What Is Traceroute and How Does It Work?

For the majority of managed services providers (MSPs), IT admins, and technicians, traceroute and ping are likely the first ports of call when troubleshooting network latency or connectivity problems. Traceroute is a simple tool any user with access to a command prompt can run. However, if you aren’t familiar with the basics of traceroute, it can be difficult to understand the test results. This post will outline the basics of traceroute, when you should use it, and how to read the results.

What is traceroute?

Traceroute is a command that runs tools used for network diagnostics. These tools trace the paths data packets take from their source to their destinations, allowing administrators to better resolve connectivity issues. On a Windows machine, this command is called tracert; on Linux and Mac, it’s called traceroute. Traceroute and tracert largely function in the same way—they map the route data takes from one point in a network to a specific IP server. When data is transmitted between two points, it must “hop” through several devices, like switches and routers. Traceroute maps each hop, provides the details and round-trip time (RTT), and gives the device name and IP address where possible.

While ping can tell you if there is a problem, traceroute can help you pinpoint where the problem exists. For an example of how you might use traceroute, imagine you’re visiting a website and its pages are taking a long time to load. In this instance, you can use traceroute to determine where the longest delays are occurring to get to the route of the issue.

How to run a traceroute

Before running a traceroute command, you should understand a network mechanism called “time to live” (TTL). TTL limits how long data can “live” in an IP network. Every packet of data is assigned a TTL value. Every time a data packet reaches a hop, the TTL value is decreased by one.

Another key element to understand is “round-trip time” (RTT). Traceroute ensures each hop on the way to a destination device drops a packet and sends back an ICMP error message. This means traceroute can measure the duration of time between when the data is sent and when the ICMP message is received back for each hop—giving you the RTT value for each hop.

To better illustrate this, let’s say you run a traceroute and specify a maximum of 30 hops. Traceroute will send packets with a TTL of one to the destination server. The first network device the data passes through will decrease the TTL to the value of zero, and a message informing you the packets were dropped is sent. This gives you the RTT for hop number one.

From there, the data packets are sent to the destination server with a TTL of two. As the packets pass through the first hop, the TTL decreases to one. When they pass through the second hop, it decreases to zero. The message is sent again. This gives you the RTT for hop number two.

This process will repeat until the data packets either reach the destination device or it reaches the maximum number of hops. By the end of this test, you will know the number of hops to the destination device, the RTT length for each hop, and the device name and IP address for each hop.

How to read traceroute

Traceroute results will look slightly different depending on the specific tool you use. If you choose to use NetPath with SolarWinds® N-central, then reading these results is very straightforward. Intuitive visuals provide deep visibility—allowing you to troubleshoot hotspots across the delivery chain.

If you use tracert, the Windows traceroute command, you’ll see the number of hops from the source device to the destination device in the far-left column. For each hop, you’ll see three RTT values (provided the TRACERT tool was set to send three data packets to test each hop, as per the default settings). On the right, you should see additional device information.

Tackling traceroute shortcomings

While traceroute is a great tool for identifying problems, it does have some significant shortcomings. For instance, it doesn’t display historical data, which can make identifying patterns difficult. It also doesn’t represent multiple paths easily—and because many firewalls block ICMP requests, traceroute often displays incomplete data.

To overcome these shortcomings, it’s important to look for powerful solutions that can offer deep visibility beyond what traceroute offers. NetPath is a feature of the SolarWinds N-central suite, an all-in-one remote monitoring and management solution designed with MSPs in mind. NetPath displays the flow of data in a dynamic and visually compelling way and can help MSPs tackle the challenges traditionally associated with traceroute. It also features a professionally designed user interface as opposed to the harder to understand command line display associated with traceroute.

NetPath can also function as a remote traceroute tool. To use the NetPath feature to perform a traceroute test, follow the below instructions:

  • Navigate to the NetPath services page and click “create new service”
  • Fill in a hostname or IP address
  • Fill in any TCP port
  • Enter a nickname
  • Enter a probing interval
  • Click “next”
  • Choose to either use the probe on your main polling engine or deploy a probe to a remote location—this means NetPath can function as a remote traceroute tool
  • Click “create” to generate your path

Choosing the right network monitoring tool

SolarWinds N-central is designed to give MSPs access to enhanced capabilities, allowing them to gain detailed insight into customer networks. This deep visibility helps improve their understanding of customer endpoint security and increases technician efficiency so MSPs can expand their business.

As more SMBs ask their MSPs to manage a patchwork of hosted, on-premises, and cloud services, the ability to identify the source of IT issues becomes increasingly difficult. Combine this difficulty with the limited control MSPs have over public cloud services, and this array of risks can result in customer dissatisfaction.

NetPath was created to help MSPs address these issues. It’s a visual and intuitive feature that gives you insight into your customers’ experience of slowdowns when trying to access a network service or website. To learn more, get N-central free for 30 days to start exploring.


Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a trial.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site