traceroute is a useful command-line utility in your troubleshooting arsenal and is used to show the path taken over an IP network from source to destination. It will also tell us the delays to each router hop and, if configured, the DNS name of all the indeterminate routers. The utility is included in every operating system’s IP stack. In Linux it is traceroute and in Windows, tracert. IPv6 is supported with the traceroute6 and tracert6 commands. PathPing is a utility introduced with Windows NT that combines ping and traceroute functionality. While ping is used to test the reachability of a specific device, traceroute will show the actual path taken. It’s often used to determine where network hops are failing and to find network latency issues.
The traceroute utility will display three values including the hop count, which is the number of the hop along the route; the round-trip time (RTT), which is three columns that measure the round-trip time for the test packet to reach that point and return to your computer; and the domain/IP column, which shows the IP address or DNS name of the router.
Most Linux operating systems send a string of UDP packets with a range of port numbers from 33434 to 33534. There are Unix and Linux variants that allow you to specify that ICMP be used instead of UDP. Windows uses ICMP as its default. Be aware that firewalls along the path may block ping and traceroute as well as other utilities that will not send any replies.
Time-stamp values returned for each router in the source to destination path display latency values; these delay values are measured in milliseconds for each packet received by the utility. If a packet is not acknowledged within the expected interval, an asterisk will be used instead of the time value.
The time-to-live determines the hop limit and allows traceroute to find the intermediate routers. It sends packets with a TTL value set to 1 to the first router in the path. The router always decrements the TTL by 1; in this case it will be 0, which tells the router that the packet has expired. It also returns the ICMP error message “ICMP Time Exceeded” to the source and drops the packet. This allows the utility to record the router. Next it will send a packet with a TTL value of 2 and learn about the second router in the path as it will also reply with the ICMP reply since the first and second routers have decremented the TTL field in the packet and it’s now 0. This process continues until the destination is reached.
In the Cisco IOS command line, traceroute also uses a UDP with the common incrementing TTL values and uses UDP 33434 as its default. Cisco also has an extended traceroute option where you can modify parameters such as the port number used by UDP.
Figure 7.8 shows an example of using the tracert utility with Windows PowerShell.
Acedexam Training Policies
Learning resources
Other resources
Our Training Providers
