Open In App

How to Read a Traceroute?

Last Updated : 09 May, 2022
Improve
Improve
Like Article
Like
Save
Share
Report

Traceroute is a Linux Command, used in Network Diagnostics for tracking the route chosen by a Network packet while reaching the next host, this route is called hops, for each hop, Traceroute command can give detailed information of the traveled route by packets. 

Traceroute will provide the complete information regarding the path chosen by the data packets to reach the destination. 

For Example, if a Machine(Computer) is in city A which is the Source and the Server resides in the city B which is the destination, Traceroute will retrieve the complete path – each hop( which involves the routers, computers, and any devices that are involved in this Network traffic) and also with the duration of time it takes to come and go back. 

The Traceroute helps, in getting a better understanding of the Network Traffic Communication, which would help users and sometimes the Network Engineers in identifying Network related problems and also, in some cases serious security Vulnerabilities, for example, Log4j Vulnerability which is currently trending in the IT World. 

What is Log4j Vulnerability? 

Log4shell or LogJam is a Remote Code Execution class vulnerability if it can be exploited by attackers on one of the servers, they can be able to get arbitrary code and get full control of the machines, for this IT engineer suggests either upgrading Log4j to the latest patch or based on priority if Log4j is not necessary, then users can uninstall it completely.

Working of Traceroute

Traceroute works with the help of ICMP(Internet Control Message Protocol) echo packets consisting of variable TTL (Time To Live) and to get accurate values each hop is queried multiple times and each hop’s response time is calculated. 

The working of Traceroute command is executed by manipulating these TTL values, TTL Values are used to limit how long, These TTL values are assigned to each packet of data and whenever the packet makes a hop on the destination, the TTL value is decreased by 1. This TTL working can be seen in the below image: 

Working of Traceroute

Working of Traceroute

How to Read a Traceroute?

Users can execute the traceroute command in their machines with the Traceroute Keyword accompanied by the Website name they want to test for getting the logs. 

Here, Windows users use the traceroute keyword, while Linux Users use the traceroute command, windows users execute this command in the CMD terminal, while Linux Users use terminal shell and execute it, 

Syntax

For Windows: 

traceroute server name or IP Address

For Linux: 

traceroute server name or IP Address

Let us see the Traceroute logs by executing them, the logs extracted from both Linux and Windows machines for “www.google.com“. 

Logs From Windows Machine: 

Command: 

$traceroute www.google.com 

Output: 

Traceroute in Windows

Traceroute in Windows

Logs from Linux Machine: 

Command: 

$traceroute www.google.com 

Output: 

Traceroute in Linux

Traceroute in Linux

As we can see the traceroute logs extracted from both Linux and Windows machines, here we need to understand that network packets before reaching from source to destination travels to various routers, hence whenever a packet is forwarded to the next router a hop occurs, and generally traceroute command fetches results of maximum of 30 hops, the more the hops means it indicates slower network connection, while, fewer hops means fast access. 

In the above logs, 

  1. The first-line displays the target server’s name followed by the server’s IP address, the maximum hops that are allowed, and also the size of the packets that are transmitted.
  2. And the following line displays, the router in the path between source and destination.
  3. Each line shows the name of the server, IP address, and 3 Round Trip Times(RTT) in milliseconds.

What is RTT? 

Round Trip Time is a time constant that is calculated by taking :

  1. The time is taken by a packet to get from Source to destination..
  2. Time is taken for the packet to get back from destination to source.

This RTT is calculated in milliseconds and is also often called latency.  By default, 3 packets are sent for each route hence we get 3 RTTs, in every Hop. 

How to check Hop Count? 

Hop Count can be determined by using the Traceroute command, as discussed in above user first goes to the command terminal in their machine and for windows type traceroute and for Linux type Traceroute followed by server name or IP address. Then traceroute will display logs of max 30 hops, in that last hop will be the hop count. 

Limits of Traceroute: 

The Traceroute can report only a maximum of 30 hops in logs and in theory, we do have some limitations, which needs to be discussed : 

1. In some cases, Firewalls can block packets in between the source and destination making traceroute to reach maximum hops without getting any result, in such cases, the logs will be displayed with an asterisk in place of IP Address. 

For Example: $ traceroute google.com

traceroute to google.com (209.85.231.104), 30 hops max, 52 byte packets

1  * * *

2  * * *

3  * * *

4  * * *

2. Routers that make use of load balancers may use multiple paths for packet transmissions and the traceroute logs can be inaccurate in defining the path between source and destination.


Similar Reads

Difference between Ping and Traceroute
In computer networks, data is sent in small blocks known as packets. Each packet is transmitted individually and may also follow a different route to reach the destination. Once all these packets of the original message reach the destination, they are re-assembled to form the original message. But, sometimes, it may happen that the webserver is dow
4 min read
Network Troubleshooting Techniques: Ping, Traceroute, PathPing
Network Troubleshooting is a way to maintain your computer network, ensuring optimal performance, and addressing issues that may disrupt connectivity. when any problems arise, network administrators and IT professionals use tools such as Ping, Traceroute, and PathPing to identify and solve a problem. Ping is a command that sends a small packet of d
3 min read
Traceroute in Network Layer
Consider a situation when you are not able to access a website and can access other websites. You would want to know if this is a problem with your network, some intermediate network, or with the webserver. How do you figure it out? You can use Traceroute. What is a traceroute? Traceroute is a widely used command-line utility available in almost al
2 min read
MATLAB - Read images using imread() function
MATLAB stands for Matrix Laboratory. It is a high-performance language that is used for technical computing. It was developed by Cleve Molar of the company MathWorks.Inc in the year 1984. It is written in C, C++, Java. It allows matrix manipulations, plotting of functions, implementation of algorithms, and creation of user interfaces. In this artic
2 min read
Read Only Memory (ROM)
In a computer system, memory is a very essential part of the computer system and is used to store information for instant or permanent use. Based on computer memory working features, memory is divided into two types i.e. Volatile and Non-Volatile Memory. Before understanding ROM, we will first understand what exactly volatile and non-volatile memor
7 min read