By traceroute we can know what path the information from your computer to the other end of the Internet host is walking. Of course, each time a packet arrives at a similar destination (destination) by a similar starting point (source), the path may be different, but basically the route is the same. Linux systems, which we call traceroute, are tracert in MS Windows. Traceroute measures how long it takes to send a small packet to the destination device until it returns. Each device on a path is measured 3 times traceroute. The output includes the time of each test (MS) and the name of the device (if any) and its IP address.
In most cases, we will execute the command line directly under the Linux host system:
traceroute hostname
Under Windows, the command to execute tracert is:
tracert hostname
1. Command format:
traceroute[parameters [Host]
2. Command function:
The traceroute command allows you to track the routing path of a network packet, with a preset packet size of 40Bytes, which can be set separately by the user.
Specific parameter format: traceroute [-DFLNRVX] [-f< survival value >][-g< gateway; [-i< network interface;] [-m< survival value;] [-p< communication port;] [-s< source Address;] [-t< service type;] [-w< timeout number of seconds;] [Host name or IP address] [Packet size]
3. Command parameters:
-D uses the socket-level troubleshooting feature.
-F Sets the size of the live value TTL for the first instrumented packet.
-F set do not leave the break.
-G Sets the source routing gateway, which can be set to a maximum of 8.
-I sends out the packet using the specified network interface.
-I replaces UDP data information with an ICMP response.
-M sets the size of the maximum surviving value TTL for the detection packet.
-N uses the IP address directly instead of the host name.
-P Sets the communication port for the UDP transport protocol.
-R ignores the normal routing Table and sends the packet directly to the remote host.
-S sets the IP address of the local host to send the packet.
-T sets the value of the TOS for the detection packet.
-V shows the execution of the instruction in detail.
-W Sets the time to wait for the remote host to return.
-X turns the correctness of the packet on or off.
4. Usage examples:
Example 1:traceroute usage simple, most common usage
Command:
Traceroute www.baidu.com
Output:
[Email protected] ~]# traceroute www.baidu.com
Traceroute to Www.baidu.com (61.135.169.125), hops max, + byte packets
1 192.168.74.2 (192.168.74.2) 2.606 ms 2.771 ms 2.950 ms
2 211.151.56.57 (211.151.56.57) 0.596 ms 0.598 ms 0.591 ms
3 211.151.227.206 (211.151.227.206) 0.546 ms 0.544 ms 0.538 ms
4 210.77.139.145 (210.77.139.145) 0.710 ms 0.748 ms 0.801 ms
5 202.106.42.101 (202.106.42.101) 6.759 ms 6.945 ms 7.107 ms
6 61.148.154.97 (61.148.154.97) 718.908 ms * BT-228-025.BTA.NET.CN (202.106.228.25) 5.177 ms
7 124.65.58.213 (124.65.58.213) 4.343 ms 4.336 ms 4.367 ms
8 202.106.35.190 (202.106.35.190) 1.795 Ms 61.148.156.138 (61.148.156.138) 1.899 Ms 1.951 ms
9 * * *
30 * * *
[Email protected] ~]#
Description
Record by serial number starting from 1, each record is a hop, each hop represents a gateway, we see each line has three times, the unit is MS, is actually the default parameter-Q. The time the gateway responds after a probe packet sends three packets to each gateway, and if you use Traceroute-q 4 www.58.com, 4 packets are sent to each gateway. Sometimes when we traceroute a host, we see that some of the rows are represented by asterisks. In this case, it is possible that the firewall has blocked the return information of ICMP, so we have not got any related packet return data. Sometimes we have a long delay at a certain gateway, it is possible that a gateway is more blocked, or the physical device itself. Of course, if a DNS problem, can not resolve host name, domain name, there will be a long delay phenomenon; You can add the-n parameter to avoid DNS resolution and output data in IP format. If there are different network segments in the LAN, we can use Traceroute to troubleshoot the problem, whether it is the host problem or the gateway problem. If we encounter a problem through remote access to a server, we use the gateway that the Traceroute tracking packet, submitted to the IDC service provider, but also help to solve the problem, but at present, it seems difficult to solve such problems at home, that is, we found the problem, IDC service providers will not be able to help us solve.
