Traceroute CMD: How to Diagnose Network Problems and Read Results

By /

When your internet connection slows down or websites won’t load, you need to know where the problem is. The traceroute command shows you exactly where data gets stuck between your computer and any destination on the internet.

This tool traces the path your data takes across networks, measuring delays at each hop. You’ll see every router your packets pass through and how long each step takes.

What Traceroute Does and Why You Need It

Traceroute maps the route data packets take from your device to a target server. Think of it like tracking a package through multiple distribution centers before it reaches your door.

Every time you connect to a website or online service, your data doesn’t travel directly. It bounces through multiple routers owned by different internet service providers. Traceroute reveals this hidden journey.

You need traceroute when:

  • Websites load slowly but your connection seems fine
  • Certain services timeout while others work normally
  • You’re troubleshooting remote server access
  • Your IT team asks for network diagnostic data
  • Gaming or video calls experience high latency

The command works on Windows, Mac, and Linux. Each system uses slightly different syntax, but the concept remains identical.

Traceroute CMD

How to Use Traceroute Command on Windows

Windows calls this tool “tracert” instead of “traceroute.” The command runs through Command Prompt or PowerShell.

Basic steps:

  1. Press Windows key + R
  2. Type “cmd” and press Enter
  3. Type tracert google.com (replace with any domain)
  4. Press Enter and wait for results

The complete syntax looks like this:

tracert [options] target_host

Common options:

  • -d skips DNS lookups for faster results
  • -h maximum_hops sets how many routers to check (default is 30)
  • -w timeout changes wait time in milliseconds (default is 4000)

Example with options:

tracert -d -h 20 -w 2000 amazon.com

This command traces to Amazon without resolving hostnames, stops after 20 hops, and waits only 2 seconds per hop.

Understanding Traceroute Results Step by Step

Raw traceroute output confuses most people at first glance. Here’s what each column means.

Sample output:

Tracing route to google.com [142.250.185.46]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  192.168.1.1
  2     8 ms     9 ms     8 ms  10.120.45.1
  3    12 ms    11 ms    13 ms  172.16.5.254
  4    15 ms    16 ms    14 ms  ae3.cr1.lax.net [198.51.100.1]
  5    18 ms    19 ms    17 ms  142.250.185.46

Breaking down each element:

  • Hop number (1, 2, 3): Sequential routers in the path
  • Three time values: Round-trip time in milliseconds for three probe packets
  • IP address or hostname: The router at that hop
  • Asterisks (*): Timeout, meaning that router didn’t respond
See also  Windows Search Not Working: Complete Troubleshooting Guide

The first hop is always your router or gateway. The last hop should be your destination.

What Good vs Bad Results Look Like

Good results show consistent timing with gradual increases:

HopTime RangeStatus
1-3<10 msNormal (local network)
4-810-30 msNormal (regional routing)
9-1530-100 msNormal (long distance)

Bad results reveal problems:

  • Sudden jumps: Hop 5 shows 15ms, hop 6 shows 250ms (indicates congestion)
  • Multiple timeouts: Three asterisks in a row suggest blocking or packet loss
  • Request timed out: Complete failure to reach destination

Running Traceroute on Mac and Linux

Mac and Linux systems use “traceroute” instead of “tracert.” The tool offers more options and different default behavior.

On Mac:

  1. Open Terminal (Applications > Utilities > Terminal)
  2. Type traceroute google.com
  3. Press Enter

On Linux:

  1. Open your terminal emulator
  2. Type traceroute google.com
  3. Press Enter (may need sudo for some options)

Unix-style syntax:

traceroute [options] host [packet_length]

Useful Linux/Mac options:

  • -n shows only IP addresses (faster)
  • -m max_ttl sets maximum hops
  • -q nqueries changes number of probes per hop
  • -w waittime sets timeout in seconds
  • -I uses ICMP instead of UDP packets

Example:

traceroute -n -m 25 -q 1 cloudflare.com

This traces to Cloudflare using numeric IPs only, maximum 25 hops, with one probe per hop.

