CMIT 265 Name:__________________________ TRACERT What's the route a packet takes across the Internet? The traceroute command (tracert on Windows because of the 8-character limitation on DOS filenames) shows the hops that packets take. It shows the times to go to each router along the route from your computer to the destination. In CMD: tracert www.yahoo.com Hop 1 is your default gateway. Its IP address:_____________________ Hop 2 is a router in your neighboring network, typically your ISP. (default gateway of that network) Its IP address:_____________________ * and "Request timed out" indicates blocking of the traceroute packets and you might as well stop the tracert command by Ctrl-C. (although sometimes it picks up later hops...) How many hops were taken to get to www.yahoo.com:________ Compare the ping time with what tracert reports as the time to get to and from that site:_____________ Do it again and see if there are any differences:_________________ The times can vary due to network traffic congestion (especially early evening). tracert to some place on West coast of USA, like www.stanford.edu Jumps the puddle to West coast and more routers. The big gap around hops xx or xx is the traversal under the Pacific on a fiber optic cable, which by itself takes approximately ______________ ms. (use subtraction) Might also cross the USA in one jump: tracert www.nypl.org (New York Public Library) Is there an ovious "cross-country" hop, and how much time does it by itself take:_____ "Request timed out" indicates blocking of the traceroute packets and you might as well stop the tracert command by Ctrl-C. (although sometimes it picks up later hops...) Notice that some routers have DNS names instead of only IP addresses. The names can give a clue of where the router is or the network provider (the Internet's backbones), list some examples you see: ____________________________________________________ ____________________________________________________ ____________________________________________________ tracert -d Destination suppresses the reverse DNS lookups to find the DNS names of the hops. It speeds up the running of tracert. The original source of an IP packet includes a TTL value in each packet it generates. Each router along the route the packet takes decrements the TTL value. If a packet's TTL ever reaches zero the router will drop the packet (i.e. throw it away). This is to prevent endlessly travelling or circulating packets in the internetwork. The router is supposed to send an ICMP "Time Exceeded" packet back to the sender, informing the source that its packet was terminated, an example of ICMP's IP error-reporting purpose. Tracert works by cleverly taking advantage of the TTL field in IP packets. Tracert sends IP packets with increasingly larger TTL values starting with one then incrementing so that each next hop router will be reached, the TTL will expire there, that router will send back the TTL Exceeded packet and so tracert can determine the router's IP and the amount of time to reach it. tracert www.cenpac.net.nr or dns1.cenpac.net.nr One of the hops takes a lot of time, about how much:______________ It's the uplink and downlink to a geostationary communications satellite (Nauru is a remote island with few people, there isn't a undersea fiber-optic cable to it) which are 22,000 miles above us and it takes microwave radio (a form of electromagnetic radiation like light travelling at 180,000 miles per second) about 200 ms just to travel the round trip distance. tracert www.anadyr.ru Sometimes this goes more than all around the world. IP address #hops Likely location www.asia.umuc.edu _________________ _____ ________________ www.umuc.edu _________________ _____ ________________ www.comptia.org _________________ _____ ________________ davidwills.net _________________ _____ ________________ Tracert to your DNS server. What is its DNS name: ___________________________________ ___________________________________ (ns is often part of a name server's name.) Sending an IP packet: IF the destination is in your (Ethernet) IP network then send directly to it in a frame (first Arping for its MAC if it's not in your arp cache). Your system's routing table is used to determine what is your network. ELSE (i.e. the destination is not in your IP network) send it in a frame to the Default Gateway (first Arping for its MAC if it's not in your arp cache). It's up to the default gateway to move the packet along toward the destination by sending it to its next hop, you have no more role to play until you get a reply, if any, from the destination. Your system's routing table is used to determine what the default gateway is. The destination IP address is used to guide the packet to the destination. Each router along its path decapsulates the IP packet from its data-link frame, decrements the TTL, recalculates the checksum, determines where the packet should be sent next (i.e. its next hop) and re-encapsulates it in the data-link frame appropriate for the next link. The path is not determined at the source nor is the path inside the packet; each router makes the routing decision of where to send the packet to next. Large routers in the internet's backbone are connected to several other routers and so have a choice of where to send an incoming packet. Each router has a routing table that it tells it where to send each packet. The routing tables are maintained by the routers passing information to each other so that the routes in the routing table are the best routes. If some router along the path encounters a problem with the packet it's supposed to send back an ICMP error packet indicating the problem which resulted in your packet being dropped. It knows you sent it because your IP is the source address of the packet. The error packet includes the header of the dropped packet so you can know more about it.