Tracert or Traceroute: What It Is, How It Works or How It Is Used

Connectivity has become crucial to our daily lives, from a consultation on a website, the transaction or authorization in a transaction, to the real-time view of inventoriesor product delivery. Behind all this is the operation of the network, so it is important to have tools and knowledge to understand what may be causing problems in its operation.

What is Tracert or Traceroute?

One resource is the Tracert or Traceroute command, which is a network diagnostic tool used to track the path followed and round-trip times by a data packet on a network, from the source to its destination IP or hops on routers, switches, or any device that handles and forwards IP traffic.

Availability on Windows, GNU/Linux and Mac operating systems.

Now, Tracert and Traceroute are pretty much the same thing: Tracert is the command used for Windows environments; while Traceroute, is used on GNU/Linux and Mac.

Funciones Principales de Traceroute

  • Diagnosing problems in home or business networks.
  • Identification of points of error in the Internet connection.

Traceroute has two main functions:

Diagnosis of problems in home or business networks, through the analysis of the results obtained after the execution of this tool, as it allows us to analyze the sequence of hops that it takes from the source to the IP destination.
This allows us to find out information about the topology of the network that packets go through and which devices are involved in routing them.
Identification failure points in the Internet connection,by detecting the sections where delays or losses of data packets take place, since the response times of each hop can be displayed throughout the route. Tracks with congested links or where it is taking too long to respond can be identified. This helps you find out where a configuration update or adjustment might be needed for best performance. It also allows you to detect disconnection points when data packets do not reach the final destination, displaying an error message or an asterisk line.

Beyond identifying problems in the network or failure points, Traceroute also helps to anticipate possible network degradations in the network, so that the IT team can take preventive actions that guarantee stability and the constant and efficient information flow.

How Traceroute Works?

1. Use of ICMP (Internet Message Control Protocol)

Traceroute uses Internet Message Control Protocol (ICMP) to detect any problems during network connection and locate exactly where packet loss is occurring. For example, if the longest delay takes place on the local router, it means that you should start fixing the problem there.
Traceroute also works with the User Datagram Protocol (UDP) if specified.

2. Time To Live (TTL) field in the IP header

Traceroute works by sending a series of packets with increasing Time-To-Live (TTL) values and tracking the response of each intervening device along the route. The function of TTL is to limit the lifespan of a package. In case of network problems, TTL prevents packets from being trapped in a network indefinitely. The initial TTL value is set to one and incremented with each new packet sent. As the packet goes through the network, each router decreases the TTL value by one. This is because for each router the packet goes through, its TTL drops to 0 and sends the sender an ICMP timeout message.

3. Sending messages to specific nodes for information

For receiving more specific information, you may limit the number of hops to be made, in order to limit the search in a specific part of the route or network.
In operating systems such as Linux, it is also possible to specify the outbound network interface for sending packets, or even the destination port if you are sending UDP packets.

Traceroute Usage

  • Run from Command Prompt or Windows PowerShell.
  • Basic command: `tracert`.

Users can run the Traceroute or Tracert command through the built-in command line application. The method to run it is based on the computer’s operating system, as follows:

On Windows

Open run by pressing the windows + R key, type cmd and click OK.

A command pop-up window opens in which to type tracert, the domain and then press Enter. In case of not typing the domain, the configuration options that you may use will come out:

  • -d :Save hops by not converting IPs to server names.
  • -h :Followed by a number, will be the maximum hops allowed (by default it is 30).
  • -j :List of allowed hosts (only on one IP).
  • -w :Maximum waiting time in milliseconds to determine if a point is not working.
  • -R :It follows the return path, it is used with IPv6.
  • -S :The Source address is followed by the source address in IPv6.
  • -4 :It forces only the IPv4 path to be followed.
  • -6 :It forces only the IPv6 path to be followed.

For routine use, the command is executed, with the domain and enter. A window will appear showing each hop, the timeout of each of the packets and the IP or server name, along with the IP of each point on the network.

At the end, the text “Trace Complete” is printed to indicate that the destination was reached. In case of error, three different messages are generated in the IP column or in the times with an asterisk:

  • Asterisk in times column:It indicates that at this network point the waiting time was exceeded and that packet will no longer be sent. It may happen one, two or all three times.
  • Timeout exceeded for this request:When the time is up for the 3 packets, this message will come out on the right, also indicating that no packet exceeded this point in the network. In these cases, the command retries it up to the maximum number of hops (30, by default).
  • Destination network unreachable:Packets reached a point that does not exist or there is an error.

Let’s see some screens as an example of what the tracert command throws:

1. Showing IP address and hostname if resolved:

2. Showing IP address only:

The basic command is tracert , from CMD or PowerShell. Just enter the command and indicate a domain name or destination IP “tracert”. Should you wish to see the help manual, just run “tracert /?”, where you may also see some command options to indicate the number of maximum hops for packets. The instruction not to convert addresses into hostnames or indicate a path of specific hosts through which the packets will go through, instead of following an automatic path.

