Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ traceroute(1M) — UnixWare 2.01

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

netstat(1M)

ping(1M)






       traceroute(1M)                                        traceroute(1M)


       NAME
             traceroute - trace the route packets take in order to reach a
             network host

       SYNOPSIS
             traceroute[-dnrv][-wwait][-mmax_ttl][-pport#][-qnqueries][-ttos]
                   [-ssrc_addr][-ggateway] host[packetsize]

       DESCRIPTION
             The traceroute command utilizes the ``time-to-live'' field of
             the IP protocol to elicit an ICMP TIME_EXCEEDED response from
             each gateway along the path to some host.

             traceroute attempts to trace the route which an IP packet
             would follow to some Internet host by launching UDP probe
             packets with a small ``ttl'' (time-to-live) value, and then
             listening for an ICMP TIME_EXCEEDED reply from a gateway.  The
             probes will be started with a ``ttl'' of one, and then
             increased by one until an ICMP PORT_UNREACHABLE message is
             received, or until the maximum number of probes has been sent.

       USAGE
             Three probes will be sent at each ``ttl'' setting; a line will
             be printed to show:

                   the ``ttl'' value

                   the address of the gateway

                   the round-trip time for each probe

             If the probe answers come from different gateways, the address
             of each responding system will be printed.  If there is no
             response within 3 seconds, a ``*'' will be printed for that
             probe.

             The host argument is the destination host name or the IP
             number of the host to reach; the packetsize argument is the
             packet size (in bytes) of the probe datagram.  Note that
             packetsize defaults to 38 bytes.

          Options
             traceroute takes the following options:





                           Copyright 1994 Novell, Inc.               Page 1













      traceroute(1M)                                        traceroute(1M)


            -d          Turns on socket level debugging.  This option is
                        useful only to a privileged user.

            -n          Print the hop addresses numerically (rather than
                        symbolically).  This option causes the numeric
                        lookup procedure to avoid a nameserver address-
                        to-name lookup for each gateway found along the
                        path.

            -r          Bypass the normal Routing Tables and send directly
                        to a host on an attached network.  If the host is
                        not on a directly-attached network, an error is
                        returned.  This option can be used to ``ping'' a
                        local host through an interface that has no route
                        through it [for example, after the interface was
                        dropped by routed(1M)].

            -v          Verbose output.  Causes received ICMP packets
                        other than TIME_EXCEEDED and PORT_UNREACHABLE to
                        be listed.

            -w wait     Set the time to wait for a response to an outgoing
                        probe packet to wait seconds.  The default value
                        is 3 seconds.

            -m max_ttl  Set the maximum time-to-live (that is, the maximum
                        number of hops) used in outgoing probe packets to
                        max-ttl hops.  The default value is 30 hops (this
                        is the same default value used for TCP
                        connections).

            -p port     Set the base UDP port number used for probe
                        packets to port.  The default value is (decimal)
                        33434.

                        traceroute hopes that nothing is listening on UDP
                        ports base to base+nhop at the destination host so
                        that an ICMP PORT_UNREACHABLE message will be
                        returned to terminate the route tracing process.
                        If something is listening on a port in the default
                        range, this option can be used to pick an unused
                        port range.

            -q nqueries Set the number of probe packets for each time-to-
                        live (``ttl'') setting to the value nqueries.  The
                        default value is 3.


                          Copyright 1994 Novell, Inc.               Page 2













       traceroute(1M)                                        traceroute(1M)


             -s src_addr Use src_addr as the IP address which will serve as
                         the source address for outgoing probe packets.
                         Note that src_addr must be specified as an IP
                         number, not as a hostname.  On hosts with more
                         than one IP address, this option can be used to
                         force the source address to be something other
                         than the IP address of the interface on which the
                         probe packets are being sent.

                         If the IP address is not one of this machine's
                         interface addresses, an error will be returned and
                         nothing will be sent.

             -g addr     Enable the IP LSRR (Loose Source Record Route)
                         option in addition to the TTL tests.  This is
                         useful for asking how somebody else (at IP address
                         addr) can reach a particular target.

             -t tos      Set the type-of-service (``TOS'') in probe packets
                         to the value defined below.  The default value is
                         zero.  The value must be a decimal integer in the
                         range from 0 - 255. This option can be used to see
                         if different type-of-service values will result in
                         different paths.

                         Not all values of tos will be valid or meaningful;
                         see the IP specification for definitions.
                         Probably the useful values will be ``-t 16'' (low
                         delay) and ``-t 8'' (high throughput).

          Examples
             A sample use of traceroute and of its output might be:
             [yak 71]% traceroute nis.nsf.net.
             traceroute to nis.nsf.net (35.1.1.48), 30 hops max, 56 byte packet
              1  helios.ee.lbl.gov (128.3.112.1)  19 ms  19 ms  0 ms
              2  lilac-dmc.Berkeley.EDU (128.32.216.1)  39 ms  39 ms  19 ms
              3  lilac-dmc.Berkeley.EDU (128.32.216.1)  39 ms  39 ms  19 ms
              4  ccngw-ner-cc.Berkeley.EDU (128.32.136.23)  39 ms  40 ms  39 ms
              5  ccn-nerif22.Berkeley.EDU (128.32.168.22)  39 ms  39 ms  39 ms
              6  128.32.197.4 (128.32.197.4)  40 ms  59 ms  59 ms
              7  131.119.2.5 (131.119.2.5)  59 ms  59 ms  59 ms
              8  129.140.70.13 (129.140.70.13)  99 ms  99 ms  80 ms
              9  129.140.71.6 (129.140.71.6)  139 ms  239 ms  319 ms
             10  129.140.81.7 (129.140.81.7)  220 ms  199 ms  199 ms
             11  nic.merit.edu (35.1.1.48)  239 ms  239 ms  239 ms



                           Copyright 1994 Novell, Inc.               Page 3













      traceroute(1M)                                        traceroute(1M)


            Note that lines 2 and 3 are the same. This is due to a buggy
            kernel on the 2nd hop system lbl-csam.arpa that forwards
            packets with a zero ``ttl.''  This is a bug in the distributed
            version of 4.3BSD.

