0
Using Nmap's traceroute option shows only one hop and is extremely fast. I understand it works differently than traceroute in that it tries to guess the right TTL instead of beginning with 1. But why is the RTT so fast? I have repeated this 10 times and the RTT is always in the range of 0.02 - 0.03 ms.
# nmap -Pn -T4 --traceroute xxx.xxx.xxx.xxx
Starting Nmap 6.40 ( http://nmap.org ) at 2019-06-25 12:25 PDT
Nmap scan report for xxx.xxx.xxx.xxx
Host is up (0.00013s latency).
Not shown: 991 filtered ports
PORT STATE SERVICE
<redacted>
TRACEROUTE (using port 113/tcp)
HOP RTT ADDRESS
1 0.03 ms xxx.xxx.xxx.xxx
Nmap done: 1 IP address (1 host up) scanned in 4.74 seconds
Using standard traceroute -T shows 8 hops. Repeating this 10 times shows a final RTT range between 0.77 - 1.20 ms. Both servers are on fast dedicated internet within 10 miles of each other, but 0.03 ms RTT seems unrealistic considering router processing time.
Elliott B
Posted 2019-06-25T19:48:48.620
Reputation: 769
What
traceroutecommand did you try? Compare both side-by-side. Also try 10-20 times and average them. – Biswapriyo – 2019-06-25T19:57:17.987I used
traceroute -Tfollowed by the IP address. I added repeatability results to the question. – Elliott B – 2019-06-25T20:57:26.477