traceroute-nanog

TRACEROUTE(8)               System Manager's Manual              TRACEROUTE(8)

NAME
       traceroute - print route IP packets follow going to a remote host

SYNOPSIS
       traceroute [ options ] host [ size ]

DESCRIPTION
       Traceroute attempts to trace the route an IP packet follows to some in-
       ternet host.  It finds out intermediate hops by launching probe packets
       with a small time-to-live (TTL) value, and then listens for an ICMP re-
       ply of time exceeded from an intermediate  router.   Traceroute  starts
       probing with a TTL of one, and increments by one until an ICMP port un-
       reachable reply is received.  This means the probe either  got  through
       to host, or hit the maximum TTL.

       host  is  the only mandatory argument, and specifies the target system,
       either as an IP address, or as a host name.  Parameter size  determines
       the size of the probe packets in bytes.

OPTIONS
       -a     Abort after 10 consecutive hops without an answer.

       -d     Turn  on  socket level debugging.  This option is only available
              to the super-user (root).

       -m max_ttl
              Set the maximum time-to-live (TTL) value that will be  used  for
              probing.  Hosts that are farther than max_ttl hops away will not
              be traced (default 30).

       -n     Report only IP addresses, but no hostnames.

       -p port
              Start probing at an alternate UDP port (default 33434).  Tracer-
              oute  by default sends out UDP packets with increasing port num-
              bers starting at port, and listens for ICMP errors returned from
              remote  hosts.   This  scheme  only  works  if  there are no UDP
              servers listening on the probed hosts in the range from port  to
              port + max_ttl.

       -q n   Send  out  n  queries for each TTL (each intermediate host) (de-
              fault 3).

       -r     Set Dont Route option, advising routers to drop the packets.  In
              other words, only probe within the local subnet.

       -s addr
              Set  source address of outgoing packets to addr, given either as
              numeric IP address, or as hostname.

       -t tos Set the type-of-service field in the outgoing  IP  packets  (de-
              fault 0).  tos is valid in the range of 0 to 255.

       -u     Use microsecond timestamps.

       -v     Turn on verbose output.

       -w wait
              Set  timeout for replies to wait seconds (default 5 sec).  If no
              ICMP reply is received within wait after a packet has been  sent
              out, the probe is considered as failed.

       -A     Report  the Autonomous System Number (ASN) at each hop.  Roughly
              speaking, the ASN tells which administration a router is subject
              to.   See  RFC 1930 for all the details, and section ENVIRONMENT
              below on how to fine tune the lookup.

       -I proto
              Send out probe packets using IP protocol proto, given either  as
              name  or numerical value (default UDP).  Some features like par-
              allel probing are only available when using UDP.

       -M     Determine the maximum transfer unit (MTU) along the  path.   See
              RFC 1191 for details.

       -O     At each hop, perform a DNS lookup and report the owner as listed
              in the SOA record.

       -P     Send out multiple probes in  parallel.   The  default  behaviour
              probes  each  hop  in turn, starting from the nearest.  Parallel
              mode is faster, but less reliable.  Many routers rate limit ICMP
              packets  from a single host, so dropouts are much more likely in
              parallel mode, and need not indicate a networking problem.

       -Q     Report detailed statistics on the round trip times at  each  hop
              (minimum / average +- standard deviation / maximum).  The values
              are given in milli seconds.

       -S min_ttl
              Set the time-to-live (TTL) value in the first packet sent out to
              min_ttl (default 1).  This option determines the first (nearest)
              host that will show up in the trace.

       -T t   End each line with t instead of a newline.  This comes in handy,
              for example, when including traceroute's output in an HTML page.

       -U     Move  on to probing the next hop as soon as the first successful
              probe arrives.

       -$     Send out nothing but a single ping with a  very  large  time-to-
              live.

DIAGNOSTICS
       Usually  the  round  trip  time  is printed for each probe at each hop.
       Special symbols denote when something went wrong:

       *      No reply received within wait seconds.

       !      Reply arrived with a time-to-live value of one or lower.

       !H     Received a reply telling that the destination host  is  unreach-
              able.

