Editing Traceroute

{{short description|Computer network diagnostic tool}}
{{about|the computer network diagnostic tool|the film|Traceroute (film)}}
{{lowercase}}
{{Infobox software
| name                   = 
| title                  = traceroute
| screenshot             = Traceroute screenshot.png
| caption                = The <code>traceroute6</code> command
| screenshot size        = 250px
| screenshot alt         = 
| collapsible            = 
| author                 = [[Van Jacobson]]
| released               = {{Start date and age|1987}}
| latest release version = 
| latest release date    = <!-- {{Start date and age|YYYY|MM|DD|df=yes/no}} -->
| programming language   = 
| platform               = [[Unix-like]] systems
| genre                  = [[Command (computing)|Command]]
| license                = 
| website                = 
| standard               = 
| AsOf                   = 
}}
{{Infobox software
| name                   = 
| title                  = tracert
| screenshot size        = 
| screenshot alt         = 
| collapsible            = 
| developer              = [[Microsoft]], ReactOS Contributors
| latest release version = 
| latest release date    = <!-- {{Start date and age|YYYY|MM|DD|df=yes/no}} -->
| programming language   = 
| platform               = [[Microsoft Windows|Windows]], [[ReactOS]]
| genre                  = [[Command (computing)|Command]]
| license                = Microsoft Windows: [[Proprietary software|Proprietary]] [[commercial software]]<br />
ReactOS: [[GNU General Public License]]
| website                = 
| standard               = 
| AsOf                   = 
}}

In [[computing]], '''<code>traceroute</code>''' and '''<code>tracert</code>''' are diagnostic [[command-line interface]] [[command (computing)|commands]] for displaying possible routes (paths) and transit delays of [[Network packet|packets]] across an [[Internet Protocol]] (IP) [[computer network|network]]. 

The command reports the round-trip times of the packets received from each successive host (remote node) along the route to a destination. The sum of the mean times in each [[Hop (networking)|hop]] is a measure of the total time spent to establish the connection. The command aborts if all (usually three) sent packets are lost more than twice.

[[Ping (networking utility)|Ping]], however, only computes the final round-trip times from the destination point.

For [[IPv6|Internet Protocol Version 6]] (IPv6), the tool sometimes has the name '''<code>traceroute6</code>'''<ref>{{Cite web|url=https://linux.die.net/man/8/traceroute6|title=Traceroute6(8) - Linux man page}}</ref> and '''<code>tracert6</code>'''.<ref>{{Cite web|url=https://linux.die.net/man/8/tracert6|title=Tracert6(8): IPv6 traceroute tool - Linux man page}}</ref>

== Implementations ==
A command is available in many modern [[operating system]]s, generally named <code>traceroute</code> in [[Unix-like]] systems such as [[FreeBSD]], [[macOS]], and [[Linux]] and named <code>tracert</code> in [[Microsoft Windows|Windows]] and [[ReactOS]].

The functionality was available graphically in macOS, but has been deprecated since the release of [[macOS Big Sur]].<ref>{{cite web |last1=Rossingol |first1=Joe |title=Network Utility Deprecated in macOS Big Sur |url=https://www.macrumors.com/2020/06/23/network-utility-deprecated-macos-big-sur/ |website=MacRumors |date=23 June 2020 |language=en}}</ref>

[[Windows NT]]-based operating systems also provide [[PathPing]], which combines the functionality of [[ping (networking utility)|ping]] with that of tracert. 

The ReactOS version was developed by Ged Murphy and is licensed under the [[GNU General Public License|GPL]].<ref>{{GitHub|https://github.com/reactos/reactos/blob/master/base/applications/network/tracert/tracert.cpp}}</ref>

On [[Unix-like]] operating systems, traceroute sends, by default, a sequence of [[User Datagram Protocol]] (UDP) packets, with destination [[port number]]s ranging from 33434 to 33534; the implementations of traceroute shipped with [[Linux]],<ref>{{man|8|traceroute|Linux}}</ref> [[FreeBSD]],<ref>{{man|8|traceroute|FreeBSD}}</ref> [[NetBSD]],<ref>{{man|8|traceroute|NetBSD}}</ref> [[OpenBSD]],<ref>{{man|8|traceroute|OpenBSD}}</ref> [[DragonFly BSD]],<ref>{{man|8|traceroute|DragonFly BSD}}</ref> and [[macOS]] include an option to use [[ICMP Echo Request]] packets (''-I''), or any arbitrary protocol (''-P'') such as UDP, TCP using [[TCP SYN]] packets, or ICMP.<ref name="comer_book" />

