Introduction

Today I want to show you a real good network administration tool, if you do network administration, you should use ping and traceroute to check whenever a host is alive or not.

Maybe the steps of testing is first ping the server, and if there is no response, you try with traceroute to see where in the route an interruption exists.

Traceroute works sending ICMP packets to all the routers in the way to the destination host, but these days more and more routers and server have the ICMP packets filtered, so here is where tcptraceroute comes to save the day.

As you may guess from its name tcptraceroute is like traceroute but sends tcp packets instead of ICMP packets thus avoiding the filtering of the packets in the route.

Installation

Debian / Ubuntu

apt-get install tcptraceroute

Fedora / Centos

Be sure to have Dag Wieers repository enabled and then run:

yum install tcptraceroute

Usage

tcptraceroute [-nNFSAE] [ -i interface ] [ -f first ttl ] [ -l length ] [ -q number of queries ] [ -t tos ] [ -m max ttl ] [ -p source port ] [ -s source address ] [ -w wait time ] host [ destination port ] [ length ]

Examples

tcptraceroute www.yahoo.com

This is going to send packets to tcp port 80 and will show you the route to reach www.yahoo.com host, here is part of the output at my home.

10  tbr1.attga.ip.att.net (12.123.20.202)  220.728 ms  222.896 ms  220.617 ms
11  cr1.attga.ip.att.net (12.122.17.1)  220.735 ms  219.452 ms  219.639 ms
12  cr2.wswdc.ip.att.net (12.122.1.174)  227.361 ms  225.108 ms  225.065 ms
13  tbr2.wswdc.ip.att.net (12.122.16.70)  226.671 ms  224.096 ms  226.067 ms
14  12.122.113.81  217.532 ms  217.472 ms  218.654 ms
15  12.86.111.22  204.243 ms  212.031 ms  204.132 ms
16  ge-3-1-0-p170.msr2.re1.yahoo.com (216.115.108.69)  216.304 ms  215.201 ms  215.220 ms
17  gi1-23.bas-a2.re3.yahoo.com (66.196.112.55)  202.054 ms  203.112 ms  201.714 ms
18  f1.www.vip.re3.yahoo.com (69.147.114.210) [open]  202.302 ms  201.899 ms  209.557 ms

tcptraceroute mail.entelnet.bo 25

This is going to send packets to tcp port 25 to my ISP mail server, and here is the output.

Tracing the path to mail.entelnet.bo (166.114.10.11) on TCP port 25 (smtp), 30 hops max
 1  * * *
 2  172.17.158.5  13.467 ms  13.143 ms  13.204 ms
 3  200.87.253.53  13.285 ms  13.170 ms  13.259 ms
 4  200.87.253.137  30.819 ms  34.117 ms  33.918 ms
 5  s1011.entelnet.bo (166.114.10.11) [open]  32.282 ms [unknown, ACK]  33.101 ms  40.572 ms

Conclusion tcptraceroute is another good tool in our toolbox as network administrators, also as it is a command line tool, you can use it via ssh connections, which is great as you usually administer server away of your location.

You may want to read tcptraceroute man page