Tracing Connections with traceroute
When you're connecting to a remote computer, you're actually connecting through a series of computers (and routers and other expensive Internet stuff). That is, your computer connects to another computer, which connects to another, which connects to yet another, and so on until your computer connects to the one you're trying to reach.
The data that you're sending or receiving actually meanders through the path in packets (little chunks of data) that are reassembled into the correct sequence at the other end. But not all packets take precisely the same route from the sending computer to the destination computer. Communication on the Internet is much more like sending a lot of letters than making a telephone call. It's a bunch of little messages being passed along, not a continuous connection.
Code Listing 12.6. Using TRaceroute, you can see how data meanders between your computer and a remote computer.
ejray> traceroute www.yahoo.com traceroute to www10.yahoo.com (22.214.171.124), 30 hops max, 40 byte packets 1 126.96.36.199 (188.8.131.52) 8 ms 2 ms 3 ms 2 903.Hssi5-0-0.GW1.SLT1.ALTER.NET (184.108.40.206) 18 ms 13 ms 14 ms 3 124.ATM4-0-0.CR1.SFO1.Alter.Net (220.127.116.11) 68 ms 65 ms 52 ms 4 311.atm3-0.gw1.sfo1.alter.net (18.104.22.168) 60 ms 50 ms 39 ms 5 Hssi1-0.br1.NUQ.globalcenter.net (22.214.171.124) 40 ms 39 ms 28 ms 6 pos0-1-155M.wr1.NUQ.globalcenter.net (126.96.36.199) 30 ms 48 ms 42 ms 7 pos1-0-622M.wr1.SNV.globalcenter.net (188.8.131.52) 50 ms 67 ms 61 ms 8 pos5-0-0-155M.cr1.SNV.globalcenter.net (184.108.40.206) 48 ms 40 ms 41 ms 9 www10.yahoo.com (220.127.116.11) 43 ms 50 ms 53 ms ejray>
Using traceroute, you can satisfy your curiosity or, possibly, identify bottlenecks. How? You find out what route the packets take to arrive at the destination computer, as shown in Code Listing 12.6. If, for example, you see that the routes to your three favorite (but currently inaccessible) Web sites all end at a specific computer, that's where the network outage is and who you're waiting for to get things up and running.
Code Listing 12.7. Sometimes, traceroute has problems with firewalls between you and the target system.
jdoe /home/jdoe $ /usr/sbin/traceroute www.google.com traceroute to www.google.com (18.104.22.168), 30 hops max, 38 byte packets 1 192.168.1.1 (192.168.1.1) 0.907 ms 0.683 ms 0.632 ms 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * jdoe /home/jdoe $
To trace a connection with traceroute:
At the shell prompt, type traceroute plus the address of the other computer in the connection. You'll see results similar to those shown in Code Listing 12.6. Each line in the traceroute output represents a computer (or other device) on the Internet that receives your packets and passes them on to the next computer.
If you're experiencing connectivity problems, try using traceroute to several different, geographically dispersed hosts to isolate the problem. For example, if you're in the Midwest and can TRaceroute all the way to www.stanford.edu (physically located in Palo Alto, California) but not to www.mit.edu (in Boston, Massachusetts), there's likely trouble on the Internet between you and the East Coast.
You can speed the TRaceroute process by using the -n flag; for example, traceroute -n hostname. This checks the path using only IP numbers and does not translate the IP numbers into the DNS (Domain Name Server) addresses with which you're familiar.
Many firewalls do not pass through the ICMP (ping)packets(there's a techie term for you) that TRaceroute uses. If you get a lot of lines with * * * in them, as shown in Code Listing 12.7, that might be the problem.