The traceroute command is used to discover the routes that packets actually take when traveling to their destination. The traceroute command takes advantage of the error messages generated by routers when the time-to-live (TTL) value is exceeded. The first packets are sent with a TTL of 1, which causes the packets to time out at the first router and return an ICMP time exceeded message. Three packets (probes) are sent at each TTL level and the round-trip time for each packet is displayed. The TTL values are then incremented up to the maximum specified hop count, which is 30 by default.
Each packet may result in one or two error messages. A “time exceeded” error message indicates that an intermediate router has seen and discarded the probe. A “destination unreachable” error message indicates that the destination node has received the probe and discarded it because it could not deliver the packet. If the device doesn't receive a response in time, the traceroute command prints an asterisk (*). A long sequence of TTL levels with only asterisks, terminating only when the maximum TTL has been reached, may indicate the destination is not able to send back an "ICMP port unreachable" message. The traceroute command terminates when the destination responds, when the maximum TTL is exceeded, or when the user interrupts the trace with the escape sequence. Example:
Router1#traceroute 34.0.0.4
Type escape sequence to abort.
Tracing the route to 34.0.0.4
1 12.0.0.2 4 msec 4 msec 4 msec
2 23.0.0.3 20 msec 16 msec 16 msec
3 34.0.0.4 16 msec * 16 msec
In the above output, the first number of the line is the sequence number, followed by the IP address of the router and the round-trip time for the three probes that are sent.
Much like the extended ping, the extended traceroute is more granular than the regular traceroute and allows the user to set various parameters. Example:
Router A#traceroute
Protocol [ip]:
Target IP address: 192.168.40.2
Source address: 172.16.23.2
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 192.168.40.2
1 172.31.20.2 16 msec 16 msec 16 msec
2 172.20.10.2 28 msec 28 msec 32 msec
3 192.168.40.2 32 msec 28 msec *
Here is a list of what the options mean:
Lastly, these are the possible output codes:
Cisco documentation: trace and Using the traceroute Command
Each packet may result in one or two error messages. A “time exceeded” error message indicates that an intermediate router has seen and discarded the probe. A “destination unreachable” error message indicates that the destination node has received the probe and discarded it because it could not deliver the packet. If the device doesn't receive a response in time, the traceroute command prints an asterisk (*). A long sequence of TTL levels with only asterisks, terminating only when the maximum TTL has been reached, may indicate the destination is not able to send back an "ICMP port unreachable" message. The traceroute command terminates when the destination responds, when the maximum TTL is exceeded, or when the user interrupts the trace with the escape sequence. Example:
Router1#traceroute 34.0.0.4
Type escape sequence to abort.
Tracing the route to 34.0.0.4
1 12.0.0.2 4 msec 4 msec 4 msec
2 23.0.0.3 20 msec 16 msec 16 msec
3 34.0.0.4 16 msec * 16 msec
In the above output, the first number of the line is the sequence number, followed by the IP address of the router and the round-trip time for the three probes that are sent.
Much like the extended ping, the extended traceroute is more granular than the regular traceroute and allows the user to set various parameters. Example:
Router A#traceroute
Protocol [ip]:
Target IP address: 192.168.40.2
Source address: 172.16.23.2
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 192.168.40.2
1 172.31.20.2 16 msec 16 msec 16 msec
2 172.20.10.2 28 msec 28 msec 32 msec
3 192.168.40.2 32 msec 28 msec *
Here is a list of what the options mean:
- Target IP address: The IP address of the destination.
- Source address: One of the interface addresses of the router to use as a source address for the probes. By default, the IP address of the outgoing interface is chosen.
- Numeric display: The default is to have both a symbolic and numeric display; however, you can suppress the symbolic display.
- Timeout in seconds: The number of seconds to wait for a response to a probe packet. The default is 3 seconds.
- Probe count: The number of probes to be sent at each TTL level. The default count is 3.
- Minimum Time to Live: The TTL value for the first probes. The default is 1, but it can be set to a higher value to suppress the display of known hops.
- Maximum Time to Live: The largest TTL value that can be used. The default is 30. The trace command terminates when the destination is reached or when this value is reached.
- Port Number: The destination port used by the UDP probe messages. The default is 33434.
- Loose, Strict, Record, Timestamp, Verbose: IP header options. You can specify any combination. The traceroute command issues prompts for the required fields. Note that the traceroute command will place the requested options in each probe; however, there is no guarantee that all routers (or end nodes) will process the options.
- Loose: Allows you to specify a list of nodes that must be traversed when going to the destination.
- Strict: Allows you to specify a list of nodes that must be the only nodes traversed when going to the destination.
- Record: Allows you to specify the number of hops to leave room for.
- Timestamp: Allows you to specify the number of time stamps to leave room for.
- Verbose: If you select any option, the verbose mode is automatically selected and the traceroute command prints the contents of the option field in any incoming packets. You can prevent verbose mode by selecting it again, toggling its current setting.
Lastly, these are the possible output codes:
- xx msec = RTT for each node for the specified number of probes
- * = the probe timed out
- A = administratively prohibited (for example, an access-list)
- Q = source quench (destination too busy)
- I = user interrupted test
- U = port unreachable
- H = host unreachable
- N = network unreachable
- P = protocol unreachable
- T = timeout
- ? = unknown packet type
Cisco documentation: trace and Using the traceroute Command
Comments
Post a Comment