traceroute is a tool used to detect the number of gateways passed between the originating host and the destination host. The principle of traceroute is to try to send out a probe packet with the smallest TTL to trace the gateway through which the data packet reaches the target host, and then listen for a reply from the gateway ICMP. The size of the send packet defaults to 38 bytes.
Through traceroute we can know what path the information takes from your computer to the host on the other end of the Internet. Of course, each time the data packet travels from the same source to the same destination, the path may be different, but basically the route taken is the same most of the time. In linux system, we call it traceroute, in Windows it is tracert. traceroute measures how long it takes by sending small packets to the destination device until it returns. Each device traceroute on a path needs to be tested 3 times. The output includes the time (ms) for each test and the name of the device (if any) and its IP address.
In most cases, we will execute the command line directly under the linux host system:
traceroute hostname
In Windows, the command to execute tracert is:
tracert hostname
Example:
Copy code
[c:~]$ tracert www.baidu.com
Trace the route to www.a.shifen.com [119.75.217.109] through up to 30 hops :
1 1 ms 1 ms 3 ms 113.44.96.1
2 2 ms 2 ms 1 ms 113.44.96.1
3 3 ms 3 ms 2 ms 218.241.253.97
4 3 ms 3 ms 3 ms 14.197.178.41
5 3 ms 7 ms 3 ms 14.197.249.122
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 8 ms 5 ms 3 ms 119.75.217.109
Tracking is complete.
The copy code
indicates that www.baidu.com (119.75.217.109) can be accessed through 9 routes.
illustrate:
The records start from 1 according to the serial number, each record is a hop, and each hop represents a gateway. We see that each line has three times, the unit is ms, which is actually the default parameter of -q. After the probe packet sends three packets to each gateway, the gateway returns the response time; if you use traceroute -q 4 www.58.com, it means that 4 packets are sent to each gateway.
Sometimes when we traceroute a host, we see some lines represented by asterisks. In such a situation, it may be that the firewall has blocked the return information of ICMP, so we can't get any relevant packet return data. (If the router does not support the ICMP protocol, the corresponding result will display an asterisk)
Sometimes we have a long delay at a certain gateway. It may be that a certain gateway is blocked, or it may be the reason of the physical device itself. Of course, if there is a problem with a certain DNS, when the host name and domain name cannot be resolved, there will also be a long delay; you can add the -n parameter to avoid DNS resolution and output data in IP format.
If it is between different network segments in the LAN, we can use traceroute to troubleshoot the problem, whether it is the host or the gateway. If we encounter a problem when accessing a server remotely, we use traceroute to track the gateway that the data packet passes through and submit it to the IDC service provider, which can also help solve the problem; but it seems that it is difficult to solve such a problem in China at present. Yes, that is, we found the problem, and the IDC service provider could not help us solve it.
Note: The traceroute www.baidu.com under ubuntu is all ×, but the ping is available. This is mainly because the default traceroute under ubuntu sends UDP packets, and the parameter -I (using ICMP packets) should be added, traceroute -I www. baidu.com.