Common Linux Network Tools: traceroute for Route Scanning

Source: Internet
Author: User

Common Linux Network Tools: traceroute for Route Scanning

The previous two articles "common Linux Network Tools: fping host scanning" and "common Linux Network Tools: hping advanced host scanning" are about host scanning, this article describes traceroute and mtr, a common route scanning tool in Linux.

Route scanning mainly queries the number of Route hops from the local host to another host and the data delay.

Traceroute basic usage

--------------------------------------------------------------------------------

The routing scanning tool is implemented by TTL. Every time a packet passes through a vro, its survival time is reduced by 1. When the survival time is 0, the host cancels the data packet and sends an icmp ttl data packet to the sender of the original data packet, the routing scanning tool obtains the information of each hop route through the sent ICMP.

Traceroute in Linux is similar to tracert in Windows. The difference is that tracert in Windows sends ICMP packets, while traceroute in Linux sends UDP packets.

Because traceroute uses the UDP protocol, the default port number of traceroute is 33433. Generally, this port is not used by applications, so the target host will return ICMP.

Traceroute also supports sending TCP and ICMP:

-I -- icmp Use ICMP ECHO for tracerouting
-T -- tcp Use tcp syn for tracerouting
-P port -- port = port


Generally, the traceroute tool is installed in Linux by default. If not, install the traceroute tool in yum.

The simplest basic usage of traceroute is traceroute hostname. Example:

# Traceroute 192.168.0.99
Traceroute to 192.168.0.99 (192.168.0.99), 30 hops max, 60 byte packets
1 192.168.2.1 (192.168.2.1) 5.642 MS 5.901 MS 12.287 MS
2 192.168.0.99 (192.168.0.99) 0.416 MS 1.193 MS 1.045 MS


Traceroute tests each node three times, so each row has three times. Through this time, we can analyze which route node has the largest latency.

Traceroute tips

--------------------------------------------------------------------------------

Some websites using traceroute may not be able to reach the final node, such:

This is mainly because some servers have blocked UDP packets, so ICMP is not returned.

For hosts with HTTP services, you can use the traceroute parameter settings to use the TCP protocol for testing to obtain the final node:

This article permanently updates the link address:

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.