On Windows, tracert sends ICMP Echo Request packets, rather than the UDP packets traceroute sends by default.<ref>{{Cite web| url=https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/tracert | title=Tracert | website=[[Microsoft Docs]] | date=3 February 2023 | access-date=July 29, 2023}}</ref>

The [[Time to live|time-to-live]] (TTL) value, also known as ''hop limit'', is used in determining the intermediate routers being traversed towards the destination. Traceroute sends packets with TTL values that gradually increase from packet to packet, starting with TTL value of one. Routers decrement TTL values of packets by one when routing and discard packets whose TTL value has reached zero, returning the ICMP error message [[ICMP Time Exceeded]].<ref name="comer_book">{{cite book | title=Computer Network and Internets with Internet Applications | publisher=Pearson Education, Inc. | last=Comer |first=Douglas | year=2004 | pages=360–362 | isbn=978-0131433519}}</ref> For the first set of packets, the first router receives the packet, decrements the TTL value and drops the packet because it then has TTL value zero. The router sends an ICMP Time Exceeded message back to the source. The next set of packets are given a TTL value of two, so the first router forwards the packets, but the second router drops them and replies with ICMP Time Exceeded. Proceeding in this way, traceroute uses the returned ICMP Time Exceeded messages to build a list of routers that packets traverse, until the destination is reached and returns an [[ICMP Destination Unreachable]] message if UDP packets are being used or an [[ICMP Echo Reply]] message if ICMP Echo messages are being used.<ref name="comer_book" />

The timestamp values returned for each router along the path are the delay ([[Network latency |latency]]) values, typically measured in milliseconds for each packet.

The sender expects a reply within a configured number of seconds. If a packet is not acknowledged within the expected interval, an asterisk is displayed. 

The Internet Protocol does not require packets to take the same route towards a particular destination, thus hosts listed might be hosts that other packets have traversed. If the host at hop #N does not reply, the hop is skipped in the output.

If a network has a firewall and operates both Windows and Unix-like systems, more than one protocol must be enabled inbound through the firewall for traceroute to work and receive replies.

Some traceroute implementations use TCP packets, such as ''tcptraceroute'' and [[layer four traceroute]] (lft).  [[PathPing]] is a utility introduced with [[Windows NT]] that combines [[Ping (networking utility)|ping]] and traceroute functionality. [[MTR (software)|MTR]] is an enhanced version of ICMP traceroute available for Unix-like and Windows systems. The various implementations of traceroute all rely on ICMP Time Exceeded (type 11) packets being sent to the source.

{{Anchor|TRACEPATH}}
On Linux, ''tracepath'' is a utility similar to traceroute, with the primary difference of not requiring [[superuser]] privileges.<ref>{{Cite web
 | url = http://linux.die.net/man/8/tracepath
 | title = tracepath(8) – Linux man page
 | access-date = 2015-06-21
 | website = linux.die.net
}}</ref>

[[Cisco]]'s implementation of traceroute also uses a sequence of [[User Datagram Protocol|UDP]] datagrams, each with incrementing [[time to live|TTL]] values, to an invalid port number at the remote host; by default, UDP port 33434 is used. An extended version of this command (known as the ''extended traceroute'' command) can change the destination port number used by the UDP probe messages.<ref>{{cite web
 | url = http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00800a6057.shtml
 | title = Understanding the Ping and Traceroute Commands
 | work = Cisco IOS Software Releases 12.1 Mainline
 | date = 2006-11-29 | access-date = 2013-12-08
 | publisher = cisco.com
}}</ref>

== Usage ==
[[Image:Visual traceroute.png|thumb|right|350px|Router addresses can be superimposed upon maps of their physical locations. This example shows a request from New Zealand to an IP address in [[Massachusetts]] which takes a route that passes through Europe.]]

Most implementations include options to specify the number of queries to send per hop, time to wait for a response, the hop limit and port to use.  Invoking traceroute with no options displays the list of available options

For Linux, ''man traceroute'' presents more details, including the displayed error flags. 

For example:

<syntaxhighlight lang="console">
$ traceroute -w 3 -q 1 -m 16 example.com
traceroute to example.com (93.184.216.34), 16 hops max, 52 byte packets
 1  192.x.x.x (192.x.x.x)  5.152 ms
 2  10.x.x.x (10.x.x.x)  12.767 ms
 3  172.x.x.x (172.x.x.x)  11.638 ms
 4  172.x.x.x (172.x.x.x)  13.193 ms
 5  xxx.x.x.x.cox.net (68.x.x.x)  20.624 ms
 6  xxx.xxx.xxx.edgecastcdn.net (192.x.x.x)  56.205 ms
 7  xxx.xxx.xxx.edgecastcdn.net (192.x.x.x)  24.573 ms
 8  *
 9  *
10  93.x.x.x (93.x.x.x)  22.810 ms
11  93.x.x.x (93.x.x.x)  20.235 ms
</syntaxhighlight>

In the example above, selected options are to wait for three seconds (instead of five), send out only one query to each hop (instead of three), limit the maximum number of hops to 16 before giving up (instead of 30), with ''example.com'' as the final host. On line 8 and 9 (TTLs 8 and 9) it shows asterisks where the router did not respond within the timeout.

