Trace route to a host using the TRACEROUTE command in Linux

Home > Search > Linux commands
  by

You may need to use apt-get or yum to install the traceroute command.

[root@server1 ~]# yum install traceroute

 

The traceroute command without any options will display the usage of the traceroute command. The traceroute command followed by a hostname or IPv4 address can be used to trace the route an IPv4 packet takes from the client machine to the target machine. The traceroute6 command followed by a hostname or IPv6 address can be used to trace the route an IPv6 packet takes from the client machine to the target machine. In this example, the IPv4 route is traced to www.example.com.

[root@server1 ~]# traceroute www.example.com
1 r1.local.host (192.168.0.1) 0.366 ms 0.322 ms 0.333 ms
2 142.254.152.73 (142.254.152.73) 11.161 ms 11.188 ms 11.075 ms
3 ae62.applwibp02h.midwest.rr.com (24.164.240.217) 30.611 ms 30.653 ms 30.675 ms
4 ae9.applwibp02h.midwest.rr.com (65.31.112.238) 18.770 ms 18.763 ms 18.762 ms
5 be72.gnfdwibb01r.midwest.rr.com (65.31.112.178) 28.650 ms 28.613 ms 28.653 ms
6 bu-ether16.chcgildt87w-bcr00.tbone.rr.com (66.109.6.204) 31.383 ms 30.816 ms 30.831 ms
7 0.ae9.pr1.chi10.tbone.rr.com (66.109.9.197) 28.154 ms 22.297 ms 22.316 ms
8 93.184.216.34 (93.184.216.34) 21.863 ms 21.775 ms 21.754 ms

 

The traceroute command displays the hops a packet takes from the source device to the destination device. A hop is the transmission of a packet from router "a" to router "b" to router "c" and so on. The hop count is not incremented when a packet traverses a switch or end-point. Also, a hop is not counted when the packet enters the first router in the path. Sometimes this is referred to as hop 0.  A hop is counted when a packet exits a router.  Thus when a packet exits a router and enters the next router, a hop is counted. Also, a hop is counted when a packet exits a router on it's way to the destination device.

 


Only display IP addresses

The -n option can be used to only display IP addresses, and to not display hostnames. This will also greatly reduce the time it takes to complete the trace.

[root@server1 ~]# traceroute -n www.example.com
1 192.168.0.1 0.366 ms 0.322 ms 0.333 ms
2 142.254.152.73 11.161 ms 11.188 ms 11.075 ms
3 24.164.240.217 30.611 ms 30.653 ms 30.675 ms
4 65.31.112.238 18.770 ms 18.763 ms 18.762 ms
5 65.31.112.178 28.650 ms 28.613 ms 28.653 ms
6 66.109.6.204 31.383 ms 30.816 ms 30.831 ms
7 66.109.9.197 28.154 ms 22.297 ms 22.316 ms
8 93.184.216.34 21.863 ms 21.775 ms 21.754 ms

 


Unreachable host

If consecutive sets of wildcards are displayed, this means the packet cannot hop to the next device.

[root@server1 ~]# traceroute -n www.example.com
1 192.168.0.1 0.366 ms 0.322 ms 0.333 ms
2 142.254.152.73 11.161 ms 11.188 ms 11.075 ms
3 24.164.240.217 30.611 ms 30.653 ms 30.675 ms
4 65.31.112.238 18.770 ms 18.763 ms 18.762 ms
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
. . .

 

In this example, the packet was unable to hop from device 4 to device 5. Device 5 could be a firewall, a router, a switch, or an end point. The traceroute can confirm that the packet cannot hop from device 4 to device 5. However, the traceroute command cannot identify why the packet cannot hop from device 4 to device 5.

 


ICMP / TCP SYN packets

A router or server may be configured to drop ICMP packets, to prevent a distributed denial of service (DDOS) attack. By default, the traceroute command will send ICMP packets. The -T option can be used to send TCP SYN packets. If a target host is unreachable when using ICMP, but is reachable when using TCP SYN, this comfirms that one or more devices along the path are configured to drop ICMP packets.

[root@server1 ~]# traceroute -n -T www.example.com
. . .

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter in the box below so that we can be sure you are a human.




Comments