Administrator Handbook Table of contents version française

Graphical traceroute

Overview of graphical traceroute

The graphical traceroute program from LoriotPro displays in text and graphic mode IP round trip time history and statistics per router hop.

Taceroute also complements the tools for discovery of the network by the enrichment of LoriotPro directory.

The graphical traceroute discover Plugin is an advanced tool based on the common traceroute concept and program (defined in the RFC 1393 ). This program is commonly available in non graphic mode under unix/linux ( traceroute ) and Windows ( tracert ).

The first goal of the traceroute program is to discover the intermediate router between a source IP address (LoriotPro host in our case) and a destination IP address The second goal is to evaluate the time needed by the IP packet to reach each router on the path and get a overview of the network latency.

Remark: The latency measure by traceroute is not accurate. In fact, the traceroute program provides the response time of a router node. This time, called Round Trip Time (RTT), includes the time needed for an IP packet to travel to a router node, the time needed for the router to reply and the time needed for the IP response packet to travel back to the source.

With this tool, network administrator could figure out where are the network bottlenecks and losses of performance along a network path.

Example of traceroute performed with the Loriotpro graphical traceroute plugin.

traceroute

traceroute graphical interface

traceroute Plugin Installation

The installation of the traceroute Discover Plugin is performed in the Service workspace.
Select first the Service Tab in the Workspace, then press the right mouse button, you should see the contextual menu :

traceroute menu
Graphical traceroute plug-in selection

From there select Add New Service... and select the TraceRoute Discoverv plug-in.

When done you should see the Plugin in the list of Service Plugin.

A double click open the Dialog box.

traceroute concept

The working principle of any traceroute program is based on the usage of ICMP (Internet Control Message Protocol RFC 792 ).

Traceroute uses the TTL field in the header of ICMP packets to discover the routers on the path to a destination.

The main goal of the TTL field is to avoid infinite loop of packets in meshed networks. By increasing the TTL by one each time the program send a packet each router hops on the path are successively discovered and the time needed for a round trip is deducted.

traceroute concept

Round Trip Time or RTT in an IP network is not enough to really know the time needed for an IP packet to travel from the source to a router hop. The main reason is that the path from the query and its answer could be different, the second reason is the time used to process the requested packet by the router hop.

Second point is that the sum of the time needed to reach each intermediate router hop is not equal to the time need to reach the destination. Sometime one router hops could be see at a longer time distance than the destination. This point is easily explained by the fact that router on the path are not dedicated to answer our ICMP packet and thus could add local delay in the round trip time.

Traceroute configuration

The configuration is done in the upper box of the dialog box.

trace route parameter

The Trace is either the IP adress or the name of the remote host. You can acces the WIZARD with the + button.

Max router hops option defines the maximum number of router hops (IP routers) to take in account on your graph and table . The maximum supported is 30.

The Timeout set the maximum time to wait before considering a router hop unreachable.

Samples specify the number of successive traceroute performed. The RTT average values are more accurate if you increase this value.

The DNS Resolve option allows you to see name instead of IP address.

The Append Loriotpro Directory with new entry adds the new discovered router hop (node) in the LoriotPro Directory.

Put new entry in existing network or dummy option adds new discovered nodes in their IP sub-network or in the dummy network.

Check for SNMP 'public" and enable discover scanning for this nexrouter hop if true option allows LoriotPro to use this new discovered router hop (router) for extending its network view. Refers to the Discover process in the main documentation.

When finish, you can start the TraceRoute process with the start button.

traceroute Monitoring

The start button displays the results in the table and graph view.

The table view contains the following columns.

text trace route

The router hops column shows the number of the router on the path and a colored box shows the last status. The three states are linked to the specified timeout.

The MinRTT specifies the Minimum Round Trip Time recorded for that router hop.

The AvgRTT specifies the Average Round Trip Time recorded for that router hop.

The MaxRTT specifies the Maximum Round Trip Time recorded for that router hop.

The CurRTT specifies the Minimum Round Trip Time recorded for that router hop.

The Name is the DNS resolved name for the IP address of that router hop.

The IP address

If a router is not responding or if the there is a packet loss, the line is empty.

The traceroute graphic displays the current RTT ( Round Trip Time or also called Round Trip Delay )

Visual results are also displayed on a concentric graphical view. The traceroute concentric view displays router and their status on its periphery. Loriotpro the source of the testing packets is located in the center. The first router hop on the path is on the left side of the screen (9 o'clock)and subsequent router hops are displayed clockwise.

graphical trace routeGraphical traceroute

Each line path is colored according to the legend located in the uper side corner.

Blue -> Min RTT
Red -> Max RTT
Green -> Avg RTT
Yellow -> Cur RTT

To have detailed information on a specific router, just set your mouse on it and read the information line in the bottom of the windows.

traceroute in deep with RFC 1393 abstract

The existing traceroute operates by sending out a packet with a TimeTo Live (TTL) of 1. The first router hop then sends back an ICMP error message indicating that the packet could not be forwarded because the
TTL expired. The packet is then resent with a TTL of 2, and the second router hop returns the TTL expired. This process continues until the destination is reached. The purpose behind this is to record the source of each ICMP TTL exceeded message to provide a trace of thepath the packet took to reach the destination.

The advantage of this algorithm, is that every router already has the ability to send TTL exceeded messages. No special code is required. The disadvantages are the number of packets generated (2n, where n is the number of router hops), the time it takes to duplicate all the nearer router hops with each successive packet, and the fact that the path may change during this process. Also, this algorithm does not trace the return path, which may differ from the outbound path.

The router hop count ultimately provide information on the length of the outbound and return paths to the destination. They also provide a means of determining whether or not any ICMP Traceroute messages havebeen lost.

 


www.loriotpro.com