On Linux

The traceroute command is written in the console followed by the domain you wish to query:

After the domain, you may add requests that adjust the command settings:

  • -I : It switches from UDP packets to ICMP packets (which are the ones used by Windows).
  • -n : It displays the results without the server name, only the IP.
  • -q : After the number of packets, to send a number of packets other than 3.
  • -d : Enable socket-level debugging.
  • -m : Followed by a number to indicate the maximum number of hops, which is 30 by default.
  • -w : Followed by a number that is the milliseconds of maximum wait.
  • -r : It avoids normal routing and sends packets more directly.
  • -p : Followed by the port, to change the default query port.
  • -g : Followed by an IP address, to send the packets indicating a specific source IP.

For a Mac, you’ll need to use Terminal. The command specifications are identical to those you indicated for Linux.

Let’s look at some sample screens of running the traceroute command on Linux/Mac:

1. Showing IP address and hostname if resolved

2. Showing IP address only

3. Visualización de la dirección IP real del dominio.

4. Listado de nodos y routers con direcciones IP y latencia.

Considerations and Limitations

As in any IT tool or resource, there are limitations and considerations that must be taken into consideration in order not to degrade network performance or expose equipment security:

Time Limitations

The time to send packets and receive responses may vary. This means that the results obtained may not be accurate or consistent. If there is network congestion or servers are protected by firewalls, some responses may not arrive on time or may be blocked.

Asymmetric paths

The command displays the path of a data packet from a device to the destination, but does not guarantee that the return path will be the same. This is because flexible routing systems exist and the results obtained may not represent the full path.

Safety Limitations

The Traceroute command reveals information about devices and servers en route to the destination, resulting in a privacy issue, especially if the command is used on public networks or servers store sensitive information.

Equipment limitations

It should be noted that some computers on the network may be configured not to respond to tracert messages. If so, you will surely receive a timeout message instead of actual replies.

Devices may also be limited in the amount of ICMP traffic allowed, resulting in incomplete responses along the route. It should also be noted that, in some networks that use NAT, you could only see the IP address of the last router before the data packet reaches the final destination. This happens because NAT rewrites IP addresses in packets as they move through the network.

Finally, if you do not use a host listing, it is likely that automatic routing will be used, and the response to the command could vary, resulting in inconsistencies between different times or from different locations, as you can see if we compare the captures we saw above in Windows and Linux.

Traceroute Practical Applications

Diagnosis of website connection problems

For diagnosing connectivity problems, it allows to quickly visualize where this problem would be occurring, since you may see the exact path that the packets follow to their interruption point. It will be possible to assess whether the problem is related to your own internet connection, your ISP or the network infrastructure itself.

Identification of connection loss in local networks

For the local network, Traceroute can identify where bottlenecks, potential routing issues, or network configuration issues are located.

Problem diagnosis with Pandora FMS

Tools such as traceroute help us identify possible problems in the network, asymmetric paths or with substantial delays, among others. However, this is not the most important tool or the only one that can help us solve problems on the network. Here are some of the tools available to Pandora FMS to solve your network problems:

  • SNMP network interface monitoring.
  • Latency time monitoring (ICMP).
  • TCP port monitoring.
  • Packet loss monitoring.
  • Viewing routes (via traceroute).
  • Hop count (via traceroute). Through a plugin from our library, which counts the number of hops from one point to another.

Traceroute Conclusions

Connectivity means communication that is required immediately and without friction due to the impact on the business operation, the productivity of the company’s collaborators, the employee’s response to internal customers (other business units) and external customers (end customer, suppliers and business partners). So solving and anticipating network problems has become a very important task. The Tracert or Traceroute command is a fundamental part in diagnosing the network state, identifying connectivity problems between the source and the destination, as well as failures at specific points. Likewise, Traceroute allows you to take preventive actions by identifying the sections where the links are congested or where the response time is longer than expected.

Traceroute FAQs

Are Traceroute and Tracert the same?

Traceroute and Tracert serve the same general function. The only significant difference is that the “traceroute” command is used on GNU/Linux and Mac systems, while “tracert” is used on Windows systems.[4] [5] Of course, they have their differences, but essentially they are very similar tools, whose function is to analyze the path that data packets follow between the source and their destination. The execution structure or parameters used vary between traceroute and tracert.

What is the follow-up path?

The tracking path when we use traceroute is nothing more than the sequence of nodes, routers or hops through which packets transit from the source to their destination. With the increasing TTL forwarding from the source and decreasing by each router that goes through, users may identify hops through which data packets went through.

What is the difference between ping and traceroute?

Basically, the ping command checks the availability of a specific host, while traceroute shows the path followed and the time it takes each hop to reach that host.

Talk to our sales team, ask for a quote, or ask your questions about our licenses