Generally, when we connect to remote hosts, our traffic doesn’t go directly to the desired machine. Instead, it goes through multiple routers on the network.
To track the exact route a given packet takes, we can make good use of the traceroute command.
If we don’t have traceroute already installed, we’ll need to do that first. For instance, in Ubuntu, the command to install traceroute is:
$ sudo apt install traceroute
Let’s start with a simple example – let’s execute the traceroute command for the baeldung.com domain:
$ traceroute baeldung.com
The output should look like the following:
traceroute: Warning: baeldung.com has multiple addresses; using 220.127.116.11 traceroute to baeldung.com (18.104.22.168), 30 hops max, 60 byte packets 1 192.168.100.1 (192.168.100.1) 5.810 ms 0.791 ms 0.704 ms 2 10.100.0.1 (10.100.0.1) 1.854 ms 2.031 ms 1.775 ms 3 10.30.140.1 (10.30.140.1) 1.906 ms 2.216 ms 1.896 ms 4 22.214.171.124.ip4.epix.net.pl (126.96.36.199) 5.068 ms 5.190 ms 5.205 ms 5 ae48-48.r7.poland-rs.thinx.atman.pl (188.8.131.52) 5.219 ms 5.394 ms 5.244 ms 6 cloudflare.thinx.pl (184.108.40.206) 5.787 ms 6.500 ms 6.107 ms 7 220.127.116.11 (18.104.22.168) 5.379 ms 5.238 ms 5.219 ms
The first line informs us of what destination address will be used for this test.
Secondly, we’re informed of two things: The maximum number of hops the packet can take to reach the destination and the size of the packet. In our case, we have a maximum number of 30 hops and a packet with a size of 60 bytes. By default, traceroute uses three probe packets per hop.
The rest of the output shows all the routers that our packets went through. In each of the lines, we can find information about the name and IP address of the host. The next three values represent the round-trip times for a given router.
In our case, to connect to baeldung.com, the request needs to go through seven different routers. In the output, we can see that the first one is a router in the local network (192.168.100.1) and the last one (22.214.171.124) is the destination host for the baeldung.com domain.
Note that, the results may be different depending on our location and, even without changing the location, the results may change. Router protocols may choose a different packet path based on, for example, router availability and usage metrics.
4. Use IPv4 or IPv6
By default, the traceroute command uses IPv4 addresses for tracing the request. We can tell it to use the IPv6 address by adding a -6 parameter before the hostname. The equivalent tor traceroute -6 is the traceroute6 command:
$ traceroute6 baeldung.com
The output should look like the following:
traceroute to baeldung.com (2606:4700:3030::6812:3e4e), 30 hops max, 80 byte packets 1 2001:2e8:665:0:2:2:0:1 (2001:2e8:665:0:2:2:0:1) 0.083 ms 0.048 ms 0.044 ms 2 2001:2e8:22:204::2 (2001:2e8:22:204::2) 25.128 ms 25.047 ms 25.025 ms 3 2001:2e8:20::22:11 (2001:2e8:20::22:11) 1.106 ms 25.830 ms 1.007 ms 4 xe-0-0-14-1.a02.tokyjp05.jp.bb.gin.ntt.net (2001:218:2000:5000::305) 0.908 ms 1.197 ms 1.097 ms 5 ae-25.r02.tokyjp05.jp.bb.gin.ntt.net (2001:218:0:2000::59) 1.515 ms 1.744 ms 1.785 ms 6 ae-4.r30.tokyjp05.jp.bb.gin.ntt.net (2001:218:0:2000::11a) 1.466 ms 1.538 ms ae-4.r30.tokyjp05.jp.bb.gin.ntt.net (2001:218:0:2000::11a) 1.337 ms 7 ae-3.r00.tokyjp08.jp.bb.gin.ntt.net (2001:218:0:2000::2d7) 1.857 ms 1.839 ms ae-3.r00.tokyjp08.jp.bb.gin.ntt.net (2001:218:0:2000::2d7) 1.901 ms 8 as7515.ntt.net (2001:218:2000:5000::26) 2.717 ms 2.419 ms 2.325 ms 9 2400:cb00:22:1024::a29e:759c (2400:cb00:22:1024::a29e:759c) 2.115 ms 1.985 ms 2400:cb00:22:1024::a29e:759f (2400:cb00:22:1024::a29e:759f) 2.272 ms
As we can see, the results are very similar to those when using IPv4. This time we have nine routers. For each one of them, we get the hostname, IPv6 address and three round trip times.
Beware, that IPv6 connectivity can be disabled by the internet service provider. For example, AWS doesn’t support IPv6 on their instances. In such cases we will see below output:
traceroute6: Warning: baeldung.com has multiple addresses; using 2606:4700:3036::6812:3f4e connect: No route to host
We can overcome this issue by using an online traceroute tool.
5. Additional Options
The command gives us many additional options. We can find all of them along with a description on the Linux man page. Let’s look at a few of them.
5.1. Maximum Number of Hops
By adding an extra -m parameter we can specify the maximum number of hops traceroute will probe:
$ traceroute -m 3 baeldung.com
Now, the output will consist only of the first three routers:
... 1 192.168.100.1 (192.168.100.1) 1.446 ms 0.765 ms 0.653 ms 2 10.100.0.1 (10.100.0.1) 2.131 ms 1.982 ms 1.877 ms 3 10.30.140.1 (10.30.140.1) 1.844 ms 2.121 ms 2.181 ms
The default value for the -m parameter is 30. Make sure to increase it in cases where the number of hops can exceed 30.
5.2. Offset the Trace Start
Besides setting the maximum number of hops, we can specify on which host we want to start the trace.
By default, traceroute always starts with the first host. We can change it with the -f parameter:
$ traceroute -f 6 baeldung.com
Now we have just the last two routers for the baeldung.com domain:
... 6 cloudflare.thinx.pl (126.96.36.199) 6.732 ms 6.287 ms 6.271 ms 7 188.8.131.52 (184.108.40.206) 6.518 ms 5.390 ms 5.590 ms
5.3. Number of Probe Packets per Hop
By default, traceroute sends three probe packets per every network host. This can be customized by setting the -q parameter:
$ traceroute -q 5 baeldung.com
Now the command should send five probe packets for each host:
... 7 220.127.116.11 (18.104.22.168) 5.453 ms 5.446 ms 5.359 ms 5.447 ms 5.406 ms ...
5.4. Size of Probing Packet
Traceroute‘s probe packets are 60 bytes for IPv4 and 80 bytes for IPv6. To trace the packet route with different probe sizes we can specify the desired value just after the host:
$ traceroute baeldung.com 512
The most common reason to increase the traceroute packet size is to debug MTU (Maximum Transmission Unit) problems. Other then that, the defaults should be just fine.
In this short tutorial, we’ve explored and learned how to use the traceroute command to track the path a packet of information takes from our computer to the desired host.