Traceroute

This diagnostic utility determines the route taken to a destination by sending Internet Control Message Protocol (ICMP) echo packets (like ping) with varying Time-To-Live (TTL) values to the destination. Each router along the path is required to decrement the TTL on a packet by at least 1 before forwarding it, so the TTL is effectively a hop count. When the TTL on a packet reaches 0, the router is supposed to send back an I C M P Time Exceeded message to the source system.

Tracert determines the route by sending the first echo packet with a TTL of 1 and incrementing the TTL by 1 on each subsequent transmission until the target responds or the maximum TTL is reached.

The route is determined by examining the ICMP Time Exceeded messages sent back by intermediate routers. Notice that some routers silently drop packets with expired time-to-live (TTLs) and will be invisible to tracert.

Parameters:

tracert [-d] [-h maximum_hops] [-j computer-list] [-w timeout] target_name -d Specifies not to resolve addresses to computer names. -h maximum_hops Specifies maximum number of hops to search for target. -j computer-list Specifies loose source route along computer-list. -w timeout Waits the number of milliseconds specified by timeout for each reply. target_name Name of the target computer.

tracert is also know as traceroute on Unix Systems

Maintenance Commands                              traceroute(1M)

NAME traceroute - print the route packets take to network host

SYNOPSIS traceroute [ -dFInvx ]  [ -f first_ttl  ]  [-g gateway    [ -g gateway ... ]  | -r ]  [ -i iface ]  [ -m max_ttl ]  [ -p port ] [ -q nqueries ]  [ -s src_addr ]  [ -t tos  ]   [ -w waittime ] host [ packetlen ]

DESCRIPTION The Internet is a large and complex aggregation of  network hardware, connected   together  by  gateways. Tracking the route a packet follows can be difficult. The utility  tra- ceroute  traces  the  route  that  an  IP packet follows to     another internet host.

traceroute utilizes the IP  protocol  ttl  (time  to  live) field and attempts to elicit an ICMP TIME_EXCEEDED response from each gateway along the path, and a PORT_UNREACHABLE(or     ECHO_REPLY  if  -I  is  used)  response from the destination host. It starts by sending probes  with  a  ttl  of  1  and increases by 1 until it either gets to the host, or it hits the maximum ttl. The default maximum ttl is  30  hops,  but this can be set by the -m option.

Three probes are sent at each ttl setting, and  a  line  is     printed showing the ttl, the hostname and the address of the gateway, and the rtt (round trip time) of each  probe. The number of  probes  may  be  specifically  set  using the -q option. If the probe answers come from different gateways, the hostname and the address of each responding system will be printed. If there is  no  response  within  a  5  second timeout interval,  a  "*" is printed for that probe. The -w option may be used to set the timeout interval. Other possi- ble annotations that may appear after the time are:

!        the ttl value in the received packet is <= 1.

!H       host unreachable.

!N       network unreachable.

!P       protocol unreachable.

!S       source route failed. This should never occur. If              this is seen, the associated gateway is broken.

!F       fragmentation needed. This should never occur. If              this is seen, the associated gateway is broken.

!X       communication  administratively  prohibited.

SunOS 5.7           Last change: 26 Jun1998                    1

Nmap - PortScanning

tcpdump