Traceroute

from Wikipedia, the free encyclopedia

Traceroute is a computer program , determines the over which routers and Internet node IP - data packets to the requested computer access.

functionality

Traceroute sends multiple IP data packets of the type ICMP Echo Request to the destination host, starting with a Time to Live (TTL) of 1. The first router to forward the data packet counts the value of the TTL down by one to 0, whereupon he does not forward it, but discards it. It sends the ICMP response type 11: Time exceeded with code 0: Time to live exceeded in transit to the sender. This data packet contains the IP address of the relevant router as the source address. This information is recorded by the traceroute program along with the total transmission time. Then the program repeats this step with a TTL increased by 1 in order to find the next router on the way through the network in the same way. This is repeated until the target host or the maximum number of hops used by the respective traceroute program has been reached. If the target host is reached, with ICMP-based traceroute it sends the ICMP response type 0 ICMP Echo Reply or with UDP-based traceroute Destination Unreachable Code 3 Port Unreachable .

The sequence of addresses collected in this way marks the route to the destination through the network. The way back is usually identical, but it can be different with asymmetrical routing. Typically three packets are sent to each host. The three values ​​displayed in milliseconds indicate the response time of these three attempts.

The result of traceroute does not always show the actual route. It is influenced by firewalls , incorrect implementations of the IP stack, network address translation , IP tunnels or the choice of a different path in the event of network overload and other factors.

Under Unix, there is usually also traceroute6 in addition to traceroute on IPv6- capable systems . Under Windows , Traceroute can be called as tracert.exe . In addition, there has been pathping since Windows 2000 , which is actually intended to check a complete network path , but can also be used as a faster trace route. The advantage of pathping is that it does not send the packets one after the other, but rather simultaneously, which results in shorter waiting times. The disadvantage is that it cannot cope with some faulty networks. Mtr has a similar functionality on Linux .

Windows traceroute sends ICMP packets by default, Unix traceroute works with UDP packets. Only special programs work with TCP packets, e.g. B. Tcptraceroute or LFT ( Layer Four Traceroute ). However, all of these trace route implementations rely on the returning ICMP packets. It makes sense to try different protocols and ports if a firewall is blocking traceroute. The use of UDP in particular is often problematic. Some Unix trace routes can be switched to ICMP with the “-I” parameter or to TCP with “-T”.

Examples

Traceroute under Unix and Linux (IPv4): 

$ traceroute wikipedia.de

traceroute to wikipedia.de (130.94.122.197), 30 hops max, 40 byte packets
 1  fli4l.Netz1 (192.168.0.1)  0.765 ms 0.651 ms 0.497 ms
 2  217.5.98.7 (217.5.98.7)  14.499 ms 14.648 ms 21.394 ms
 3  217.237.152.46 (217.237.152.46)  14.831 ms 13.655 ms 13.403 ms
 4  62.154.14.134 (62.154.14.134)  118.090 ms 119.522 ms 119.665 ms
 5  p16-1-0-3.r20.asbnva01.us.bb.verio.net (129.250.9.141)  117.004 ms 117.370 ms 117.073 ms
 6  p64-0-0-0.r21.asbnva01.us.bb.verio.net (129.250.2.35)  119.105 ms 119.284 ms 119.206 ms
 7  p16-0-1-2.r20.plalca01.us.bb.verio.net (129.250.2.192)  180.035 ms 195.498 ms 178.704 ms
 8  p16-1-0-0.r06.plalca01.us.bb.verio.net (129.250.3.81)  177.280 ms 177.263 ms 176.692 ms
 9  p4-0-3-0.r00.sndgca01.us.bb.verio.net (129.250.3.10)  194.322 ms 193.477 ms 193.743 ms
10  ge-1-1.a03.sndgca01.us.da.verio.net (129.250.27.84)  192.527 ms 193.003 ms 192.464 ms
11  Pliny.wikipedia.org (130.94.122.197)  192.604 ms 193.875 ms 194.254 ms

Traceroute under Linux (IPv6) 

$ traceroute6 de.wikipedia.org

traceroute to de.wikipedia.org (2620:0:862:ed1a::1), 30 hops max, 80 byte packets
1  fritz.box (2003:63:2422:8300:2665:11ff:fe8f:181f) 0.775 ms 1.246 ms 1.237 ms
2  2003:0:1803:820b::1 (2003:0:1803:820b::1)  21.247 ms 22.003 ms 22.515 ms
3  2003:0:1801:c368::2 (2003:0:1801:c368::2)  23.651 ms 23.641 ms 31.282 ms
4  2003:0:130b::1 (2003:0:130b::1)  29.941 ms 31.162 ms 30.457 ms
5  2003:0:130b:1a::2 (2003:0:130b:1a::2)  47.038 ms 47.041 ms 47.020 ms
6  100ge3-1.core1.ams1.he.net (2001:470:0:2d4::1)  39.003 ms 38.500 ms 38.108 ms
7  ae2.cr1-esams.wikimedia.org (2001:7f8:1::a504:3821:1)  40.027 ms 32.987 ms 33.217 ms
8  text-lb.esams.wikimedia.org (2620:0:862:ed1a::1)  32.432 ms 31.592 ms 32.141 ms

