traceroute Command
Trace the route packets take to reach a network destination
Syntax:
traceroute [OPTIONS] destination
Description
The traceroute command is a network diagnostic tool used to trace the path that packets take from your computer to a destination host. It shows each hop (router or gateway) along the route and measures the time it takes for packets to reach each hop. This is invaluable for network troubleshooting and understanding network topology.
Note: On some systems, you may need to use
tracert (Windows) or install traceroute package. Some systems may require root privileges to run traceroute.
Common Options
| Option | Description |
|---|---|
-4 |
Use IPv4 only |
-6 |
Use IPv6 only |
-I |
Use ICMP ECHO for probes |
-T |
Use TCP SYN for probes |
-U |
Use UDP datagrams for probes (default) |
-n |
Do not resolve IP addresses to hostnames |
-w timeout |
Set the time to wait for response (default: 5 seconds) |
-q nqueries |
Set number of probe packets per hop (default: 3) |
-m max_ttl |
Set maximum number of hops (default: 30) |
-f first_ttl |
Set initial TTL value (default: 1) |
-p port |
Set destination port (for UDP/TCP) |
-s source |
Set source IP address |
-g gateway |
Route packets through specified gateway |
-i interface |
Use specified network interface |
-z sendwait |
Minimal time interval between probes |
Examples
Basic traceroute to a website:
traceroute google.com # Traces route to Google's servers traceroute 8.8.8.8 # Traces route to Google's DNS server
Traceroute without hostname resolution:
traceroute -n google.com # Shows only IP addresses, faster execution traceroute -n 1.1.1.1 # Traces to Cloudflare DNS without resolving names
Set maximum number of hops:
traceroute -m 15 example.com # Limits trace to 15 hops maximum traceroute -m 10 -n 192.168.1.1 # Traces to local gateway with 10 hop limit
Use ICMP instead of UDP:
traceroute -I google.com # Uses ICMP ECHO packets instead of UDP sudo traceroute -I -n 8.8.8.8 # ICMP trace without hostname resolution
Use TCP probes:
traceroute -T -p 80 example.com # Uses TCP SYN packets to port 80 traceroute -T -p 443 secure-site.com # TCP trace to HTTPS port
Adjust timeout and queries:
traceroute -w 10 -q 1 slow-server.com # 10 second timeout, 1 query per hop traceroute -w 2 -q 5 example.com # 2 second timeout, 5 queries per hop
IPv6 traceroute:
traceroute -6 ipv6.google.com # Traces IPv6 route traceroute6 2001:4860:4860::8888 # Alternative IPv6 command to Google DNS
Specify source interface:
traceroute -i eth0 example.com # Use specific network interface traceroute -s 192.168.1.100 example.com # Use specific source IP address
Start from specific TTL:
traceroute -f 5 example.com # Start tracing from hop 5 traceroute -f 3 -m 10 example.com # Start from hop 3, maximum 10 hops
Understanding Output
Traceroute output shows each hop with the following information:
Sample output explanation:
traceroute to google.com (172.217.164.110), 30 hops max, 60 byte packets 1 192.168.1.1 (192.168.1.1) 1.234 ms 1.456 ms 1.678 ms 2 10.0.0.1 (10.0.0.1) 5.123 ms 5.234 ms 5.345 ms 3 * * * 4 203.0.113.1 (isp-router.example.com) 15.123 ms 15.234 ms 15.345 ms
Explanation:
- Hop number: Sequential number of the router/gateway
- IP address: The IP address of the hop
- Hostname: Resolved hostname (if available)
- Response times: Three round-trip times in milliseconds
- * * *: Indicates timeout or no response from that hop
Common Response Symbols
| Symbol | Meaning |
|---|---|
* |
Timeout - no response received |
!H |
Host unreachable |
!N |
Network unreachable |
!P |
Protocol unreachable |
!S |
Source route failed |
!F |
Fragmentation needed |
!X |
Communication administratively prohibited |
!V |
Host precedence violation |
!C |
Precedence cutoff in effect |
Troubleshooting Scenarios
Identify network bottlenecks:
# Look for sudden increases in response time traceroute -n slow-website.com # Compare routes to different destinations traceroute -n fast-site.com traceroute -n slow-site.com
Diagnose connectivity issues:
# Check if packets reach destination traceroute -I unreachable-site.com # Test with different protocols traceroute -U example.com # UDP traceroute -T -p 80 example.com # TCP traceroute -I example.com # ICMP
Analyze routing loops:
# Increase max hops to detect loops traceroute -m 50 problematic-site.com # Look for repeating IP addresses in output
Test firewall configurations:
# Test different ports traceroute -T -p 22 server.com # SSH traceroute -T -p 80 server.com # HTTP traceroute -T -p 443 server.com # HTTPS
Advanced Usage
Continuous monitoring:
# Monitor route changes over time
while true; do
echo "$(date): Tracing route to example.com"
traceroute -n -q 1 example.com
sleep 300 # Wait 5 minutes
done
Compare IPv4 vs IPv6 routes:
# IPv4 route traceroute -4 dual-stack-site.com # IPv6 route traceroute -6 dual-stack-site.com
Save traceroute results:
# Save to file with timestamp traceroute google.com > traceroute_$(date +%Y%m%d_%H%M%S).txt # Append to log file traceroute -n example.com >> network_traces.log
Common Use Cases
- Network troubleshooting: Identifying where packets are being dropped or delayed
- Performance analysis: Finding network bottlenecks and high-latency hops
- Route discovery: Understanding the path packets take through the internet
- Firewall testing: Determining if firewalls are blocking specific protocols or ports
- ISP analysis: Identifying which ISPs and networks your traffic traverses
- Geolocation tracking: Understanding the geographic path of network traffic
- Network mapping: Discovering network topology and infrastructure
- Connectivity verification: Confirming end-to-end network connectivity
Tips and Best Practices
- Use
-noption for faster execution when hostname resolution isn't needed - Try different probe types (-I, -T, -U) if one doesn't work due to firewall rules
- Increase timeout with
-wfor slow or congested networks - Use
-q 1for faster results when you only need basic route information - Some routers may not respond to traceroute probes, showing * * *
- ICMP traceroute (-I) often works better through firewalls
- TCP traceroute (-T) can bypass UDP-blocking firewalls
- Run traceroute multiple times to account for route changes and load balancing
- Compare results from different source locations for comprehensive analysis
- Be aware that some networks implement rate limiting for traceroute probes