== Value ==

Traceroute can help identify incorrect routing table definitions or firewalls that may be blocking ICMP traffic, {{clarify span|or high port UDP in Unix ping, to a site.|date=November 2020}} A correct traceroute response does not guarantee connectivity for applications as a firewall may permit ICMP packets but not permit packets of other protocols.

Traceroute is used by penetration testers to gather information about network infrastructure and IP address ranges around a given host.

Traceroute can be used to optimize data download. If there are multiple mirrors available for the same resource, each mirror can be traced to find the fastest.

== Origins ==
The traceroute [[Unix manual|manual page]] states that the original traceroute program was written by [[Van Jacobson]] in 1987 from a suggestion by [[Steve Deering]], and that Guy Almes and Matt Mathis also had the idea concurrent with Deering.<ref>{{Cite web|url=https://cgit.freebsd.org/src/tree/usr.sbin/traceroute6/traceroute6.c|title=traceroute6.c source code|date=2022-10-04|access-date=2023-09-17}}</ref> The author of the [[Ping (networking utility)|ping]] program, [[Mike Muuss]], states on his website that traceroute was written using kernel ICMP support that he had earlier coded to enable raw ICMP sockets when he first wrote the ping program.<ref>{{cite web |url=https://ftp.arl.army.mil/~mike/ping.html |title=The Story of the PING Program}}</ref>

== Limitations ==
Traceroute has multiple limitations.<ref>{{cite web|url=https://www.netbraintech.com/blog/limitations-of-traceroute/|title=Limitations of Traceroute Explained|author=Ray Belleville|date=March 3, 2017}}</ref> Traceroute does not discover paths at the router level, but at the interface level. Another limitation appears when routers do not respond to probes or when routers have a limit for ICMP responses.<ref>{{Cite conference|last1=Marchetta|first1=P.|last2=Montieri|first2=A.|last3=Persico|first3=V.|last4=Pescapé|first4=A.|last5=Cunha|first5=Í|last6=Katz-Bassett|first6=E.|conference=2016 IEEE International Symposium on Local and Metropolitan Area Networks (LANMAN) |title=How and how much traceroute confuses our understanding of network paths |date=June 2016|pages=1–7|doi=10.1109/lanman.2016.7548847|isbn=978-1-4673-9882-4|s2cid=4643833}}</ref> In the presence of traffic [[Load balancing (computing)|load balancing]], traceroute may indicate a path that does not actually exist; to minimize this problem there is a traceroute modification called Paris-traceroute,<ref>{{Cite web|url=http://paris-traceroute.net/|title=Paris Traceroute|website=paris-traceroute.net|language=en-gb|access-date=2017-06-10}}</ref> which maintains the flow identifier of the probes to avoid load balancing.

== See also ==
* [[Looking Glass server]]
* [[netsniff-ng]] – a Linux networking toolkit with an autonomous system traceroute utility

== References ==
{{Reflist}}

==Further reading==
*{{Cite book|first=Æleen|last=Frisch|year=2001|title=Windows 2000 Commands Pocket Reference|publisher=[[O'Reilly Media|O'Reilly]]|isbn=978-0-596-00148-3}}
*{{Cite book|first=William R.|last=Stanek|year=2008|title=Windows Command-Line Administrator's Pocket Consultant, 2nd Edition|publisher=[[Microsoft Press]]|isbn=978-0735622623}}
*{{Cite book|first=Daniel J.|last=Barrett|year=2012|title=Macintosh Terminal Pocket Guide: Take Command of Your Mac|publisher=[[O'Reilly Media|O'Reilly]]|isbn=978-1449328986}}

== External links ==
{{Wikibooks|Guide to Windows Commands}}
* {{IETF RFC|1393|link=no}}: Traceroute using an IP Option Internet RFC
* [https://www.inetdaemon.com/tutorials/troubleshooting/tools/traceroute/definition.shtml How traceroute works – InetDaemon]
* [https://technet.microsoft.com/en-us/library/bb491018.aspx Tracert]{{snd}} Windows XP Command-line reference

{{Unix commands}}
{{Windows commands}}

[[Category:Network analyzers]]
[[Category:Free network management software]]