD by project leader Theo de Raadt in late 1995...

, DragonFly BSD
DragonFly BSD
DragonFly BSD is a free Unix-like operating system created as a fork of FreeBSD 4.8. Matthew Dillon, an Amiga developer in the late 1980s and early 1990s and a FreeBSD developer between 1994 and 2003, began work on DragonFly BSD in June 2003 and announced it on the FreeBSD mailing lists on July...

, and Mac OS X
Mac OS X
Mac OS X is a series of Unix-based operating systems and graphical user interfaces developed, marketed, and sold by Apple Inc. Since 2002, has been included with all new Macintosh computer systems...

 include an option to use ICMP Echo packets (-I) or any arbitrary protocol (-P) such as UDP, TCP, ICMP, or GRE.

Usage

Most implementations include at least options to specify the number of queries to send per hop, time to wait for a response, the hop limit and port to use. Traceroute will display the options if invoked without any, man traceroute will display details including error flags displayed.
Simple example on linux:

traceroute -w 3 -q 1 -m 16 example.com

Only wait 3 seconds (instead of 5), only send out 1 query to each hop (instead of 3), limit the maximum number of hops to 16 before giving up (instead of 30) with the final host example.com

This can help identify incorrect routing table definitions or firewalls that may be blocking ICMP traffic, or high port UDP in UNIX ping, to a site. Note that a firewall may permit ICMP packets but not permit packets of other protocols.

Traceroute is also used by penetration testers to gather information about network infrastructure and IP ranges around a given host.

It can also be used when downloading data, and if there are multiple mirrors available for the same piece of data, one can trace each mirror to get a good idea of which mirror would be the fastest to use.

Origins

The traceroute manual page states that the original traceroute program was written by Van Jacobson
Van Jacobson
Van Jacobson is one of the primary contributors to the TCP/IP protocol stack which is the technological foundation of today’s Internet. He is renowned for his pioneering achievements in network performance and scaling....

 in 1987 from a suggestion by Steve Deering
Steve Deering
Stephen Deering is a former Technical Leader at Cisco Systems, where he worked on the development and standardization of architectural enhancements to the Internet Protocol...

, with particularly cogent suggestions or fixes from C. Philip Wood, Tim Seaver and Ken Adelman. Also, the inventor of the ping
Ping
Ping is a computer network administration utility used to test the reachability of a host on an Internet Protocol network and to measure the round-trip time for messages sent from the originating host to a destination computer...

 program, Mike Muuss
Mike Muuss
Michael John Muuss was the author of the freeware network tool Ping.A graduate of Johns Hopkins University, Muuss was a senior scientist specializing in geometric solid modeling, ray-tracing, MIMD architectures and digital computer networks at the United States Army Research Laboratory at Aberdeen...

, states on his website, that traceroute was written using kernel ICMP support, that he had earlier coded, to enable raw ICMP sockets when he first wrote the ping
Ping
Ping is a computer network administration utility used to test the reachability of a host on an Internet Protocol network and to measure the round-trip time for messages sent from the originating host to a destination computer...

 program.

See also

  • MTR (software) - computer software
    Computer software
    Computer software, or just software, is a collection of computer programs and related data that provide the instructions for telling a computer what to do and how to do it....

     which combines the functionality of the traceroute and ping
    Ping
    Ping is a computer network administration utility used to test the reachability of a host on an Internet Protocol network and to measure the round-trip time for messages sent from the originating host to a destination computer...

     programs in a single network diagnostic tool.
  • PathPing
    Pathping
    PathPing is a network utility supplied in Windows NT and beyond that combines the functionality of ping with that of tracert.It provides details of the path between two hosts and Ping-like statistics for each node in the path based on samples taken over a time period, depending on how many nodes...

     - a network utility supplied in Windows NT
    Windows NT
    Windows NT is a family of operating systems produced by Microsoft, the first version of which was released in July 1993. It was a powerful high-level-language-based, processor-independent, multiprocessing, multiuser operating system with features comparable to Unix. It was intended to complement...

     and beyond that combines the functionality of ping with that of traceroute (or tracert).
  • List of Unix utilities
  • List of DOS commands

External links


----
The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK