Traceroute tool. Why? How? related bug?

 

 

What is Traceroute Tool ?

 

Traceroute works by sending the remote host a sequence of three UDP datagrams with a TTL of 1 in the IP header and the destination ports 33434 (first packet), 33435 (second packet), and 33436 (third packet). The TTL of 1 causes the datagram to "timeout" as soon as it hits the first router in the path, which router responds with an ICMP "time exceeded" message, meaning the datagram has expired.

The next three UDP datagrams are sent with TTL of 2 to destination ports 33437, 33438 and 33439.

After passing the first router, the datagram arrives at the ingress interface of the second router. The router responds with an ICMP "time exceeded" message.

This process continues until the packet reaches the final destination and the ICMP "time exceeded," messages are sent by all the routers along the path.

When the packet reaches the final destination, the device responds with an ICMP "port unreachable."

 

 

How to Use the Traceroute Command ?

 

Under the systems UNIX / Linux , the traceroute command is as follows:


traceroute name.of.machine

 

 

Under the systems Windows , the traceroute command is as follows:

 

tracert name.of.machine 

 

Traceroute is a command which can show you the path a packet of information takes from your computer to one you specify. It will list all the routers it passes through until it reaches its destination, or fails to and is discarded. In addition to this, it will tell you how long each 'hop' from router to router takes.

 

In Windows, select Start > Programs > Accessories > Command Prompt.

This will give you a window like the one below.

 

Enter the word tracert, followed by a space, then the domain name.

The following is a successful traceroute from a home computer in New Zealand to mediacollege.com:

 

 

Firstly it tells you that it's tracing the route to speedguide.net, tells you the IP address of that domain, and what the maximum number of hops will be before it times out.
 

 

 

 

This is extremely useful when trying to find out why a website is unreachable, as you will be able to see where the connection fails. If you have a website hosted somewhere, it would be a good idea to do a traceroute to it when it is working, so that when it fails, you can do another traceroute to it (which will probably time out if the website is unreachable) and compare them.

Be aware though, that it will probably take a different route each time, but the networks it passes through will generally be very similar.

If it timed out after line 1, you would know there was a problem connecting to your ISP (in this case you would not be able to access anything on the internet).

 

It is generally recommended that if you have a website that is unreachable, you should use both the traceroute and ping commands before you contact your ISP to complain 😄 .

 

More often that not, there will be nothing to your ISP or hosting company can do about it.

 

Last week I faced a bug on cisco routers related to traceroute behaviour.
There you go:

 

Related Cisco bug:

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuu21270/?rfs=iqvred

 

Symptom:
Router hang 

Conditions:
When ip nat enable is configured on the interface.

Workaround:
none.

 

 TRADEMARK LEGAL NOTICE

All product names, logos, and brands are the property of their respective owners in Austria or other countries. All company, product and service names used in this website are for identification purposes only. Pheniix is not affiliated with or an official partner of Cisco, CompTIA,Dimension Data, VMware, Amazon, Microsoft, Certified Ethical Hacker, (ISC)², Juniper, Wireshark, Offensive Security,Google, GNS3, F5, Python, Linux, Java, OpenStack, Vagrant, Ansible, Docker, GIT, , Blockchain or other companies. Use of these names, logos, and brands does not imply endorsement. The opinions expressed in Pheniix are personal perspectives and not those of Cisco, Dimension Data or any other company. Pheniix runs as an independent blog.