How To: Traceroute in Mac OS X Terminal

How To: Traceroute in Mac OS X Terminal

Traceroute allows you to discover a network path from one host to another. Traceroute is extremely helpful examining network hops (or network devices traversed over) and information including IP Address, DNS servers, and average time taken over each hop. A popular use of traceroute is to identify network bottlenecks (poor speed performance) happening in network equipment you do not own (network equipment in the Internet). Use Terminal in Mac OS X to traceroute any network address on your local network or the Internet.

 

Note: While traceroute attempts to explore network path hosts typically outside your private network, traceroute results always vary depending on the network hops you attempt to resolve. For instance, you may not receive replies from every device in your traceroute. Unresponsive devices are represented as 3 asterisks ***. Traceroute will always try to resolve hosts, but it can’t always. Devices that it cannot resolve are usually blocked by a firewall.

 

1. Open Terminal (Applications -> Utilities -> Terminal)

2. Type the following command





traceroute nis.nsf.net

 

3. Terminal will send a network packet to google.com. Watch as the network packet moves out of your local network, past your ISP, and into the wild. Eventually, the traceroute will complete and it should look like something similar below.

Mac traceroute terminal output

 

As you see, traceroute provides detailed information about a network destination. Traceroute has a variety of command options you can play with in Terminal. Take a look below.

-a Turn on AS# lookups for each hop encountered.
-A as_server
Turn on AS# lookups and use the given server instead of the default.
-d Enable socket level debugging.
-D When an ICMP response to our probe datagram is received, print the differences between the
transmitted packet and the packet quoted by the ICMP response. A key showing the location of
fields within the transmitted packet is printed, followed by the original packet in hex, fol-
lowed by the quoted packet in hex. Bytes that are unchanged in the quoted packet are shown
as underscores. Note, the IP checksum and the TTL of the quoted packet are not expected to
match. By default, only one probe per hop is sent with this option.
-e Firewall evasion mode. Use fixed destination ports for UDP and TCP probes. The destination
port does NOT increment with each packet sent.
-f first_ttl
Set the initial time-to-live used in the first outgoing probe packet.
-F Set the "don't fragment" bit.
-g gateway
Specify a loose source route gateway (8 maximum).
-i iface
Specify a network interface to obtain the source IP address for outgoing probe packets. This
is normally only useful on a multi-homed host. (See the -s flag for another way to do this.)
-I Use ICMP ECHO instead of UDP datagrams. (A synonym for "-P icmp").
-M first_ttl
Set the initial time-to-live value used in outgoing probe packets. The default is 1, i.e.,
start with the first hop.
-m max_ttl
Set the max time-to-live (max number of hops) used in outgoing probe packets. The default is
net.inet.ip.ttl hops (the same default used for TCP connections).
-n Print hop addresses numerically rather than symbolically and numerically (saves a nameserver
address-to-name lookup for each gateway found on the path).
-P proto
Send packets of specified IP protocol. The currently supported protocols are: UDP , TCP , GRE
and ICMP Other protocols may also be specified (either by name or by number), though
traceroute does not implement any special knowledge of their packet formats. This option is
useful for determining which router along a path may be blocking packets based on IP protocol
number. But see BUGS below.
-p port
Protocol specific. For UDP and TCP, sets the base port number used in probes (default is
33434). traceroute hopes that nothing is listening on UDP ports base to base+nhops-1 at the
destination host (so an ICMP PORT_UNREACHABLE message will be returned to terminate the route
tracing). If something is listening on a port in the default range, this option can be used
to pick an unused port range.
-q nqueries
Set the number of probes per ``ttl'' to nqueries (default is three probes).
-r Bypass the normal routing tables and send directly to a host on an attached network. If the
host is not on a directly-attached network, an error is returned. This option can be used to

 

-s src_addr
Use the following IP address (which must be given as an IP number, not a hostname) as the
source address in outgoing probe packets. On hosts with more than one IP address, this
option can be used to force the source address to be something other than the IP address of
the interface the probe packet is sent on. If the IP address is not one of this machine's
interface addresses, an error is returned and nothing is sent. (See the -i flag for another
way to do this.)
-S Print a summary of how many probes were not answered for each hop.
-t tos Set the type-of-service in probe packets to the following value (default zero). The value
must be a decimal integer in the range 0 to 255. This option can be used to see if different
types-of-service result in different paths. (If you are not running a 4.4BSD or later sys-
tem, this may be academic since the normal network services like telnet and ftp don't let you
control the TOS). Not all values of TOS are legal or meaningful - see the IP spec for defi-
nitions. Useful values are probably `-t 16' (low delay) and `-t 8' (high throughput).
-v Verbose output. Received ICMP packets other than TIME_EXCEEDED and UNREACHABLEs are listed.
-w Set the time (in seconds) to wait for a response to a probe (default 5 sec.).
-x Toggle IP checksums. Normally, this prevents traceroute from calculating IP checksums. In
some cases, the operating system can overwrite parts of the outgoing packet but not recalcu-
late the checksum (so in some cases the default is to not calculate checksums and using -x
causes them to be calculated). Note that checksums are usually required for the last hop when
using ICMP ECHO probes ( -I ). So they are always calculated when using ICMP.
-z pausemsecs
Set the time (in milliseconds) to pause between probes (default 0). Some systems such as
Solaris and routers such as Ciscos rate limit ICMP messages. A good value to use with this
this is 500 (e.g. 1/2 second).
* Please use the comment form below. Comments are moderated.*



Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Monday, 23 December 2024