1.\" Copyright (c) 1989, 1995, 1996
2.\" The Regents of the University of California. All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms are permitted
5.\" provided that the above copyright notice and this paragraph are
6.\" duplicated in all such forms and that any documentation,
7.\" advertising materials, and other materials related to such
8.\" distribution and use acknowledge that the software was developed
9.\" by the University of California, Berkeley. The name of the
10.\" University may not be used to endorse or promote products derived
11.\" from this software without specific prior written permission.
12.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
13.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
14.\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
15.\"
16.\" $Header: traceroute.8,v 1.7 96/09/27 20:02:41 leres Exp $
| 1.\" Copyright (c) 1989, 1995, 1996
2.\" The Regents of the University of California. All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms are permitted
5.\" provided that the above copyright notice and this paragraph are
6.\" duplicated in all such forms and that any documentation,
7.\" advertising materials, and other materials related to such
8.\" distribution and use acknowledge that the software was developed
9.\" by the University of California, Berkeley. The name of the
10.\" University may not be used to endorse or promote products derived
11.\" from this software without specific prior written permission.
12.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
13.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
14.\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
15.\"
16.\" $Header: traceroute.8,v 1.7 96/09/27 20:02:41 leres Exp $
|
17.\" $FreeBSD: head/contrib/traceroute/traceroute.8 51949 1999-10-05 15:20:45Z obrien $
| 17.\" $FreeBSD: head/contrib/traceroute/traceroute.8 77816 2001-06-06 16:12:59Z ru $
|
18.\"
19.TH TRACEROUTE 8 "27 September 1996"
20.UC 6
21.SH NAME
22traceroute \- print the route packets take to network host
23.SH SYNOPSIS
24.. while ((op = getopt(argc, argv, "dnrvg:M:m:P:p:q:s:t:w:")) != EOF)
25.na
26.B traceroute
27[
28.B \-Sdnrv
29] [
30.B \-g
31.I gw_host
32] [
33.B \-M
34.I min_ttl
35]
36.br
37.ti +8
38[
39.B \-m
40.I max_ttl
41] [
42.B \-P
43.I proto
44] [
45.B \-p
46.I port
47]
48.br
49.ti +8
50[
51.B \-q
52.I nqueries
53] [
54.B \-s
55.I src_addr
56] [
57.B \-t
58.I tos
59]
60.br
61.ti +8
62[
63.B \-w
64.I waittime
65]
66.I host
67[
68.I packetlen
69]
70.ad
71.SH DESCRIPTION
72The Internet is a large and complex aggregation of
73network hardware, connected together by gateways.
74Tracking the route one's packets follow (or finding the miscreant
75gateway that's discarding your packets) can be difficult.
76.I Traceroute
77utilizes the IP protocol `time to live' field and attempts to elicit an
78ICMP TIME_EXCEEDED response from each gateway along the path to some
79host.
80.PP
81The only mandatory parameter is the destination host name or IP number.
82The default probe datagram length is 40 bytes, but this may be increased
83by specifying a packet length (in bytes) after the destination host
84name.
85.PP
86Other options are:
87.TP
88.B \-S
89Print a summary of how many probes were not answered for each hop.
90.TP
91.B \-g
92Specify a loose source route gateway (8 maximum).
93.TP
94.B \-M
95Set the initial time-to-live value used in outgoing probe packets.
96The default is 1, i.e., start with the first hop.
97.TP
98.B \-m
99Set the max time-to-live (max number of hops) used in outgoing probe
| 18.\"
19.TH TRACEROUTE 8 "27 September 1996"
20.UC 6
21.SH NAME
22traceroute \- print the route packets take to network host
23.SH SYNOPSIS
24.. while ((op = getopt(argc, argv, "dnrvg:M:m:P:p:q:s:t:w:")) != EOF)
25.na
26.B traceroute
27[
28.B \-Sdnrv
29] [
30.B \-g
31.I gw_host
32] [
33.B \-M
34.I min_ttl
35]
36.br
37.ti +8
38[
39.B \-m
40.I max_ttl
41] [
42.B \-P
43.I proto
44] [
45.B \-p
46.I port
47]
48.br
49.ti +8
50[
51.B \-q
52.I nqueries
53] [
54.B \-s
55.I src_addr
56] [
57.B \-t
58.I tos
59]
60.br
61.ti +8
62[
63.B \-w
64.I waittime
65]
66.I host
67[
68.I packetlen
69]
70.ad
71.SH DESCRIPTION
72The Internet is a large and complex aggregation of
73network hardware, connected together by gateways.
