DNSLOOKUP
Docs
Network Tools
Traceroute
Back to Network Tools

Traceroute

Traceroute is a network diagnostic tool that shows the route taken by packets across an IP network and measures transit delays. It helps visualize the path that data takes from your computer to a destination server, identifying each hop along the way and potential bottlenecks in the network.

Traceroute Tool

Our Traceroute tool helps you visualize the path that network packets take to reach a destination and identify potential bottlenecks.

Use Traceroute Tool

What is Traceroute?

Traceroute (called "tracert" in Windows) is a network diagnostic tool that maps the journey that data packets take from your computer to a destination server. It shows each router (or "hop") along the path and measures the time it takes for packets to travel to each hop.

This tool is invaluable for network troubleshooting as it helps identify where delays or packet loss occur in a network connection. By showing the complete path that data takes, traceroute can pinpoint specific routers or network segments that might be causing connectivity issues.

Key Traceroute Metrics

  • Hop Number: The sequence number of each router in the path
  • Router IP Address: The IP address of each router along the path
  • Router Hostname: The hostname of the router (if available through reverse DNS lookup)
  • Round-Trip Time (RTT): The time it takes for a packet to reach the router and return, measured in milliseconds
  • Packet Loss: Indicated by asterisks (*) or timeouts, showing packets that didn't receive a response
  • Total Hops: The number of routers between your computer and the destination

How Traceroute Works

Traceroute works by sending packets with incrementally increasing Time-to-Live (TTL) values and analyzing the ICMP Time Exceeded messages that are returned. Here's a step-by-step explanation:

  1. Initial Packet with TTL=1: Traceroute sends a packet (typically UDP, ICMP, or TCP) with a TTL value of 1.
  2. First Router Decrements TTL: When the packet reaches the first router, the TTL is decremented to 0.
  3. Time Exceeded Message: Since the TTL is now 0, the router discards the packet and sends back an ICMP Time Exceeded message.
  4. Source Records First Hop: Traceroute records the IP address of the router that sent the Time Exceeded message and the time it took to receive the response.
  5. Increment TTL and Repeat: Traceroute then sends a packet with TTL=2, which will reach the second router before being discarded, and so on.
  6. Process Continues: This process continues with increasing TTL values until the packet reaches the destination or a maximum hop count is reached.
  7. Destination Reached: When the packet reaches the destination, the destination responds with an ICMP Port Unreachable message (for UDP), a TCP RST (for TCP), or an ICMP Echo Reply (for ICMP), depending on the traceroute implementation.

Traceroute typically sends three packets for each TTL value to provide more reliable measurements and to help identify inconsistent behavior.

Traceroute Implementations

Different operating systems and tools implement traceroute in slightly different ways:

Unix/Linux Traceroute

The traditional Unix/Linux traceroute uses UDP packets sent to high-numbered ports (typically 33434-33534). It expects to receive ICMP "port unreachable" messages when the packets reach the destination.

traceroute example.com

Windows Tracert

Windows uses ICMP Echo Request packets (the same as ping) instead of UDP. This can sometimes provide different results than the Unix/Linux implementation, especially when firewalls are involved.

tracert example.com

Modern Traceroute Variants

Modern traceroute implementations often provide options to use different protocols:

  • ICMP Traceroute: Uses ICMP Echo Request packets (like Windows tracert)
  • TCP Traceroute: Uses TCP SYN packets, which can sometimes bypass firewalls that block UDP or ICMP
  • UDP Traceroute: The traditional method using UDP packets
traceroute -I example.com # ICMP traceroute
traceroute -T example.com # TCP traceroute

Use Cases for Traceroute

Network Troubleshooting

When experiencing connectivity issues, traceroute can help identify where in the network path the problem is occurring. It can show if packets are being dropped at a specific router or if there are significant delays at certain points.

Identifying Network Bottlenecks

By analyzing the round-trip times between hops, traceroute can help identify routers or network segments that are introducing significant latency.

Verifying Network Paths

Traceroute can confirm that traffic is following the expected path through a network, which is useful for verifying routing configurations and policies.

Detecting Routing Loops

Traceroute can identify routing loops, where packets are being passed back and forth between the same routers indefinitely.

Network Mapping

By running traceroute to various destinations, network administrators can build a map of the network topology and understand how traffic flows through their infrastructure.

ISP Performance Monitoring

Traceroute can help monitor the performance of Internet Service Providers by showing how traffic is routed through their networks and identifying any consistent issues.

