traceroute Command Purpose Prints the route that IP packets take to a network host. Syntax traceroute [ -m Max_ttl ] [ -n ] [ -p Port ] [ -q Nqueries ] [ -r ] [ -s SRC_Addr ] [ -t TypeOfService ] [ -v ] [ -w WaitTime ] Host [ PacketSize ] Description Warning: The traceroute command is intended for use in network testing, measurement, and management. It should be used primari- ly for manual fault isolation. Because of the load it imposes on the network, the traceroute command should not be used during normal operations or from automated scripts. The traceroute command attempts to trace the route an IP packet follows to an Internet host by launching UDP probe packets with a small maximum time-to-live (Max_ttl variable), then listening for an ICMP TIME_EXCEEDED response from gateways along the way. Probes are started with a Max_ttl value of one hop, which is in- creased one hop at a time until an ICMP PORT_UNREACHABLE message is returned. The ICMP PORT_UNREACHABLE message indicates either that the host has been located or the command has reached the maximum number of hops allowed for the trace. The traceroute command sends three probes at each Max_ttl setting to record the following: * Max_ttl value * Address of the gateway * Round-trip time of each successful probe. The number of probes sent can be increased by using the -q flag. If the probe answers come from different gateways, the command prints the address of each responding system. If there is no response from a probe within a 3-second time-out interval, an * (asterisk) is printed for that probe. The traceroute command prints an ! (exclamation mark) after the round-trip time if the Max_ttl value is one hop or less. A max- imum time-to-live value of one hop or less generally indicates an incompatibility in the way ICMP replies are handled by different network software. The incompatibility can usually be resolved by doubling the last Max_ttl value used and trying again. Other possible annotations after the round-trip notation are: !H Host unreachable !N Network unreachable !P Protocol unreachable !S Source route failed !F Fragmentation needed If the majority of probes result in an error, the traceroute com- mand exits. The only mandatory parameter for the traceroute command is the destination host name or IP number. The default probe length is 38 bytes, but may be increased by specifying the packet size (in bytes) after the destination host name. The UDP probe packets are set to an unlikely value so as to prevent processing by the destination host. Flags -m Max_ttl Sets the maximum time-to-live (maximum number of hops) used in outgoing probe packets. The default is 30 hops (the same default used for TCP connections). -n Prints hop addresses numerically rather than symbolically and numerically. This flag saves a name-server address-to-name look- up for each gateway found on the path. -p Port Sets the base UDP port number used in probes. The de- fault is 33434. The traceroute command depends on an open UDP port range of base to base + nhops - 1 at the destination host. If a UDP port is not available, this option can be used to pick an unused port range. -q Nqueries Specifies the number of probes the traceroute command sends at each Max_ttl setting. The default is three probes. -r Bypasses the normal routing tables and sends the probe packet directly to a host on an attached network. If the specified host is not on a directly attached network, an error is returned. This option can be used to issue a ping command to a local host through an interface that is not registered in the routed dae- mon's routing table. -s SRC_Addr Uses the next IP address in numerical form as the source address in outgoing probe packets. On hosts with more than one IP address, the -s flag can be used to force the source address to be something other than the IP address of the inter- face on which the probe packet is sent. If the next IP address is not one of the machine's interface addresses, an error is re- turned and nothing is sent. -t TypeOfService Sets the TypeOfService variable in the probe packets to a decimal integer in the range of 0 to 255. The de- fault is 0. This flag can be used to investigate whether dif- ferent service types result in different paths. For more infor- mation, see "TCP/IP Protocols" in AIX Version 3.2 System Manage- ment Guide: Communications and Networks. Useful values are -t 16 (low delay) and -t 8 (high throughput). -v Receives packets other than TIME_EXCEEDED and PORT_UNREACHABLE (verbose output). -w WaitTime Sets the time (in seconds) to wait for a response to a probe. The default is 3 seconds. Host Specifies the destination host, either by host name or IP number. This parameter is required. PacketSize Specifies the probe datagram length. The default is 38 bytes. This number can be increased by specifying the packet size, in bytes, after the destination host name. Security The traceroute command uses raw sockets. Root user authority is required to access raw sockets. Examples 1. A sample use and output is: [yak 71]% traceroute nis.nsf.net. traceroute to nis.nsf.net (35.1.1.48), 30 hops max, 56 byte packet 1 helios.ee.lbl.gov (128.3.112.1) 19 ms 19 ms 0 ms 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 39 ms 5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 39 ms 39 ms 39 ms 6 128.32.197.4 (128.32.197.4) 40 ms 59 ms 59 ms 7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 59 ms 8 129.140.70.13 (129.140.70.13) 99 ms 99 ms 80 ms 9 129.140.71.6 (129.140.71.6) 139 ms 239 ms 319 ms 10 129.140.81.7 (129.140.81.7) 220 ms 199 ms 199 ms 11 nic.merit.edu (35.1.1.48) 239 ms 239 ms 239 ms Lines 2 and 3 are the same due to a bug in the kernel on the second hop system (lbl-csam.arpa) that forwards packets with a zero time-to-live. Host names are not printed in lines 6 through 10 because the National Science Foundation Network (NSFNet, 129.140) does not provide address-to-name translations for its nodes. 2. Another output example might be: [yak 72]% traceroute rip.Berkeley.EDU (128.32.131.22) traceroute to rip.Berkeley.EDU (128.32.131.22), 30 hops max 1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 39 ms 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 19 ms 39 ms 19 ms 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 19 ms 5 ccn-nerif35.Berkeley.EDU (128.32.168.35) 39 ms 39 ms 39 ms 6 csgw/Berkeley.EDU (128.32.133.254) 39 ms 59 ms 39 ms 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 rip.Berkeley.EDU (128.32.131.22) 59 ms! 39 ms! 39 ms! In this example, exactly half of the 12 gateway hops (13 is the final destination) are "missing." However, these hops were actu- ally not gateways. The destination host, a Sun-3 workstation running Sun OS3.5, used the ttl from the arriving datagram as the ttl in its ICMP reply; thus, the reply timed out on the return path. Because ICMPs are not sent for ICMPs, no notice was re- ceived. The ! (exclamation mark) after each round-trip time in- dicates some type of software incompatibility problem. (The cause was diagnosed after the traceroute command issued a probe of twice the path length. The destination host was really only seven hops away.) Implementation Specifics This command is part of TCP/IP in Network Support Facilities in Base Operating System (BOS) Runtime. Related Information netstat command, nslookup command, ping command. TCP/IP Name Resolution in AIX Version 3.2 System Management Guide: Communications and Networks.