Common Traceroute Problems and Solutions

Problem 1: All Asterisks After a Certain Hop

Symptom: Results show several successful hops, then only asterisks.

Causes:

  • Firewall blocking ICMP or UDP packets
  • Router configured to not respond to traceroute
  • Network congestion dropping packets

Solutions:

Try ICMP mode on Linux/Mac:

traceroute -I target.com

On Windows, use TCP-based alternatives like tcptraceroute.

Many routers silently forward packets without responding to traceroute probes. If the final destination responds, the route works fine despite middle asterisks.

Problem 2: High Latency at Specific Hops

Symptom: One hop shows 200ms while others show 20ms.

What it means:

Single hop delays usually indicate congestion at that specific router. This might be:

  • Your ISP’s network congestion
  • Peering point issues between providers
  • Overloaded backbone router

What to do:

Run traceroute multiple times over several hours. Consistent delays at the same hop suggest a persistent bottleneck. Contact your ISP with this data.

Problem 3: Destination Unreachable

Symptom: Traceroute completes but shows “Destination host unreachable.”

Common causes:

  • Firewall blocking your connection at destination
  • Server is down or offline
  • Incorrect IP address or domain name
  • Your IP is blocked

Verify the destination works by checking from another network or using online tools.

Advanced Traceroute Techniques

Continuous Monitoring with MTR

MTR (My Traceroute) combines traceroute with ping for ongoing analysis. It shows real-time statistics and packet loss percentages.

Install on Linux:

sudo apt-get install mtr

Install on Mac:

brew install mtr

Run MTR:

mtr google.com

MTR displays a live updating table showing packet loss and latency statistics for each hop. This reveals intermittent problems that single traceroute runs miss.

Path MTU Discovery

Sometimes packets fail because they’re too large for certain network segments. Traceroute can test maximum transmission unit (MTU) issues.

On Linux:

traceroute -F --mtu google.com

This discovers the maximum packet size the route supports.

Using Traceroute for Different Protocols

Default traceroute uses UDP on Linux/Mac and ICMP on Windows. Some networks treat these differently.

TCP traceroute (Linux):

sudo traceroute -T -p 443 website.com

This traces using TCP packets to port 443 (HTTPS), which firewalls rarely block.

Reading Traceroute for Business Networks

Corporate and business networks show different patterns than home connections.

Typical business traceroute:

  1     1 ms     1 ms     1 ms  gateway.local [192.168.10.1]
  2     2 ms     2 ms     2 ms  core-switch.company.local [10.0.1.1]
  3     3 ms     3 ms     3 ms  firewall.company.local [10.0.0.254]
  4    12 ms    11 ms    13 ms  isp-gateway [203.0.113.1]

Notice internal hostnames resolve to private IP addresses (192.168.x.x, 10.x.x.x). These hops represent your company’s internal infrastructure.

See also  How Does Cryptocurrency Work: Complete Guide to Digital Money

The jump from hop 3 to hop 4 usually marks the boundary between your network and your ISP. Significant latency increases here suggest issues with your internet connection, not internal network.

Traceroute Security and Privacy Considerations

Traceroute reveals network topology. This information helps attackers understand infrastructure.

What traceroute exposes:

  • Your public IP address
  • Your ISP’s routing infrastructure
  • Number of hops to reach your network
  • Potential firewall locations

Most security-conscious networks configure edge routers to not respond to traceroute. This is why you often see asterisks for hops just before reaching a destination.

Best practices:

  • Don’t share traceroute results publicly without redacting private IPs
  • Understand that running traceroute against some networks may trigger security alerts
  • Use traceroute only for legitimate troubleshooting

Alternative Tools and When to Use Them

Traceroute isn’t always the best diagnostic tool. Consider alternatives for specific scenarios.

Pathping (Windows only):

Combines traceroute with extended ping statistics. Better for identifying packet loss locations.

pathping google.com

Takes 5-10 minutes to complete but provides detailed loss statistics per hop.

