The Technopotomus Adventure
The tests and trials of creating a safe and secure, yet fully functional home network with whatever electronic toys we can get our hands on.
-
MTR – Network Diagnostic Tool
Posted on July 11th, 2009 No commentsTraceroute
You may have used traceroute in a Micrsoft OS or in Linux. It’s quite simple and can tell you a few things about the connection between you and any other device on the internet. Just type in traceroute <domain name> and hit enter. You should see something like the following.
traceroute to microsoft.com (207.46.232.182), 30 hops max 40 byte packets 1 192.168.64.64
(192.168.64.64) 1.210 ms 1.237 ms 1.304 ms 2 x-xxx-137-216.mtaonline.net (216.137.xxx.x) 37.635 ms 37.693 ms 38.798 ms 3 6506-1-er-ge3-2.mtaonline.net (216.152.176.205) 40.463 ms 42.126 ms 43.595 ms 4 7606-1-er-po1.mtaonline.net (216.152.176.157) 45.261 ms 46.985 ms 48.903 ms 5 197-168-165-209.static.gci.net (209.165.168.197) 51.290 ms 52.718 ms 54.420 ms 6 209-128-165-209.gci.net (209.165.128.209) 84.047 ms 60.093 ms 61.256 ms 7 8-128-165-209.gci.net (209.165.128.8) 62.892 ms 64.553 ms 66.021 ms 8 52-129-165-209.gci.net (209.165.129.52) 67.917 ms 69.604 ms 71.020 ms 9 217-129-165-209.gci.net (209.165.129.217) 72.445 ms 73.898 ms 75.299 ms 10 InetSeaSDCsw-1.gci.net (209.165.129.62) 77.711 ms 78.967 ms 80.682 ms 11 ge-7-3-0-58.wst-64cb-1a.ntwk.msn.net (207.46.46.41) 82.308 ms 83.984 ms 87.674 ms 12 ge-0-2-0-0.tuk-64cb-1b.ntwk.msn.net (207.46.47.70) 61.504 ms 60.918 ms 61.017 ms 13 ten2-4.tuk-76c-1b.ntwk.msn.net (207.46.46.23) 63.226 ms 64.564 ms 66.245 ms
The second column lists the name (or IP) of the next device interface, and then the next column it’s IP address. This goes on until you hit the destination. All the while you are given the time it has taken to send the ICMP message to each device and then the return message. If you notice, the further away the device is, the longer it takes. But not always, as the last two devices show ~66ms while #11 had ~82ms to ~87ms.
If you were having problems on the internet and it seemed there were a bottleneck somewhere, this nice little tool can help you identify if one exists. Perhaps if one of those above was returning ~70ms and then the next device gave you ~250ms. That’s a noticeable difference, and it could indicate the the link between those two devices has maxed it’s bandwidth at that particular time. Not that you could do anything about it.
MTR
So what if the problem were intermittent, or traceroute did not show any problems because perhaps the chokepoint is experiencing intermittent bursts of data? Enter MTR, the big brother to traceroute. MTR (or My Trace Route) can show you a constant display of each link and how it’s holding up. Take a look.
If you have MTR installed (aptitude install mtr), run it as you would traceroute. i.e. MTR YAHOO.COM
Click to see full image
The default display looks much like a regular traceroute display, aside from the data is constantly changing and there’s a few more columns of information. The data changes due to the fact that it’s constantly getting data for you, no once, but constantly until you quit.
After the hostname, you are given columns telling you how much packet loss you get. How many packets were sent. Then you get to see how the pings are doing. You get what the last time it took for the response, the average time, the best it’s been to that particular host and the worst time. You also get a standard deviation. Not exactly sure on this one yet, but lower seems better.
As you can see from the example above, once we went from device #4 to #5, the pings doubled and then from # 5 to #6, the pings doubled again. The first time it doubled, it’s not too bad because that’s an increase in 30ms whereas the second jump was a good 72+ ms.
Not that I’m saying here’s a bottleneck, by no means. However, if anywhere between me and nandomedia.com there would be one, that’s my first suspect. This trace is pretty simple anyway. If I were to see much larger numbers then I would be concerned. Again, not that I can do anything about it, but at least I know it’s not my network, unless the problem was on my network, then I’ll point fingers.
Click to see full image
Hit the D key. Here you can change the display. You get a nice view of the packets as they are returned. This first view does not offer much, so hit the D key again. DO IT!!! You’ll like it. At least better than this view.
Click to see full image
Now this is much more informational. On the bottom of the screen is a scale. It shows you what each dot, number and letter up above mean. The period is 7ms and as you can see from my PC to my router, that’s what it should be. The next hop is to my ISP and there’s 3’s all along there and the other 2 routers at that location. The 3 is less than 54ms, but since it’s not a 2, it’s greater than 29ms. You see an ‘a’ and a ‘b’ up there too. So the return just from my ISP had a ping return over 54ms and one over 120ms just in these 57 pings.
The display is nice because it scrolls nicely to the left and you can see if there’s just a burp as in the ‘c’ at location #9 or if there’s a serious problem. And if you need to resize your terminal window, MTR will adjust what it displays with ease. Above it’s got room to show the last 57 pings, but if I widened it, it would quickly change accordingly.
So, as traceroute is handy, it’s not constant, it gives a snapshot and things may be fine at that moment. Ping is okay, but does not provide very much info. MTR is the all around tool to replace both.
Linux, Networking aptitude, Debian, internet, Linux, mtr, Networking, ping, routers, traceroute
