traceproto(8) - Linux man page

Name

Traceproto - trace the route to a destination using a specified protocol

and port

Synopsys

traceproto [ -cCTfAhvR ][ -p protocol ][ -d dst_port ][ -D max_dst_port ][ -s src_port ][ -S max_src_port ][ -m min_ttl ][ -M max_ttl ][ -w response_timout ][ -W send_delay ][ -a account_level ][ -P payload_size ][ -F interface ][ -k skips ][ -I consecutive_trace_count ][ -H packets_per_hop ][ -i incr_pattern ][ -o output_style ][ -t tcp_flags ]

Description

Traceproto is a replacement for the venerable traceroute. It serves the same function, to determine the path that traffic takes between the current location and a remote machine. Like the original traceroute it uses the IP time-to-live field and watches for the return ICMP packets from each successive gateway. Traceproto improves on the original by letting the user select the protocol and destination port to trace to. In the current world of firewalls and traffic filtering it is no longer enough to assume that if some traffic is getting to the remote machine that it all is.

Options

-p protocol

The protocol to use. The current options are tcp, udp, and icmp with tcp as the default.

-d dst_port

The destination port to trace to. If the -i is set to 'd' or 'D' then this is the minimum destination port. The default value is 80.

-D max_dst_port

The maximum destination port. Has no effect unless -i is set to 'd' or 'D'.

-s src_port

The port to use as the local source port. If -i is set to 's' or 'S' then it is the minimum source port. The default is 10240.

-S max_src_port

The port to use as the maximum local source port.

-m min_ttl

Specifies the minumum time-to-live setting to use. This sets how many hops away to start tracing. (Example, if the first hop is a firewall that will not respond with an ICMP TIME_EXEECED message but will allow them through from hops that are further away, the user can set the min_ttl to 2 and thereby avoid having to wait for the packets that timeout at the first hop.) The default is 1.

-M Max_ttl

Specifies the maximum time-to-live setting. This is the limit for how many hops away to trace. The default is 30. (Very few locations on the internet will be further away than this.)

-w wait_timeout

The timeout in seconds to wait for a return packet. The default is 5 seconds.

-W send_delay

The timeout before sending a new packet in milliseconds. The default is 100 milliseconds.

-a account_level

If accounting is enabled (ie. account_level set to > 0) traceproto will print statistics after the run is complete detailing minimum return time in milliseconds, average return time in milliseconds, maximum return time in milliseconds, number of packets returned successfully, and the number of packets that generated no response. Possible account_levels:

No accounting printed.
Only the totals for all of the hops combined are printed.
Stats are shown for each individual hop as well as the total (this is the default).
Note that the -C flag will run traceproto in continuous mode, restarting from scratch at the end of each run and will generate stats after each run. Note also that CTRL-C will abort the run, printing the stats at whatever level is specified with the -a and will abort traceproto. CTRL-z will cause traceproto to print the stats but does not abort the run.

-T

Causes TraceProto to print a timestamp with the output.

-P payload_size

This option specifies the payload size in bytes. Currently the payload is filled with ' 's, though this may change in the future. A word of caution, traceproto seems to have problems with certain combinations of payload size and protocol, esp udp with payloads of under 12 bytes. Hence the default payload is 12 bytes. The cause of this has yet to be determined.

-k skips

Allows the user to specify a comma separated list of hops to skip by number (ie. -k 5 will cause traceproto to skip sending packets with a ttl of 5, going from 4 to 6). This allows the user to skip a hop that is know to not respond, responds slowly, or that should be avoided for some reason. The skip list only allows comma separated hops at this point, not ranges. Spaces in the list will also cause problems. Note that -k 1 is functionally analogis to -m 2.

-c

Trace continuously. This causes traceproto to reset its counters and begin the trace from scratch once run has been completed. Useful for finding intermitant problems and for noting hops that use packet based routing (ie. the route used for the packet may change from one packet to the next even during the same connection). See also -C.

-C

If -c is set, this prints the accumulated stats at the end of each run. Meaningless unless -c is set.

-I consecutive_trace_count

Like -c and -C, -I does a continuous trace but unlike -c and -C, it only does consecutive_trace_count iterations.

