HomeCCNATraceroute and Tracert – 2 Important command
Screenshot of a command prompt showing a tracert command tracing the route to 192.168.1.1 over 30 hops, with responses from Router Peshawar (10.1.1.1), Router Kanak (10.2.2.2), and subsequent request timeouts.

Traceroute and Tracert – 2 Important command

August 12, 2019
Asad Ijaz
5 min read
CCNA

Traceroute (or Tracert on Windows) is a diagnostic tool that maps the route of packets from a source to a destination using ICMP Echo Request packets. It displays each hop (router) along the path, helping network engineers troubleshoot connectivity issues. This guide is tailored for CCNA and CCNP students to master Traceroute for exams and real-world networking.

Table of Contents

Understanding ICMP and TTL in Traceroute

What is ICMP?

The Internet Control Message Protocol (ICMP) is a network-layer protocol used for error messaging and diagnostics in IP networks. Traceroute relies on ICMP Echo Request (type 8) packets sent to the destination and ICMP Time Exceeded (type 11) or Echo Reply (type 0) messages returned by intermediate routers or the destination. For CCNA students, understanding ICMP is crucial for troubleshooting connectivity issues.

How TTL Works

The Time-to-Live (TTL) field in an IP packet header prevents packets from looping indefinitely. Each router decrements the TTL by at least 1 before forwarding the packet. When the TTL reaches 0, the router discards the packet and sends an ICMP Time Exceeded message back to the source. Traceroute exploits this by sending packets with incrementally increasing TTL values (starting at 1) to map the path to the destination.

How Traceroute Works

Traceroute sends packets with incrementally increasing TTL values (starting at 1). Each router decrements the TTL by at least 1. When the TTL reaches 0, the router sends an ICMP Time Exceeded message back to the source. This process repeats until the destination responds or the maximum TTL (default 30) is reached.

Windows Command: tracert networkustad.com

Cisco Router Command: Router# traceroute networkustad.com

Figure 1 shows an example output of the tracert command entered on host 4 to trace the route to host 1. The only successful response was from the gateway on Router Peshawar and from router Karak.

A network diagram titled "Tracert From Host 4 to Host 1" showing a traceroute from Host 4 to Host 1 across a network. The diagram includes laptops labeled Host 1 (0.2), Host 2 (0.3), Host 3 (1.2), and Host 4 (1.3), connected through switches Sw.Karak and Sw.Peshawar. IP addresses include 192.168.0.24 (Sw.Karak), 172.16.0.30 (Karak), 192.168.1.24 (Sw.Peshawar), and 3560-24PS switches. A command prompt window displays the traceroute command "tracert 192.168.0.2" with results showing hop 1 to 192.168.1.1 (1 ms response), hop 2 to 172.16.0.1 (request timed out), and subsequent hops 3 to 19 all timing out.
Traceroute and Tracert - 2 Important command 3

Analyzing a Tracert Output

Below is a sample tracert output from a Windows host (Host 4) tracing the route to a destination (Host 1):

Tracing route to host1.example.com [192.168.10.10] over a maximum of 30 hops: 1 2 ms 1 ms 1 ms 192.168.1.1 [Router_Peshawar] 2 5 ms 4 ms 5 ms 172.16.0.1 [Router_Karak] 3 * * * Request timed out. 4 * * * Request timed out.

Interpretation

Hop 1 (192.168.1.1): The first hop is the default gateway (Router Peshawar), responding in 1-2 ms, indicating a healthy LAN connection.

Hop 2 (10.0.0.1): The second hop is Router Karak, with slightly higher latency (4-5 ms), suggesting it’s further in the network.

Hops 3-18 (Timeouts): The asterisks (*) indicate no response, likely due to:

  • A firewall blocking ICMP Echo Requests.
  • The destination (Host 1) not responding to ICMP.
  • A network failure beyond Router Karak.

Network Topology for Traceroute Example

The Traceroute example involves a network with the following topology:

  • Host 4: A Windows PC (192.168.1.100) in a LAN.
  • Router Peshawar: The default gateway (192.168.1.1) connects the LAN to the WAN.
  • Router Karak: An intermediate router (10.0.0.1) in the WAN.
  • Host 1: The destination server (192.168.10.10), reachable via multiple hops.

Tracert Command Switches

The tracert command on Windows and traceroute on Cisco routers support several switches to customize behavior. Below are key switches for CCNA/CCNP students:

  • -d: Prevents resolving IP addresses to hostnames, speeding up the trace. Example: tracert -d 8.8.8.8.
  • -h maximum_hops: Sets the maximum number of hops (default is 30). Useful for limiting traces in large networks. Example: tracert -h 10 google.com.
  • -j host-list: Specifies a loose source route (IPv4 only), allowing you to influence the path. Example: tracert -j 10.0.0.1 8.8.8.8.
  • -w timeout: Sets the timeout (in milliseconds) for each reply. Useful for slow networks. Example: tracert -w 1000 networkustad.com.
  • -4: Forces IPv4 (Windows only). Example: tracert -4 google.com.
  • 6: Forces IPv6 (Windows only). Example: tracert -6 google.com.