Example 2: Hop count setting
Command:
Traceroute-m www.baidu.com
Output:
[Email protected] ~]# traceroute-m www.baidu.com
Traceroute to Www.baidu.com (61.135.169.105), hops max, + byte packets
1 192.168.74.2 (192.168.74.2) 1.534 ms 1.775 ms 1.961 ms
2 211.151.56.1 (211.151.56.1) 0.508 ms 0.514 ms 0.507 ms
3 211.151.227.206 (211.151.227.206) 0.571 ms 0.558 ms 0.550 ms
4 210.77.139.145 (210.77.139.145) 0.708 ms 0.729 ms 0.785 ms
5 202.106.42.101 (202.106.42.101) 7.978 ms 8.155 ms 8.311 ms
6 bt-228-037.bta.net.cn (202.106.228.37) 772.460 Ms Bt-228-025.bta.net.cn (202.106.228.25) 2.152 Ms 61.148.154.97 (61.1 48.154.97) 772.107 ms
7 124.65.58.221 (124.65.58.221) 4.875 Ms 61.148.146.29 (61.148.146.29) 2.124 Ms 124.65.58.221 (124.65.58.221) 4.854 ms
8 123.126.6.198 (123.126.6.198) 2.944 Ms 61.148.156.6 (61.148.156.6) 3.505 Ms 123.126.6.198 (123.126.6.198) 2.885 ms
9 * * *
10 * * *
[Email protected] ~]#
Description
Example 3: show IP address, do not check host name
Command:
Traceroute-n www.baidu.com
Output:
[Email protected] ~]# traceroute-n www.baidu.com
Traceroute to Www.baidu.com (61.135.169.125), hops max, + byte packets
1 211.151.74.2 5.430 ms 5.636 ms 5.802 ms
2 211.151.56.57 0.627 ms 0.625 ms 0.617 ms
3 211.151.227.206 0.575 ms 0.584 ms 0.576 ms
4 210.77.139.145 0.703 ms 0.754 ms 0.806 ms
5 202.106.42.101 23.683 ms 23.869 ms 23.998 ms
6 202.106.228.37 247.101 MS * *
7 61.148.146.29 5.256 Ms 124.65.58.213 4.386 MS 4.373 ms
8 202.106.35.190 1.610 Ms 61.148.156.138 1.786 Ms 61.148.3.34 2.089 MS
9 * * *
30 * * *
[Email protected] ~]# traceroute www.baidu.com
Traceroute to Www.baidu.com (61.135.169.125), hops max, + byte packets
1 211.151.74.2 (211.151.74.2) 4.671 ms 4.865 ms 5.055 ms
2 211.151.56.57 (211.151.56.57) 0.619 ms 0.618 ms 0.612 ms
3 211.151.227.206 (211.151.227.206) 0.620 ms 0.642 ms 0.636 ms
4 210.77.139.145 (210.77.139.145) 0.720 ms 0.772 ms 0.816 ms
5 202.106.42.101 (202.106.42.101) 7.667 ms 7.910 ms 8.012 ms
6 bt-228-025.bta.net.cn (202.106.228.25) 2.965 Ms 2.440 Ms 61.148.154.97 (61.148.154.97) 431.337 ms
7 124.65.58.213 (124.65.58.213) 5.134 ms 5.124 ms 5.044 ms
8 202.106.35.190 (202.106.35.190) 1.917 ms 2.052 ms 2.059 ms
9 * * *
30 * * *
[Email protected] ~]#
Description
Example 4: Basic UDP port settings used by probe packet 6888
Command:
Traceroute-p 6888 www.baidu.com
Output:
[Email protected] ~]# traceroute-p 6888 www.baidu.com
Traceroute to Www.baidu.com (220.181.111.147), hops max, + byte packets
1 211.151.74.2 (211.151.74.2) 4.927 ms 5.121 ms 5.298 ms
2 211.151.56.1 (211.151.56.1) 0.500 ms 0.499 ms 0.509 ms
3 211.151.224.90 (211.151.224.90) 0.637 ms 0.631 ms 0.641 ms
4 * * *
5 220.181.70.98 (220.181.70.98) 5.050 ms 5.313 ms 5.596 ms
6 220.181.17.94 (220.181.17.94) 1.665 MS! X * *
[Email protected] ~]#
Description
Example 5: Set the number of probe packets to a value of 4
Command:
Traceroute-q 4 www.baidu.com
Output:
[Email protected] ~]# Traceroute-q 4 www.baidu.com
Traceroute to Www.baidu.com (61.135.169.125), hops max, + byte packets
1 211.151.74.2 (211.151.74.2) 40.633 ms 40.819 ms 41.004 ms 41.188 ms