-H packets_per_hop

This allows the user to specify the number of packets sent out for each increment of the ttl. This must be a number between 1 and 10. The default is 3 packets per hop.

-f

Set the don't-fragment bit in the IP header. Can be used in conjuction with the -P flag to determine at which hop the MTR changes.

-F interface

Specify the network interface to use. Note that it is quite possible to specify the wrong interface needed to reach the target.

-A

Do Autonomous System number lookups.

-i port_incr_pattern

This flag governs the source and destination increment patterns. The pattern is a combination of one or two letters from the set [sSdDnN] where the meanings are:

s

decrement the source port with each packet

S

increment the source port with each packet (the default for the source port)

d

decrement the destination port with each packet

D

incrememt the destination port with each packet

n

use a static source port

N

use a static destination port (the default for the destination port)

Note that if contradictory options are given, the last one seen is used (ie. -i Ss is the same as -i s). Note also that -i nN may cause traceproto problem in determining which response is for which packet.

-o output_style

The default output style is designed to be reasonable ledgable and space concious. There are other output styles available:

s

the standard output (default). Prints the hop number, the response protocol and type, the response machine name if available, and the response IP address on the first line. The next line is a list of the response times as they arrive.

g

graphical output. The first line is the same as the standard output, but the response time is printed one line per response with a variable length ascii bar indicating the relative response time.

c

classic output. An output style (almost) identical to the original traceroute.

n

no individual hop output. Stats will still print at whatever level is set. (Note that -o n -a 0 is possible, but silly.)

m

minimal output. Prints the hop number and a single character indicating the response type. Response times are not noted.

p

scriptable output. Prints the hop number, ip, return pcaket type, and time for each packet sent.

C

(n)curses output.

-t flags

Sets the tcp flags to use.

S

SYN

A

ACK

R

RST

U

URG

P

PUSH

F

FIN

-R

Reverse trace. Starts at the max ttl and decrements the ttl for each hop.

-h

A brief usage message summarizing the options.

-v

Version info.

Using Traceproto

The easiest way to invoke traceproto is simply to give it a target machine by name or IP address. The default behavior is to trace using tcp and destination port 80. Given the current state of the internet this is the most likely to succeed though it certainly won't be appropriate for every situation.

Traceproto assumes that the user has dome understanding of the protocols involved; users who are unfamilier with them may find that traceproto's options or output are hard to decipher. Information on how the protocols function is widely available on the internet and is recommended reading for the traceproto user.

There are a fair number of options for traceproto and will probably be even more in the future. Many are contradictory or illogical in combination, but unless a combination is actually problematic, traceproto will usually allow it to be specified. Combinations that are illogical are generally ignored in a sensable manner; contradictions are usually resolved using the option furthest to the right on the command line.

Environmental Variables

There are a number of environmental variables that can be set to effect TraceProto's behavior. These variables override the default behavior but are overridden but any equivalent command line flags.

TP_TIMESTAMP_STYLE: Sets the format for the timestamp printed by the -T flag. Note that there is no equivalent command line flag for this variable.
std: The std day/alpha-month/year:hour:minute:second format.
us: US Style date of numeric-month/day/year:hour:minute:second format.
descend: Descending time format: year/month/day:hour:minute:second.
epoc: Number of seconds since the unix epoc.
TP_DEFAULT_IF: Sets the default interface. Is overridden by the -F flag. Setting this variable causes TraceProto to print a message about which interface it is using, since TraceProto will attempt to send the traces out that interface whether or not it is the correct interface needed to reach the specified destination.
TP_OUTPUT_STYLE: Sets the default output style for TraceProto. Is overridden using the -o flag.
std: The standard output style. The same as '-o s'.
graphical: The graphical output style. The same as '-o g'.
classic: The classic output style. The same as '-o c'.
none: No output. The same as '-o n'.
minimal: Minimal output. The same as '-o m'.
scriptable: Scriptable output. The same as '-o p'.
curses: (N)Curses output. The same as '-o C'.
RA_SERVER: and
TP_RA_SERVER: Sets the default server to to Autonomous System number lookups. Mimics the NONAG traceroute behavior.

Bugs

None known at this time. Please submit any found.