"traceroute" - Trace Routes to Remote Host

This section provides a tutorial example on how to use 'traceroute' command to trace routes (or gateways) between the local host and a given remote host.

"traceroute" is a command line tool that allows to trace routes (or gateways) between the local host and a given remote host. "traceroute" utilizes the IP protocol "TTL (Time To Live)" field and attempts to elicit an ICMP TIME_EXCEEDED response from each gateway along the path to some host.

Here is an example of the "traceroute" command that shows all gateways behave nicely and sent back correct ICMP "time exceeded" messages.

herong$ traceroute nis.nsf.net

traceroute to nis.nsf.net (35.1.1.48), 30 hops max, 38 byte packet

1 helios.ee.lbl.gov (128.3.112.1) 19 ms 19 ms 0 ms
2 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms
3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms
4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 39 ms
5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 39 ms 39 ms 39 ms
6 128.32.197.4 (128.32.197.4) 40 ms 59 ms 59 ms
7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 59 ms
8 129.140.70.13 (129.140.70.13) 99 ms 99 ms 80 ms
9 129.140.71.6 (129.140.71.6) 139 ms 239 ms 319 ms
10 129.140.81.7 (129.140.81.7) 220 ms 199 ms 199 ms
11 nic.merit.edu (35.1.1.48) 239 ms 239 ms 239 ms

As you can see from the above output,

Here is another example of the "traceroute" command that shows some gateways behave badly. They either didn't send ICMP "time exceeded" messages or sent them with a TTL too small to reach the localhost. Those badly behaved gateways are identified by "* * *".

herong$ traceroute google.com

traceroute to google.com (172.217.31.206), 30 hops max, 60 byte packets
1 gateway (192.168.0.1) 2.050 ms 3.041 ms 2.819 ms
2 10.234.0.1 (10.234.0.1) 3.771 ms 3.749 ms 3.716 ms
3 * * *
4 * * *
5 * * *
6 14.140.100.6 (14.140.100.6) 12.234 ms 13.070 ms 12.644 ms
7 * * *
8 * * *
9 108.170.253.97 (108.170.253.97) 11.451 ms 108.170.253.113
10 74.125.253.13 (74.125.253.13) 9.523 ms 11.963 ms 11.388 ms
11 172.217.31.206 (172.217.31.206) 10.477 ms 10.222 ms 8.391 ms

If you don't have "traceroute" installed, you can do it usinng the "dnf" command:

herong$ sudo dnf install traceroute

Table of Contents

 About This Book

 Introduction to Linux Systems

 Cockpit - Web Portal for Administrator

 Process Management

 Files and Directories

 Users and Groups

 File Systems

 Block Devices and Partitions

 LVM (Logical Volume Manager)

 Installing CentOS

 SELinux - Security-Enhanced Linux

Network Connection on CentOS

 Setup Ethernet Connection on CentOS

 Network Firewall Tools on CentOS

 "firewalld" and "firewall-cmd" on CentOS

 Manage Multiple Firewall Zones

 "nftables" and "nft" on CentOS

 "iptables" Command on CentOS

 "nmap" - Network Mapper on CentOS

 Monitor Network Services on CentOS

 "ifconfig" - Trace Routes to Remote Host

"traceroute" - Trace Routes to Remote Host

 "route" - Upate Routing Table

 "netstat" - Display Network Statistics

 "lsof" - List of Open Files

 Software Package Manager on CentOS - DNF and YUM

 vsftpd - Very Secure FTP Daemon

 Postfix - Mail Transport Agent (MTA)

 Dovecot - IMAP and POP3 Server

 Email Client Tools - Mail User Agents (MUA)

 LDAP (Lightweight Directory Access Protocol)

 Administrative Tasks

 References

 Full Version in PDF/EPUB