2 211.151.56.57 (211.151.56.57) 0.637 ms 0.633 ms 0.627 ms 0.619 ms
3 211.151.227.206 (211.151.227.206) 0.505 ms 0.580 ms 0.571 ms 0.569 ms
4 210.77.139.145 (210.77.139.145) 0.753 ms 0.800 ms 0.853 ms 0.904 ms
5 202.106.42.101 (202.106.42.101) 7.449 ms 7.543 ms 7.738 ms 7.893 ms
6 61.148.154.97 (61.148.154.97) 316.817 Ms Bt-228-025.bta.net.cn (202.106.228.25) 3.695 ms 3.672 MS *
7 124.65.58.213 (124.65.58.213) 3.056 ms 2.993 ms 2.960 ms 61.148.146.29 (61.148.146.29) 2.837 ms
8 61.148.3.34 (61.148.3.34) 2.179 ms 2.295 ms 2.442 ms 202.106.35.190 (202.106.35.190) 7.136 ms
9 * * * *
30 * * * *
[Email protected] ~]#
Description
Example 6: Bypass the normal routing table and send directly to a network-attached host
Command:
Traceroute-r www.baidu.com
Output:
[Email protected] ~]# traceroute-r www.baidu.com
Traceroute to Www.baidu.com (61.135.169.125), hops max, + byte packets
Connect: Network Unreachable
[[Email Protected]ocalhost ~]#
Description
Example 7: Setting the waiting response time for the external probe packet to 3 seconds
Command:
Traceroute-w 3 www.baidu.com
Output:
[Email protected] ~]# traceroute-w 3 www.baidu.com
Traceroute to Www.baidu.com (61.135.169.105), hops max, + byte packets
1 211.151.74.2 (211.151.74.2) 2.306 ms 2.469 ms 2.650 ms
2 211.151.56.1 (211.151.56.1) 0.621 ms 0.613 ms 0.603 ms
3 211.151.227.206 (211.151.227.206) 0.557 ms 0.560 ms 0.552 ms
4 210.77.139.145 (210.77.139.145) 0.708 ms 0.761 ms 0.817 ms
5 202.106.42.101 (202.106.42.101) 7.520 ms 7.774 ms 7.902 ms
6 bt-228-025.bta.net.cn (202.106.228.25) 2.890 Ms 2.369 Ms 61.148.154.97 (61.148.154.97) 471.961 ms
7 124.65.58.221 (124.65.58.221) 4.490 ms 4.483 ms 4.472 ms
8 123.126.6.198 (123.126.6.198) 2.948 Ms 61.148.156.6 (61.148.156.6) 7.688 Ms 7.756 ms
9 * * *
30 * * *
[Email protected] ~]#
Description
How the Traceroute works:
The simplest basic usage of traceroute is: traceroute hostname
The Traceroute program is designed to utilize the TTL (Time to Live) field (field) of the ICMP and IP header. First, Traceroute sends out a TTL of 1 IP datagram (in fact, each sent out for 3 40-byte packets, including the source address, destination address and Packet issued time label) to the destination, when the path on the first router (router) received this datagram, It decrements the TTL by 1. At this point, the TTL becomes 0, so the router will discard this datagram, and send back a "icmp time exceeded" message (including the source address of the IP packet, all the contents of the IP packet and the IP address of the router), Traceroute received this message, Then know that this router exists on this path, then traceroute another TTL is 2 datagram, found the 2nd router ... traceroute each time the TTL of the datagram to be sent is added to discover another router, This repetitive action continues until a certain datagram arrives at the destination. When datagram arrives at the destination, the host does not send back the ICMP Time exceeded message because it is already a destination, so how does traceroute know where the destination has arrived?
