Table of Contents
What is Traceroute?
Along with the Ping command, traceroute is a command that is often used to verify end-to-end communication with ICMP. Traceroute is a command used to verify the communication path to a specified IP address, i.e., what routers are to be traversed to get to the specified IP address.
How traceroute works (Cisco)
Traceroute works by using ICMP time exceeded messages to find out the IP address of the router on the communication path.
When executing traceroute with the destination IP address, the IP packet is first sent with TTL=1. Then the first router sets TTL=0 and discards the IP packet. The discarded router sends an ICMP time exceeded message. This gives the IP address of the first router on the route to the destination.
Next, sending an IP packet to the destination with TTL=2 will result in an ICMP time exceeded message from the second router on the route. Thus, by increasing the TTL value and sending IP packets to the destination IP address, the IP address of the router on the route will be known.
The Cisco implementation uses UDP datagrams for traceroute. The route to the destination IP address can be verified by gradually increasing the TTL in the IP header with the destination port number as 33434. When the router on the intermediate route discards the packet when the TTL reaches 0, it sends an ICMP time exceeded message to the device that performed the traceroute.
At the destination of the final traceroute, the packet is discarded because it is not using UDP port 33434. It then sends the ICMP unreachable message Port Unreachable to the source device.
Windows sends ICMP echo request messages instead of UDP datagrams for traceroute. The final destination for the traceroute will return an ICMP echo response message.
Tracert command(Windows)
On Windows OS, you can execute traceroute by typing the following command at the command prompt.
Windows tracert command
C:\tracert <IP address or hostname>
The following is an example of the results of executing traceroute to Google’s web servers.
C:\Users\gene>tracert www.google.co.jp Tracing route to www.google.co.jp [216.58.220.131] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms 192.168.1.1 2 1 ms <1 ms <1 ms 172.31.1.1 3 5 ms 3 ms 3 ms ike-bbrt10.transix.jp [14.0.9.153] 4 5 ms 5 ms 4 ms 72.14.214.173 5 5 ms 4 ms 3 ms 142.251.233.137 6 6 ms 4 ms 4 ms 108.170.237.93 7 4 ms 3 ms 3 ms nrt20s17-in-f3.1e100.net [216.58.220.131] Trace complete.
Traceroute sends three packets each by default.
The IP address of Google's web server is current at the time of writing; IP addresses are subject to change.
traceroute command (Cisco)
Traceroute for Cisco devices uses the following commands
traceroute Cisco IOS
#traceroute <ip-address|hostname>
A sample Cisco traceroute command is shown below.
R6#traceroute 181.1.0.1 Type escape sequence to abort. Tracing the route to 181.1.0.1 1 160.1.26.2 32 msec 36 msec 32 msec 2 160.1.12.1 36 msec 32 msec *
The following table shows the results and meaning of the traceroute command.
Displayed Result | Meaning |
---|---|
nn msec | Round trip time in msec for each host on the route |
* | Probe Time out |
A | Administratively prohibited by access lists, etc. |
Q | Source quench message received because destination is busy |
U | Port Unreachable |
H | Host Unreachable |
N | Network Unreachable |
P | Protocol Unreachable |
? | Unknow error |
The extended traceroute command allows you to flexibly specify the parameters of the packet when performing a traceroute; executing the traceroute command without specifying an IP address or host name is an extended traceroute.
The following is an example of executing the extended traceroute command.
R2#traceroute Protocol [ip]: Target IP address: 10.3.3.3 Source address: Numeric display [n]: Timeout in seconds [3]: Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 10.3.3.3 1 192.168.23.3 20 msec * 16 msec
The following table summarizes the parameters specified in the extended traceroute command.
Parameters | Meaning |
---|---|
Protocol [ip] | Layer 3 Protocol |
Target IP address | Destination IP address |
Source address | Source IP address or interface |
Numeric display [n] | Display IP address only |
Timeout in seconds [3] | Timeout seconds |
Probe count [3] | Number of probe packets sent by Traceroute |
Minimum Time to Live [1] | Minimum TTL |
Maximum Time to Live [30] | Maximum TTL |
Port Number [33434] | UDP Port number of probe packet |
Loose,Strict, Record, Timestamp, Verbose [none] | IP Header options |
Values in [] are default values
As shown in this table, the extended traceroute command allows you to specify the source IP address, interface, and TTL value.
TCP/IP
- IP(Internet Protocol) : The Most Important Data Transfer Protocol
- Ping “Will the data be transfered properly?”
- Ping command on Windows OS
- Traceroute : Which router does the data go through?
- ICMP Redirect
- Where’s the Trouble? Ping and Traceroute
- ARP(Address Resolution Protocol)
- ARP Format
- Gratuitous ARP(GARP)
- nslookup command : Verifying DNS name resolution
- DHCP : Automatically Assign IP Address
- Cisco IOS DHCP Server Configuration and Verification Commands
- Cisco Router DHCP Server Configuration Example
- DHCP Relay Agent
- DHCP Relay Agent Configuration Example [Cisco]
- Summary of DHCP Server Placement
- TCP/IP Configuration Summary
- ipconfig command : To verify TCP/IP configurations on Windows OS
- Commands to Verify TCP/IP Configuration On Linux (Ubuntu)
- Web Proxy Server
- FTP : Representative File Transfer Protocol
- TFTP(Trivial File Transfer Protocol)
- TFTP Client on Windows10/11