A Guide to Running Traceroute in Linux

Published:10 February 2021 - 3 min. read

Adam Bertram Image

Adam Bertram

Read more tutorials by Adam Bertram!

Today’s sponsor is n8n, the AI-native workflow automation tool built for ITOps and DevSecOps. With 100+ templates to get you started quickly and a powerful visual editor, you can automate complex workflows without giving up control. Check it out here.

 

 

 

 

 

LinkedIn

If you need to figure out where your packets are going once they leave your Linux computer, traceroute on Linux is your friend.

Traceroute is a handy utility that’s on nearly every Linux distribution that tracks which routers your network packets traverse over a network. This utility is handy for troubleshooting or for simple network planning.

Not every distribution of Linux contains the same package for the traceroute command. Some distributions use the legacy inetutils package which contains traceroute as part of a suite of network tools, while others have a modern traceroute.x86_64 package.

Related: How to use Traceroute in Windows 10 (Tracert)

Inspecting Traceroute Parameters

To get started, let’s first check out what’s possible with the Linux traceroute command.

Open up a terminal and type the command traceroute -? to get access the manual page:

Usage: traceroute [OPTION...] HOST
Print the route packets trace to network host.

  -f, --first-hop=NUM        set initial hop distance, i.e., time-to-live
  -g, --gateways=GATES       list of gateways for loose source routing
  -I, --icmp                 use ICMP ECHO as probe
  -m, --max-hop=NUM          set maximal hop count (default: 64)
  -M, --type=METHOD          use METHOD (`icmp' or `udp') for traceroute
                             operations, defaulting to `udp'
  -p, --port=PORT            use destination PORT port (default: 33434)
  -q, --tries=NUM            send NUM probe packets per hop (default: 3)
      --resolve-hostnames    resolve hostnames
  -t, --tos=NUM              set type of service (TOS) to NUM
  -w, --wait=NUM             wait NUM seconds for response (default: 3)
  -?, --help                 give this help list
      --usage                give a short usage message
  -V, --version              print program version

Mandatory or optional arguments to long options are also mandatory or optional
for any corresponding short options.

Report bugs to <[email protected]>.

As you can see above, you have a lot of options to tweak how traceroute works.

Basic Traceroute Functionality

Although you have parameters to tweak traceroute, you don’t actually need all of them. You can, in fact, just run traceroute and provide the host to trace to. Once you do that, as you can see below, traceroute on Linux sends a 60-byte packet and follows every hop that it takes to get to the destination host.

It’s able to track these hops by using a time-to-live (TTL) on each packet decrementing it by one each time to detected when the package is no longer received.

Traceroute to google.com
Traceroute to google.com

Know that traceroute has a maximum number of hops. It will only go up to 30 hops max.

Adding Switches for More Precise Tracking

The default functionality of traceroute on Linux works well but there’s so much more you can do. Let’s now cover many of the most popular and useful switches that you have available.

Excluding Hops with the First-Hop Switch

One helpful command excludes certain routers from the trace. Using the -f or --first-hop=NUM parameter, you can exclude certain routers from displaying. This could be very useful if you are confident that one or more routers are not causing any issues.

You can also use the -f switch to set the trace to begin past your network perimeter to narrow down any possible causes for latency on the Internet.

In the following GIF, you can see the command traceroute -f 3 google.com running. This command is skipping the first three routers thus bypassing my home networking and ISP router. Notice that the first two hops are missing.

traceroute -f example
traceroute -f example

It takes 15 hops to reach www.google.com from my network from the above example. You see:

  • hop count
  • hostname or IP of the router along the path being traced
  • response times as before

You may see additional interfaces for some hopes in the output. This is expected.

Limiting Hops with the Max-Hop Switch

Now lets say that in addition to skipping the first two hops, you also want the path up to the fifth hop in the route. That’s where you would use the -m or --max-hop=NUM switch parameter.

Type traceroute -m 5 -f 3 http://www.google.com into your terminal and press Enter. This command certainly is useful for narrowing potential routing issues. Traceroute now skips the first two hops and stops at the fifth hop.

Traceroute skipping hops
Traceroute skipping hops

Reducing Probe Packets Sent with the -Q Switch

Traceroute on Linux, by default, sends three probe packets to each router in the path. Perhaps you’d like to reduce the time traceroute takes to run. You can change the number of probe packets sent to each router using the -q parameter.

Type traceroute -q -m 5 -f 3 www.google.com into your terminal and press Enter. You can see below that traceroute is only sending one packet because we’re only getting one response time per hop.

traceroute -q 6 example
traceroute -q 6 example

You can also increase the number of probe packets sent per hop too but specifying an argument for the -q parameter as shown below. Increasing packet probes sent could help by providing a way to average response times to each hop.

Argument for -q Parameter
Argument for -q Parameter

Summary

In this article on Traceroute for Linux, you learned the basics of using this handy utility. There is so much more you can do with this command. If you’d like to learn how to use every switch, be sure to check out the man page.

Hate ads? Want to support the writer? Get many of our tutorials packaged as an ATA Guidebook.

Explore ATA Guidebooks

More from ATA Learning & Partners

Looks like you're offline!