Do you really take full advantage of the TCP/IP connection testing utilities at your disposal? Most Windows administrators...
and PC users don't explore the functionality of tools like ping, tracert, and pathping. That's a shame, because those tools can save users time and increase the flexibility of their systems.
In part one of this series, I covered ways to use ping. In this article, I examine the tracert utility. Then, in part three, I'll guide you through the workings of pathping. Together, all three articles will add some handy troubleshooting utilities to your IT tool belt.
The tracert utility is a diagnostic utility that determines the route taken to a destination by sending ICMP packets with varying time-to-live (TTL) values to the destination. Each router along the path is required to decrement the TTL on a packet by at least 1 before forwarding it, so the TTL is effectively a hop count. When the TTL on a packet reaches 0, the router is supposed to send back an ICMP Time Exceeded message to the source system.
Tracert determines the route by sending the first echo packet with a TTL of 1 and incrementing the TTL by 1 on each subsequent transmission until the target responds or until the maximum TTL is reached. The route is determined by examining the ICMP Time Exceeded messages sent back by intermediate routers. However, some routers silently drop packets with expired TTL values and are invisible to tracert, thus making this tool somewhat ineffective.
Again you say: "All right. Very nice definition, but what does all that mean to me?" To borrow an analogy I used in part one of this series, what it says is this: using the tracert command is like picking up the phone and dialing a number to see whether it rings on the other side, whether it speaks the right language (TCP/IP in this case), how long it takes, how many operators the call had to cross and, finally, who the operators were.
The first step to using tracert is to type: tracert [destination computer or IP address]
Here are two examples:
- tracert www.yahoo.com
- tracert 172.16.123.3
Tracing route to www.yahoo.akadns.net [184.108.40.206]
over a maximum of 30 hops:
1 <10 ms <10 ms <10 ms 220.127.116.11
2 <10 ms 10 ms 10 ms 18.104.22.168
3 <10 ms 10 ms 10 ms gbr1-a90s17.cgcil.ip.att.net [22.214.171.124]
4 10 ms 30 ms 20 ms tbr1-p013502.cgcil.ip.att.net [126.96.36.199]
5 50 ms 70 ms 60 ms tbr1-cl1.sffca.ip.att.net [188.8.131.52]
6 40 ms 70 ms 60 ms ggr1-p340.sffca.ip.att.net [184.108.40.206]
7 50 ms 50 ms 50 ms att-gw.sf.cw.net [220.127.116.11]
8 80 ms 80 ms 80 ms agr4-loopback.Washington.cw.net [18.104.22.168]
9 70 ms 80 ms 80 ms dcr1-so-6-3-0.Washington.cw.net [22.214.171.124]
10 80 ms 80 ms 80 ms bhr1-pos-0-0.Sterling1dc2.cw.net [126.96.36.199]
11 80 ms 80 ms 81 ms csr22-ve240.stng01.exodus.net [188.8.131.52]
12 80 ms 81 ms 80 ms 184.108.40.206
13 80 ms 80 ms 80 ms www9.dcx.yahoo.com [220.127.116.11]
Notice that each hop shows the name of the router and how long each router took to respond to the ICMP packet. The longer that the ms response time is, the greater chance that there is a routing issue between your system and the destination system. Running this command repeatedly on the Internet will normally yield different results, because TCP/IP is auto-correcting and will take the fastest route possible across the routers of the world.
Again, as with the ping utility, there are many different options available with this utility. To display these options, type:
- tracert | more
About the author: Tim Fenner is a network and systems administrator for a national industry association and an IT consultant for small businesses.
FOR MORE INFORMATION:
>> Reference works for this article include