       !N     Received  a  reply  telling  that the destination network is un-
              reachable.

       !P     Received a reply telling that the desired protocol  is  unavail-
              able.

       !S     Received  a  reply  telling  that source routing failed.  Should
              never occur--unless the probed gateway is screwed.

       !F     Received a reply telling that fragmentation is  needed.   Should
              never occur--unless the probed gateway is screwed.

EXAMPLES
       (This  section  is  taken almost verbatim from the documentation in the
       traceroute sourcecode.)

              [yak 71]% traceroute nis.nsf.net.
              traceroute to nis.nsf.net (35.1.1.48), 30 hops max, 56 byte packet
               1  helios.ee.lbl.gov (128.3.112.1)  19 ms  19 ms  0 ms
               2  lilac-dmc.Berkeley.EDU (128.32.216.1)  39 ms  39 ms  19 ms
               3  lilac-dmc.Berkeley.EDU (128.32.216.1)  39 ms  39 ms  19 ms
               4  ccngw-ner-cc.Berkeley.EDU (128.32.136.23)  39 ms  40 ms  39 ms
               5  ccn-nerif22.Berkeley.EDU (128.32.168.22)  39 ms  39 ms  39 ms
               6  128.32.197.4 (128.32.197.4)  40 ms  59 ms  59 ms
               7  131.119.2.5 (131.119.2.5)  59 ms  59 ms  59 ms
               8  129.140.70.13 (129.140.70.13)  99 ms  99 ms  80 ms
               9  129.140.71.6 (129.140.71.6)  139 ms  239 ms  319 ms
              10  129.140.81.7 (129.140.81.7)  220 ms  199 ms  199 ms
              11  nic.merit.edu (35.1.1.48)  239 ms  239 ms  239 ms

       Note that lines 2 & 3 are the same.  This is due to a buggy  kernel  on
       the  2nd  hop  system  -- lbl-csam.arpa -- that forwards packets with a
       zero TTL.

       A more interesting example is:

              [yak 72]% traceroute allspice.lcs.mit.edu.
              traceroute to allspice.lcs.mit.edu (18.26.0.115), 30 hops max
               1  helios.ee.lbl.gov (128.3.112.1)  0 ms  0 ms  0 ms
               2  lilac-dmc.Berkeley.EDU (128.32.216.1)  19 ms  19 ms  19 ms
               3  lilac-dmc.Berkeley.EDU (128.32.216.1)  39 ms  19 ms  19 ms
               4  ccngw-ner-cc.Berkeley.EDU (128.32.136.23)  19 ms  39 ms  39 ms
               5  ccn-nerif22.Berkeley.EDU (128.32.168.22)  20 ms  39 ms  39 ms
               6  128.32.197.4 (128.32.197.4)  59 ms  119 ms  39 ms
               7  131.119.2.5 (131.119.2.5)  59 ms  59 ms  39 ms
               8  129.140.70.13 (129.140.70.13)  80 ms  79 ms  99 ms
               9  129.140.71.6 (129.140.71.6)  139 ms  139 ms  159 ms
              10  129.140.81.7 (129.140.81.7)  199 ms  180 ms  300 ms
              11  129.140.72.17 (129.140.72.17)  300 ms  239 ms  239 ms
              12  * * *
              13  128.121.54.72 (128.121.54.72)  259 ms  499 ms  279 ms
              14  * * *
              15  * * *
              16  * * *
              17  * * *
              18  ALLSPICE.LCS.MIT.EDU (18.26.0.115)  339 ms  279 ms  279 ms

       (I start to see why I'm having so much trouble with mail to MIT.)  Note
       that  the gateways 12, 14, 15, 16 & 17 hops away either don't send ICMP
       "time exceeded" messages or send them with a TTL too small to reach us.
       14  - 17 are running the MIT C Gateway code that doesn't send "time ex-
       ceeded"s.  God only knows what's going on with 12.