When Traceroute sends out a UDP datagrams to its destination, the port number it chooses to deliver is the one that the general application will not use (more than 30000), so when this UDP datagram arrives at the destination, the host sends back a "ICMP Port unreachable"the message, and when Traceroute receives the message, it knows that the destination has arrived. So traceroute on the server side is also no so-called daemon program.
traceroute extracts the IP address of the ICMP TTL expiry message device and makes the domain name resolution. Each time, traceroute prints out a series of data, including the domain name and IP address of the routed device that was passed, and the time it takes each three packets to go back and forth.
Tracert of Windows:
Format:
tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] Target_name
Parameter description:
tracert [-d] [-h maximum_hops] [-j computer-list] [-w timeout] Target_name
The diagnostic utility determines the route to the destination by sending an Internet control Information Protocol (CMP) response message with a different time-to-live (TL) to the destination. Each router on the path will have to reduce its TTL value by at least 1 before forwarding the ICMP response message, so the TTL is a valid jump count. When the TTL value of the message is reduced to 0 o'clock, the router sends back the ICMP timeout information to the source system. Tracert can determine the route by sending the first response message with a TTL of 1 and adding 1 to the TTL value each time in subsequent sends, until the target responds or reaches the maximum TTL value. You can determine the router by checking the ICMP timeout (IME exceeded) information sent back by the intermediate router. Note that some routers "quietly" discard time-to-live (TLS)-expired messages and are not valid for tracert.
Parameters:
-d Specifies that the address is not resolved for the computer name.
-h maximum_hops Specifies the maximum number of jumps to find the target.
-jcomputer-list Specifies the loose source route in the Computer-list.
-w timeout waits for the number of milliseconds specified by timeout for each answer.
Target_name the name of the target computer.
Instance:
C:\users\administrator>tracert www.58.com
Tracing route to www.58.com [221.187.111.30]
Over a maximum of hops:
1 1 ms 1 ms 1 ms 10.58.156.1
2 1 ms <1 ms <1 ms 10.10.10.1
3 1 ms 1 ms 1 ms 211.103.193.129
4 2 ms 2 ms 2 ms 10.255.109.129
5 1 ms 1 ms 3 ms 124.205.98.205
6 2 ms 2 ms 2 ms 124.205.98.253
7 2 ms 6 MS 1 ms 202.99.1.125
8 5 ms 6 ms 5 ms 118.186.0.113
9 207 MS * * 118.186.0.106
8 ms 6 ms 124.238.226.201
6 ms 7 ms 6 ms 219.148.19.177
MS-MS 219.148.18.117
MS-MS-MS 219.148.19.125
MS-MS-MS 202.97.80.113
* * * Request timed out.
MS-MS Bj141-147-82.bjtelecom.net [219.141.147.82]
Ms 202.97.48.2
* * * Request timed out.
MS-MS-MS 221.187.224.85
MS-MS 221.187.104.2
* * * Request timed out.
MS-MS 221.187.111.30
Trace complete.
Linux command--55 traceroute (GO)