74Tracking the route one's packets follow (or finding the miscreant
75gateway that's discarding your packets) can be difficult.
76.I Traceroute
77utilizes the IP protocol `time to live' field and attempts to elicit an
78ICMP TIME_EXCEEDED response from each gateway along the path to some
79host.
80.PP
81The only mandatory parameter is the destination host name or IP number.
82The default probe datagram length is 40 bytes, but this may be increased
83by specifying a packet length (in bytes) after the destination host
84name.
85.PP
86Other options are:
87.TP
88.B \-S
89Print a summary of how many probes were not answered for each hop.
90.TP
91.B \-g
92Specify a loose source route gateway (8 maximum).
93.TP
94.B \-M
95Set the initial time-to-live value used in outgoing probe packets.
96The default is 1, i.e., start with the first hop.
97.TP
98.B \-m
99Set the max time-to-live (max number of hops) used in outgoing probe
|
100packets. The default is 30 hops (the same default used for TCP
| 100packets. The default is
101.I net.inet.ip.ttl
102hops (the same default used for TCP
|
101connections).
102.TP
103.B \-n
104Print hop addresses numerically rather than symbolically and numerically
105(saves a nameserver address-to-name lookup for each gateway found on the
106path).
107.TP
108.B \-P
109Send packets of specified IP protocol. The currently supported protocols
110are: UDP, TCP and GRE. Other protocols may also be specified (either by
111name or by number), though
112.I traceroute
113does not implement any special knowledge of their packet formats. This
114option is useful for determining which router along a path may be
115blocking packets based on IP protocol number. But see BUGS below.
116.TP
117.B \-p
118Protocol specific. For UDP and TCP, sets
119the base port number used in probes (default is 33434).
120Traceroute hopes that nothing is listening on UDP ports
121.I base
122to
123.I base + nhops - 1
124at the destination host (so an ICMP PORT_UNREACHABLE message will
125be returned to terminate the route tracing). If something is
126listening on a port in the default range, this option can be used
127to pick an unused port range.
128.TP
129.B \-q
130Set the number of probes per hop (default is 3).
131.TP
132.B \-r
133Bypass the normal routing tables and send directly to a host on an attached
134network.
135If the host is not on a directly-attached network,
136an error is returned.
137This option can be used to ping a local host through an interface
138that has no route through it (e.g., after the interface was dropped by
139.IR routed (8C)).
140.TP
141.B \-s
142Use the following IP address (which must be given as an IP number, not
143a hostname) as the source address in outgoing probe packets. On
144hosts with more than one IP address, this option can be used to
145force the source address to be something other than the IP address
146of the interface the probe packet is sent on. If the IP address
147is not one of this machine's interface addresses, an error is
148returned and nothing is sent.
149.TP
150.B \-t
151Set the
152.I type-of-service
153in probe packets to the following value (default zero). The value must be
154a decimal integer in the range 0 to 255. This option can be used to
155see if different types-of-service result in different paths. (If you
156are not running 4.4bsd, this may be academic since the normal network
157services like telnet and ftp don't let you control the TOS).
158Not all values of TOS are legal or
159meaningful \- see the IP spec for definitions. Useful values are
160probably `-t 16' (low delay) and `-t 8' (high throughput).
161.TP
162.B \-v
163Verbose output. Received ICMP packets other than TIME_EXCEEDED and
164UNREACHABLEs are listed.
165.TP
166.B \-w
167Set the time (in seconds) to wait for a response to a probe (default 5
168sec.).
169.PP
170This program attempts to trace the route an IP packet would follow to some
171internet host by launching UDP probe
172packets with a small ttl (time to live) then listening for an
173ICMP "time exceeded" reply from a gateway. We start our probes
174with a ttl of one and increase by one until we get an ICMP "port
175unreachable" (which means we got to "host") or hit a max (which
| 103connections).
