🛤️ Command: traceroute (The Network Map)
The traceroute command is a diagnostic tool that shows the path (the "route") a packet takes to reach a destination. It lists every router (or "hop") the data passes through, along with the time it takes for each jump.
1. The "Why"
traceroute helps you determine if a lag or connection issue is local, regional, or international:
- Locating Bottlenecks: Identify which specific hop is causing high latency.
- ISP Troubleshooting: See if your traffic is being routed strangely (e.g., if a connection to a neighboring country is being sent to Europe first).
- Firewall Detection: Find out at which hop your packets are being dropped (indicated by
* * *).
2. How it Works (The TTL Trick)
traceroute works by sending packets with an increasing Time To Live (TTL) value:
- It starts with
TTL=1. The first router it hits decrements it to 0, discards the packet, and sends back an "ICMP Time Exceeded" message. Now we know the first hop. - It then sends a packet with
TTL=2, reaching the second router before it expires. - This continues until the destination is reached or the maximum hops (usually 30) are hit.
3. Basic Syntax
traceroute [domain_or_IP]
4. Essential Flags
| Flag | Purpose | Use Case |
|---|---|---|
-n |
No Names | Shows IP addresses only (skips DNS lookup), making the scan much faster. |
-I |
ICMP Echo | Uses ICMP instead of UDP. Helpful if routers are blocking UDP packets. |
-T |
TCP SYN | Uses TCP. Often more effective for getting through modern firewalls. |
-w [sec] |
Wait Time | Sets the timeout for a response from each hop. |
-q [n] |
Queries | Number of probes sent to each hop (default is 3). |
5. Reading the Output
When you run traceroute google.com, you’ll see something like this:
4 10.50.10.1 12.345 ms 11.231 ms 10.982 ms
5 * * *
- Hop Number: The sequence of the router.
- Host/IP: The name and IP of that router.
- Latency (ms): Three separate time measurements. Lower is better.
* * *: This means the router did not respond. It might be configured to ignore traceroute requests for security, or the packet was lost.
6. Modern Alternatives: mtr
While traceroute is classic, most Arch Linux pros prefer mtr (My Traceroute). It combines ping and traceroute into a single, live-updating screen.
sudo pacman -S mtr
mtr google.com
7. Pro-Tips
- Arch Linux Context: If
tracerouteisn't installed, get it viasudo pacman -S traceroute. - Permission: Some modes (like
-Ior-T) requiresudobecause they involve crafting raw network packets. - Algeria Specifics: If you notice high latency on the first 2-3 hops, the issue is likely your local router or your Algerian ISP's local exchange. If the latency jumps significantly after a hop with a name like
lon-(London) orpar-(Paris), the bottleneck is in the international submarine cables. - Tutorial Tip: When writing technical tutorials, teach your readers to use
traceroute -nfirst; it prevents the output from "hanging" while waiting for slow DNS responses.
8. Summary Reference
| Goal | Command |
|---|---|
| Standard Trace | traceroute [target] |
| Fast (No DNS) | traceroute -n [target] |
| Use ICMP (Ping-style) | sudo traceroute -I [target] |
| Use TCP (Firewall-friendly) | sudo traceroute -T -p 80 [target] |