Troubleshooting with Traceroute

Traceroute is a powerful tool for diagnosing network issues. Below are common scenarios:

Timeouts at All Hops:

  • Cause: A firewall is blocking ICMP Echo Requests.
  • Solution: Check firewall rules or use a different protocol (e.g., UDP-based traceroute on Linux with traceroute -U).

Unexpected High Latency:

  • Cause: Congestion or a suboptimal route.
  • Solution: Compare Traceroute outputs over time or use pathping for detailed statistics.

Destination Unreachable:

  • Cause: The destination doesn’t respond to ICMP or is offline.
  • Solution: Verify the destination’s status with ping or check routing tables.

Traceroute with IPv6

IPv6 Traceroute works similarly to IPv4 but uses ICMPv6 messages (Type 128 for Echo Request, Type 3 for Time Exceeded). Use the -6 switch on Windows or specify an IPv6 address on Cisco routers.

Examples

tracert -6 2001:4860:4860::8888 Router# traceroute ipv6 2001:4860:4860::8888

    FAQs

    • What is the difference between tracert and traceroute?

      tracert is used on Windows, while traceroute is used on Cisco routers and Unix-based systems (e.g., Linux, macOS). Both perform the same function but differ in syntax and options.

    • Why do I see asterisks (*) in Traceroute output?

      Asterisks indicate a timeout, meaning a router or destination didn’t respond. This could be due to ICMP blocking, network congestion, or a device being offline.

    • Can Traceroute work with IPv6?

      Yes, use tracert -6 on Windows or traceroute ipv6 on Cisco routers for IPv6 networks.

    • How does Traceroute help in CCNA/CCNP exams?

      Traceroute is used to troubleshoot connectivity issues and understand network paths, which are tested in labs and simulations. Practice with tools like Packet Tracer.

    • What tools are similar to Traceroute?

      Tools like ping (tests reachability) and pathping (combines ping and Traceroute) are alternatives. For advanced diagnostics, use mtr on Linux.

    Avatar of Asad Ijaz

    Asad Ijaz

    NetworkUstad's lead networking architect with CCIE certification. Specializes in CCNA exam preparation and enterprise network design. Authored 2,800+ technical guides on Cisco systems, BGP routing, and network security protocols since 2018. Picture this: I'm not just someone who writes about tech; I'm a certified expert in the field. I proudly hold the titles of Cisco Certified Network Professional (CCNP) and Cisco Certified Network Associate (CCNA). So, when I talk about networking, I'm not just whistling in the dark; I know my stuff! My website is like a treasure trove of knowledge. You'll find a plethora of articles and tutorials covering a wide range of topics related to networking and cybersecurity. It's not just a website; it's a learning hub for anyone who's eager to dive into the world of bits, bytes, and secure connections. And here's a fun fact: I'm not a lone wolf in this journey. I'm a proud member and Editor of Team NetworkUstad. Together, we're on a mission to empower people with the knowledge they need to navigate the digital landscape safely and effectively. So, if you're ready to embark on a tech-savvy adventure, stick around with me, Asad Ijaz Khattak. We're going to unravel the mysteries of technology, one article at a time!"

    Related Articles

    Diagram depicting IPv4 and IPv6 coexistence within a network setup. The image includes dual-stack routers, hosts, and servers configured to support both protocols. It highlights communication paths between IPv4 and IPv6 devices, emphasizing the seamless integration essential for transitioning networks. The title 'IPv4 and IPv6 Coexistence' appears at the bottom, reinforcing the theme of compatibility and connectivity.

    Comprehensive Guide to IPv4 and IPv6 Coexistence: Strategies, Challenges, and Future Outlook

    April 6, 2025
    Hand connecting a cable to a Cisco device for console access.

    What is Console Access to Cisco Devices

    August 20, 2019
    IPv6 addresses structure visualised with hexadecimal notation and interconnected nodes symbolising modern networking.

    Mastering IPv6 Addresses: Unlocking the Future of Networking in 2025

    June 7, 2019
    Design 204

    Introduction to IP address and Subnetting, Unicast, Multicast and Broadcast Communication Quiz Test

    April 3, 2025
    accesslist outpu

    ACL Statistics – Exclusive Explanation

    September 10, 2019
    DUAL

    What is DUAL?

    January 13, 2020
    PPP

    PPP Overview

    April 26, 2020
    WAN Devices

    WAN Devices

    February 8, 2020
    Close-up view of Cisco router ports and connectors with the text "Explained in Simple Terms: Understanding Cisco Router Switching" on an orange background.

    Router Switching Mastery: Unlock Efficient Packet Delivery (Updated 2025)

    August 21, 2019