NWPS Logo

Search  Search Site Become a Facebook Fan Follow us on Twitter NetScanTools Blog NetScanTools YouTube Channel
Traceroute
Home Products Download Social Media Support Contact us About us Search SiteMap
  NetScanToolsŪ Pro
NetScanToolsŪ LE
NetScanToolsŪ Basic
NetScanToolsŪ Std
Switch Port Mapping Tool
IPv6ScopeFinder
ipPulse
Videos
Product Pricing
How to Buy
Resellers
Distributors
Freeware
Press Resources
Newsletters
 
 
  Demo
Get the NetScanTools Pro demo here.
 

 

  Warning:
NEVER scan a computer you do not own or have the owner's permission to scan.
 
 


- Last Review: August 8, 2013

Home > NetScanTools Pro > Technical Details > Traceroute Tool

Traceroute Tool Description - Use ICMP, UDP or TCP to Trace the Route Packets Take to a Target.

About the Traceroute Tool

The NetScanTools Pro Traceroute tool is an enhanced version of the classic network troubleshooting tool used to show the route packets take to a target device over an IP network. The target device can be on a local area network or across the internet.

Our enhanced version of traceroute supports both Windows style ICMP Echo Request and Unix style unused UDP port methods. Advanced traceroute includes firewall penetrating TCP Traceroute and UDP fixed port traceroute. All methods depend on returning ICMP packets from intermediate devices along the route.

Our traceroute tool are very fast. For example, an ICMP traceroute to netscantools.com takes 4 seconds including resolution of all IP addresses to hostnames.

Statistics including packet loss, minimum, average and maximum round-trip time.

Here are the supported modes of Traceroute:

  1. ICMP Echo Request/Reply Traceroute IPv4 packets (similar to Windows command line tracert methodology)
  2. UDP packet to unused port/ICMP port unreachable reply (similar to Unix/Linux classic traceroute methodology in that is uses variable ports)
  3. UDP Fixed Port where all the packets are sent to a fixed port.
  4. TCP packet to a used or unused port/TCP packet reply (RST, ACK, etc.)
  5. ICMPv6 Traceroute to IPv6 devices or websites such as ipv6.google.com or ipv6.wireshark.org

Related Tools

Explore NetScanTools >>
See tool videos >>
Download a free demo >>

click for image gallery

Version 11 Traceroute Slideshow

Important Notes:

  • Supports IPv4 and IPv6. IPv6 mode is only supported for ICMP.

Download NetScanTools Pro

Purpose of the Traceroute tool

  • This tool is designed for the route packets take to a target from your computer. It is a connectivity and protocol latency testing tool.
  • Retrieval of AS (autonomous system) numbers from IRR databases. Double click on a hop in a completed trace and NetScanTools Pro will query an IRR server for the AS number.
  • Shows the Country that is allocated or assigned each IPv4 address appearing in each hop.

ICMP Traceroute Modes

ICMP Traceroute mode uses ICMP echo request packets to trace to a target. The target typically responds with ICMP echo reply packets. As with all traceroute utilities, the echo request packets have an incrementing TTL or hop limit value that 'expires' at each hop along the way. The intermediate hops reply with an ICMP type 11 time exceeded packet. The time it takes for a packet to get each hop/target and back is called the round trip time and is the latency.

NetScanTools Pro has two modes of ICMP ping (IPv4): MS ICMP mode uses an operating system function to send and receive the ping packets while the other mode for ICMP ping uses WinPcap as both the transmission and reception driver. The WinPcap dependent method allows sub-millisecond timing resolution for ping round trip times in contract to the MSICMP Ping method that has a resolution in the 10s of milliseconds. Both modes send packets to each hop in parallel (multithreaded).

  • The data portion of the payload for ICMP ping may be a simple 'a-z' repeating character string or the contents of any file you choose (binary or ascii).

ICMP packets are sometimes blocked by firewalls either between you and the target or on the target itself, so NetScanTools Pro has two other methods of tracing the route to a target: UDP and TCP.

