Overview
This lecture explains the traceroute utility, its use for diagnosing network paths, and compares it with related networking tools.
Introduction to Traceroute
- Traceroute is used to discover the network path between two computers.
- It helps identify where connectivity issues occur along the route.
How Traceroute Works
- Traceroute manipulates the TTL (Time To Live) field in IP packets.
- Each router decrements the TTL by 1; if TTL reaches zero, the router discards the packet and sends an ICMP time exceeded message back.
- Traceroute sends packets with increasing TTL values (starting at 1); each packet reaches one hop further.
- For each hop, traceroute typically sends three identical packets.
Interpreting Traceroute Output
- The output shows each hop number, round trip times for the three packets, the IP address, and (if resolvable) the host name.
Platform Differences
- On Linux and Mac OS, traceroute uses UDP packets sent to high port numbers.
- On Windows, the command is tracert and uses ICMP echo requests by default.
- All versions allow additional options via command-line flags.
Related Tools: MTR and Pathping
- MTR (Linux/Mac) and Pathping (Windows) combine features of traceroute and ping.
- MTR updates the path data in real time as the trace runs.
- Pathping runs for 50 seconds, then displays summarized data.
Key Terms & Definitions
- Traceroute β Utility that maps the path packets take through a network.
- TTL (Time To Live) β IP packet field decremented at each router hop to prevent infinite loops.
- ICMP (Internet Control Message Protocol) β Protocol used for network error messages like βtime exceeded.β
- MTR β Real-time traceroute and ping tool on Linux/Mac OS.
- Pathping β Path analysis tool on Windows that summarizes path and latency data.
Action Items / Next Steps
- Practice using traceroute/tracert, MTR, and pathping on your system.
- Learn traceroute command line flags for additional options.