Networking / Beginners

---

Tracetcp

Oftentimes, the ability to know the path that network traffic is traversing is key to troubleshooting connectivity issues. In most cases you can determine this by using the traceroute utility (tracert on Windows systems). When you execute the traceroute command ICMP (Internet Control Message Protocol) is used to transmit packets to the destination with a Time to Live (TTL) value of 1, and this increases for each hop. When everything goes smoothly, each hop has to reduce the TTL by one, and when it becomes zero, the packet is dropped, and a message is sent to the receiver.The problem that often arises is that ICMP is often partially or completely filtered out by intervening routers or firewalls. In this case, you need a way to accomplish the same thing with a protocol that has a higher chance of success.

In these cases, a TCP traceroute can be a life saver. It will effectively do the same thing, by manipulating the TTL values, but it uses a TCP packet and allows a user-configurable port, which almost every firewall and router will allow if it is a well-chosen port. As an example, if you picked a popular Web site and tried a trace route, you may get several instances of "request timed out," which indicates that the hop is not responding. In most cases this means that ICMP is being filtered by a firewall. If you instead use a TCP-based traceroute utility and specify a destination port of 80, you may get better results. A good TCP-based traceroute utility for Windows is tracetcp from http://tracetcp.sourceforge.net/. For Linux, a very robust utility is LFT, which stands for "layer four traceroute," which can be downloaded from http://pwhois.org/lft/.