104.TP
105.B \-n
106Print hop addresses numerically rather than symbolically and numerically
107(saves a nameserver address-to-name lookup for each gateway found on the
108path).
109.TP
110.B \-P
111Send packets of specified IP protocol. The currently supported protocols
112are: UDP, TCP and GRE. Other protocols may also be specified (either by
113name or by number), though
114.I traceroute
115does not implement any special knowledge of their packet formats. This
116option is useful for determining which router along a path may be
117blocking packets based on IP protocol number. But see BUGS below.
118.TP
119.B \-p
120Protocol specific. For UDP and TCP, sets
121the base port number used in probes (default is 33434).
122Traceroute hopes that nothing is listening on UDP ports
123.I base
124to
125.I base + nhops - 1
126at the destination host (so an ICMP PORT_UNREACHABLE message will
127be returned to terminate the route tracing). If something is
128listening on a port in the default range, this option can be used
129to pick an unused port range.
130.TP
131.B \-q
132Set the number of probes per hop (default is 3).
133.TP
134.B \-r
135Bypass the normal routing tables and send directly to a host on an attached
136network.
137If the host is not on a directly-attached network,
138an error is returned.
139This option can be used to ping a local host through an interface
140that has no route through it (e.g., after the interface was dropped by
141.IR routed (8C)).
142.TP
143.B \-s
144Use the following IP address (which must be given as an IP number, not
145a hostname) as the source address in outgoing probe packets. On
146hosts with more than one IP address, this option can be used to
147force the source address to be something other than the IP address
148of the interface the probe packet is sent on. If the IP address
149is not one of this machine's interface addresses, an error is
150returned and nothing is sent.
151.TP
152.B \-t
153Set the
154.I type-of-service
155in probe packets to the following value (default zero). The value must be
156a decimal integer in the range 0 to 255. This option can be used to
157see if different types-of-service result in different paths. (If you
158are not running 4.4bsd, this may be academic since the normal network
159services like telnet and ftp don't let you control the TOS).
160Not all values of TOS are legal or
161meaningful \- see the IP spec for definitions. Useful values are
162probably `-t 16' (low delay) and `-t 8' (high throughput).
163.TP
164.B \-v
165Verbose output. Received ICMP packets other than TIME_EXCEEDED and
166UNREACHABLEs are listed.
167.TP
168.B \-w
169Set the time (in seconds) to wait for a response to a probe (default 5
170sec.).
171.PP
172This program attempts to trace the route an IP packet would follow to some
173internet host by launching UDP probe
174packets with a small ttl (time to live) then listening for an
175ICMP "time exceeded" reply from a gateway. We start our probes
176with a ttl of one and increase by one until we get an ICMP "port
177unreachable" (which means we got to "host") or hit a max (which
|
176defaults to 30 hops & can be changed with the \-m flag). Three
| 178defaults to
179.I net.inet.ip.ttl
180hops & can be changed with the \-m flag). Three
|
177probes (change with \-q flag) are sent at each ttl setting and a
178line is printed showing the ttl, address of the gateway and
179round trip time of each probe. If the probe answers come from
180different gateways, the address of each responding system will
181be printed. If there is no response within a 5 sec. timeout
182interval (changed with the \-w flag), a "*" is printed for that
183probe.
184.PP
185We don't want the destination
186host to process the UDP probe packets so the destination port is set to an
187unlikely value (if some clod on the destination is using that
188value, it can be changed with the \-p flag).
189.PP
190A sample use and output might be:
191
192.RS
193.nf
194[yak 71]% traceroute nis.nsf.net.
| 181probes (change with \-q flag) are sent at each ttl setting and a
182line is printed showing the ttl, address of the gateway and
183round trip time of each probe. If the probe answers come from
184different gateways, the address of each responding system will
185be printed. If there is no response within a 5 sec. timeout
186interval (changed with the \-w flag), a "*" is printed for that
187probe.
188.PP
189We don't want the destination
190host to process the UDP probe packets so the destination port is set to an
191unlikely value (if some clod on the destination is using that
192value, it can be changed with the \-p flag).
