Through traceroute we can know what path the information takes from your computer to the host on the other end of the Internet. Of course, each time the data packet travels from the same source to the same destination, the path may be different, but basically the route taken is the same most of the time. In linux system, we call it traceroute, in MS Windows it is tracert. traceroute measures how long it takes by sending small packets to the destination device until it returns. Each device traceroute on a path needs to be tested 3 times. The output includes the time (ms) for each test and the name of the device (if any) and its IP address.
In most cases, we will execute the command line directly under the linux host system:
traceroute hostname
In Windows, the command to execute tracert is:
tracert hostname
1. Command format:
traceroute[parameter][host]
2. Command function:
The traceroute command allows you to trace the routing of network packets. The default packet size is 40Bytes, which can be set by the user.
Specific parameter format: traceroute [-dFlnrvx] [-f<survival value>][-g<gateway>...][-i<network interface>][-m<survival value>][-p<communication port> ][-s<source address>][-t<service type>][-w<timeout seconds>][hostname or IP address][packet size]
3. Command parameters:
-d Use socket-level debugging.
-f Set the size of the first detection packet's keepalive value TTL.
-F Set the do not leave bit.
-g Set source routing gateway, up to 8 can be set.
-i Send out packets using the specified network interface.
-I Use ICMP responses instead of UDP data messages.
-m Set the size of the maximum survival value TTL of the detection packet.
-n Use the IP address directly instead of the hostname.
-p Set the communication port of the UDP transport protocol.
-r Ignore the normal Routing Table and send the packet directly to the remote host.
-s Set the IP address of the outgoing packet from the local host.
-t Set the TOS value of the detection packet.
-v Displays the execution process of the command in detail.
-w Sets the time to wait for the remote host to report back.
-x Enables or disables correctness checking of packets.
4. Example of use:
Example 1: Simple and most common usage of traceroute
Order:
traceroute www.baidu.com
output:
illustrate:
The records start from 1 according to the serial number, each record is a hop, and each hop represents a gateway. We see that each line has three times, the unit is ms, which is actually the default parameter of -q. After the probe packet sends three packets to each gateway, the gateway returns the response time; if you use traceroute -q 4 www.58.com , it means that 4 packets are sent to each gateway.
Sometimes when we traceroute a host, we see some lines represented by asterisks. In such a situation, it may be that the firewall has blocked the return information of ICMP, so we can't get any relevant packet return data.
Sometimes we have a long delay at a certain gateway. It may be that a certain gateway is blocked, or it may be the reason of the physical device itself. Of course, if there is a problem with a certain DNS, and the host name and domain name cannot be resolved, there will also be a long delay; you can add the -n parameter to avoid DNS resolution and output data in IP format.
If it is between different network segments in the LAN, we can use traceroute to troubleshoot the problem, whether it is the host or the gateway. If we encounter a problem when accessing a server remotely, we use traceroute to track the gateway that the data packet passes through and submit it to the IDC service provider, which can also help solve the problem; but it seems that it is difficult to solve such a problem in China at present. Yes, that is, we found the problem, and the IDC service provider could not help us solve it.
Example 2: Hop count setting
Order:
traceroute -m 10 www.baidu.com
output:
illustrate:
Example 3: Display the IP address without checking the host name
Order:
traceroute -n www.baidu.com
output:
traceroute to www.baidu.com (61.135.169.125), 30 hops max, 40 byte packets
1 211.151.74.2 5.430 ms 5.636 ms 5.802 ms
2 211.151.56.57 0.627 ms 0.625 ms 0.617 ms
3 211.151.227.206 0.575 ms 0.584 ms 0.576 ms
4 210.77.139.145 0.703 ms 0.754 ms 0.806 ms
5 202.106.42.101 23.683 ms 23.869 ms 23.998 ms
6 202.106.228.37 247.101 ms * *
7 61.148.146.29 5.256 ms 124.65.58.213 4.386 ms 4.373 ms
8 202.106.35.190 1.610 ms 61.148.156.138 1.786 ms 61.148.3.34 2.089 ms
9 * * *
30 * * *
[root@localhost ~]# traceroute www.baidu.com
traceroute to www.baidu.com (61.135.169.125), 30 hops max, 40 byte packets
1 211.151.74.2 (211.151.74.2) 4.671 ms 4.865 ms 5.055 ms
2 211.151.56.57 (211.151.56.57) 0.619 ms 0.618 ms 0.612 ms
3 211.151.227.206 (211.151.227.206) 0.620 ms 0.642 ms 0.636 ms
4 210.77.139.145 (210.77.139.145) 0.720 ms 0.772 ms 0.816 ms
5 202.106.42.101 (202.106.42.101) 7.667 ms 7.910 ms 8.012 ms
6 bt-228-025.bta.net.cn (202.106.228.25) 2.965 ms 2.440 ms 61.148.154.97 (61.148.154.97) 431.337 ms
7 124.65.58.213 (124.65.58.213) 5.134 ms 5.124 ms 5.044 ms
