Understanding a Tracert
The tracert utility determines the route taken to a destination by sending Internet Control Message Protocol (ICMP) echo packets with varying Time-To-Live (TTL) values to the destination. Each router along the path is required to decrement the TTL on a packet by at least 1 before forwarding it, so the TTL is effectively a hop count. When the TTL on a packet reaches 0, the router is supposed to send back an ICMP Time Exceeded message to the source system. The tracert command determines the route by sending the first echo packet with a TTL of 1 and incrementing the TTL by 1 on each subsequent transmission until the target responds or the maximum TTL is reached (usually 30 hops). The route is determined by examining the ICMP Time Exceeded messages sent back by the intermediate routers.
Using tracert
If you wanted to do a tracert to genealogy.org and save the results in a text file, the syntax of the command would be:
tracert genealogy.org >tracert.txt
The results returned might look something like those below:
Tracing route to genealogy.org [207.167.87.50] over a maximum of 30 hops: 1 257 ms 186 ms 183 ms 192.168.255.254 2 195 ms 177 ms 246 ms 199.70.72.65 3 317 ms 187 ms 241 ms 199.70.127.233 4 212 ms 443 ms 281 ms 199.70.95.249 5 * * * Request timed out. 6 190 ms 187 ms 309 ms Vienna5.VA.ALTER.NET [137.39.156.25] 7 194 ms 193 ms 198 ms Fddi0-0.CR2.TCO1.ALTER.NET [137.39.11.20] 8 265 ms 325 ms 273 ms 189.Hssi6-0.CR2.SCL1.Alter.Net [137.39.69.174] 9 337 ms 302 ms 277 ms 107.Hssi0-0.BR1.NUQ1.Alter.Net [137.39.70.125] 10 271 ms 396 ms 270 ms T3-CRL-SFO-01-H1/0.US.CRL.NET [198.32.136.10] 11 311 ms 267 ms 309 ms T3-CRL-SFO-01-H3/0.US.CRL.NET [149.20.64.19] 12 263 ms 309 ms 261 ms E0-CRL-SFO-05-E0X0.US.CRL.NET [165.113.55.5] 13 430 ms 281 ms 357 ms znet-gw.ex.us.crl.net [165.113.120.14] 14 * 434 ms * znet-gw.ex.us.crl.net [165.113.120.14] 15 * * * Request timed out. 16 295 ms 356 ms 301 ms genealogy.org [207.167.87.50]
Understanding the results:
The first column is the hop number, which is the Time-To-Live (TTL) value set in the packet.
Each of the next three columns contains the round-trip times in milliseconds for an attempt to reach the destination with the TTL value.
The fourth column is the host name (if it was resolved) and IP address of the responding system.
In the results you will see the comment, "over a maximum of 30 hops". All this means is that the diameter of the Internet is roughly 30 hops and, therefore, many trace routes will only go that far out in trying to reach a destination.
This first hop is to the modem that answered your call and typically takes 200 to 300 milliseconds.
An asterisk, "*", followed by the words "request timed out" is not out of the ordinary. If the tracert had stopped here and continued to respond with "request timed out", then it might have been indicative of a problem. In the above example, the first "request timed out" is where the interface between our network and the rest of the Internet lies. The asterisk "*" is a normal consequence of our security implementation on that junction.
Generally, a response time of less than 500 milliseconds is considered acceptable. If the example above had indicated results larger than that, then there might have been a problem router at that point in the network.
The first 4 or 5 hops are internal to our network. These hops will not resolve to a domain name.
Hop 6 in the above example is where we connect to alter.net (UUNET). The Vienna5.VA.ALTER.NET hub is commonly referred to MAE east. This is a major junction point for the Internet at large. If you are having problems at this hop and live on the east coast, then you can pretty much count on having problems getting anywhere on the Internet. There are similar hubs on the west coast as well.
Hop 10 is where alter.net connects with crl.net (CRL Network Services) on router T3-CRL-SFO-01-H1/0.US.CRL.NET.
Finally, on hop 16, the connection to genealogy.org is made. The entire trip went through our network (4 hops), alter.net (4 hops), crl.net (5 hops) and genealogy.org (1 hop).
