Traceroute Explained | Real World Examples
ฝัง
- เผยแพร่เมื่อ 25 มิ.ย. 2024
- Join the Discord Server!
/ discord
---------------------
MY FULL CCNA COURSE
📹 CCNA - certbros.teachable.com/p/cisc...
FREE CCNA FLASHCARDS
🃏 CCNA Flashcards - certbros.com/ccna/flashcards
HOW TO PASS THE CCNA
📚 Get a great book - amzn.to/3f16QA5
📹 Take a video course - certbros.teachable.com/p/cisc...
✔ Use practice exams - www.certbros.com/ccna/Exsim
SOCIAL
🐦 Twitter - / certbros
📸 Instagram - / certbros
👔 LinkedIn - / certbros
💬 Discord - www.certbros.com/discord
Disclaimer: These are affiliate links. If you purchase using these links, I'll receive a small commission at no extra charge to you.
---------------------------------------------------------------------------------------------------------------
00:00 What is Traceroute
01:07 How Traceroute works
2:45 Hands-on with traceroute
08:08 Troubleshooting
11:20 Outro
Just like ping, Traceroute uses the ICMP protocol to attempt to establish communication with a remote host.
It can be found on all operating systems and even on switches, routers and firewalls. So it is widely supported.
What traceroute does differently is instead of just telling us if a host can be reached or not, it also tells us every hop that was used to get to the destination host.
A hop is every layer 3 device, typically routers, that our Traceroute message needs to pass through in order to get to the destination.
This can be really handy if you are trying to figure out which direction or which route your traffic is taking.
The way Traceroute collects a list of hops is pretty clever. It uses something called Time To Live or TTL.
TTL is a method of limiting the lifespan of data. For IP packets, the TTL is a counter that decreases for every hop, that the data passes on its way to the destination.
This is where the magic of traceroute comes from.
So let's say we want to reach the Google DNS server 8.8.8.8. When we do a traceroute, our computer will send an ICMP request to 8.8.8.8, but with a TTL value of 1.
That means, that as soon as our request hits the first router, the TTL value will decrease to 0 and the request will be dropped.
The router will respond back to our host with a message saying ‘Time-to-live Exceeded’
Our computer then does something clever. It takes note of the router's IP address that just responded.
It then sends the same traceroute request, but this time with a TTL value of 2.
So now, our request hits the first router, decreases the TTL value to 1, and then passes it to the next router.
Again, the TTL value reaches 0 and the message is sent back to the sending computer where we can take note of the second hops IP address.
And this process will continue until either it reaches the destination host, or the traceroute hits its maximum hops which is usually 30.
Ping Explained: • Ping Command Explained...
Never have I regretted subscribing to this channel
Great to hear! Love having you as a subscriber!
right ?!!!
Excellent explanation and visuals. As a lecturer in IT (infrastructure, Cybersecurity) I will be using your video content in lecture classes. Appreciate the uploads!
Thanks Mark! Great to hear you liked the video, especially as a lecturer yourself. I hope your classes get some value from it.
CertBros never disappoints. 🙌🏼💯
Always know I'm in for a treat when certbros drops in my notifications. Never dissapointed
I'm always in for a treat when Don Neto comments 😁 Thanks man, really appreciate it!
@@Certbros haha no problem at all 😊
Very good explanation and detail. People use this tool for years without ever really understanding what it is doing
great explanation... thanks a lot for clear graphical representation.
Nice one. Clearly explained. Thanks. 😁
excellent! love your channel. thank you!
Cool vid. Very informative 👍
Im a beginner, and DAAAAMN, this is a comprehensive video for dummies like me.
Very nicely explained. Thanks 😊
Thank you Parveez! Glad you liked it 👍
Please do a video on all the ways you can use NS lookup. Explaining all the various DNS record types would be a good one too.
Great job, we’ll spoken!
I loved this video.
Awsome explanation
Thank you for this tutorial.
a very good explanation
excellent explanation sir.
excellent video keep it up👍
Thanks for the knowledge
Great explanation
Thanks Lalith! Always one of the first people to comment 🙏
great explanation thanks for this video
Very well explained 👏 👌
Thank you Sajesh! Glad you liked it.
IIRC, traceroute wasn't designed into networks and the internet, but someone clever figured out you could use the TTL value to find the hops.
Thank you!
You're welcome!
Very Nice , Good learn
great visualization, what tool you used to create it?
Great tutorial, can you post video on how to perform port mirroring in Windows
Also please make video about ICMP and how ping is a portless protocol
I would also request you to make video on Port Binding and socket creation
I really want to study this topics from you.
Appreciate your efforts
I never realized how painful it was to hear someone say "rooter" Lol.
Not as painful as it is to pronounce it r-out-er 😆
I ran a tracert and received several asterisks (and "request timed out" messages) for many hops. Then one subsequent hop showed times. Afterwards, all remaining hops (limit = 30) showed asterisks and timed out messages. What message should be inferred?
Liiiiikkkkkkeeeeeee 😄
thanks
Thank you, it was very nice explanation. I got one doubt, I understand that TTL value increases each time, and it sends, and we continue getting Time exceeded value, Type(11), what would be the reply, when it reaches destination.
Is it possible to use this technology to see what hardware is sending data to your computer? eg. screen capture hardware sending data packets, or can that kind of specificity not be attained?
Have used tracert all my life, only learned the mechanism now 😂😂
thx for the vide
Thank you Christopher!
Please note ICMP is blocked by many switches so ping and traceroute work intermittently.
Nice video as always, Near the end where you mentioned that a hop might have a big response time (like 500ms) and we would know that the specific hop causes delay problems, what then? How you bypass that node / hop afterwards?
Do you just find out to whom this hop belongs to and send an email letting them know for instance?
I really want to see this question answer .
Me too.
I have a question, I hope you can read it. Would you suggest the installation of wireshark, even if you are not troubleshooting any end users, only for private reasons?
May I know why tracert cmd was taking max of 30 hops?
QUESTION : Is it ROOT or RRRR-OUT as in Route?
Is there any API to identify the source and destination?
As you said "e.g. if the hop is taking around 500ms to respond is potentially bottle naking the traffic."
Is there any specific limit of time to ensure that?
Thanks
First hop may high depending on your internet speed, though most likely less than about 60ms, unless you are saturating your connection. Certain other hops may be high if server is on another continent, and traveling under the ocean but still under 200ms (wild guess).
Did the tracert crap out because you used a private scope that wasn't a part of your network?
I can see a lot of "request timed out" in your examples, so I was wondering what would be the potentials reasons why a hop doesn't respond to an icmp with expired ttl ?
some hops can have icmp disabled but will still pass traffic
why are there 3 packets sent tho
Traceroot
🥲life saver
No problem! Glad you liked the video