Quick take: The traceroute command shows the route packets take to a destination, listing each router (hop) and its round-trip time. Use it to find where along the path a connection slows down or fails. tracepath is a similar tool needing no privileges.
Introduction
When ping shows a host is slow or unreachable, traceroute reveals where the problem lies by mapping the path packets take through routers to the destination. Each line is one hop, with timing that helps you spot the point where latency spikes or the path breaks down.
Syntax
The basic syntax of the traceroute command is:
traceroute [OPTIONS] HOSTCommon Options and Parameters
The most useful options and parameters for the traceroute command:
| Option | Description |
|---|---|
| -n | Show numeric IPs (skip DNS, faster). |
| -m N | Set the maximum number of hops. |
| -w SECS | Wait time for each reply. |
| -q N | Number of probes per hop. |
| -I | Use ICMP echo instead of UDP. |
| -T | Use TCP SYN (useful through firewalls). |
| -p PORT | Set the destination port. |
Practical Examples
Real traceroute commands you can run today:
# Trace the route to a host
traceroute google.com
# Numeric output (no DNS lookups)
traceroute -n google.com
# Use ICMP probes
sudo traceroute -I example.com
# Use TCP to port 443 (through firewalls)
sudo traceroute -T -p 443 example.com
# Limit to 15 hops
traceroute -m 15 example.com
# Privilege-free alternative
tracepath example.comTips and Best Practices
- Use
-nto skip DNS lookups for much faster, cleaner output when you only need the IPs. - Asterisks (
* * *) at a hop mean that router did not reply — often it just blocks probes, not necessarily a fault. - Try
-T -p 443when normal traceroute is filtered; TCP probes to a common port often get through firewalls.
Final Thoughts
traceroute turns “the connection is slow” into a precise map of where the slowdown happens, hop by hop. Read the latency progression to find the problem router, use -n for speed, and switch to TCP probes when firewalls block the defaults. It is the natural next step after ping in diagnosing network paths.
FAQ: traceroute Command in Linux
What does traceroute do?+
traceroute maps the route packets take to a destination, listing each router (hop) along the way with its round-trip time. It shows where on the path a connection slows down or stops.
How do I read traceroute output?+
Each numbered line is one hop, showing the router and three timing measurements. Rising times indicate where latency increases; a row of asterisks means that hop did not reply to the probes.
Why do I see asterisks in traceroute?+
Asterisks (* * *) mean a router did not respond to the probe within the timeout. Many routers deliberately ignore traceroute probes, so this is often normal rather than a fault.
What is the difference between traceroute and tracepath?+
Both trace the network path. traceroute has more options but often needs root for some probe types, while tracepath is simpler and runs without privileges, making it handy for quick checks.
How do I traceroute through a firewall?+
Use TCP probes to a commonly open port: sudo traceroute -T -p 443 host. Firewalls that block the default UDP probes often allow TCP to web ports.
Need help with Linux servers or infrastructure?
Work directly with Muhammad Irfan Aslam for Linux, Ubuntu, Docker, DevOps, cloud, CI/CD, or infrastructure support.
Hire Me for Support