6.8. Traceroute

Home Prev	cOS Stream 4.00.03 Administration Guide	Next

Overview

The cOS Stream traceroute command provides information about the routes that packets take as they traverse the routers in the external network and the round-trip transit time to and from these routers. A similar traceroute command is found on many other systems such as Microsoft Windows™.

How Traceroute Functions

Traceroute functions by sending packets with a time-to-live (TTL) value that starts at 1 and is progressively incremented for subsequent packets. A router will decrement the time-to-live as a packet traverses it. If the value becomes zero, the packet is dropped by the router and an ICMP time-exceeded message is sent back to the source which sends another packet with a time-to-live of 2 in order to reach the next router. The incrementing of the time-to-live continues until the intended destination is reached. The ICMP time-exceeded messages sent back by the routers between the source and destination provide the basis for the traceroute output.

By default, cOS Stream sends its traceroute packets as ICMP ping messages. However, the option exists to send messages using either UDP or TCP.

The Basic Traceroute Command Format

The basic form of the traceroute command is the following:

System:/> traceroute <host>

The <host> can be either an IPv4 or IPv6 address, for example:

System:/> traceroute 192.168.4.1

Alternatively, <host> can be a DNS resolvable Fully Qualified Domain Name (FQDN), for example:

System:/> traceroute server.example.com

When using traceroute with an FQDN, at least one DNS server must have been configured in cOS Stream to perform the resolution. Doing this is described in Chapter 12, DNS.

The equivalent command to the above when sending a UDP message would be:

System:/> traceroute -udp server.example.com

The equivalent when sending a TCP message would be:

System:/> traceroute -tcp server.example.com

Note that the UDP and TCP options must appear before the host in the command.

Manually Terminating Traceroute

After entering the traceroute command, cOS Stream will continue to send messages until either the trace is complete or the command is manually terminated. Manual termination is done by entering CTRL-C on the keyboard.

Traceroute Output

Below is some typical output from traceroute using the default settings with the destination specified as an FQDN:

System:/> traceroute server.example.com
		
Traceroute to 10.194.40.247, 32 hops max, 32-byte packets	
1    <1 ms    10 ms    10 ms  10.4.16.1
2    10 ms    10 ms    10 ms  10.4.0.2
3    10 ms     0 ms    10 ms  10.194.40.247

Here, each line of output corresponds to an attempt by traceroute to reach the next router. The first column is the hop number.

By default, traceroute tries 3 times for each router hop and the Round Trip Time (RTT) for each attempt expressed in milliseconds is shown in the three columns that follow the hop number. In the example above, there were two routers in the path to the target destination, hop number 1 and hop number 2. The final hop. number 3, is the destination which was DNS resolved as the IPv4 address 10.194.40.247.

The Route Can Change

Given the dynamic nature of a packet switch network, it is possible for consecutive packets sent by the traceroute command to pass through different sets of routers. It is difficult to know that this is occurring and it is not indicated in the command output.

It is also possible that different routers could have responded for a given hop value. The address displayed at the end of lines of traceroute output under the Host column is always the router that dealt with the last ICMP message sent for that hop.

Additional Traceroute Options

The following are some of the other options that can be used with the traceroute command:

-ipver

When the destination is specified as an FQDN, by default cOS Stream will only request an IPv4 address from the resolving DNS server and will use that as the destination address. This option must be used if only an IPv6 address is to be used as the destination address. For example:
```
System:/> traceroute server.example.com -ipver=6
```
Alternatively, the IPv6 address could be entered directly after the traceroute command.
-maxttl

This specifies the maximum value for the time-to-live parameter of the packets sent.
```
System:/> traceroute server.example.com -maxttl=20
```
The default value is 30.

Note that if cOS Stream gets no response from a router within the set timeout (the default is 1 second) then it will continue to send ICMP ping messages with an increasing time-to-live value until the -maxttl limit is reached.
-queries

This specifies how many attempts are made for each hop. For example:
```
System:/> traceroute server.example.com -count=1
```
The default value is 3.
-length

This specifies how large the sent payload is. The payload itself is made up of zeros. For example:
```
System:/> traceroute server.example.com -length=128
```
The default value is 32.
-interval

This specifies the number of milliseconds between each query (the default is 1000 milliseconds). For example:
```
System:/> traceroute server.example.com -interval=100
```
An interval of zero means the messages are sent continuously and can simulate a denial of service attack.
-ttl

This specifies what time-to-live (TTL) value to start with and therefore at which hop to start. For example:
```
System:/> traceroute server.example.com -ttl=3
```
The default value is 1.
-noresolve

This switches off the default behavior of resolving host names in the output from the command. For example:
```
System:/> traceroute server.example.com -noresolve
```
The principle reason to use this option is that omitting host name resolution makes the command execution faster.
-timeout

This is the amount of time cOS Stream will wait for a response from a router or the destination before it increases the time-to-live and tries again.
```
System:/> traceroute server.example.com -timeout=2000
```
Any timeout conditions are indicated in the traceroute output. An example of this is shown below:
```
System:/> traceroute example.com
				
Traceroute to 10.194.40.247, 32 hops max, 32-byte packets
1     0 ms     0 ms    10 ms  10.4.16.1
2    10 ms    10 ms    10 ms  10.4.0.2
3    10 ms    10 ms    10 ms  10.131.48.2
4     *        *        *     Request timed out
```
A timeout could occur because any of the following:
1. A router or the destination may not be set up to respond to the messages sent
2. The destination host may be offline.

-verbose

This option provides some additional information, including the routing table used. For example:

System:/> traceroute server.example.com -verbose
				
Traceroute to 10.194.40.247, 32 hops max, 32-byte packets	(IPv4 ICMP)
Using route "0.0.0.0/0 via if2 , gw: 10.4.16.1" in routingtable "main":

1    <1 ms    10 ms    10 ms  10.4.16.1
2    10 ms    10 ms    10 ms  10.4.0.2
3    10 ms     0 ms    10 ms  10.194.40.247

The full list of options can be found in the separate CLI Reference Guide.