Advanced Tracing
Charly's Column – traceroute
Like every admin, Charly regularly uses the classic traceroute tool. If unfriendly digital natives interfere with an ICMP filter, he simply switches to a clever alternative like LFT.
Practically every admin uses the classic traceroute
tool at more or less regular intervals. This gets me all the more irritated when I find myself in a hotel with a WiFi network where the admin has completely disabled ICMP. Apart from the fact that this causes more trouble than benefits in what is by definition a public network, it can be easily circumvented.
The first version of traceroute
was written in 1988 by a certain Van Jacobsen – Van is his first name, not an honorific. To be able to trace the path of packets through the web, Jacobsen came up with a clever method. He sent test packets through the Internet to a defined destination and increased the time to live (TTL) value for each packet.
The first packet is assigned a TTL of one. Each router that transports the packet further reduces the TTL by one. Once the TTL reaches a value of zero, the router sends it back with an ICMP TTL exceeded
message. By successively increasing the TTL, Jacobsen got the packets back from routers that were further and further away and was able to follow the path of the packet until it finally reached its destination.
This does not work if the remote peer suppresses ICMP messages. However, traceroute
has evolved over the years. It has been able to use an alternative TCP-based method that relies on TCP SYN packets for quite some time. Figure 1 shows two traceroute
s to the same destination, the BBC web server (bbc.co.uk). The first call gets stuck at some point, probably due to an ICMP filter. The second one uses TCP SYN packets – it gets to its destination unhindered.
Alternative traceroute
tools, such as MTR [1], which continuously repeats the trace and thus helps to detect occasional packet losses, take things one step further. Another very interesting tool is Layer Four Traceroute (LFT [2]). It can handle other transport methods and thus makes it through most firewalls. In addition, it can output whose network blocks the packet is passing through, including the number of the autonomous system responsible for it (Figure 2).

It is therefore worthwhile to take a closer look at the different traceroute
variations – if only to keep your blood pressure down during your next hotel stay.
Infos
- "Sys Admin's Daily Grind: Step Counter" by Charly Kühnast, Linux Magazine, issue 119, October 2010, p. 47
- LFT: http://freshmeat.sourceforge.net/projects/LFT
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Direct Download
Read full article as PDF:
Price $2.95
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Find SysAdmin Jobs
News
-
CarbonOS: A New Linux Distro with a Focus on User Experience
CarbonOS is a brand new, built-from-scratch Linux distribution that uses the Gnome desktop and has a special feature that makes it appealing to all types of users.
-
Kubuntu Focus Announces XE Gen 2 Linux Laptop
Another Kubuntu-based laptop has arrived to be your next ultra-portable powerhouse with a Linux heart.
-
MNT Seeks Financial Backing for New Seven-Inch Linux Laptop
MNT Pocket Reform is a tiny laptop that is modular, upgradable, recyclable, reusable, and ships with Debian Linux.
-
Ubuntu Flatpak Remix Adds Flatpak Support Preinstalled
If you're looking for a version of Ubuntu that includes Flatpak support out of the box, there's one clear option.
-
Gnome 44 Release Candidate Now Available
The Gnome 44 release candidate has officially arrived and adds a few changes into the mix.
-
Flathub Vying to Become the Standard Linux App Store
If the Flathub team has any say in the matter, their product will become the default tool for installing Linux apps in 2023.
-
Debian 12 to Ship with KDE Plasma 5.27
The Debian development team has shifted to the latest version of KDE for their testing branch.
-
Planet Computers Launches ARM-based Linux Desktop PCs
The firm that originally released a line of mobile keyboards has taken a different direction and has developed a new line of out-of-the-box mini Linux desktop computers.
-
Ubuntu No Longer Shipping with Flatpak
In a move that probably won’t come as a shock to many, Ubuntu and all of its official spins will no longer ship with Flatpak installed.
-
openSUSE Leap 15.5 Beta Now Available
The final version of the Leap 15 series of openSUSE is available for beta testing and offers only new software versions.