Table of Contents
na_traceroute - Prints the route that packets take to
traceroute [ -m max_ttl ] [ -n ] [ -p base_port ] [ -q
nqueries ] [ -r ] [ -s src_addr ] [ -t tos ] [ -v ] [ -w
waittime ] host [ packetsize ]
The Internet is a large and complex aggregation of network
hardware, connected together by gateways. An intranet or
local net may also be complex. Tracking the route your
packets follow (or finding the gateway that is discarding
your packets) can be difficult. traceroute utilizes the
IP protocol `time to live' field and attempts to elicit an
ICMP TIME_EXCEEDED response from each gateway along the
path to some host.
The only mandatory parameter is the destination host name
or IP number. The default probe datagram length is 38
bytes, but this may be increased by specifying a packet
size (in bytes) after the destination host name.
Other options are:
- Set the max time-to-live (max number of hops) used
in outgoing probe packets. The default is 30 hops
(the same default used for TCP connections).
- Print hop addresses numerically rather than
symbolically and numerically (saves a nameserver
address-to-name lookup for each gateway found on
- Set the base UDP port number used in probes
(default is 33434). traceroute hopes that nothing
is listening on UDP ports base_port to
base_port+nhops-1 at the destination host (so an
ICMP PORT_UNREACHABLE message will be returned to
terminate the route tracing). If something is
listening on a port in the default range, this
option can be used to pick an unused port range.
- Bypass the normal routing tables and send directly
to a host on an attached network. If the host is
not on a directly-attached network, an error is
returned. This option can be used to ping a local
host through an interface that has no route through
it (for example, after the interface was dropped by
- Use the following IP address (which must be given
as an IP number, not a hostname) as the source
address in outgoing probe packets. On hosts with
more than one IP address, this option can be used
to force the source address to be something other
than the IP address of the interface the probe
packet is sent on. If the IP address is not one of
this machine's interface addresses, an error is
returned and nothing is sent.
- Set the type-of-service in probe packets to the
following value (default zero). The value must be
a decimal integer in the range 0 to 255. This
option can be used to see if different
types-of-service result in different paths. (This
may be academic, since the normal network services
on the appliance don't let you control the TOS).
Not all values of TOS are legal or meaningful - see
the IP spec for definitions. Useful values are
probably `-t 16' (low delay) and `-t 8' (high
- Verbose output. Received ICMP packets other than
TIME_EXCEEDED and UNREACHABLEs are listed.
This program attempts to trace the route an IP packet
would follow to some internet host by launching UDP probe
packets with a small ttl (time to live) then listening for
an ICMP "time exceeded" reply from a gateway. We start
our probes with a ttl of one and increase by one until we
get an ICMP "port unreachable" (which means we got to
"host") or hit a max (which defaults to 30 hops and can be
changed with the -m flag). Three probes (change with -q
flag) are sent at each ttl setting and a line is printed
showing the ttl, address of the gateway and round trip
time of each probe. If the probe answers come from
different gateways, the address of each responding system
will be printed. If there is no response within a 5
second timeout interval (changed with the -w flag), a "*"
is printed for that probe.
- Set the time (in seconds) to wait for a response to
a probe (default 5 sec.).
We don't want the destination host to process the UDP
probe packets so the destination port is set to an
unlikely value (if some service on the destination is
using that value, it can be changed with the -p flag).
A sample use and output might be:
After the time, there may appear annotations; the
annotations printed by traceroute are:
toaster> traceroute nis.nsf.net.
traceroute to nis.nsf.net (18.104.22.168), 30 hops max, 38 byte packet
1 internal-router.mycorp.com (10.17.12.34) 1.177 ms 1.448 ms 0.663 ms
2 10.16.105.1 (10.16.105.1) 1.141 ms 0.771 ms 0.722 ms
3 10.12.12.19 (10.12.12.19) 0.659 ms 0.614 ms 0.591 ms
4 10.12.12.20 (10.12.12.20) 1.22 ms 3.479 ms 1.788 ms
5 firewall.mycorp.com (10.25.91.101) 2.253 ms * 7.092 ms
6 isp-router.mycorp.com (22.214.171.124) 5.97 ms 5.522 ms 4.846 ms
7 isp-pop1.isp.net (126.96.36.199) 50.091 ms 75.644 ms 54.489 ms
8 isp-mycity1.isp.net (188.8.131.52) 137.352 ms 128.624 ms 107.653 ms
9 router1.mycity1-nbr1.isp.net (184.108.40.206) 69.458 ms 94.687 ms 58.282 ms
10 router2.city2.isp.net (220.127.116.11) 108.603 ms 73.293 ms 73.454 ms
11 router3.city2.isp.net (18.104.22.168) 89.773 ms 77.354 ms 86.19 ms
12 core6-hssi5-0-0.SanFrancisco.cw.net (22.214.171.124) 64.212 ms 72.039 ms 33.971 ms
13 corerouter2.SanFrancisco.cw.net (126.96.36.199) 15.747 ms 18.744 ms 21.543 ms
14 bordercore2.NorthRoyalton.cw.net (188.8.131.52) 69.559 ms 73.967 ms 68.042 ms
15 merit.NorthRoyalton.cw.net (184.108.40.206) 83.99 ms 130.937 ms 129.694 ms
16 220.127.116.11 (18.104.22.168) 147.379 ms 75.614 ms 82.193 ms
17 nic.merit.edu (22.214.171.124) 116.747 ms 163.204 ms *
- reply returned with a TTL <= 1
- host unreachable
- network unreachable
- protocol unreachable
- source route failed
Neither of the latter two should ever occur; if you see
one, it means the associated gateway is malfunctioning.
If almost all the probes result in some kind of
unreachable, traceroute will give up and exit.
- fragmentation needed
This program is intended for use in network testing,
measurement, and management. It should be used primarily
for manual fault isolation. Because of the load it could
impose on the network, it is unwise to use traceroute
during normal operations or from automated scripts.
When run from a vfiler context, (for example via the
vfiler run command), traceroute operates on the concerned
na_netstat(1), na_ping(1), na_vfiler(1)
Table of Contents