TRACEROUTE(1)TRACEROUTE(1)NAME
traceroute - print the route packets take to network host
SYNOPSIS
traceroute [-46FInrRTV] [-f first_ttl] [-p port]
[-m max_hops] [-N concurrent_hops]
[-t tos] [-w timeout] [-q nqueries]
[-S source_addr] [-i interface]
[-g gateway] host [packetlen]
traceroute6 [options]
DESCRIPTION
traceroute tracks the route packets take across a TCP/IP network on
their way to a given host. It utilizes the IP protocol's time to live
(TTL) field and attempts to elicit an ICMP TIME_EXCEEDED response from
each gateway along the path to the host.
traceroute6 is just another name for the same program, and is equiva‐
lent to invoking traceroute with the -6 option.
Tracing with UDP
The default mode of operation is to use UDP packets for path detection.
This will send packets of a given size to a range of destination ports,
usually in the high port range, and increment the destination port num‐
ber for each probe packet sent). Intermediate gateways will return ICMP
time exceeded errors when the packet's TTL reaches zero. When a packet
reaches the remote host, and the chosen port is not in use, the host
will return an ICMP port unreachable error. If the port is in use, the
probe packet will be delivered to this port, more likely than not with‐
out eliciting a response.
The port range is chosen so that it is rather unlikely that this port
will be in use on the remote system.
Tracing in UDP mode does not require super user privileges, as the
Linux UDP implementation supports a so-called error queue, through
which ICMP error packets related to a specific port can be delivered to
the application.
Tracing with ICMP
In this mode, traceroute sends ICMP echo packets to the destination
host, pretty much like the ping utility.
ICMP tracing requires super user privilege, as it needs to open a raw
socket to listen for incoming ICMP packets. Non-root users are not per‐
mitted to open such sockets for security reasons.
ICMP traces are currently supported over IPv4 only.
Tracing with TCP
In TCP mode, traceroute will try to connect to the destination host.
This causes the kernel to send a SYN packet to the remote host, again
varying the TTL for each probe. The default port number used for TCP
probes is 80 (http). When the probe reaches the destination host, it
will either accept the connection (in case there's a service listening
on this port), or respond with a TCP RST packet (in case there isn't).
TCP tracing requires super user privilege, as it needs to open a raw
socket to listen for incoming ICMP packets. Non-root users are not per‐
mitted to open such sockets for security reasons.
ICMP traces are currently supported over IPv4 only.
Caveats
Many gateways are configured to limit the rate at which they will send
ICMP error packets. Thus, when you run lots of traces in close succes‐
sion, an increasing number of gateways may "disappear", with probes
timing out instead of eliciting an ICMP response. Rate limiting often
happens at a granularity of 30 to 60 seconds, so do not expect things
to work properly if you run more than two or three traces per minute.
OPTIONS
The only required parameter is the name or IP address of the destina‐
tion host. This parameter can be followed by the size of the probing
packet sent to that host (40 by default). Varying the size of the
packet in conjunction with the -F parameter can be used to obtain
information about the MTU of individual network hops. This does not
apply to TCP, which uses SYN packets to establish a path trace.
Additional options are:
-6, -4 Explicitly force IPv4 or IPv6 traceouting. By default, the pro‐
gram will try to resolve the name given, and choose the appro‐
priate protocol automatically. If resolving a host name returns
both IPv4 and IPv6 addresses, traceroute will use IPv4. Invoking
the program as traceroute6 is the same as using the -6 option.
-F Set the "Don't Fragment" bit. This tells intermediate routers
not to fragment the packet when they find it's too big for a
network hop's MTU.
-f first_ttl
Specifies with what TTL to start. Defaults to 1.
-g gateway
Tells traceroute to add an IP source routing option to the out‐
going packet that tells the network to route the packet through
the specified gateway. Not very useful, because most routers
have disabled source routing for security reasons.
-I Use ICMP ECHO instead of UDP packets when probing the route.
This option is available to the super user only, as normal users
do not have the privileges to create raw sockets.
-i interface
Specifies the interface through which to traceroute should send
packets. By default, the interface is selected according to the
routing table.
NOTE: This option changed from previous versions of traceroute!
Older versions used -I to specify the interface name.
-m max_hops
Specifies the maximum number of hops traceroute will probe. The
default value is 30.
-N concurrent_hops
Specifies the number of probe packets sent out simultaneously.
Sending several probes concurrently can speed up traceroute con‐
siderably. However, when specifying a number that's too large,
the destination host will start to throw away random ICMP
responses (if it implements ICMP rate throttling), and tracer‐
oute will be unable to detect the final hope reliably. The
default value is 6.
-n Do not try to map IP addresses to host names when displaying
them.
-p port
Specifies the UDP destination port base traceroute will use.
When sending its UDP probe packets, it will send them to port +
hop - 1 for each hop. If there are ports in this range in use on
the destination host, traceroute will not be able to identify
reliably when it has reached the destination host (probes will
appear to time out). The default port is 33434; you can use -p
to change this to a different value.
-q numqueries
Sets the number of probe packets per hop. The default value is
3.
-r Bypass the normal routing tables and send directly to a host on
an attached network. If the host is not on a directly-attached
network, an error is returned. This option can be used to ping
a local host through an interface that has no route through it.
-R Set the loose source route option on outgoing packets, asking
intermediate routers to record their address as the packet
passes. This can be useful if you want to find the address of
an intermediate router that has been configured to not respond
to traceroute packets.
This feature hasn't been implemented yet.
-S source_addr
Chooses an alternative source address. Note that you must select
the address of one of the interfaces. By default, the address
of the outgoing interface is used.
-T Use TCP instead of UDP packets when probing the route. This
option is available to the super user only, as this requires a
raw ICMP socket, which normal users are not permitted to create.
-t tos Set the IP Type of Service (TOS) and Precedence value. Useful
values are 16 (low delay) and 8 (high throughput). Note that in
order to use some TOS precendence values, you have to be super
user.
-V Print the version and exit.
-w sec Wait for sec seconds before sending the next probe packet.
Note that unlike older traceroute versions, this implementation
will transmit several probe packets in parallel, for different
hop values. However, it will never send more than 1 packet per
hop value at the same time.
SEE ALSOping(8), netstat(8).
AUTHOR
Concept and command line options based on the original LBL implementa‐
tion of traceroute, written by Van Jacobson. This implentation is a
complete rewrite and redesign, written and copyright (C) 2000-2008 Olaf
Kirch <okir@suse.de>.
4.3 Berkeley Distribution 6 December 2000 TRACEROUTE(1)