What Is Traceroute?

Traceroute is a valuable network diagnostic tool that displays the route network traffic takes from a specific device when it is traveling to a specific destination. It is available on most operating systems, although it does go by different names on different operating systems.

How Does Traceroute Work?

Traceroute uses Internet Control Message Protocol, or ICMP, packets to send an echo request to the destination. The routers that the packets traverse respond to the echo request messages, and they are recorded in order to determine the path the packets take to the destination.

Each time a router passes the ICMP packets to the next router, they attempt to send back a response message to the source of the traceroute. As a result, with traceroute it is possible to trace the path traffic takes to its destination and determine if there are latency or connection issues within the route. Each router the data passes through during its trip is known as a “hop.”

How to Use Traceroute

Traceroute is available on just about every operating system and is typically accessed through command line interfaces, or CLIs. Typically, the user will type in the command name and the name or address of the device they wish to trace the route to, and then the results will be displayed on the console.

Command Input
On a Windows machine, a tracert input would look like:
C:\tracert www.google.com

On a UNIX or Mac machine, the input would look like:
Traceroute www.google.com

Command Output

The results returned from the tracert command will typically look like this:

1 2 ms 2 ms 2 ms 192.168.0.3
2 40 ms 30 ms 15 ms 192.168.252.215
3 * * * Request timed out.

The first column lists the number of the hop. The second, third and fourth columns list the round-trip time to that hop in milliseconds for three separate attempts at contacting that particular host. The last column is the IP address or host name of the host that was contacted for that hop.

On the third hop in this example an error occurred. The hop did not respond within the timeout period expected by the host, so the tracert command is unable to display information for this specific hop, and it displays asterisks instead of host information.

What Causes Traceroute to Fail?

If ICMP packets are sent to a router and the router does not respond, then the command console will show an output of asterisks. This could be due to the route being slow, the destination being unreachable or the device at that hop might be unable to respond to ICMP messages due to security settings.

Helpful Traceroute Switches

Some of the most popular Windows tracert switches include:
-d: Prevents traceroute from attempting to use DNS to resolve router IP addresses to host names. This can help by displaying the traceroute results quicker.
-h: Allows the user to specify the amount of hops to track the route over. The default for Windows is 30 hops.
-w: Allows the user to specify how long to wait for a response from each hop. This can be useful for tracing routes that are slow and exceed the default minimum timeout.
-?: This displays the help information for the command.