Rudd-O.com

mtr: the rich man’s traceroute

I’m gonna stop for a while and thank my fabulous boss and friend Thomas Goirand for showing me this tool. Hi, Thomas! Up to the day he showed me this tool, I was stuck using the old traceroute and…

…I see I’ve abandoned my audience for a while there. OK, let’s get back to business. traceroute is an old-school tool that attempts to find out the route Internet packets take from one machine to another. It sort of “pings” each hop in the way, displaying the time it took for each “pong” to turn around and “return to the mothership”.

As you can see, it’s very useful if you want to find out why a particular Internet host (that’s technicalese for “computer”) is not responding. Say I want to traceroute this host from home:

rudd-o@karen:~$ traceroute -n rudd-o.com
traceroute to rudd-o.com (205.134.246.207), 30 hops max, 40 byte packets
 1  190.10.133.1  24.185 ms  9.690 ms  8.959 ms
 2  200.25.144.81  7.929 ms  8.949 ms  48.975 ms
 3  200.63.192.2  10.743 ms  38.930 ms  8.950 ms
 4  84.16.9.153  129.928 ms  131.279 ms  119.625 ms
 5  213.140.43.206  122.800 ms  131.904 ms  144.903 ms
 6  84.16.12.170  120.918 ms  116.912 ms 213.140.36.106  154.041 ms
 7  213.140.43.182  130.707 ms 213.140.38.162  119.989 ms 213.140.43.182  129.829 ms
 8  213.140.37.214  117.842 ms 84.16.12.193  131.958 ms 213.140.37.29  119.965 ms
 9  213.140.43.193  300.844 ms  219.831 ms 213.140.36.89  131.913 ms
10  4.71.122.5  127.874 ms  126.879 ms 84.16.12.158  134.978 ms
11  4.71.122.5  136.897 ms 84.16.12.165  154.934 ms  153.903 ms
12  4.69.135.6  168.898 ms 4.69.135.2  128.928 ms 4.69.135.6  140.870 ms
13  4.71.122.5  138.928 ms * 4.69.132.77  281.783 ms
14  4.68.102.108  159.037 ms 4.69.132.77  196.766 ms 4.68.122.30  149.823 ms
15  4.69.135.6  146.927 ms 4.68.102.172  167.857 ms 64.156.173.126  168.168 ms
16  216.193.255.182  162.990 ms  161.532 ms  162.902 ms
17  216.193.192.186  155.931 ms  158.558 ms 4.68.102.44  171.051 ms
18  205.134.246.207  158.107 ms 216.193.192.186  168.646 ms 205.134.246.207  158.128 ms

At three pings per hop (on each row) you can see my information takes eighteen hops from home to, well, this different home :-). Of course, if any of those hops is having a problem, traceroute will tell you — and therein lies the value of traceroute, because it can tell you exactly where is the problem that makes a host inaccessible.

traceroute is nice and good, but slow. This trace took in excess of ten seconds. Also, I specified the -n argument which causes traceroute to show IP addresses instead of names — otherwise it would have been really slow.

mtr beats the crap out of traceroute. It does the same thing, only in parallel (yes, even converting the IP addresses to meaningful names. I’m going to show you a screen capture, but a video (I’m too lazy for that) would do it more justice — with mtr you see, in real time, the speed of each one of the hops in the way:

Moreover, you can keep it running and it will keep on running, updating its display every few times a second. Very useful to pinpoint the faulty spot on sporadic/temporary network outages!

Try it out. Install mtr using your distribution’s package management utilities, then run mtr yahoo.com. Then try it on another host. Tip: if roundtrip times are more than two hundred milliseconds, you can forget about playing Unreal Tournament with that computer.

Oh, thanks again, Thomas!

Now, let’s discuss flow analysis, and how to identify applications that are hogging your network.

Pages: 1 2 3 4 5 6

This entry was posted on Thursday, August 23rd, 2007 at 8:15 and is filed under Free software, Information security, Linux, Networking, Tutorials. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.