Traceroute (Tracert): What Does it Do and How to Run a Command?

What is Traceroute?

Traceroute is a network diagnostic tool designed to trace the path that packets of information take from a source to a destination across an IP network. It works by sending a series of Internet Control Message Protocol (ICMP) echo requests to the target, each with incrementally increasing Time-To-Live (TTL) values. The TTL mechanism ensures that packets don't circulate indefinitely due to routing loops or errors. As a router forwards each packet, its TTL decreases by one. When the TTL of a packet reaches zero before it arrives at the destination, the router discards the packet. It sends back an ICMP "Time Exceeded" message to the sender.

By examining these "Time Exceeded" messages, traceroute identifies the routers that packets pass through on their way to the destination. This process allows users to understand the route packets take through the network, identifying any points of failure or delays. The tool completes its route tracing when it sends a packet with a TTL high enough to reach the destination, which then responds with an ICMP echo reply, signaling successful arrival. This method provides valuable insights into the network's performance, helping diagnose connectivity issues and pinpoint where they occur along the packet's journey.

---

• What Does Traceroute Do?
• What is Traceroute Used For?
• How to Run a Traceroute Command
• Additional Traceroute Commands
• How to Interpret Traceroute Results
• What is the Difference Between Ping and Traceroute?
• Troubleshooting with Traceroute
• Summary

---

What Does Traceroute Do?

Traceroute, also known as tracert, operates by transmitting a data packet to an accessible UDP (User Datagram Protocol) port on a target machine. The TTL (time to live) for the first three packets is set to 1 by Traceroute, after which the packet is released. The packet is then transferred to the first router, completing the first hop, and the router reduces the TTL from 1 to 0.

When a packet reaches the router, it's inspected for its time to live (TTL). If the TTL is zero, the router discards the packet and notifies the original host using an ICMP (Internet Control Message Protocol) notification packet. This process determines the first network hop and the time taken to reach it. Traceroute repeats this process, incrementing the TTL until a path to the remote host is identified. Once the remote host is reached, it sends an ICMP Port Unreachable message to indicate that the tracing process is complete.

What is Traceroute Used For?

Traceroute is a useful tool that helps us understand how data travels across the internet from one computer to another, such as from your computer to a website you want to visit. Imagine sending a letter through the mail; traceroute shows you every post office (or "hop") your letter stops at before reaching its final destination. This information is valuable because it helps identify where delays occur if a website is slow to load or if there's a problem in the internet's complex network of connections.

By showing the path your data takes, traceroute can pinpoint where the connection is strong and where it breaks down or slows down. This is especially helpful for network administrators and IT professionals who need to ensure data travels efficiently across the internet. They use traceroutes to diagnose network issues, improve the routing of data to avoid congested paths, and ensure that the network infrastructure is optimized for speed and reliability. In short, traceroute provides a map of the internet's highways, helping experts maintain and improve our online experience.

How to Run a Traceroute Command

Windows Environment

You can access Traceroute at a DOS or command prompt. An Internet connection should already be established.

1. In a Windows 2000 or XP environment, click Start, then Run. Type cmd into the dialog box, then hit OK.
   • In newer versions of Windows, go to the Start screen or menu and enter cmd to launch the command prompt.
     
2. In the command line window, type the tracert hostname, where the hostname can be a domain name, a machine name, or an IP address.

   Example:

   tracert example.com

   
3. Click Enter.

Mac OS X Environment

1. Open your Terminal.
2. In your Terminal window, type the traceroute hostname, where the hostname can be a domain name, a machine name, or an IP address.
3. Press Return. The traceroute appears in the Terminal window.
   

Linux/UNIX Environment

1. Launch a command-line interface (this will vary depending on the operating system distribution).
2. In the command line window, type traceroute hostname, where hostname can be a domain name, a machine name, or an IP address.

   Example:

   traceroute example.com

3. Click Enter.

Additional Traceroute Commands

These extra commands will work in any environment except for the Novell operating system:

1. Open your applications folder.
2. Go to your utilities and double-click on your Terminal app.
3. In the terminal window, type traceroute example.com.

   Note: Replace example.com with the domain you are tracing to.

4. Click Enter.
5. Launch a command-line interface (this will vary depending on the operating system distribution).
6. In the resulting command line window, type traceroute hostname, where hostname can be a domain name, a machine name, or an IP address.

