traceroute

Display the path between packets and hosts

Supplementary instructions

traceroute command is used to trace the entire path of data packets when they are transmitted on the network. The default size of the data packets sent is 40 bytes.

Through traceroute we can know the path that information takes from your computer to the host on the other end of the Internet. Of course, the path a data packet takes from the same starting point (source) to the same destination (destination) may be different every time, but basically the route taken is the same most of the time.

Traceroute measures how long it takes by sending small packets to the destination device until they return. Each device on a path is traceroute tested three times. The output includes the time (ms) of each test and the name of the device (if any) and its IP address.

grammar

traceroute(options)(parameters)

Options

-d: Use the Socket-level debugging function;
-f<survival value>: Set the size of the survival value TTL of the first detected packet;
-F: Set the do not break bit;
-g<gateway>: Set the source routing gateway, up to 8 can be set;
-i<network interface>: Use the specified network interface to send data packets;
-I: Use ICMP responses instead of UDP data information;
-m<survival value>: Set the maximum survival value TTL size of the detected data packet;
-n: Use IP address directly instead of host name;
-p<communication port>: Set the communication port of UDP transmission protocol;
-r: Ignore the ordinary Routing Table and send the data packet directly to the remote host.
-s<source address>: Set the IP address of the local host to send data packets;
-t<service type>: Set the TOS value of the detected data packet;
-v: Display the execution process of the command in detail;
-w <timeout seconds>: Set the time to wait for a report from the remote host;
-x: Turn on or off the correctness check of data packets.

Parameters

Host: Specify the destination host IP address or host name.

Example

traceroute www.58.com
traceroute to www.58.com (211.151.111.30), 30 hops max, 40 byte packets
  1 unknown (192.168.2.1) 3.453 ms 3.801 ms 3.937 ms
  2 221.6.45.33 (221.6.45.33) 7.768 ms 7.816 ms 7.840 ms
  3 221.6.0.233 (221.6.0.233) 13.784 ms 13.827 ms 221.6.9.81 (221.6.9.81) 9.758 ms
  4 221.6.2.169 (221.6.2.169) 11.777 ms 122.96.66.13 (122.96.66.13) 34.952 ms 221.6.2.53 (221.6.2.53) 41.372 ms
  5 219.158.96.149 (219.158.96.149) 39.167 ms 39.210 ms 39.238 ms
  6 123.126.0.194 (123.126.0.194) 37.270 ms 123.126.0.66 (123.126.0.66) 37.163 ms 37.441 ms
  7 124.65.57.26 (124.65.57.26) 42.787 ms 42.799 ms 42.809 ms
  8 61.148.146.210 (61.148.146.210) 30.176 ms 61.148.154.98 (61.148.154.98) 32.613 ms 32.675 ms
  9 202.106.42.102 (202.106.42.102) 44.563 ms 44.600 ms 44.627 ms
10 210.77.139.150 (210.77.139.150) 53.302 ms 53.233 ms 53.032 ms
11 211.151.104.6 (211.151.104.6) 39.585 ms 39.502 ms 39.598 ms
12 211.151.111.30 (211.151.111.30) 35.161 ms 35.938 ms 36.005 ms

The records start from 1 according to the sequence number. Each record is a hop, and each hop represents a gateway. We see that each line has three times, the unit is ms, which is actually the default parameter of -q. After the detection packet sends three packets to each gateway, the time it takes for the gateway to respond; if you use traceroute -q 4 www.58.com, it means sending 4 packets to each gateway.

Sometimes when we traceroute a host, we will see some lines represented by asterisks. When this happens, it may be that the firewall blocks the ICMP return information, so we cannot get any relevant packet return data.

Sometimes we have a long delay at a certain gateway. It may be that a certain gateway is blocked, or it may be due to the physical device itself. Of course, if there is a DNS problem on a certain machine and the host name and domain name cannot be resolved, there will also be a long delay; you can add the -n parameter to avoid DNS resolution and output the data in IP format.

If it is between different network segments in the LAN, we can use traceroute to find out whether the problem is with the host or the gateway. If we encounter a problem when accessing a server remotely, we use traceroute to track the gateway that the data packet passes through, and submit it to the IDC service provider, which will also help solve the problem; but at present, it seems that it is difficult to solve such problems in China. Yes, even if we find the problem, it is impossible for the IDC service provider to help us solve it.

Hop count setting

[root@localhost ~]# traceroute -m 10 www.baidu.com
traceroute to www.baidu.com (61.135.169.105), 10 hops max, 40 byte packets
  1 192.168.74.2 (192.168.74.2) 1.534 ms 1.775 ms 1.961 ms
  2 211.151.56.1 (211.151.56.1) 0.508 ms 0.514 ms 0.507 ms
  3 211.151.227.206 (211.151.227.206) 0.571 ms 0.558 ms 0.550 ms
  4 210.77.139.145 (210.77.139.145) 0.708 ms 0.729 ms 0.785 ms
  5 202.106.42.101 (202.106.42.101) 7.978 ms 8.155 ms 8.311 ms
  6 bt-228-037.bta.net.cn (202.106.228.37) 772.460 ms bt-228-025.bta.net.cn (202.106.228.25) 2.152 ms 61.148.154.97 (61.148.154.97) 772.1 07 ms
  7 124.65.58.221 (124.65.58.221) 4.875 ms 61.148.146.29 (61.148.146.29) 2.124 ms 124.65.58.221 (124.65.58.221) 4.854 ms
  8 123.126.6.198 (123.126.6.198) 2.944 ms 61.148.156.6 (61.148.156.6) 3.505 ms 123.126.6.198 (123.126.6.198) 2.885 ms
  9  * * *
10 * * *

Some other examples

traceroute -m 10 www.baidu.com # Hop count setting
traceroute -n www.baidu.com # Display the IP address without checking the host name
traceroute -p 6888 www.baidu.com # Set the basic UDP port used by the detection packet to 6888
traceroute -q 4 www.baidu.com # Set the number of detection packets to the value 4
traceroute -r www.baidu.com # Bypass the normal routing table and send directly to the host connected to the network
traceroute -w 3 www.baidu.com # Set the waiting response time for outgoing detection packets to 3 seconds