Traceroute is a utility used for network diagnosis, founded by Van Jacobson to resolve whether there are any routing issues existing within the network. Traceroute is normally used to determine the route that IP packets originating from your system follow to reach the destination host. Traceroute is not useful for a network with no routers. It is not really useful unless there are at least two routers in the network. The Internet consists of millions of routers, so a traceroute will be ideal for the Internet. Traceroute was developed to deal with network troubles like black holes and routing loops and roughly detect the locations of those failures.
How does Traceroute Work?
Before working on examples, let us perceive the concept of traceroute.Traceroute makes use of the TTL field from the IP header to attain its operation. For those who do not know about TTL field, it describes the maximum number of hops that a packet will take while traveling through the network.
In brief, this denotes the life span of the packet in the network. Value in TTL field is normally fixed to 32 or 64. Every time the packet reaches an intermediary router, TTL value is decreased by 1. If for a packet, this TTL value is reduced up to zero, that packet is discarded by the router.
Whenever a packet is discarded, ICMP “Time exceeded” message is delivered to the source of that particular packet by the router. That ICMP packet contains the IP address of the router.
With this process, traceroute continuously gets the IP addresses of every router between the source and the destination observed by the packet.
Traceroute Examples
1. Running traceroute <target-name/target-IP-Address>
You can either mention the IP address of the target or its name and the traceroute will fetch the route followed by the IP packet starting from your system up to the specified target.
Every line in the result provides a detailed summary of the interaction encountered with every router. Traceroute will show IP addresses of the intermediate routers along with 3 RTTs (Round Trip Time) for that specific router because traceroute dispatches three packets for every router.
Sometimes one may observe several ‘*’ in the output window instead of a value. This notifies that the concerned field could not be obtained. This may be due to reverse DNS lookup failure or packets not reaching the destination router or may be a loss of packets. There might be several reasons and in such cases traceroute will show “*” in the output.
2. Disable IP address and hostname mapping
Whenever the traceroute command is run, it will show some host names with their IP addresses. Traceroute comes with a facility with which the mapping of IP addresses into their hostname is deactivated. Option -n will do this for you.
3. Configure Response Wait Time
Whenever the traceroute issues a probe, it waits for the response from the router for some time span called “Response Wait Time”. We can configure this wait time using -w option to the desired value. When the wait time expires, the traceroute will print '*'s in the output.
Here, we can observe that traceroute did 30 attempts and then printed '*'s whenever there were no ICMP packets received within 0.1 seconds.
4. Configure the Number of Queries per Hop
As mentioned before, by default, traceroute fires 3 queries per router to give 3RTTs. This pre-determined value of three can be configured with the option ‘-q’. This option will take an integer that instructs traceroute utility to use the updated value of probes per hop.
5. Configure the TTL value to start with
By default TTL value is set as 1, which describes that it will begin with the first router in the route. Using the ‘-f’ option which takes an integer, you can decide on a new value of TTL.