traceroute Command: Tutorial & Examples
Display the network path to a host
traceroute command is a command-line utility used to trace the path that network packets take from the source host to a destination host. It works by sending packets with
increasingly high "time to live" (TTL) values and monitoring the responses that are returned. The basic syntax of the command is
traceroute [options] hostname.
traceroute is run, it sends a series of packets to the destination host with a TTL value of 1. The first router in the path decrements the TTL value by 1, discarding the
packet and sending an ICMP Time Exceeded message back to the source host.
traceroute then repeats the process, incrementing the TTL value by 1 each time, until the destination
host is reached.
As the packets are passed through each router, the IP address of the router and the time it takes for the packet to pass through that router is recorded. This information is then displayed, showing the route taken by the packets and the amount of time it took to pass through each router.
Here is an example of what the output of the
traceroute command might look like when run on a Linux system:
traceroute www.example.com traceroute to www.example.com (192.0.2.1), 30 hops max, 60 byte packets 1 192.168.1.1 (192.168.1.1) 1.936 ms 1.811 ms 1.828 ms 2 10.1.1.1 (10.1.1.1) 4.902 ms 4.874 ms 4.859 ms 3 10.2.2.2 (10.2.2.2) 9.732 ms 9.706 ms 9.689 ms 4 18.104.22.168 (22.214.171.124) 15.782 ms 15.766 ms 15.749 ms 5 126.96.36.199 (188.8.131.52) 20.741 ms 20.724 ms 20.707 ms 6 184.108.40.206 (220.127.116.11) 25.689 ms 25.672 ms 25.655 ms 7 18.104.22.168 (22.214.171.124) 30.637 ms 30.620 ms 30.603 ms 8 126.96.36.199 (188.8.131.52) 35.585 ms 35.568 ms 35.551 ms 9 192.0.2.1 (192.0.2.1) 40.534 ms 40.517 ms 40.500 ms
In this example, the
traceroute command is run to trace the path from the source host to the destination host
www.example.com with IP address
192.0.2.1. The output shows that
the packet passed through 9 routers to reach the destination host. Each line of the output shows the hop number, the IP address of the router, and the time it took for the packet
to pass through that router.
The first hop is the router at IP address
192.168.1.1, which took 1.936 milliseconds to pass through. The second hop is the router at IP address
10.1.1.1, which took 4.902
milliseconds to pass through. This continues until the final hop, which is the destination host itself.
It is important to note that the traceroute will not reach the final destination if there is a firewall in the path that blocks ICMP packets, in that case a
* will be shown in
the output to indicate that the packet was not received.
-I option can be used to use ICMP ECHO instead of UDP datagrams, which is useful when the destination host has firewalls that block UDP traffic. The
-m option can be used
to set the maximum number of hops to search for the target, and
-w option can be used to set the time to wait for a response before giving up.
traceroute is a useful tool for troubleshooting network problems, as it can help identify the specific router or link that is causing a problem. It is also useful for
understanding the path that network traffic takes through a network and for measuring the performance of different parts of a network.