fortypoundhead.com

TRACERT

Posted On 2007-04-25 by FortyPoundHead
Keywords: Command Reference
Tags: Windows Commandline Networking Windows
Views: 1748


Find the IP address of any remote host. TRACERT is useful for troubleshooting large networks where several paths can be taken to arrive at the same point, or where many intermediate systems (routers or bridges) are involved.

Syntax

TRACERT [options] target_name

Key

target_name The HTTP or UNC name of the host

Options:
 
-d Do not resolve addresses to hostnames. (avoids performing a DNS lookup)
-h max_hops Maximum number of hops to search for target.(default=30)
-j host-list Trace route along given host-list. up to 9 hosts in dotted decimal notation, separated by spaces.
-w timeout Wait timeout milliseconds for each reply.The functionality of TRACERT is the same under all versions of windows but the output is cosmetically improved under XP.

Tracert uses the IP TTL field and ICMP error messages to determine the route from one host to another through a network.

Care must be taken with tracert as it shows the optimal route, not necessarily the actual route. To be accurate, it is possible to ping from a UNIX machine back to the PC using the -R option to record the route taken - but only if the particular network devices support it.

This diagnostic tool determines the path taken to a destination by sending ICMP Echo Request messages with varying Time to Live (TTL) values to the destination.

TTL (Time to Live) calculation

TTL is effectively a count of the (maximum) number of links to the destination host. Each router along the path decrements the TTL in an IP packet by at least 1 before forwarding it.

When the TTL on a packet reaches 0, the router is expected to return an ICMP Time Exceeded message to the source computer.

Tracert determines the path by sending the first Echo Request message with a TTL of 1 and incrementing the TTL by 1 on each subsequent transmission until either the target host responds or the maximum number of hops is reached.

This process relys on intermediate routers to return ICMP Time Exceeded messages. However, some routers do not return Time Exceeded messages for packets with expired TTL values and are invisible to the tracert command. In this case, a row of asterisks (*) is displayed for that hop.

Many firewalls will block ICMP traffic by default. If an attacker is able to forge ICMP redirect packets, he or she can alter the routing tables on the host and possibly subvert the security of the host by causing traffic to flow via a path you didn''t intend.

Examples

TRACERT www.doubleclick.net
TRACERT 123.45.67.89
TRACERT local_server


About the Author

FortyPoundHead has posted a total of 1974 articles.

 


Comments On This Post

No comments on this post yet!


Do you have a thought relating to this post? You can post your comment here. If you have an unrelated question, you can use the Q&A section to ask it.

Or you can drop a note to the administrators if you're not sure where you should post.


Your IP address is:54.158.195.221

Before you can post, you need to prove you are human. If you log in, this test goes away.



Recent Forum Posts

Malicious IP Checker Companion Tool
dwirch posted on August 12, 2017 at about 20:24 in Site News

Job Spammer: Steve Adams
dwirch posted on August 8, 2017 at about 7:44 in Spammers

New security implemented
dwirch posted on August 8, 2017 at about 6:43 in Site News

New security implemented
dwirch posted on July 23, 2017 at about 6:58 in Site News

Fold Code Manager into main KB?
VB6Boy posted on July 22, 2017 at about 14:42 in Site News

Fold Code Manager into main KB?
dwirch posted on July 22, 2017 at about 14:41 in Site News