45 views

Understanding Traceroute


Purpose

Use traceroute or, if Windows, tracert from any host to demonstrate reachability or latency to each network hop on the path from the user to ServiceNow. It is important to use traceroute with the ICMP option as the default option (UDP) is filtered out by ServiceNow. To use traceroute on:

  • Windowstracert <instance>.servicenow.com
  • Mac/Linuxtraceroute <instance>.servicenow.com

 

How to Read it?
  • Each line in the traceroute represents a network step between the source machine and the destination machine.
  • Hop#: The leftmost column is the step number
  • RTT: The next three columns are latency estimates.(done three times to give an average) Commonly known as Round Trip Time.
  • Domain/IP: The last column is the machine we're hopping to.

 

 

 

Traceroute: Checking the HOP Times


The times listed in the RTT columns are the main thing you want to look at when evaluating a traceroute. Consistent times are what you are looking for.

 

  • Increasing Latency Towards the Target

    If you see a sudden increase in a hop and it keeps increasing to the destination (if it even gets there), then this indicates an issue starting at the hop with the increase. This may well cause packet loss where you will even see asterisks (*) in the report.





  • High Latency in the Middle but not at the Beginning or End

    If the hop immediately after a long one drops back down, it simply means that the router at the long hop set the signal to a lower priority and does not have an issue. Patterns like this do not indicate an issue.



  • High Latency In the Middle that Remains Consistent

    If you see a hop jump but remain consistent throughout the rest of the report, this does not indicate an issue.



  • High Latency In the Beginning Hops

    Seeing reported latency in the first few hops indicates a possible issue on the local network level. You will want to work with your local network administrator to verify and fix it. 


  • Timeouts at the Beginning of the Report

    Timeouts at the beginning of the report If you have timeouts at the very beginning of the report, say within the first one or two hops, but the rest of the report runs, do not worry. This is perfectly normal as the device responsible likely does not respond to traceroute requests.


  • Timeouts at the very End of the Report

    Timeouts at the end may occur for a number of reasons. Not all of them indicate an issue, however.
    - The target's firewall may be blocking requests. The target is still most probably reachable with a normal HTTP request, however. This should not affect normal connection.
    - The return path may have an issue from the destination point. This would mean the signal is still reaching, but just not getting the return signal back to your computer. This should not affect the normal connection.
    - Possible connection problem at the target. This will affect the connection.

     

    NOTE: Generally, with a traceroute, you are looking for individual steps that take a long time, like 500 ms for a particular hop. You are also looking for steps that show an asterisk (*) instead of a step time, for example:

     1     100 ms   *        500ms  12.192.116.193

    The asterisk indicates that a particular packet failed to arrive, which can indicate network problems on that particular hop. You also see an asterisk if that particular router is set to not forward ICMP, so this outcome is potentially a false alarm if all three latency times for a step are asterisks.

Article Information

Last Updated:2018-04-03 05:07:56
Published:2018-04-03