Network Monitoring  «Prev  Next»

Lesson 8 Using traceroute
ObjectiveExamine the output of the traceroute command to locate server failures.

Locate server failures

Sometimes network problems far from your local network cause problems for you. For example, if a company router or gateway fails, your Internet access may be interrupted. This disruption may cause name service failure, loss of email service, and complaints from users who cannot use the Web. The traceroute program can be used to locate such failures.
Here is an example of the use of traceroute:

host$ /usr/sbin/traceroute
traceroute to (, 

   30 hops max, 40 byte packets

 1 (  1.560 ms  

    1.483 ms  1.430 ms

 2  UIC-FDDI-16.GW.UIC.EDU (    

    2.476 ms  1.147 ms  1.132 ms

 3 (   

    3.184 ms  1.719 ms  1.595 ms

 4  909.Hssi4-0.GW3.CHI1.ALTER.NET (  

    3.638 ms  3.488 ms  4.805 ms

 5  104.ATM11-0-0.XR2.CHI4.ALTER.NET (  

    6.639 ms  6.479 ms  6.742 ms

 6  100.ATM2-0-0.TR2.CHI4.ALTER.NET (  

    6.500 ms  5.688 ms  8.674 ms

 7  106.ATM9-0-0.TR2.LAX2.ALTER.NET (  

    66.051 ms  70.452 ms  69.729 ms

 8  100.ATM4-0-0.XR2.LAX2.ALTER.NET (  

    59.202 ms  56.920 ms  59.111 ms

 9  194.ATM1-0-0.GW1.LAX1.ALTER.NET (  

    58.612 ms  52.275 ms  57.054 ms

10 (  58.033 ms  

    55.658 ms  55.691 ms (  66.605 ms  

   58.098 ms  55.841 ms

traceroute Output

The output from traceroute shows the sequence of machines that packets cross en route from the local machine to the machine specified. (In this case, the packets are traveling from the University of Illinois at Chicago (UIC) to the machine In this example, the path from UIC to acme involves 11 steps. The traceroute program tries each stage of the path three times and reports on the round-trip time for each stage. The traceroute program has many options, which vary somewhat from machine to machine; check your manual page for a complete survey of what traceroute can do. On some machines, running traceroute requires root permissions, because it must open a “ Raw socket[1] (do not worry if you are not familiar with this term), and some machines limit this ability to root. If you want to make traceroute available to everyone, you will need to make it run SUID[2] to root.
Note: Traceroute is not part of UNIX. It is freely available on the Internet, however. If you do not have it on your machine, you can get it and install it.

[1] Raw socket: A raw socket allows privileged users direct access to a protocol other than those normally used for transport user data, for example, network level protocols.
[2] SUID permission: The SUID permission sets a process's user ID on execution.