The tracert Command

The tracert Command

The tracert command utility is similar to the Unix traceroute or a Cisco routers trace command. The tracert command output reports the IP address and sometimes the host name of each device in the path between the client and the target. This is a great troubleshooting tool; if the ping command fails, this command allows you to see a point of origin for the failure. Like the trace command used on a Cisco router, the tracert command sends a series of ICMP Echo Requests to the destination host, similar to the ping command , except that Tracert controls the Time-To-Live ( TTL ) value in the ICMP packet.

By default the tracert command sends the first ICMP ECHO Request with a TTL of 1. The second ICMP Echo Request has a TTL of 2, then 3, and so on until the destination host finally responds. Each request is repeated three times. The reason a host name is sometimes present is that by default, a reverse DNS query is made to get the name associated with each IP address. The following shows an example:

 C:\>  tracert 64.38.215.244  Tracing route to www.itdreamteam.com [64.38.215.244] over a maximum of 30 hops:   1    10 ms   <10 ms <10 ms  homeportal.gateway.2wire.net [172.16.0.1]   2    20 ms    20 ms  20 ms  dsl.scrm01.pacbell.net [64.164.39.254]   3    30 ms    20 ms  20 ms  dist1-vlan50.scrm01.pbi.net [64.171.152.66]   4    20 ms    20 ms  20 ms  bb1-g6-0.scrm01.pbi.net [64.171.152.247]   5    30 ms    30 ms  20 ms  sntc01.sbcglobal.net [151.164.188.121]   6    20 ms    30 ms  20 ms  sprintlink.net [144.228.44.41]   7    30 ms    20 ms  30 ms  sprintlink.net [144.232.3.145]   8    20 ms    30 ms  20 ms  sprintlink.net [144.232.3.165]   9    30 ms    30 ms  30 ms  sprintlink.net [144.232.20.66]  10    20 ms    30 ms  30 ms  SanJose1.Level3.net [209.245.146.245]  11    30 ms    20 ms  30 ms  gar2.SanJose1.level3.net [209.244.3.141]  12    20 ms    20 ms  20 ms  mp2.SanJose1.Level3.net [64.159.1.77]  13    50 ms    40 ms  50 ms  mp2.Phoenix1.level3.net [209.247.8.122]  14    50 ms    50 ms  41 ms  hsipaccess1.Phoenix1.Level3.net [64.159.3.110]  15    40 ms    50 ms  50 ms  bgp-cwie-cust.level3.net [63.214.160.130]  16    50 ms    50 ms  50 ms  kyst.com [64.38.215.244] Trace complete. C:\> 

tracert uses a number of syntaxes. The “d syntax turns off host name lookups, significantly speeding up traces, as shown in this example:

 C:\>  tracert -d 207.212.78.107  Tracing route to 207.212.78.107 over a maximum of 30 hops   1    10 ms   <10 ms   <10 ms  172.16.0.1   2    20 ms    10 ms    10 ms  64.164.39.254   3    10 ms    20 ms    20 ms  64.171.152.66   4    20 ms    20 ms    20 ms  64.171.152.70   5    30 ms    30 ms    30 ms  207.212.78.107 Trace complete. C:\> 

The “h syntax can be used to increase the maximum hop count, which is 30 hops by default. The following output changes the hop count to 50.

 C:\>  tracert -h 50 207.212.78.107  Tracing route to web1.digitalcrawlspaces.com[207.212.78.107]                       over a maximum of 50 hops:   1   <10 ms   <10 ms   <10 ms  homeportal.gateway.2wire.net [172.16.0.1]   2    20 ms    20 ms    20 ms  dsl.scrm01.pacbell.net [64.164.39.254]   3    20 ms    20 ms    20 ms  dist1-vlan50.scrm01.pbi.net [64.171.152.66]   4    20 ms    20 ms    20 ms  rback1-fe2-0.scrm01.pbi.net [64.171.152.70]   5    30 ms    30 ms    30 ms  web1.digitalcrawlspaces.com [207.212.78.107] Trace complete. C:\> 

The “w syntax increases the maximum timeout in milliseconds. The output below sets the timeout to 30 milliseconds .

 C:\>  tracert w 30 207.212.78.107  Tracing route to web1.digitalcrawlspaces.com[207.212.78.107]                       over a maximum of 50 hops:   1   <10 ms   <10 ms   <10 ms  homeportal.gateway.2wire.net [172.16.0.1]   2    20 ms    20 ms    20 ms  dsl.scrm01.pacbell.net [64.164.39.254]   3    20 ms    20 ms    20 ms  dist1-vlan50.scrm01.pbi.net [64.171.152.66]   4    20 ms    20 ms    20 ms  rback1-fe2-0.scrm01.pbi.net [64.171.152.70]   5    30 ms    30 ms    30 ms  web1.digitalcrawlspaces.com [207.212.78.107] Trace complete. 

pathping Command

Windows 2000 and 2003 has a fast trace diagnostic command called pathping . When you use the tracert command, statistical information is not displayed on the screen until the last hop has finished its reply. The pathping command sends out a series of ICMP Echo Requests with incremented TTLs, just as the tracert command does. The difference is that the pathping command results display the statistical calculations after the hop identifiers are displayed and all the replies from hops have been received.

In the following output you see the /? syntax being used to obtain the available syntaxes for the command.

 C:\>  pathping /?  Usage: Pathping [-n] [-h maximum_hops] [-g host-list] [-p period]                 [-q num_queries] [-w timeout] [-t] [-R] [-r] target_name Options: -n                 Do not resolve addresses to hostnames. -h maximum_hops    Maximum number of hops to search for target. -g host-list       Loose source route along host-list. -p period          Wait period milliseconds between Pings. -q num_queries     Number of queries per hop. -w timeout         Wait timeout milliseconds for each reply. -T                 Test connectivity to each hop with Layer-2 priority tags. -R                 Test if each hop is RSVP aware. C:\> 

As you can see, the syntaxes are similar to those used with the tracert command. In the next output, you see the pathping command in use to display the route to 10.1.2.1:

 D:\>  pathping 10.1.2.1  Tracing route to Web1 [10.1.2.1] over a maximum of 30 hops:   0  DataServer [10.1.2.7]   1  Web1 [10.1.2.1] Computing statistics for 25 seconds...             Source to Here   This Node/Link Hop  RTT    Lost/Sent = Pct  Lost/Sent = Pct  Address   0                                   DataServer1 [10.1.2.7]                                 0/ 100 =  0%      1    0ms     0/ 100 =  0%     0/ 100 =  0%  Web1 [10.1.2.1] Trace complete. D:\> 

The results above show that the Web1 server is only one hop away and that the server replied successfully.