PingPlotter:

Commercial tool with graphical interface. Shows latency graphs over time. Excellent for documenting intermittent problems for ISP support tickets.

Visual Traceroute Tools:

Online services like https://www.yougetsignal.com/tools/visual-tracert/ show geographic maps of your route. Helpful for understanding physical path.

Smokeping:

Open-source tool for continuous network latency monitoring. Better than repeated manual traceroutes for identifying patterns. Learn more about network monitoring approaches at https://www.cisco.com/c/en/us/solutions/small-business/resource-center/networking/network-troubleshooting.html.

Practical Traceroute Scenarios and Examples

Scenario 1: Website Loading Slowly

You notice your company website loads slowly from office.

Steps:

tracert yourcompany.com

Check results:

  • High latency at hops 1-3? Problem is your local network
  • High latency at middle hops? ISP routing issue
  • High latency only at final hop? Web server is overloaded

Scenario 2: Can’t Connect to Remote Server

Your remote desktop connection fails.

Steps:

tracert server-ip-address

Look for:

  • Request timed out at specific hop? Network blocks that path
  • All asterisks after certain point? Firewall blocking probes
  • Destination reached but still can’t connect? Service-level issue, not network

Scenario 3: Gaming Lag Investigation

Your game shows high ping to servers.

Steps:

tracert game-server.example.com

Analyze:

  • Total time over 100ms? Routing path is too long
  • Packet loss at specific hop? ISP peering issue
  • Consistent high latency? Geographic distance problem

Run multiple traceroutes to different game servers. If all show similar issues, the problem is your connection. If only specific servers lag, their network routing is suboptimal.

Interpreting Unusual Traceroute Patterns

Decreasing Latency Pattern

Sometimes later hops show lower latency than earlier ones:

  5    45 ms    44 ms    46 ms  router1.isp.net
  6    28 ms    27 ms    29 ms  router2.isp.net
  7    30 ms    31 ms    29 ms  destination.com

This seems impossible since packets must travel through hop 5 to reach hop 6. The explanation is simple: hop 5’s router prioritizes forwarding packets over responding to traceroute probes. The timing reflects response priority, not actual packet delay.

Geographically Illogical Routes

Your traceroute might show a path bouncing between continents:

  8    25 ms  london.isp.net [UK]
  9    180 ms newyork.isp.net [USA]
 10    35 ms  london.datacenter.net [UK]

This happens due to:

  • ISP peering agreements routing traffic through specific exchange points
  • BGP routing choosing paths based on business relationships, not distance
  • Load balancing across multiple international connections

These routes aren’t errors. They reflect the internet’s complex economic and technical routing decisions.

Automating Traceroute for Monitoring

For ongoing network monitoring, automate traceroute runs.

Windows PowerShell script:

$results = tracert google.com
$results | Out-File "C:\logs\traceroute_$(Get-Date -Format 'yyyyMMdd_HHmmss').txt"

Schedule this script with Task Scheduler to run every hour.

See also  How to Set Up Parental Controls on Your Child's Phone: iPhone & Android (2026)

Linux bash script:

#!/bin/bash
traceroute google.com > /var/log/traceroute_$(date +%Y%m%d_%H%M%S).txt

Add to crontab for automated execution:

0 * * * * /path/to/traceroute_script.sh

This creates timestamped logs showing route changes over time.

Traceroute vs Ping vs Netstat

People often confuse these network tools. Here’s when to use each:

ToolPurposeWhat It ShowsBest For
TraceroutePath mappingEvery hop and timingFinding where delays occur
PingConnectivity testRound-trip time and packet lossChecking if host is reachable
NetstatConnection statusActive connections and portsSeeing what’s connected to your system
NslookupDNS queriesIP address for domainsDiagnosing DNS problems

Use traceroute when ping shows problems but you need to know where. Use ping for quick connectivity checks. Use netstat to see established connections.

Traceroute in IPv6 Networks

IPv6 uses different traceroute commands and shows different address formats.