UDP Traceroute Mode

UDP Ping uses UDP packets to trace to a target. The target typically responds with ICMP port unreachable packets if you target a port that is customarily unused. As with all traceroute utilities, the UDP packets have an incrementing TTL or hop limit value that 'expires' at each hop along the way. The intermediate hops reply with an ICMP type 11 time exceeded packet. The time it takes for a packet to get the hop/target and back is called the round trip time and is the latency.

NetScanTools Pro has two modes of UDP traceroute: UDP Variable mode sends UDP packets to a linear set of UDP ports in parallel (multithreaded). The second mode sends the UDP packets to only one UDP port and waits for each responding ICMP packet - we recommend port 53 because it is the DNS port and is unprotected by firewalls. Both modes use WinPcap for monitoring responses so you will see sub-millisecond timing resolution.

  • The data portion of the payload for UDP packet may be a simple 'a-z' repeating character string or the contents of any file you choose (binary or ascii).
  • UDP source and destination ports are separately user-defined.

TCP Traceroute Mode

TCP Ping uses TCP SYN packets to trace to a target. The target typically responds with either TCP SYN/ACK or RST packets. The time it takes for a packet to get the target and back is the round trip time. TCP traceroute uses WinPcap to send the TCP packets and receive the responding TCP packets. This mode allows you to see sub-millisecond timing resolution for TCP traceroute. You can use this tool to determine the latency for web servers or mail servers or just about any TCP service that is present on the target.
  • TCP Traceroute uses either SYN or ACK packets to elicit a responding TCP packet from the target. ICMP packets are not used in this mode. The round-trip time of the packet pair is the latency of the TCP connection.
  • TCP source and destination ports are separately user-defined.
  • TCP header fields are user defined and may also be randomly selected. These fields are Sequence, Window, and Acknowledgement.
  • TCP packet options section for MTU is included and the value is user defined.
  • TCP Ping (WinPcap modes) allow full control over the Differentiated Services CodePoint Bits (DSCP) and the Explicit Congestion Notification bits, ECN-ECT, ECN-CE. You can change these bits to observe the effect on packet delivery through routers.

Traceroute sends TCP packets to a user specified port (web server port 80 is recommended). TCP Traceroute will often work through firewalls protecting the target where the other types of traceroute will not, this is not guaranteed and depends on the target system configuration. Note that our specialized traceroute modes require the use of WinPcap. We install WinPcap as part of the installation package. WinPcap is designed for wired ethernet cards, not modems and it may or may not work with wireless interfaces.

ICMPv6 Traceroute Mode

ICMPv6 Traceroute mode uses ICMPv6 echo request packets to trace to a target. The target typically responds with ICMPv6 echo reply packets. As with all traceroute utilities, the echo request packets have an incrementing TTL or hop limit value that 'expires' at each hop along the way. The intermediate hops reply with an ICMPv6 time exceeded packet. The time it takes for a packet to get each hop/target and back is called the round trip time and is the latency.

NetScanTools Pro has one mode of ICMPv6 ping: MS ICMPv6 mode uses an operating system function to send and receive the ping packets.

  • The data portion of the payload for ICMP ping may be a simple 'a-z' repeating character string or the contents of any file you choose (binary or ascii).

Video showing ICMPv6 Traceroute through a Teredo Tunnel

Video showing TCP Traceroute to a Web Server


 

Results Charts: Hops vs. Response Time

Traceroute Showing Linear Trend Line Analysis

This chart shows a traceroute to a web site. The chart shows a plot of hop number vs. the response time in milliseconds. The trend line is linear and is plotted as a red line. You can optionally see the formula in the format y = mx + b on the chart. You can export this image as bitmap (bmp) or portable network graphics (png) file. You can also copy the chart to the clipboard or print it in color.

Traceroute Showing 5th Degree Polynomial Trend Line Analysis

This is the same trace results but instead of a linear trend line fitting, it is using a 5th degree polynomial fitting. The chart shows the formula as y = aX^5 + bX^5 + cX^3 + dX^2 +eX + f. There are other polynomial fittings that you can select.


 

Home | About us | Contact us | Privacy Policy | Search | Site Map

Copyright 1995-2014 Northwest Performance Software, Inc.