Anyone in the DNS world knows there’s a lot more to the internet than meets the eye. For the end user, it appears as if they type something into a web browser-and poof-they are where they want to be. What is really going on is a series of actions between nameservers based on many different predefined rules and configurations. For domains to have that “magical” effect, DNS must be configured correctly. That is why diagnostic tools are so important in this industry. In this resource, you’ll learn all about traceroute-what it is, how it works, and why it’s important for DNS and network diagnostics.
When a person enters a website into their browser, they initiate a query. The web browser, also called a client, immediately contacts a recursive resolver for the IP address of the domain name that was requested. This starts a process involving several different nameservers which work together to provide an answer to the query.
A traceroute maps the path data packets take from start to finish. In other words, it tracks data movement over the internet. Once done, it delivers a report containing round trip times (RTT) for each hop and the IP addresses of each router pinged during the journey. Traceroutes also reveal points of failure. With all the working parts of DNS, knowing how and where data travels is key to diagnosing delays or connectivity issues between devices.
: For a more detailed explanation of DNS, watch our DNS Explained video, which breaks it down in a fun, easy to understand way.
What is a Packet?
A packet is a chunk of data that is part of a larger message. Each time something is uploaded to the web, be it a message, image, or video, it is broken down into smaller segments. Once the destination device receives all packets for a message, it recombines them and the full message can be viewed.
What Is a Hop?
Each time a packet passes between devices, it’s called a hop. The number of routers or servers a packet is forwarded to before reaching its destination is referred to as a hop count.
How Does a Traceroute Work?
When running a traceroute, you are sending an IP packet that includes the source and destination addresses, as well as time to live (TTL) information based on each hop. In packets, TTL decreases at every hop. This is to prevent looping issues between servers. If there was no TTL, a packet could be bounced between servers indefinitely. If the TTL falls to zero, the packet is dropped. The router will then alert the source that it was unable to forward the packet.
A traceroute identifies routers or servers hop by hop. Packets are sent with a TTL of one. Since the receiving server decrements the TTL by one automatically, it drops it to zero and notifies the source. When the source is notified of the packet drop, it also receives the identity of the router. The next packet is sent with a TTL of two. The first server decreases the TTL to one and passes it on to the next link in the chain. This process repeats incrementally until the final destination or max number of hops is reached.
There are several ways you can run a traceroute. One of the easiest and most convenient methods is using an online resource like Constellix’s free traceroute tool. What makes this resource unique is that it performs lookups from more than 25 locations around the world. The results are provided in both a line graph and a data table, so the information is easy to read and understand.
Here is an example of the line graph and data table from Constellix’s Traceroute Tool.
: Check out our nslookup cheat sheet for Windows for helpful DNS commands for troubleshooting.
If you’re performing a traceroute on a physical computer you would use a command line utility. In Windows Command Prompt or PowerShell, the command is “tracert” (without the quotes). On Linux or Mac systems, you would run Terminal and use the command “traceroute.” A typical traceroute runs over a maximum of 30 hops. To specify a certain number, you would include “-h” (without the quotes) in the command line.
Here is an example of how results would look using a command line utility. This example is from Windows Command Prompt and includes a max hop command.
How to Read a Traceroute
When using Constellix’s traceroute tool, you can easily see the identity of each server and the speed for each hop by hovering over each point on the graph. The table format provides the same information in a similar manner as a command line utility would.
In the data table of Contellix’s tool and results given in the Windows Command Prompt above, the first column is the number of hops, the middle columns reflect the speed of the hops, and the last column shows the router/server’s identity.
Traceroute Wrap Up
Traceroute is an essential and powerful diagnostic tool for DNS and network administrators. It can pinpoint inoperable or slow-working routers or servers, and can help you improve the speed of your network. Best of all, it’s simple to use. You can run traceroutes from a command line utility on Windows, Mac, or Linux. You can also perform a traceroute lookup with Constellix’s Traceroute Tool, which is available from any device, anywhere. It outputs data into a line graph and table formats that are easy to understand. Whichever tool you use, traceroutes are an invaluable troubleshooting tool.
If you found this useful, why not share it? If there’s a topic you’d like to know more about, reach out and let me know. I can never talk about DNS enough!
Liked this? You might find this helpful:
Originally published at https://constellix.com.