Perform an advanced online traceroute that maps and enriches output from mtr. Determine transit providers with Geolocation and ASN information.
Traceroute MapA visual mapping of online traceroute response
Taking the data from our Online Traceroute tool we attempt to map the hops in the network path. Parsing the mtr traceroute results we plot the results on a world map. Starting from the traceroute-online.com server in New York this test displays response times for each responding hop in the path. Non-responding hops will not be listed. Please note that geolocation can be tricky especially within core routers. Errors are not uncommon in the mapped results.
As you will see from the traceroute mapping the plots between hops all originate from the server that is performing the test. By using this method it is clear to see the response time from the source to the destination hop. Attempting to plot a traceroute on a map similar to what can be seen in the movies is actually quite difficult due to the problem of getting accurate IP address geolocation data.
Traceroute Geo Mapping & AccuracyImproving Geographic Accuracy
IP geolocation is far from an exact science and the nature of transit provider networks makes these routers much harder to locate. The workhorses of the Internet backbone are routers operated by organisations with ASN's that bridge continents. This means it is very difficult for geolocation to be reasonably accurate. An advantage we do have is many Tier 1 transit providers will provide reasonably accurate reverse DNS records to help them with their own troubleshooting. These PTR records may contain a city name or commonly airport codes for the nearest airport.
Using open source intelligence, the geographic latency expected and a splash of guess work it is possible to make a pretty good guess at the physical path that the packets are travelling. In our mapping on this page if we match a reverse entry for location and the expected latency is within a certain range we will make a guess that the router is located there.
Router PrioritizationDid you know routers can prioritise traffic?
It is common to give ICMP packets a lower priority than other traffic. If this is the case the response times listed in the traceroute may not accurately depict the application response times. On the other hand if there is a slow hop for ICMP it is likely this router is having a bad day and the application traffic will also be slow through this hop.
Global Internet Speed by CountryHighest (Top 10) Average Internet Speed Jun 2018
The USA came in at 20th with 25.86 Mbps, the UK at 35th with 18.57 Mbps and Australia is 52nd with 11.69 Mbps. This data was compiled by Cable UK.
About Hacker TargetHosted Vulnerability Scanners, DNS and IP tools
This project came about primarily because i like building helpful tools. I also like to geek out on maps and internet maps have always fascinated me. Other geographic traceroute tools I have played with have often lacked accuracy or where a bit bland. Early versions of this site have included a number of different maps using jsvectormaps and Google Maps, but they have always relied solely on the geolocation of the IP address. Since updating the maps using the DNS PTR records of the transit providers I think this is a much more usable and realistic view of the packets.
I admit I have spent time playing a game where I attempt to find the longest path, picking far off remote sites and seeing how many hops and countries that the packet has traversed to reach the destination. If you are interested I suggest trying to traceroute to far off government sites. They are often self hosted and located in the local area; other than many other sites that are either hosted by major cloud providers or hiding behind a CDN.
Traceroute Response TimesUnderstanding the Response Time (icmp / tcp / udp)
Response time is plotted against each hop in the path. Usually this will have an upward trend as the further from the source the higher the traceroute response time or latency. Plotting the MTR traceroute data can show hops where significant variation in response times is apparent usually due to distance but possibly due to network instability.
Obviously we want our response times to be as small as possible in order to have the best experience when using the Internet. Keep in mind that there are limits to how low a response time can get when pinging the other side of the world. These limits are based on science and physics so upgrading your connection will always have theoretical limit.
A decent response time to the other side of the world is typically in the low 200ms range. While access to Google services and other distributed networks commonly see < 10ms.
Traceroute CommandsA toolkit of traceroute tools for Windows, Linux and Mac OS X
Tracepath, Tracert, tcptraceroute, traceroute and mtr are all similar tools that test the network path using either UDP, ICMP or TCP. See the wikipedia article for more details on the technical side of traceroute and the tools that we run.
Windows Traceroute Command
All versions of Windows come with the built in command tracert. Using this command you can from a Windows command prompt launch a traceroute.
Using the option -6 you are also able to traceroute to an IPv6 enabled host.
If you have Nmap installed in your Windows system you can also use the nmap traceroute option as explained below under the Linux Command section.
Linux Traceroute Commands
Installed by default in Ubuntu and Fedora is the tracepath command. This command has the advantage over traceroute in that it does not require super user (root) privileges to run. It uses a random UDP port or the UDP port can be specified on the command line using the -p option.
-p specify the destination udp port to use
-n disable reverse DNS lookups
-b print both IP and host names
Available in most Linux distribution traceroute can be installed from your package manager of choice (apt install traceroute). By default this tool will use ICMP TIME_EXCEEDED responses to discover the route taken, however there is the option to specify TCP or UDP along with the port to be used.
By specifying the TCP option this command is the equivalent of the tcptraceroute command.
Use of this command requires root privileges as the default traceroute uses raw sockets to generate the packet. These packets can be highly customized, hence this command has a large number of options available allowing you to dig deeper when it comes to troubleshooting a network connection.
traceroute (options) (ipaddress)
MTR combines the functions of traceroute and ping in order to provide more detailed information on the route taken.
The results show round-trip-response times in milliseconds along with the percentage of packetloss.
A large number of options are available making this a powerful network troubleshooting tool.
mtr (options) (ipaddress)
Another option available for performing a traceroute is the Nmap command. Usually known for its port scanning ability the nmap command also has a traceroute option for checking the network route.
An advantage of using the nmap command is that the traceroute will use a discovered open port if available to perform the traceroute. This can provide more information on the route when firewalls are blocking other traceroute commands.
nmap -F --traceroute (ipaddress)
Mac OS X Traceroute
Using the Network Utility you are able to bring up a GUI that allows you to perform a tracerotue command on the Mac OS X platform. Simply enter the target IP address and hit trace to start the traceroute.
Average Response Times (Local and Global)
Other Network TelemetryA fancy way of saying network tools
mtr is a diagnostic tool that combines traceroute and ping to perform a detailed analysis of a network path. The tool will ping each of the hops in the path a number of times to get an accurate measure of the stability and response times of each hop in the traceroute.
The protocol known as whois allows an IP address or a domain name to be queried to determine the owner of that domain name or IP address netblock. Finding the owner of an IP address or domain name is common practice among security analysts and systems administrators who regularly track down abusive systems, spammers or identifying the owners of hacked systems.
The dig tool is a primarly Linux based tools that is a more feature packed version of the common nslookup command available on Windows and other operating systems. It allows a user to query DNS servers to find DNS related information. Common uses are determining the IP address associated with a domain record or to find the MX server for a domain.