traceroute

networkingLinux/Unix
The traceroute command is one of the most frequently used commands in Linux/Unix-like operating systems. traceroute Print the route packets take to a network host

Quick Reference

Command Name:

traceroute

Category:

networking

Platform:

Linux/Unix

Basic Usage:

traceroute [options] [arguments]

Common Use Cases

    Syntax

    traceroute [options] host [packetsize]

    Options

    Option Description
    -4 Use IPv4 only
    -6 Use IPv6 only
    -d Enable socket level debugging
    -F Don't fragment packets (set DF flag)
    -f FIRST_TTL Start from the FIRST_TTL hop (instead of 1)
    -g GATEWAY Specify a loose source route gateway (can be used multiple times)
    -I Use ICMP ECHO instead of UDP datagrams
    -i INTERFACE Specify a network interface to use
    -m MAX_TTL Set the maximum number of hops (max TTL)
    -N SQUERIES Set the number of probes to be tried simultaneously
    -n Do not resolve IP addresses to hostnames
    -p PORT Set the base UDP port number used in probes (default is 33434)
    -q NQUERIES Set the number of probes per TTL (default is 3)
    -r Bypass the normal routing tables and send directly to a host
    -s SRC_ADDR Use SRC_ADDR as the source IP address
    -T Use TCP SYN for probes
    -t TOS Set the Type of Service (TOS) in probe packets
    -U Use UDP to specific port for probes (instead of increasing port per probe)
    -v Verbose output
    -w WAITTIME Set the time (in seconds) to wait for a response to a probe (default is 5)
    -z SENDWAIT Set the time (in seconds) to pause between probes
    --help Display help and exit

    Examples

    How to Use These Examples

    The examples below show common ways to use the traceroute command. Try them in your terminal to see the results. You can copy any example by clicking on the code block.

    # Basic Examples Basic
    # Trace the route to a domain traceroute google.com
    # Trace the route to an IP address traceroute 8.8.8.8
    # Advanced Examples Advanced
    # Use ICMP instead of UDP (useful for firewalls that block UDP) traceroute -I google.com
    # Use TCP SYN for probes (useful for networks that block ICMP/UDP) traceroute -T -p 80 google.com
    # Specify maximum number of hops traceroute -m 5 google.com # Show both hostname and IP address traceroute -n google.com # Specify the source IP address to use traceroute -s 192.168.1.100 google.com # Resolve IP addresses to hostnames traceroute -n google.com # Specify wait time between probes in seconds traceroute -z 0.5 google.com # Specify number of queries per hop traceroute -q 1 google.com # Show time in milliseconds traceroute -e google.com # Use a specific interface traceroute -i eth0 google.com # Trace route using a specific port traceroute -p 443 google.com # Get more verbose output traceroute -v google.com # Disable IP address to hostname lookup traceroute -n google.com # Trace a route with specific packet size (bytes) traceroute google.com 1500

    Try It Yourself

    Practice makes perfect! The best way to learn is by trying these examples on your own system with real files.

    Understanding Syntax

    Pay attention to the syntax coloring: commands, options, and file paths are highlighted differently.

    Notes

    The `traceroute` command is a network diagnostic tool used to track the pathway taken by packets across an IP network from source to destination. It reveals the series of hops (routers and gateways) that packets traverse, along with the round-trip time to each hop. This makes it invaluable for identifying network issues, bottlenecks, and understanding network topology. When you run `traceroute`, it sends packets with progressively increasing Time-to-Live (TTL) values, starting with TTL=1. When a router receives a packet with TTL=1, it decrements the TTL to 0, discards the packet, and sends an ICMP "Time Exceeded" message back to the source. By examining these responses, `traceroute` determines the address of that router and the time taken for the round trip. It then repeats this process with TTL=2, TTL=3, and so on, until the destination is reached or the maximum hop count is exceeded. By default, `traceroute` in Linux uses UDP packets to probe the route, but it can also use ICMP Echo Request (ping) packets (with the `-I` option) or TCP SYN packets (with the `-T` option). This flexibility is useful because some routers or firewalls might block certain types of traffic, preventing accurate route tracing with the default method. Typical output from `traceroute` shows each hop on a separate line with the hostname (if available), IP address, and round-trip times for multiple probes to that hop. Asterisks (*) in the output indicate that no response was received for that particular probe, which might happen due to packet loss, filtering, or rate limiting. The `traceroute` command offers numerous options to customize its behavior: - Changing the protocol used for probing (UDP, ICMP, TCP) - Adjusting the wait time for responses - Setting the maximum number of hops to probe - Controlling DNS resolution - Specifying the source address or interface It's important to note that `traceroute` results can be affected by asymmetric routing (where the return path differs from the outbound path), load balancing (where different probes might take different paths), and intentional blocking or rate limiting of diagnostic traffic by network administrators. On some systems, particularly modern Linux distributions, the `traceroute` command might be replaced by `tracepath`, which provides similar functionality but can be run by unprivileged users. Additionally, Windows systems use the command `tracert` instead, which typically uses ICMP Echo requests rather than UDP packets. For troubleshooting network issues, `traceroute` is often used alongside other network diagnostic tools like `ping`, `mtr` (My Traceroute, which combines ping and traceroute functionality), and `tcpdump` or `wireshark` for packet analysis.

    Related Commands

    These commands are frequently used alongside traceroute or serve similar purposes:

    Use Cases

    Learn By Doing

    The best way to learn Linux commands is by practicing. Try out these examples in your terminal to build muscle memory and understand how the traceroute command works in different scenarios.

    $ traceroute
    View All Commands