8 202.106.35.190 (202.106.35.190) 1.917 ms 2.052 ms 2.059 ms
9 * * *
30 * * *
[root@localhost ~]#
illustrate:
Example 4: Basic UDP port setting 6888 used by probe packets
Order:
traceroute -p 6888 www.baidu.com
output:
illustrate:
Example 5: Set the number of probe packets to a value of 4
Order:
traceroute -q 4 www.baidu.com
output:
illustrate:
Example 6: Bypass the normal routing table and send directly to the network connected host
Order:
traceroute -r www.baidu.com
output:
traceroute to www.baidu.com (61.135.169.125), 30 hops max, 40 byte packets
connect: network unreachable
[root@localhost ~]#
illustrate:
Example 7: Set the waiting response time for outgoing probe packets to 3 seconds
Order:
traceroute -w 3 www.baidu.com
output:
illustrate:
How Traceroute works:
The simplest basic usage of Traceroute is: traceroute hostname
The Traceroute program is designed to use the TTL (Time To Live) field of the ICMP and IP headers. First, traceroute sends an IP datagram with a TTL of 1 (in fact, each time it sends three 40-byte packets, including the source address, destination address and the time label when the packet is sent) to the destination, when the first packet on the path When a router receives this datagram, it decrements the TTL by 1. At this point, the TTL becomes 0, so the router will discard this datagram and send back an "ICMP time exceeded" message (including the source address of the IP packet, all contents of the IP packet and the IP address of the router), traceroute After receiving this message, you know that this router exists on this path, and then traceroute sends another datagram with TTL of 2, and finds the second router... traceroute adds 1 to the TTL of the sent datagram each time to discover another router, and this repetition continues until a datagram arrives at its destination. When the datagram reaches the destination, the host will not send back the ICMP time exceeded message, because it is already the destination, so how does traceroute know that the destination has arrived?
When Traceroute sends UDP datagrams to the destination, the port number it chooses to deliver is a number (above 30000) that general applications will not use, so when the UDP datagram reaches the destination, the host will send back a " ICMP port unreachable" message, and when traceroute receives this message, it knows that the destination has been reached. So traceroute does not have the so-called Daemon program on the Server side.
Traceroute extracts the IP address of the device that sends the ICMP TTL expiration message and performs domain name resolution. Each time, Traceroute prints out a series of data, including the domain name and IP address of the routing device it passes through, and the time it takes for the three packets to go back and forth each time.
tracert of windows:
Format:
tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] target_name
Parameter Description:
tracert [-d] [-h maximum_hops] [-j computer-list] [-w timeout] target_name
The diagnostic utility determines the route to the destination by sending Internet Control Message Protocol (CMP) echo messages with different time-to-live (TL) to the destination. Each router on the path must decrement its TTL value by at least 1 before forwarding the ICMP echo, so the TTL is a valid hop count. When the TTL value of the packet is reduced to 0, the router sends back ICMP timeout information to the source system. Tracert can determine the route by sending the first reply with a TTL of 1 and incrementing the TTL value by 1 each time in subsequent transmissions until the target responds or the maximum TTL value is reached. Routers can be identified by examining the ICMP timeout (ime Exceeded) messages sent back by intermediate routers. Note that some routers "quietly" drop time-to-live (TLS) expired packets and have no effect on tracert.
parameter:
-d Specifies not to resolve addresses for computer names.
-h maximum_hops Specifies the maximum number of hops to find the target.
-jcomputer-list Specifies loose source routing in computer-list.
-w timeout Wait the number of milliseconds specified by timeout for each reply.
target_name The name of the target computer.
Example:
Tracing route to www.58.com [221.187.111.30]
over a maximum of 30 hops:
1 1 ms 1 ms 1 ms 10.58.156.1
2 1 ms <1 ms <1 ms 10.10.10.1
3 1 ms 1 ms 1 ms 211.103.193.129
4 2 ms 2 ms 2 ms 10.255.109.129
5 1 ms 1 ms 3 ms 124.205.98.205
6 2 ms 2 ms 2 ms 124.205.98.253
7 2 ms 6 ms 1 ms 202.99.1.125
8 5 ms 6 ms 5 ms 118.186.0.113
9 207 ms * * 118.186.0.106
10 8 ms 6 ms 11 ms 124.238.226.201
11 6 ms 7 ms 6 ms 219.148.19.177
12 12 ms 12 ms 16 ms 219.148.18.117
13 14 ms 17 ms 16 ms 219.148.19.125
14 13 ms 13 ms 12 ms 202.97.80.113
15 * * * Request timed out.
16 12 ms 12 ms 17 ms bj141-147-82.bjtelecom.net [219.141.147.82]
17 13 ms 13 ms 12 ms 202.97.48.2
18 * * * Request timed out.
19 14 ms 14 ms 12 ms 221.187.224.85
20 15 ms 13 ms 12 ms 221.187.104.2
21 * * * Request timed out.
22 15 ms 17 ms 18 ms 221.187.111.30
Trace complete.