TRACERT route tracking Command analysis inference

Some might use route-tracking commands, but they don't quite understand the results shown. Let me give you a combination of my explanation. (1) Introduction of tracert command The tracert is a routing trace command that, through the return result of this command, can obtain the network devices that the local destination host has passed through. Usage: tracert [d] [-h maximum_hops] [-j host-list] [w timeout] Target_name Parameter description: -D does not need to convert IP addresses to domain names The maximum number of hops allowed to be tracked by-h maximum_hops -j host-list The list of hosts passed by -W timeout Maximum allowable latency per reply (2) Tracert working principle In the ping command described earlier, there is a TTL parameter that specifies the lifetime of the ICMP packet, where the lifetime is the total number of nodes the packet can pass through. For example, if the TTL value of an ICMP packet is set to 2, the ICMP packet can only be passed to a neighboring second node on the network, and if set to "1", then the ICMP packet can only pass to the neighboring first node. TRACERT is designed according to this principle, when using this command, the native ICMP packet ttl value from "1" started automatically increased, the equivalent of ping traverse to the target host each network device, and then display the response of each device to detect each node in the network path. For example, type the "tracert www.163.com" command to detect which nodes the packets sent to 163 are passing through, and then analyze the target network structure, as shown in Figure 1-22. Figure 1-22 The analysis results are as follows: The 1th Hop 1 <10 ms <10 ms <10 Ms 210.-.-.254, where 210.-.-.254 is a native gateway. The 2nd Hop 2 <10 ms <10 ms <10 Ms 210.-.-.13, where 210.-.-.13 is the Cernet node. The 3rd Hop 3 <10 ms <10 ms <10 Ms 202.112.53.241, where 202.112.53.241 is the node of the Guangzhou Education Network. ...... 6th Jump 6 Ms Ms 202.112.36.131, of which 202.112.36.131 is located in China Education and research computer network High-performance Computing Center. The 7th Hop 7 ms Ms 219.158.28.25 from the node, data packets from the education network into the public network. After a few jumps, the packet goes into the 163 network. One more example to Sina: Use the command "tracert www.sina.com.cn". C:\>tracert www.sina.com.cn Tracing route to sina37-42.sina.com.cn [202.108.37.42] Over a maximum of hops: 1 <1 ms <1 ms <1 ms 210.-.-.- 2 <1 ms <1 ms <1 ms 210.-.-.- 3 <1 ms <1 ms <1 ms 202.-.-.- 4 6 ms 6 ms 6 ms Sydl3.-.net [202.-.-.-] 5 ms ms Ms Bysy3.-.net [202.-.-.-] 6 ms Ms Ms 202.-.-.- 7 * * Request timed out. 8 1776 Ms 1762 Ms 1758 Ms 219.-.-.- 9 1766 Ms 1757 ms 1769 MS 202.96.12.42 1580 Ms 1572 ms 1557 Ms 202.106.192.174 One 1678 Ms 1732 ms 1642 Ms 210.74.176.158 1650 Ms 1662 ms 1616 Ms Sina37-42.sina.com.cn [202.108.37.42] Trace complete. Combined with the network infrastructure described earlier, the 7th Hop network device is not responding, so the 7th hop should be "firewall".

Tracert (Tracking Routing) command details

The Tracert (trace route) is the routing trace utility that determines the path taken by IP datagram access targets. Tracert The Diagnostic utility sends an INTERNET Control Message Protocol (ICMP) echo packet that contains different time to live (TTL) values to the destination to determine the route to use to reach the destination. To decline at least 1 before forwarding the TTL on the packet, each router on the required path, so the TTL is a valid hop count. When the TTL on the packet arrives 0 o'clock, the router should send the "ICMP timed out" message back to the source system. Tracert sends an echo packet with a TTL of 1 and then increments the TTL by 1 in each subsequent send process until the target response or TTL reaches its maximum value to determine the route. Routing determines the route by checking the "ICMP timed out" message sent back by the intermediate router. However, some routers silently pass packets that contain expired TTL values, and tracert cannot see them. If you use the-D option, the Tracert utility does not query DNS on each IP address. Grammar tracert [-d] [-H maximumhops] [-j HostList] [-W Timeout] [TargetName] Parameters /d prevents Tracert from attempting to resolve the IP address of an intermediary router to their name. This will speed up the display of tracert results. -H maximumhops Specifies the maximum number of hops in the path of the search target (destination). The default value is 30 hops. -j HostList Specifies that the Echo request message uses the loose source route option in the IP header for the intermediate target set specified in the host list. A continuous intermediate destination can be separated by one or more routers that have a loose source route. The maximum number of addresses or names in the host list is 9. The host list is a series of IP addresses separated by spaces (represented by dotted decimal notation). -W Timeout Specifies the time, in milliseconds, to wait for the ICMP timeout or Echo reply message, which corresponds to the given ECHO request message to be received. If no message is received within the timeout period, an asterisk (*) is displayed. The default time-out period is 4000 (4 seconds). TARGETNAME Specifies the destination, either an IP address or a host name. -? Display Help at the command prompt. Comments The diagnostic tool sends an ICMP ECHO request message to the target by changing the value of the time to Live (TTL) to determine the path to the destination. Requires that each router on the path decrements at least 1 of the TTL in the IP packet before forwarding the packet. In this way, the TTL becomes the maximum link counter. When the TTL on the packet arrives 0 o'clock, the router should send the ICMP timed out message back to the source computer. Tracert sends the first ECHO request message with a TTL of 1 and increments the TTL by 1 in each subsequent send process until the target response or hop reaches its maximum value to determine the path. By default, the maximum hop value is 30, which can be specified using the-h parameter. Check the ICMP timeout message returned by the intermediate router and the Echo reply message returned by the destination to determine the path. However, some routers do not return "timed out" messages for packets that use the expiration TTL value, and some routers are not visible to the tracert command. In this case, a planetary number (*) is displayed for the hop. To track the path and provide network latency and packet loss information for each router and link in the path, use the Pathping command. This command is available only if the Internet Protocol (TCP/IP) protocol is installed as a component of network adapter properties in a network connection. Example         to track the path of a host named corp7.microsoft.com, type: tracert Corp7.microsoft.com         to track the path of the host named Corp7.microsoft.com and to prevent each IP address resolves to its name, type: tracert-d corp7.microsoft.com         to track named Corp7.microsoft.com the path of the host and use the loose source route 10.12.0.1-10.29.3.1-10.1.44.1, type: tracert-j 10.12.0.1 10.29.3.1 10.1.44.1 Corp7.microsoft.com