193.PP
194A sample use and output might be:
195
196.RS
197.nf
198[yak 71]% traceroute nis.nsf.net.
|
195traceroute to nis.nsf.net (35.1.1.48), 30 hops max, 38 byte packet
| 199traceroute to nis.nsf.net (35.1.1.48), 64 hops max, 38 byte packet
|
196 1 helios.ee.lbl.gov (128.3.112.1) 19 ms 19 ms 0 ms
197 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms
198 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms
199 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 39 ms
200 5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 39 ms 39 ms 39 ms
201 6 128.32.197.4 (128.32.197.4) 40 ms 59 ms 59 ms
202 7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 59 ms
203 8 129.140.70.13 (129.140.70.13) 99 ms 99 ms 80 ms
204 9 129.140.71.6 (129.140.71.6) 139 ms 239 ms 319 ms
20510 129.140.81.7 (129.140.81.7) 220 ms 199 ms 199 ms
20611 nic.merit.edu (35.1.1.48) 239 ms 239 ms 239 ms
207.fi
208.RE
209
210Note that lines 2 & 3 are the same. This is due to a buggy
211kernel on the 2nd hop system \- lbl-csam.arpa \- that forwards
212packets with a zero ttl (a bug in the distributed version
213of 4.3BSD). Note that you have to guess what path
214the packets are taking cross-country since the NSFNet (129.140)
215doesn't supply address-to-name translations for its NSSes.
216.PP
217A more interesting example is:
218
219.RS
220.nf
221[yak 72]% traceroute allspice.lcs.mit.edu.
| 200 1 helios.ee.lbl.gov (128.3.112.1) 19 ms 19 ms 0 ms
201 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms
202 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 39 ms 19 ms
203 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 39 ms
204 5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 39 ms 39 ms 39 ms
205 6 128.32.197.4 (128.32.197.4) 40 ms 59 ms 59 ms
206 7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 59 ms
207 8 129.140.70.13 (129.140.70.13) 99 ms 99 ms 80 ms
208 9 129.140.71.6 (129.140.71.6) 139 ms 239 ms 319 ms
20910 129.140.81.7 (129.140.81.7) 220 ms 199 ms 199 ms
21011 nic.merit.edu (35.1.1.48) 239 ms 239 ms 239 ms
211.fi
212.RE
213
214Note that lines 2 & 3 are the same. This is due to a buggy
215kernel on the 2nd hop system \- lbl-csam.arpa \- that forwards
216packets with a zero ttl (a bug in the distributed version
217of 4.3BSD). Note that you have to guess what path
218the packets are taking cross-country since the NSFNet (129.140)
219doesn't supply address-to-name translations for its NSSes.
220.PP
221A more interesting example is:
222
223.RS
224.nf
225[yak 72]% traceroute allspice.lcs.mit.edu.
|
222traceroute to allspice.lcs.mit.edu (18.26.0.115), 30 hops max
| 226traceroute to allspice.lcs.mit.edu (18.26.0.115), 64 hops max
|
223 1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms
224 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 19 ms 19 ms 19 ms
225 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 19 ms
226 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 19 ms 39 ms 39 ms
227 5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 20 ms 39 ms 39 ms
228 6 128.32.197.4 (128.32.197.4) 59 ms 119 ms 39 ms
229 7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 39 ms
230 8 129.140.70.13 (129.140.70.13) 80 ms 79 ms 99 ms
231 9 129.140.71.6 (129.140.71.6) 139 ms 139 ms 159 ms
23210 129.140.81.7 (129.140.81.7) 199 ms 180 ms 300 ms
23311 129.140.72.17 (129.140.72.17) 300 ms 239 ms 239 ms
23412 * * *
23513 128.121.54.72 (128.121.54.72) 259 ms 499 ms 279 ms
23614 * * *
23715 * * *
23816 * * *
23917 * * *
24018 ALLSPICE.LCS.MIT.EDU (18.26.0.115) 339 ms 279 ms 279 ms
241.fi
242.RE
243
244Note that the gateways 12, 14, 15, 16 & 17 hops away
245either don't send ICMP "time exceeded" messages or send them
246with a ttl too small to reach us. 14 \- 17 are running the
247MIT C Gateway code that doesn't send "time exceeded"s. God
248only knows what's going on with 12.