            A more interesting example is:
            [yak 72]% traceroute allspice.lcs.mit.edu.
            traceroute to allspice.lcs.mit.edu (18.26.0.115), 30 hops max
             1  helios.ee.lbl.gov (128.3.112.1)  0 ms  0 ms  0 ms
             2  lilac-dmc.Berkeley.EDU (128.32.216.1)  19 ms  19 ms  19 ms
             3  lilac-dmc.Berkeley.EDU (128.32.216.1)  39 ms  19 ms  19 ms
             4  ccngw-ner-cc.Berkeley.EDU (128.32.136.23)  19 ms  39 ms  39 ms
             5  ccn-nerif22.Berkeley.EDU (128.32.168.22)  20 ms  39 ms  39 ms
             6  128.32.197.4 (128.32.197.4)  59 ms  119 ms  39 ms
             7  131.119.2.5 (131.119.2.5)  59 ms  59 ms  39 ms
             8  129.140.70.13 (129.140.70.13)  80 ms  79 ms  99 ms
             9  129.140.71.6 (129.140.71.6)  139 ms  139 ms  159 ms
            10  129.140.81.7 (129.140.81.7)  199 ms  180 ms  300 ms
            11  129.140.72.17 (129.140.72.17)  300 ms  239 ms  239 ms
            12  * * *
            13  128.121.54.72 (128.121.54.72)  259 ms  499 ms  279 ms
            14  * * *
            15  * * *
            16  * * *
            17  * * *
            18  ALLSPICE.LCS.MIT.EDU (18.26.0.115)  339 ms  279 ms  279 ms

            Note that the gateways 12, 14, 15, 16 and 17 either do not
            send ICMP TIME_EXCEEDED messages, or send them with a ``ttl''
            too small to reach us.  Gateways 14 - 17 are running the MIT C
            Gateway code that does not send ICMP TIME_EXCEEDED packets.

            The silent gateway 12 in the above example may be the result
            of a bug in the 4.2BSD and 4.3BSD network code (and its
            derivatives): This code will send an unreachable message using
            whatever ``ttl'' remains in the original datagram.  Since, for
            gateways, the remaining ``ttl'' is zero, the ICMP
            TIME_EXCEEDED is guaranteed to not make it back to the sending
            host.

            The behavior of this particular bug is slightly more
            interesting when it appears on the destination system:
             1  helios.ee.lbl.gov (128.3.112.1)  0 ms  0 ms  0 ms
             2  lilac-dmc.Berkeley.EDU (128.32.216.1)  39 ms  19 ms  39 ms
             3  lilac-dmc.Berkeley.EDU (128.32.216.1)  19 ms  39 ms  19 ms
             4  ccngw-ner-cc.Berkeley.EDU (128.32.136.23)  39 ms  40 ms  19 ms


                          Copyright 1994 Novell, Inc.               Page 4













       traceroute(1M)                                        traceroute(1M)


              5  ccn-nerif35.Berkeley.EDU (128.32.168.35)  39 ms  39 ms  39 ms
              6  csgw.Berkeley.EDU (128.32.133.254)  39 ms  59 ms  39 ms
              7  * * *
              8  * * *
              9  * * *
             10  * * *
             11  * * *
             12  * * *
             13  rip.Berkeley.EDU (128.32.131.22)  59 ms !  39 ms !  39 ms !

             Notice that there are 12 ``gateways'' (13 is the final
             destination) and that exactly the last half of them are
             ``missing.''  What is really happening here is that rip (a
             Sun-3 running SunOS 3.5) is using the ``ttl'' from the
             arriving datagram as the ``ttl'' in its ICMP reply.
             Therefore, the reply will time out on the return path until a
             probe with a ``ttl'' that is at least twice the path length is
             sent.  rip is really only 7 hops away.  A reply that returns
             with a ``ttl'' of 1 is an indication that this problem exists.
             Note that traceroute will print a ``!'' after the time if the
             ``ttl'' is <= 1.

             The possible annotations after the time are:

             !    The ``ttl'' in return packet is <= 1.

             !H   An ICMP HOST_UNREACHABLE packet was received.

             !N   An ICMP NETWORK_UNREACHABLE packet was received.

             !P   An ICMP PROTOCOL_UNREACHABLE packet was received.

             !S   An ICMP SOURCE_ROUTE_FAILED packet was received.  This
                  response should never occur.  It indicates that the
                  gateway is broken.

             !F   An ICMP FRAGMENTATION_NEEDED packet was received.  This
                  response should never occur. It indicates that the
                  gateway is broken.

          Warnings
             This program is intended for use in network testing,
             measurement, and management.  It should be used primarily for
             manual fault isolation.  Because of the extra load it could
             impose on the network, it is recommended that you do not use
             traceroute during normal operations or from automated scripts.


                           Copyright 1994 Novell, Inc.               Page 5













      traceroute(1M)                                        traceroute(1M)


      REFERENCES
            netstat(1M), ping(1M)














































                          Copyright 1994 Novell, Inc.               Page 6








Typewritten Software • bear@typewritten.org • Edmonds, WA 98026