Sign in Sign Up for FREE

What Is Traceroute?

Traceroute (tracert on Windows) is a network diagnostic tool that maps the path packets take from your device to a destination, revealing each router hop along the way along with the latency to each hop. It is invaluable for diagnosing where in a network path a delay, packet loss, or routing problem is occurring.

How Traceroute Works - TTL Decrement

Traceroute exploits the IP Time-To-Live (TTL) field. Every IP packet has a TTL counter (typically starting at 64 or 128). Each router that forwards the packet decrements the TTL by 1. When TTL reaches 0, the router discards the packet and sends back an ICMP Time Exceeded message - Which reveals that router's IP address and the RTT to reach it. Traceroute sends packets with TTL=1, 2, 3 … n until the destination is reached, building a complete picture of the route.

Traceroute Commands by OS

Operating SystemCommandProtocol Used
Windowstracert example.comICMP Echo Request
macOStraceroute example.comUDP (default) or ICMP with -I flag
Linuxtraceroute example.comUDP (default); TCP with -T flag; ICMP with -I flag
Linux (preferred)mtr example.comContinuous traceroute with live packet loss stats

Interpreting Traceroute Output

OutputWhat It Means
Low RTT at early hops, spike at later hopsCongestion or a distant route change at or after the spike hop
* * * (no response)Router is configured to not respond to ICMP - Does not mean packet loss; many routers deprioritise ICMP responses
RTT increases uniformly with each hopNormal propagation delay - Network is healthy
Same high RTT from one hop onwardBottleneck or congestion is at or just before that hop

Traceroute vs Ping

  • Ping tests end-to-end round-trip time to a single destination - Useful for confirming reachability and measuring overall RTT.
  • Traceroute identifies every hop on the path and the RTT to each - Useful for locating where in the path a problem is occurring.
  • mtr (Matt's Traceroute) combines both tools, continuously sending probes and showing live packet loss and latency per hop - The most useful single-command network diagnostic.
  • Traceroute hop IPs can be looked up in WHOIS to identify the ASN (network operator) responsible for each segment of the path.
IP Lookup Tool Learning Hub What Is an IP Address? What Is an ASN? What Is DNS? What Is Ping and Latency?

Continue Learning

← Learn Hub IP Lookup Tool Hide My IP VPN Leak Test VPN Guide Blog