249.PP
250The silent gateway 12 in the above may be the result of a bug in
251the 4.[23]BSD network code (and its derivatives): 4.x (x <= 3)
252sends an unreachable message using whatever ttl remains in the
253original datagram. Since, for gateways, the remaining ttl is
254zero, the ICMP "time exceeded" is guaranteed to not make it back
255to us. The behavior of this bug is slightly more interesting
256when it appears on the destination system:
257
258.RS
259.nf
260 1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms
261 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 39 ms
262 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 19 ms 39 ms 19 ms
263 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 19 ms
264 5 ccn-nerif35.Berkeley.EDU (128.32.168.35) 39 ms 39 ms 39 ms
265 6 csgw.Berkeley.EDU (128.32.133.254) 39 ms 59 ms 39 ms
266 7 * * *
267 8 * * *
268 9 * * *
26910 * * *
27011 * * *
27112 * * *
27213 rip.Berkeley.EDU (128.32.131.22) 59 ms ! 39 ms ! 39 ms !
273.fi
274.RE
275
276Notice that there are 12 "gateways" (13 is the final
277destination) and exactly the last half of them are "missing".
278What's really happening is that rip (a Sun-3 running Sun OS3.5)
279is using the ttl from our arriving datagram as the ttl in its
280ICMP reply. So, the reply will time out on the return path
281(with no notice sent to anyone since ICMP's aren't sent for
282ICMP's) until we probe with a ttl that's at least twice the path
283length. I.e., rip is really only 7 hops away. A reply that
284returns with a ttl of 1 is a clue this problem exists.
285Traceroute prints a "!" after the time if the ttl is <= 1.
286Since vendors ship a lot of obsolete (DEC's Ultrix, Sun 3.x) or
287non-standard (HPUX) software, expect to see this problem
288frequently and/or take care picking the target host of your
289probes.
290
291Other possible annotations after the time are
292.BR !H ,
293.BR !N ,
294or
295.B !P
296(got a host, network or protocol unreachable, respectively),
297.B !S
298or
299.B !F
300(source route failed or fragmentation needed \- neither of these should
301ever occur and the associated gateway is busted if you see one),
302.B !X
303(communication administratively prohibited), or
304.B !<N>
305(ICMP unreachable code N).
306If almost all the probes result in some kind of unreachable, traceroute
307will give up and exit.
308.PP
309This program is intended for use in network testing, measurement
310and management.
311It should be used primarily for manual fault isolation.
312Because of the load it could impose on the network, it is unwise to use
313.I traceroute
314during normal operations or from automated scripts.
315.SH SEE ALSO
316netstat(1), ping(8)
317.SH AUTHOR
318Implemented by Van Jacobson from a suggestion by Steve Deering. Debugged
319by a cast of thousands with particularly cogent suggestions or fixes from
320C. Philip Wood, Tim Seaver and Ken Adelman.
321.LP
322The current version is available via anonymous ftp:
323.LP
324.RS
325.I ftp://ftp.ee.lbl.gov/traceroute.tar.Z
326.RE
327.SH BUGS
328When using protocols other than UDP, functionality is reduced.
329In particular, the last packet will often appear to be lost, because
330even though it reaches the destination host, there's no way to know
331that because no ICMP message is sent back.
332In the TCP case,
333.I traceroute
334should listen for a RST from the destination host (or an intermediate
335router that's filtering packets), but this is not implemented yet.
336.PP
337Please send bug reports to traceroute@ee.lbl.gov.
| 227 1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms
228 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 19 ms 19 ms 19 ms
229 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 19 ms
230 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 19 ms 39 ms 39 ms
231 5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 20 ms 39 ms 39 ms
232 6 128.32.197.4 (128.32.197.4) 59 ms 119 ms 39 ms
233 7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 39 ms
234 8 129.140.70.13 (129.140.70.13) 80 ms 79 ms 99 ms
235 9 129.140.71.6 (129.140.71.6) 139 ms 139 ms 159 ms
23610 129.140.81.7 (129.140.81.7) 199 ms 180 ms 300 ms
23711 129.140.72.17 (129.140.72.17) 300 ms 239 ms 239 ms
23812 * * *
23913 128.121.54.72 (128.121.54.72) 259 ms 499 ms 279 ms
24014 * * *
24115 * * *
24216 * * *
24317 * * *
24418 ALLSPICE.LCS.MIT.EDU (18.26.0.115) 339 ms 279 ms 279 ms
245.fi
246.RE
247
248Note that the gateways 12, 14, 15, 16 & 17 hops away
249either don't send ICMP "time exceeded" messages or send them
250with a ttl too small to reach us. 14 \- 17 are running the
251MIT C Gateway code that doesn't send "time exceeded"s. God
252only knows what's going on with 12.
