How to Read a Traceroute

enginpiril

Piril Kavlak

Posted on June 3, 2024

How to Read a Traceroute

How to Run the Traceroute Command

Running a traceroute is very simple. The first step is to bring up a command prompt on your computer. The specific method will depend on your operating system. For Windows 10, for example, you can simply click on the start button and type CMD to bring up the options below.
Image description
Figure 1: Command Prompt options in Windows 10.

From here, simply click on the Command Prompt app to open it. When your command prompt has loaded, just type the command tracert followed by the destination you want to use to run the test. For example, to run a test to catchpoint.com, you would type tracert catchpoint.com and hit enter. (For Linux and macOS devices, you would type traceroute catchpoint.com instead.)

Available Options for the Traceroute Command

In most cases, the default traceroute command will give you the information you need. However, there are some additional options that you can use to get more details or change how the command runs. Accessing these options is done by adding one or more option flags after the traceroute command and before the destination.

How to Read the Results from a Traceroute

One of the best things about the traceroute tool is that once you learn how to read the results, you can understand the information it provides with just a quick glance. When you look at the example results of the traceroute listed above, you will see several key pieces of information.

The following table breaks down the key information you will see:
Image description

Hop Number

The first column just tells you which hop the trace is on. Whenever you access the Internet (or even data on an internal network), the data travels from one piece of hardware to another. These will typically be routers, but could also be switches, servers, or even computers. Each of these pieces of hardware that the data goes through is considered a hop.

Round Trip Time (RTT) Results

The next three columns show the amount of time it took data to go from the source (typically your computer) to that hop and back. This is measured in milliseconds.

Common Problems Discovered with Traceroute

You can use this command to look for various network issues and, based on the results displayed, determine what types of problems may be present.

Asterisks (Timeouts) at Various Points

The most common issue you will see with a traceroute is a timeout response, which is represented by an asterisk (*). These happen quite frequently and for a variety of different reasons. In the following example, you can see multiple hops have asterisks when attempting to run a traceroute to google.com.



C:\Users>tracert google.com
Tracing route to google.com [2607:f8b0:4009:819::200e]
Over a maximum of 30 hops:
1              1ms        1ms        1ms        2601:404:cf00:75c0:e2db:d1ff:fe1d:23ad
2              8ms        *             *             2001:558:4020:30::1
3              9ms        11ms     13ms     2001:558:112:3c0a::1
4              12ms     9ms        10ms     2001:558:110:b02c::1
5              *             20ms     *             2001:558:110:f1::1
6              34ms     20ms     27ms     2001:558:110:71::2
7              *             21ms     21ms     be-32131-cs03.350cermak.il.ibone.comcast.net [2001:558:3:2ae::1]
8              21ms     *             *             be-2311-pe11.350cermak.il.ibone.comcast.net [2001:558:3:72::2]
9              20ms     20ms     21ms     2001:559::11b2
10           19ms     20ms     20ms     2607:f8b0:831d::1
11           22ms     23ms     23ms     ord38s30-in-x0e.1e100.net [2607:f8b0:4009:819::200e]
Trace Complete
C:\Users>


Enter fullscreen mode Exit fullscreen mode

Figure 2: Example output of traceroute to Google.

When you see an asterisk, it will mean one of the following things:

  • Single Asterisk on a Hop: This means that the request timed out on just one of the three attempts. This can be a sign that there is an intermittent problem at that hop.
  • Three Asterisks, Then Failure: If you see all three attempts at a hop have asterisks and then the traceroute errors out, it means that the hop is completely down.

Elevated Latency After One Hop

If everything looks fine for several hops, but then the response times jump up significantly at one point, and each hop after that remains high, it likely means a problem either at that hop or on the connection between it and the previous one.

Conclusion

The traceroute command is an essential tool for understanding the path your data takes across a network and for identifying connectivity issues along that path. By running traceroute tests to various destinations and analyzing the output, you can gain visibility into latency, loss, and other problems that may exist.

Key things to look for when interpreting traceroute results include asterisks indicating timed-out requests, sudden spikes in round-trip latency, and missing or unresponsive hops. These can help narrow down where an issue lies.

While traceroute has some limitations in very large or complex networks, it remains one of the simplest first steps in network troubleshooting. Understanding how to properly run the command, configure options like setting the maximum hops, and read the output is critical for anyone working with networks.

With a bit of practice reading traceroute results, the information it provides can save you substantial time getting to the root cause of connectivity and performance issues. It is a tool that should be in every network engineer's toolbox.

Read more at https://www.catchpoint.com/network-admin-guide/how-to-read-a-traceroute.

💖 💪 🙅 🚩
enginpiril
Piril Kavlak

Posted on June 3, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related