Another use of trace will be for it to give indications if a link or segment has failed between two points.
In Cisco routers, if the trace command is executed in the routers privileged EXEC mode, it will prompt you for the supported IP header options to be specified, allowing the router to perform a more extensive range of test options.
trace Command Operation
The trace command generates an outgoing UDP message targeted to a destination device. The UDP packet header contains a PORT value that identifies the upper-layer application for which the packet is destined. Most trace implementations use a port value greater than 30000, a value unlikely to be used by the destination device. Cisco routers use a default port value of 33434.
To discover each hop between the source and destination, trace probes each successive hop to the destination. By default, each hop is probed three times. This probing is done by modifying the IP Time-to-Live (TTL) value. The Time-To-Live (TTL) value is set in the IP header portion of the packet thereby ensuring that packets do not continuously traverse the network.
Step 1: trace Begins
The trace command works by using the error message generated by routers when a datagram exceeds its time-to-live (TTL) value. First, trace probe datagrams are sent out with its TTL value set to 1 (see Figure 8-4). This causes the first router it reaches to reduce the TTL by a factor of 1 to a value of 0. This causes the router (Router B) to discard the probe datagrams and send back a time exceeded ICMP error message.
Each outgoing trace packet can result in one of two ICMP error messages:
Step 2: Source Router Responds
Upon receipt of the ICMP error message, the source router (Router A) will then resend the UDP trace packet but this time it increments the TTL value by adding 1 to it. In the example shown in Figure 8-5, the TTL value will be increased to 2.
The UDP trace packet will reach the first router (Router B). This router will decrease the TTL value by one and then forward the packet to the next router (Router C) on the way to the destination device; this is determined by the routing table. Router C reduces the TTL to 0. This causes the router (Router C) to discard the probe datagrams and send back a time exceeded ICMP error message.
Step 3: trace Resent
The Trace utility will then resend the packet with the TTL set to a value of 3. This process will be repeated until the destination router is reached (Router D). At which point Router D receives the packet with a valid TTL. As the router examines the packet, it sees the port to which it is destined (hopefully, the port is unused since it can be a random value). Because the port is not found in the router, instead of issuing a time exceeded message, it returns the Port Unreachable ICMP error message. At which point the source router receives the packet back, deciphers it, and displays the final hop to the network engineer.
As with ping, it is a good idea to use the trace command when the network is functioning properly to see how the command works under normal conditions and so you have something to compare against when troubleshooting.
For more detailed information on using the trace and extended trace commands, please refer to the Cisco IOS Configuration Fundamentals Command Reference.
Executing the Extended trace Command in a Cisco Router
The following describes the fields that are unique to the extended trace sequence, as shown in the display:
OSPF_Router# trace Protocol [ip]: Target IP address: 18.104.22.168 Source address: Numeric display [n]: Timeout in seconds : Probe count : Minimum Time to Live : Maximum Time to Live : Port Number : Loose, Strict, Record, Timestamp, Verbose [none]: Type escape sequence to abort. Tracing the route to 22.214.171.124 1 126.96.36.199 56 msec 188.8.131.52 52 msec 184.108.40.206 52 msec 2 220.127.116.11 56 msec 52 msec 56 msec 3 18.104.22.168 [AS 65512] 76 msec * 56 msec