Traceroute Tool – Here’s What It Does And When To Use It

Sharing is caring!

Traceroute maps the series of hops a packet takes to reach a domain/IP address and shows how long each hop takes.





Usage

Enter one of the following into the text box:

  • A domain name
  • An IPv4 address (eg, 192.168.1.1)
  • A Base-10 IP address.

If you’re providing a Base-10 IP address, check the Convert Base-10 to IP box.

Click Go!

When to Use It

There are several reasons why you would want to trace the path a packet takes to get to the destination domain name/IP address:

  • To determine why a node is slow or unreachable. If there is a big jump in time at any hop, that node is contributing significantly to the delay.
  • To find out who hosts a site or provides its internet service. If a domain name is hosted, the second-to-last hop will be to the host server. However, if the domain name has its own server, the final few hops will show you how it connects to the internet (and therefore provide you with an idea of where the server is located geographically).
  • To check the reachability of your site. If you’re concerned about the performance of your site, a trace can tell you if traffic is getting to it, as well as whether there are any bottlenecks slowing things down.

Note that you cannot enter a path for a specific page or email address. The trace only follows paths to servers.

What Traceroute Does

Using the internet to connect to anything that’s not on your local network or handled by your internet service provider will require at least two hops (typically many more). Using Traceroute will tell you what path a packet takes to reach a given host, as well as how long it takes to make each hop. Note that Traceroute tries each hop three times and provides you with an average of how long the hops take.

When reviewing your results, you’ll see the following information for each hop:

  • The hop number
  • The amount of time it took for each of the three tries in milliseconds
  • The IP address of the node at that hop
  • The domain name (if available).

If a node doesn’t respond to one or more of the three attempts in a reasonable amount of time, you’ll see a time-out message instead of a time value. If all attempts time out, you will not see any information about that node.

Time outs don’t mean that you’ve lost the connection, however. It just means that the node being queried isn’t responding to the request within the allotted amount of time. For example, many devices have firewalls or configuration settings to ignore the types of requests issued by Traceroute (typically due to security or performance-related concerns).

Sometimes you will see that the trace has gone into a loop, where the packet bounces back and forth among the same set of nodes. This indicates that there’s a routing problem that needs to be fixed.

A Deeper Look

Traceroute works by sending a UDP packet with a specified time to live (TTL) value. The TTL value, however, isn’t a measure of time, but the maximum number of hops allowed. The TTL value keeps packets from bouncing infinitely (in cases where there are routing issues) — for example, the first hop TTL is 1, the second hop TTL is 2, and so on.

Whenever a node receives a packet and the node isn’t the final destination, the node decrements the TTL value and passes the packet on. If the TTL value reaches zero and the packet hasn’t reached the intended destination, you’ll receive an error message. Traceroute uses the error response to identify the node associated with that hop.

You might see time-outs in the middle of a trace, even though there are records of hops before and after the time-out. This is because not all nodes return error messages due to a TTL limitation. The node might not be keen on advertising its identity, or it might be trying to reduce overhead by eliminating some processes. Some might have buggy TTL error handling.

The path a trace follows varies based on its starting location. Network Tools’ server, which is where the trace starts, is located in the US. If you are in a different part of the world and you compare a trace originating with your computer against a trace originating at Network Tools’ servers, you may see two completely different paths.

Caveats

A domain name might have multiple IP addresses associated. If this is the case, multiple traces may access two or more IP addresses. This will yield trace paths that differ from one another, even if the origin and destinations are the same.

Domains may also use multiple servers for its subdomains. Tracing the path to the base domain might result in a completely different path when tracing to the subdomain. Remember that a URL with the www prefix is technically a subdomain, so it’s possible that traces to example.com and www.example.com follow two very different paths.

Many domains use separate hosting for email. If you try to trace the domain, you’ll get data for the website server, not the email server.

Fun Fact

The original Traceroute program was written in 1987 by Van Jacobson. According to its documentation, this program was “debugged by a cast of thousands.”

shares