   Example:

   traceroute example.com

7. Click Enter.

The Commands

• To stop the traceroute, type Ctrl-C.
• To print the traceroute results to a text file on a local drive, add > textname.txt to the command.
  • For example:

    tracert www.example.com > tracert.txt

    Doing so will save the results to a tracert.txt file located on the primary hard drive.

• To append the results of more than one traceroute to the same text file on your local drive, add >> tracert.txt to the command:
  • For example:

    tracert www.example.com >> tracert.txt

    Doing so will save the results to the same tracert.txt file located on the primary hard drive.

How to Interpret Traceroute Results

Each entry or network hop is a location the packet goes through to reach its intended destination. If it times out, it could indicate an issue at that particular point or the incorrect routing of the packet. This leads to its inability to reach the intended destination.

Below is an example of traceroute or tracert results.

The first column shows the number of hops.

The following three columns show the time it takes to reach each hop to measure any latency.

The last column shows the IP addresses or domains for each hop.

The asterisk indicates a response wasn't received. Note that some routers do not issue TTL-expired ICMP messages.

What is the Difference Between Ping and Traceroute?

Ping and traceroute are tools used to diagnose the health and performance of networks, but they serve different purposes and provide different kinds of information.

Ping is like a digital "hello" sent from one computer to another over the internet. It measures how long it takes for a small piece of data to travel from your computer to a specific destination (like a website or another computer) and back again. This measurement, called latency, is usually given in milliseconds. If the ping is high, it means there's a delay, which can make online activities like gaming or video conferencing laggy. Ping is a basic way to check if a particular device on the internet is reachable and how quickly it responds.

Traceroute, on the other hand, tells you the path that your data takes to reach its destination and shows every stop or "hop" along the way. Each of these hops represents a router or switch that helps guide your data across the internet. Traceroute measures the time it takes to get to each hop and can help identify where delays are happening in the network. This is useful for pinpointing where problems occur in the network path from your computer to the destination.

In summary, while ping gives you a quick measure of the round-trip time between you and a destination, traceroute provides a detailed map of the journey your data takes. This includes where delays might be happening. Together, they're valuable tools for diagnosing network performance issues.

Troubleshooting with Traceroute

Troubleshooting network issues with traceroute involves understanding how data packets travel through the internet and identifying where delays might occur. Here are some key factors that impact hop times and insights into when high latency matters:

Factors Impacting Hop Times

• Network congestion. Just like traffic jams on a highway, data packets can experience delays when too many packets are trying to use the same network path. High traffic volumes can slow down packet transmission between hops.
• Distance. The physical distance data packets must travel between your computer and the destination server can affect hop times. The farther the data has to travel, the longer it takes. This can be mitigated by efficient network routing.
• Router processing times. Each hop in a traceroute represents a router or a switch that forwards data packets to the next destination. The speed at which these devices process and forward the packets can vary based on their hardware capabilities and current load, which can impact hop times.
• Network hardware and infrastructure. The quality and capacity of cables (such as fiber optic vs. copper), routers, and switches along the path can affect transmission speeds. More modern and higher-capacity infrastructure generally offers lower latency.
• Packet routing and policies. Sometimes, the chosen path for data packets is not the most direct due to routing policies, security measures, or peering agreements between ISPs. This can lead to longer hop times if the packets are taking a roundabout route to the destination.

When Does High Latency Matter?

High latency, or delay, can impact user experience and application performance, especially in certain scenarios:

• Real-time applications. Video conferencing, online gaming, and live streaming require timely data transmission for smooth operation. High latency in these applications can lead to delays, buffering, and desynchronization, which affects usability and enjoyment.
• Interactive services. Services that require quick responses, such as web browsing, instant messaging, and online transactions, become frustratingly slow for users when faced with high latency.
• VoIP calls. Voice over Internet Protocol (VoIP) calls can suffer from noticeable delays, echoes, or interruptions when latency is high, which leads to poor call quality.

Summary

Traceroute is a tool you can use to identify routing hops that data has to pass through while traveling across nodes. It helps you identify response time latencies as well. If the data is unable to reach its destination, Traceroute or tracert can be used to determine points of failure.