Windows IPv6 traceroute:

tracert -6 ipv6.google.com

Linux/Mac IPv6 traceroute:

traceroute6 ipv6.google.com

IPv6 addresses look like this: 2001:4860:4860::8888

The route structure works identically to IPv4, but you’ll see longer addresses. Some ISPs route IPv6 traffic differently than IPv4, so traceroute results may show completely different paths to the same destination.

Troubleshooting Traceroute Itself

Traceroute Not Found Error

Linux error: “command not found”

Solution:

sudo apt-get install traceroute

Or on Red Hat based systems:

sudo yum install traceroute

Permission Denied Errors

Some traceroute options require administrator access.

Linux/Mac:

sudo traceroute options target

Windows: Right-click Command Prompt and select “Run as administrator”

Traceroute Hangs Indefinitely

If traceroute seems frozen, it’s probably waiting for unresponsive hops to timeout.

Solution: Use shorter timeout values

Windows:

tracert -w 1000 target.com

Linux/Mac:

traceroute -w 1 target.com

This waits only 1 second per hop instead of the default 4-5 seconds.

Summary

Traceroute reveals the hidden path your data travels across the internet. This simple command helps pinpoint exactly where network problems occur.

Remember these essentials:

  • Windows uses tracert, Linux/Mac uses traceroute
  • Results show each router hop with timing for three test packets
  • Asterisks mean timeouts, not necessarily problems
  • High latency at specific hops identifies bottleneck locations
  • Run multiple traces to distinguish temporary issues from persistent problems

The most common mistake is misinterpreting asterisks as failures. Many routers deliberately don’t respond to traceroute while still forwarding your packets normally.

Use traceroute as part of broader troubleshooting. Combine it with ping, checking service status, and testing from different networks. This complete picture helps identify whether problems stem from your network, your ISP, or the destination.

For deeper understanding of network diagnostics and troubleshooting methodologies, the CompTIA Network+ certification materials provide excellent foundational knowledge at https://www.comptia.org/certifications/network.

Frequently Asked Questions

What is the difference between tracert and traceroute?

Tracert is the Windows command name for the same tool that Linux and Mac call traceroute. They perform identical functions with slightly different syntax. Windows tracert uses ICMP echo packets by default, while Unix traceroute uses UDP packets. This technical difference rarely matters for basic troubleshooting. Both commands map network paths and measure hop latency.

How long should traceroute take to complete?

Normal traceroute completes in 10 to 60 seconds. The exact time depends on timeout settings, number of hops, and network responsiveness. Routes with many unresponsive hops take longer because traceroute waits for each timeout. Using shorter timeout values (1-2 seconds instead of 4-5) speeds up results. Routes exceeding 30 hops automatically stop unless you increase the maximum hop limit.

Can traceroute find the physical location of problems?

Traceroute shows network topology, not physical geography. However, hostnames in results often include location codes like “nyc” for New York or “lax” for Los Angeles. Visual traceroute tools map these to geographic locations, but the mapping is approximate. The internet doesn’t route by shortest physical distance. A packet might travel from New York to San Francisco via Chicago due to ISP peering agreements.

Why do I see private IP addresses in traceroute results?

Private IP addresses (192.168.x.x, 10.x.x.x, 172.16.x.x) in early hops represent your local network infrastructure. These are routers, switches, and gateways within your organization before traffic reaches the public internet. Once traceroute exits your network through the ISP gateway, you’ll see public IP addresses. If you see private IPs late in a traceroute, the destination is within the same private network or there’s unusual NAT configuration.

Is it legal to run traceroute against any website?

Traceroute is generally legal for legitimate network troubleshooting. The command sends normal network packets that routers expect to handle. However, some organizations consider repeated traceroutes as reconnaissance for attacks. Excessive traceroute requests might trigger security systems or violate terms of service. Use traceroute reasonably for genuine diagnostic purposes. Don’t automate high-frequency traceroutes against networks you don’t own without permission.

MK Usmaan
Latest posts by MK Usmaan (see all)