What is Traceroute? A Definition with Helpful Examples

The internet is a complex collection of network devices and servers that are interconnected through gateways. If a network error occurs as a result of data loss or delay, finding an IP packet path or discovering a faulty gateway can be difficult. A traceroute can help troubleshoot internet-related problems. In this article, you'll find out what a traceroute is and how it works. You'll also see some helpful examples.

What is a traceroute

Traceroute is a utility that allows you to see the route of an IP packet. Simply put, a traceroute sends packets to a destination and then measures how long it takes them to return. Using this information, the traceroute builds a map of the network between the source and destination.

A traceroute can help you discover the path that packets take from your computer to a specific destination—for example, your favorite website. It can show you where in the network the problem occurs. You can execute a traceroute from the command line.

Now that you have a basic understanding of what a traceroute is, it's time to take a look at how it operates.

How a traceroute works

Traceroute uses internet control message protocol (ICMP) packets to determine where in the network a packet fails. The most common use of ICMP is to notify about problems in packets.

When you run traceroute, it sends a series of packets to the destination. The command increments the TTL (time-to-live, or maximum number of hops) value of the probe packet by one with each successive packet. The TTL defines the maximum number of hops per packet.

When a packet travels through the network, each router decrements one from the TTL value until it reaches zero. The router then sends back an ICMP TIME_EXCEEDED response message if the TTL value reaches zero. The command sends packets regularly throughout the path to a target host. The traceroute command records the time it takes for each packet to return to the host and determine how far away each router is from the source.

Why this is useful

Imagine that you're trying to request some information from a faraway server

  • This communication starts by sending a packet from your computer to your local router.
  • From there, the router sends it to you through an intermediary router of your ISP's network. This second router takes the packet to your ISP's regional network.
  • From there, it goes through a series of routers before arriving at an internet backbone router.
  • Finally, this packet reaches another ISP's router, which sends it to another router until it reaches its destination. It'd follow the same path to return the data.

What if you had some sort of issue with your ISP's network? In that case, it could interfere with this process. For example, there might be a problem at one of their servers or routers along the route. Or maybe the packets were routed through an overloaded shared line. Either way, you have a problem because your data is delayed and doesn't reach its destination within the expected time.

Using a traceroute, you can identify each server along the route that receives your IP packet. You can also determine the round-trip delay between the probe host and each relay. This allows you to easily identify weak nodes that are affecting your network performance and the response time of each hop along the way

Now, you can figure out how to optimize your network setup to decrease response times in your application, service, or website by following the actual route between a server and your computer.

How to use a traceroute

Now that you have a better understanding of traceroute, it's time to talk about how you can use it. If you wanted to track the journey of a packet from your computer to a host, such as www.google.com, you could enter the command as below:

traceroute -m 30 google.com 60

Please note you need to provide the host name or IP address of your destination server as a mandatory parameter to this command. Here -m 30 is used to specify 30 hops to be shown, and 60 sets the byte size of each packet.

Traceroute options

The traceroute command offers several options. Using these, you can troubleshoot connectivity issues or simply learn how the internet works. Here are the most useful options.

  • -p <port>: It allows you to specify a certain port to probe on each hop.
  • -n : This option prevents the traceroute from resolving the hostnames of each hop.
  • -m <max_ttl> : This option sets how many hops (max_ttl) appear on the final results page.
  • -i <ip address or hostname>: This option sets the source IP address for the traceroute.
  • -w : This option sets a timeout value for each hop in seconds. The default is five seconds.
  • -z <pause milliseconds>: This option allows you to add a delay in milliseconds between probes.

Some of these options are better for troubleshooting purposes than others. For example, using -w can be useful for finding routers that take a long time to respond. However, it works only on routers that support this functionality.

Here's what the output would look like.

$ traceroute -m 30 google.com 60
traceroute to google.com (142.250.196.46), 30 hops max, 60 byte packets
1 192.168.1.1 (192.168.1.1) 14.795 ms 8.726 ms 3.030 ms
2 abts-ap-static-1.16.230.223.airtelbroadband.in (223.230.16.1) 5.493 ms 5.368 ms 5.398 ms
3 59.144.94.165 (59.144.94.165) 5.048 ms
59.144.94.157 (59.144.94.157) 5.035 ms 5.693 ms
4 * 182.79.177.69 (182.79.177.69) 21.320 ms
182.79.142.220 (182.79.142.220) 33.119 ms
5 72.14.216.192 (72.14.216.192) 18.078 ms 72.14.208.234 (72.14.208.234) 16.304 ms
72.14.216.192 (72.14.216.192) 32.955 ms
6 * * *
7 142.251.55.240 (142.251.55.240) 28.009 ms
216.239.56.70 (216.239.56.70) 19.272 ms
142.250.233.144 (142.250.233.144) 19.097 ms
8 142.251.55.31 (142.251.55.31) 17.270 ms 16.503 ms
74.125.242.130 (74.125.242.130) 16.485 ms
9 108.170.253.113 (108.170.253.113) 18.863 ms 18.835 ms
maa03s45-in-f14.1e100.net (142.250.196.46) 16.906 ms

Explanation

The output lists every router that the packet goes through on its journey to www.google.com. The listed hops are ordered in terms of how close they are to your computer, the first hop being the closest. This is a useful way to identify the general location of an issue within your ISP's network.

The output of the traceroute command will list every router in the path between your computer and the target host. It'll also specify how long each leg of the journey took. You can view how long each packet took to travel as well as any errors that were encountered.

It's possible that a node isn't sending any TIME_EXCEEDED packets back to the source. This could be for security reasons. These nodes can only relay the packet but will not respond with any information about their network identity. A traceroute uses the asterisk symbol ( * ) to indicate such sensitive information.

There are also some routers that disallow traceroute requests. Usually, this is because they're used for hosting web pages or other security-sensitive services.

Troubleshoot with traceroute

You can use the traceroute command to help identify the problem. A traceroute can help you determine if there's a problem with your internet connection, the website you're trying to reach, or an intermediary.

The output of the traceroute command can help you to troubleshoot and fix networking problems. You can also use the traceroute command to diagnose problems with your computer's network adapter.

Another useful strategy is to try running a traceroute from multiple computers connected to the same ISP (internet service provider). If you get a different result when using two or more devices, then it's likely that your ISP has issues with congestion or routing in their network. In that case, you may need to contact your ISP for support.

The problem with traceroute

While the traceroute command is extremely useful, it does have its limits. Traceroute also has issues with showing latency. This is because it measures only the time that a packet takes to travel each leg of the journey, not the time that it actually spends in transit. The latter is far more reliable when trying to troubleshoot issues.

Conclusion

The traceroute command is a great tool for diagnosing problems and figuring out where they're coming from. Therefore, whenever you encounter a problem in your network connection, a traceroute should be one of the first things you run. It also provides several command options to troubleshoot issues.

Was this article helpful?
Network monitoring made simple

Easily administer network devices, monitor traffic, and manage device configurations in one place.

Related Articles

Write For Us

Write for Site24x7 is a special writing program that supports writers who create content for Site24x7 "Learn" portal. Get paid for your writing.

Write For Us

Write for Site24x7 is a special writing program that supports writers who create content for Site24x7 “Learn” portal. Get paid for your writing.

Apply Now
Write For Us