Tracert.exe under Windows (reference connection University of Augsburg - T-Online Frankfurt am Main): 

C:\> tracert www.t-online.de

Routenverfolgung zu www.t-online.de [217.6.164.162] über maximal 30 Abschnitte:
  1    <1 ms    <1 ms    <1 ms 137.250.124.250
  2    <1 ms    <1 ms    <1 ms csc72.Net.Uni-Augsburg.DE [137.250.90.250]
  3    <1 ms    <1 ms    <1 ms ar-augsburg1-ge3-1.x-win.dfn.de [188.1.37.137]
  4     3 ms 3 ms 3 ms cr-stuttgart1-po4-2.x-win.dfn.de [188.1.18.126]
  5     3 ms 3 ms 3 ms 62.156.138.237
  6     6 ms 6 ms 6 ms f-eb1.F.DE.net.DTAG.DE [62.154.17.138]
  7     6 ms 6 ms 6 ms rincewind.sfm.t-online.de [62.159.199.6]
  8     6 ms 6 ms 6 ms 217.6.167.198
  9     7 ms 6 ms 6 ms 217.6.164.162
Ablaufverfolgung beendet.

Pathping on Windows XP: 

C:\> pathping -p 1 -w 1000 -q 1 google.at

 Routenverfolgung zu google.at [66.249.93.104]
 über maximal 30 Abschnitte:
   0  cerberus [10.10.10.110]
   1  10.10.10.254
   2  80.123.142.xxx
   3  62.47.95.239
   4  172.19.89.145
   5  195.3.66.142
   6  195.3.70.37
   7  195.3.70.86
   8  de-cix10.net.google.com [80.81.192.108]
   9  209.85.249.180
  10  209.85.248.182
  11  209.85.248.79
  12  72.14.233.77
  13  66.249.94.46
  14  ug-in-f104.google.com [66.249.93.104]

 Berechnung der Statistiken dauert ca. 0 Sekunden...
             Quelle zum Abs.  Knoten/Verbindung
 Abs. Zeit   Verl./Ges.=   %  Verl./Ges.=   %  Adresse
   0                                           cerberus [10.10.10.110]
                                 0/   1 =  0%   |
   1    2ms     0/   1 =  0%     0/   1 =  0%  10.10.10.254
                                 0/   1 =  0%   |
   2    5ms     0/   1 =  0%     0/   1 =  0%  80.123.142.xxx
                                 0/   1 =  0%   |
   3   23ms     0/   1 =  0%     0/   1 =  0%  62.47.95.239
                                 0/   1 =  0%   |
   4   14ms     0/   1 =  0%     0/   1 =  0%  172.19.89.145
                                 0/   1 =  0%   |
   5   14ms     0/   1 =  0%     0/   1 =  0%  195.3.66.142
                                 0/   1 =  0%   |
   6   17ms     0/   1 =  0%     0/   1 =  0%  195.3.70.37
                                 0/   1 =  0%   |
   7   17ms     0/   1 =  0%     0/   1 =  0%  195.3.70.86
                                 0/   1 =  0%   |
   8   26ms     0/   1 =  0%     0/   1 =  0%  de-cix10.net.google.com [80.81.192.108]
                                 0/   1 =  0%   |
   9   38ms     0/   1 =  0%     0/   1 =  0%  209.85.249.180
                                 0/   1 =  0%   |
  10   34ms     0/   1 =  0%     0/   1 =  0%  209.85.248.182
                                 0/   1 =  0%   |
  11   40ms     0/   1 =  0%     0/   1 =  0%  209.85.248.79
                                 0/   1 =  0%   |
  12   35ms     0/   1 =  0%     0/   1 =  0%  72.14.233.77
                                 0/   1 =  0%   |
  13   51ms     0/   1 =  0%     0/   1 =  0%  66.249.94.46
                                 0/   1 =  0%   |
  14   39ms     0/   1 =  0%     0/   1 =  0%  ug-in-f104.google.com [66.249.93.104]

 Ablaufverfolgung beendet.

See also

Web links

Individual evidence

  1. RFC 1393 : Traceroute using an IP Option
  2. RFC 792 : Internet Control Message Protocol (ICMP)
  3. bitwizard.nl