Interpreting Traceroute Results

Understanding traceroute output is crucial for effective network diagnostics. Here's how to interpret the results:

Sample Traceroute Output

traceroute to example.com (93.184.216.34), 30 hops max, 60 byte packets
 1  router.local (192.168.1.1)  1.234 ms  1.456 ms  1.789 ms
 2  isp-gateway.net (203.0.113.1)  12.345 ms  12.678 ms  12.901 ms
 3  isp-core-1.net (203.0.113.10)  15.678 ms  15.901 ms  16.234 ms
 4  isp-core-2.net (203.0.113.20)  20.345 ms  20.678 ms  20.901 ms
 5  isp-peer-1.net (198.51.100.1)  25.678 ms  25.901 ms  26.234 ms
 6  * * *
 7  backbone-router-1.net (198.51.100.10)  35.678 ms  35.901 ms  36.234 ms
 8  backbone-router-2.net (198.51.100.20)  40.345 ms  40.678 ms  40.901 ms
 9  example-edge-1.com (93.184.216.1)  45.678 ms  45.901 ms  46.234 ms
10  example.com (93.184.216.34)  50.345 ms  50.678 ms  50.901 ms

Understanding Each Column

  • Hop Number: The first column shows the hop number (1, 2, 3, etc.)
  • Router Information: The second column shows the hostname and IP address of the router
  • Round-Trip Times: The next three columns show the round-trip time for each of the three packets sent to that hop

Common Patterns and What They Mean

  • Asterisks (*): Indicate that no response was received for that packet. This could be due to packet loss, a firewall blocking the response, or a router configured not to send ICMP Time Exceeded messages.
    6 * * *
  • Increasing RTT: Round-trip times generally increase as the hop count increases, since each hop adds more distance and processing time.
    1 router.local (192.168.1.1) 1.234 ms ...
    2 isp-gateway.net (203.0.113.1) 12.345 ms ...
  • Significant RTT Jump: A large increase in RTT between consecutive hops can indicate a long-distance link, congestion, or a slow router.
    4 isp-core-2.net (203.0.113.20) 20.345 ms ...
    5 isp-peer-1.net (198.51.100.1) 125.678 ms ...
  • Varying RTT: Significant variation in RTT for the same hop can indicate network instability or congestion.
    3 isp-core-1.net (203.0.113.10) 15.678 ms 95.901 ms 16.234 ms
  • Same IP for Multiple Hops: Sometimes the same IP address appears for multiple consecutive hops, which can indicate load balancing or MPLS tunneling.
    5 core-router.net (198.51.100.1) 25.678 ms ...
    6 core-router.net (198.51.100.1) 26.345 ms ...

Common Traceroute Issues

Incomplete Paths

Some routers are configured not to send ICMP Time Exceeded messages or may have ICMP rate limiting enabled, resulting in missing hops in the traceroute output.

Firewall Blocking

Firewalls may block traceroute packets or their responses, leading to asterisks (*) in the output. Different traceroute implementations (UDP, ICMP, TCP) may have different success rates depending on firewall configurations.

Asymmetric Routing

Traceroute only shows the forward path from your computer to the destination. The return path may be different due to asymmetric routing, which can complicate troubleshooting.

Load Balancing

Networks often use load balancing, which can cause traceroute to show different paths for different packets or runs. This can make the results inconsistent and harder to interpret.

MPLS Networks

Multiprotocol Label Switching (MPLS) networks can hide the internal network topology, making traceroute less informative for troubleshooting within these networks.

Misleading RTT

Round-trip times can be misleading because routers may prioritize data packets over generating ICMP responses. A router might show high RTT not because the link is slow, but because the router is busy and deprioritizing ICMP responses.

Traceroute Best Practices

Try Different Protocols

If you're getting incomplete results, try different traceroute implementations (UDP, ICMP, TCP) as they may have different success rates depending on network configurations.

Run Multiple Traces

Network conditions can change over time, and load balancing can cause different paths to be taken. Run traceroute multiple times to get a more complete picture.

Combine with Other Tools

Use traceroute in conjunction with other network diagnostic tools like ping, MTR (My Traceroute), and pathping for a more comprehensive analysis.

Trace from Multiple Locations

If possible, run traceroute from different locations to get a better understanding of the network topology and to identify if issues are specific to certain paths.

Establish Baselines

Run traceroute when your network is functioning normally to establish baseline measurements. This makes it easier to identify abnormal behavior later.

Document Results

Keep records of traceroute results for comparison over time. This can help identify patterns or changes in network behavior.

Our Traceroute Tool

Our Traceroute tool provides a user-friendly interface for visualizing the path that network packets take, with features including:

  • Visual representation of the network path
  • Detailed information about each hop, including IP address, hostname, and RTT
  • Packet loss detection
  • Latency analysis
  • Geographical mapping of router locations (where available)
  • Historical comparison of traceroute results

To use our Traceroute tool:

  1. Enter a hostname or IP address in the input field
  2. Click the "Trace Route" button
  3. View the detailed traceroute results and path visualization
Use Traceroute Tool

Limitations Note

While traceroute is a valuable diagnostic tool, it has limitations. Some routers don't respond to traceroute packets, firewalls may block them, and the results can be affected by load balancing and asymmetric routing. Always interpret traceroute results in context and use them alongside other network diagnostic tools.

Next Steps

Explore our other network tools to diagnose and troubleshoot your network infrastructure:

PreviousNext
Edit this page on GitHub