253.PP
254The silent gateway 12 in the above may be the result of a bug in
255the 4.[23]BSD network code (and its derivatives): 4.x (x <= 3)
256sends an unreachable message using whatever ttl remains in the
257original datagram. Since, for gateways, the remaining ttl is
258zero, the ICMP "time exceeded" is guaranteed to not make it back
259to us. The behavior of this bug is slightly more interesting
260when it appears on the destination system:
261
262.RS
263.nf
264 1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms
265 2 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 39 ms
266 3 lilac-dmc.Berkeley.EDU (128.32.216.1) 19 ms 39 ms 19 ms
267 4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 19 ms
268 5 ccn-nerif35.Berkeley.EDU (128.32.168.35) 39 ms 39 ms 39 ms
269 6 csgw.Berkeley.EDU (128.32.133.254) 39 ms 59 ms 39 ms
270 7 * * *
271 8 * * *
272 9 * * *
27310 * * *
27411 * * *
27512 * * *
27613 rip.Berkeley.EDU (128.32.131.22) 59 ms ! 39 ms ! 39 ms !
277.fi
278.RE
279
280Notice that there are 12 "gateways" (13 is the final
281destination) and exactly the last half of them are "missing".
282What's really happening is that rip (a Sun-3 running Sun OS3.5)
283is using the ttl from our arriving datagram as the ttl in its
284ICMP reply. So, the reply will time out on the return path
285(with no notice sent to anyone since ICMP's aren't sent for
286ICMP's) until we probe with a ttl that's at least twice the path
287length. I.e., rip is really only 7 hops away. A reply that
288returns with a ttl of 1 is a clue this problem exists.
289Traceroute prints a "!" after the time if the ttl is <= 1.
290Since vendors ship a lot of obsolete (DEC's Ultrix, Sun 3.x) or
291non-standard (HPUX) software, expect to see this problem
292frequently and/or take care picking the target host of your
293probes.
294
295Other possible annotations after the time are
296.BR !H ,
297.BR !N ,
298or
299.B !P
300(got a host, network or protocol unreachable, respectively),
301.B !S
302or
303.B !F
304(source route failed or fragmentation needed \- neither of these should
305ever occur and the associated gateway is busted if you see one),
306.B !X
307(communication administratively prohibited), or
308.B !<N>
309(ICMP unreachable code N).
310If almost all the probes result in some kind of unreachable, traceroute
311will give up and exit.
312.PP
313This program is intended for use in network testing, measurement
314and management.
315It should be used primarily for manual fault isolation.
316Because of the load it could impose on the network, it is unwise to use
317.I traceroute
318during normal operations or from automated scripts.
319.SH SEE ALSO
320netstat(1), ping(8)
321.SH AUTHOR
322Implemented by Van Jacobson from a suggestion by Steve Deering. Debugged
323by a cast of thousands with particularly cogent suggestions or fixes from
324C. Philip Wood, Tim Seaver and Ken Adelman.
325.LP
326The current version is available via anonymous ftp:
327.LP
328.RS
329.I ftp://ftp.ee.lbl.gov/traceroute.tar.Z
330.RE
331.SH BUGS
332When using protocols other than UDP, functionality is reduced.
333In particular, the last packet will often appear to be lost, because
334even though it reaches the destination host, there's no way to know
335that because no ICMP message is sent back.
336In the TCP case,
337.I traceroute
338should listen for a RST from the destination host (or an intermediate
339router that's filtering packets), but this is not implemented yet.
340.PP
341Please send bug reports to traceroute@ee.lbl.gov.
|