Every operating system comes with small utilities that help you identify network connections. One such utility is Ubuntu traceroute (known as “tracert” in Windows). Traceroute lets you see how your traffic leaves your computer, bounces off of each router and reaches its destination. It’s a great diagnostic tool if you aren’t able to reach a certain website or network computer. It can help you identify if it’s your network or a remote router that isn’t working properly.
One issue to take into consideration when performing your traceroute command and diagnostics is that some hosts throttle the amount of ICMP packets that can be sent from a single host within a certain amount of time. ICMP packets are the basic data that are sent when you use the ping or traceroute commands. If a host limits packets, you could get timeouts or dropped packets without there being anything wrong with your network connectivity.
Basic Traceroute Information
When you run traceroute, you basically use the “traceroute” command with an IP address or a fully qualified domain name such as “google.com.” The utility displays several columns of information as the data packet traverses the web.
The first section of information tells you how long it takes for the packet to reach its destination. The last section displays the “hop” that the packet reached. A hop is usually a router. The Internet and your network are connected through a series of routers. Your network data packets must traverse these routers until it reaches your destination. Usually, the destination is a web server, and the web server then returns the data packets that lead to the rendering of your web pages.
If the left section with all of the time (shown in milliseconds) is too high, then your web pages might render extremely slow. If you are connecting to another network computer, file transfers might be slow. If the connection is too slow, you can drop packets and the data corrupts. When you try to connect to a web page when this happens, you might get time outs or the entire web page might not fully render.
In some cases, the traceroute utility displays a timed out message. Some router administrators can block the ability to use this tool properly with the router configurations. It’s a security protection technique to block the pinging ability on a router. You’ll see several hops until you see the intended destination. The time it takes for each hop gets increasingly larger, because your packets are hopping farther from your current location until it reaches the destination server.
Running a basic traceroute command gives you the basic printout for your review, but you can add several switches to the command to view additional information. The first and probably the most common option is the “-p” switch. This option switches the port. There are several thousand possible ports for hardware to “listen” on. You can determine if a certain application is running on a target router or server using its port. Most applications run on a specific host, so a return or answer from the hardware based on port can sometimes help you determine if the hardware is properly configured. For instance, port 53 is the DNS port. If you want to determine if the DNS service is running, you can use the traceroute function on that particular port.
Sometimes you might only want to see IP addresses and not host names. You can use the “-n” switch to only view IP addresses without the fully qualified host names. This is useful if you want to view IPs and link them back to an owner or view other services running on that particular hardware.
There is also the “-O” switch. This switch is helpful when you want to identify who owns the hardware for each hop. The O switch does a DNS lookup, then reports back to you. A DNS lookup switch reports the owner listed in the SOA record.
Using the “-a” switch, you can abort any transfers that take more than 10 milliseconds. This switch is useful if you want to identify any slow connections or want to abort any long transfers that you can eliminate as possible routes for your Internet traffic. Again, you might run across router administrators who throttle ICMP packets, and this will abort ping requests if the routers start dropping your requests.
You can also test the “time to live” (TTL) value. This value determines how long the packet will “live” until it times out. The default is set to 1. Remember, this is set in minutes and not seconds or milliseconds, so you need to take this into consideration when choosing your TTL value.
How Traceroute Can Help You
Traceroute is one of the most useful tools when you have network problems. For instance, suppose you can sometimes access a website but other times you can’t. How do you know where the problem stems from? Using traceroute, you can send data packets to the target website and identify which router is not functioning properly. You can’t normally fix the problem unless you are a network administrator for the system, but it helps you eliminate that the problem stems from your own computer hardware or ISP.
You’ll need to understand traceroute if you decide to jump into the network administration industry. This tool will be a part of your technical arsenal when assigned to fixing problems.