       The silent gateway 12 in the above may be the result of a  bug  in  the
       4.[23]BSD  network  code  (and its derivatives):  4.x (x <= 3) sends an
       unreachable message using whatever TTL remains in  the  original  data-
       gram.   Since,  for gateways, the remaining TTL is zero, the icmp "time
       exceeded" is guaranteed to not make it back to  us.   The  behavior  of
       this  bug  is slightly more interesting when it appears on the destina-
       tion system:

               1  helios.ee.lbl.gov (128.3.112.1)  0 ms  0 ms  0 ms
               2  lilac-dmc.Berkeley.EDU (128.32.216.1)  39 ms  19 ms  39 ms
               3  lilac-dmc.Berkeley.EDU (128.32.216.1)  19 ms  39 ms  19 ms
               4  ccngw-ner-cc.Berkeley.EDU (128.32.136.23)  39 ms  40 ms  19 ms
               5  ccn-nerif35.Berkeley.EDU (128.32.168.35)  39 ms  39 ms  39 ms
               6  csgw.Berkeley.EDU (128.32.133.254)  39 ms  59 ms  39 ms
               7  * * *
               8  * * *
               9  * * *
              10  * * *
              11  * * *
              12  * * *
              13  rip.Berkeley.EDU (128.32.131.22)  59 ms !  39 ms !  39 ms !

       Notice that there are 12 "gateways" (13 is the final  destination)  and
       exactly  the  last half of them are "missing".  What's really happening
       is that rip (a Sun-3 running Sun OS3.5) is using the TTL from  our  ar-
       riving  datagram as the TTL in its icmp reply.  So, the reply will time
       out on the return path until we probe with a TTL that's at least  twice
       the path length.  I.e., rip is really only 7 hops away.

ENVIRONMENT
       The  lookup  process  of  Autonomous System Numbers (ASN, see option -A
       above) can be configured via several environment variables. By default,
       traceroute  issues  a whois query on the Routing Assets Database (RADB)
       at whois.ra.net, which should be sufficient in most cases.  Chances are
       that  you don't want to change anything here, unless you know very well
       what you are doing.

       The contents of the following environment variables are limited to  100
       characters  at most.  Any trailing characters are silently ignored.  If
       unset, compiled-in defaults are used.

       RA_SERVER
              Server to issue a RADB whois query on, given either as hostname,
              or dotted-quad IP address.  Defaults to whois.ra.net.

       RA_SERVICE
              TCP port to connect to on the whois server, given either as name
              or port number.  Defaults to whois.

       The following variables determine how traceroute attempts to extract an
       ASN from the whois reply.

       DATA_DELIMITER
              Each  line  containing an ASN starts with this tag.  Defaults to
              origin:.

       The RADB may contain more than one entry for a given  IP  address.   To
       find  out  the correct entry, traceroute has to look up the subnet that
       is the most specific to this IP.

       ROUTE_DELIMITER
              Each line containing a subnet entry starts with this  tag.   De-
              faults to route:.

       PREFIX_DELIMITER
              The  network  IP  and the prefix are separated by this tag.  De-
              faults to /.

NOTES
       This is not the standard version of  traceroute  (as  included  in  the
       netkit  package),  but an alternative implementation maintained by Ehud
       Gavron. It is based on the Van Jacobson/BSD  traceroute,  and  includes
       additional features including AS lookup, TOS support, microsecond time-
       stamps, path MTU discovery, and  parallel  probing.   It  is  known  as
       trACESroute or traceroute-nanog.

SEE ALSO
       mtr(8), netstat(8), pchar(8), ping(8)

BUGS
       Please  send any bugs to Ehud Gavron <gavron@wetwork.net> and/or report
       them  to  the   Debian   Bug   Tracking   System   at   http://bugs.de-
       bian.org/traceroute-nanog.

AUTHORS
       TrACESroute is maintained by Ehud Gavron <ehud.gavron@login.com>.

       The  first man page was written by Brian Russo for use with Debian/GNU,
       and was later rewritten by Daniel Kobras <kobras@debian.org> and Martin
       A. Godisch <martin@godisch.de>.  Some parts are taken from the documen-
       tation in the source code.  Still, this man page may be used by others.

NANOG traceroute 6.3.10           March 2004                     TRACEROUTE(8)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2024 Hurricane Electric. All Rights Reserved.