How do I get information about the ip addresses tracert goes through in windows?

0

Just wondering what the heck is not giving permission to tracert to pass.

$ tracert google.com

Tracing route to google.com  

1 - - - Request timed out.  
2 214 ms 69 ms 737 ms 114.108.194.45  
3 231 ms 217 ms 278 ms 114.108.192.186  
4 114.108.192.186 reports: Destination net unreachable

And actually it'd be pretty exciting if I could find info about the ip addresses listed. Is it the router from a certain place? or is it going into google fiber somewhere? bouncing satellites?

Loogai

Posted 2015-10-07T09:51:25.170

Reputation: 111

Please [edit] your question to include the traceroute output and your operating system. Without this we cannot answer your question. – DavidPostill – 2015-10-07T10:14:05.563

In short, it looks like your ISP is blocking the return messages. – Linef4ult – 2015-10-07T20:29:21.873

Answers

3

The Windows tracert program which you are employing is limited in its options: it only uses packets belonging to the ICMP protocol, which many firewalls nowadays block. This is the reason why route tracing does not always return meaningful answers.

This has prompted developers on Linux to provide a richer set of route-tracing tools, supporting different methods besides the traditional icmp and udp, among which are raw, dccp, tcpconn and several different versions of TCP probing. You can find a good description of the available methods on the traceroute manual page for Linux.

A few alternative resources which widen the range of possibilities exist in Windows, though:you can find them linked among the answers of a question on our sister site serverfault.

Edit:

In response to Loogai's comment: route tracing only diplays gateways, i.e. those components which join two distinct subnets, no other network component. This occurs because of a property of TTL (=Time To Live). Packets have an expiration date, like milk, it is the TTL. This is done so that, if a packet cannot be routed properly, it may be dropped after some time: after all, you do not want them to accumulate for days or weeks. The mechanism for that is the TTL, an integer count which is decreased by one unit every time a packet goes thru a gateway. Normally, packets are generated with TTL=64 (but this depends on protocol and OS), so that they have a fair chance of reaching their intended destination.

However, route tracing packets are (initially) generated with TTL=1. When they reach the first gateway (the one on your LAN, normally), TTL is decreased by one, and the gateway then realizes the packet has expired and writes back to the packet's originator stating that the packet is dead. This way, the gateway will betray its existence to the route tracing program. Now a new packet is sent out with TTL=2, so that it crosses the first gateway but not the second one; and this goes on until the final destination is reached, or a very stern firewall is encountered, whichever comes first.

This is how tracerouting works, and this is why you only see gateways but you do not see other local machines.

MariusMatutiae

Posted 2015-10-07T09:51:25.170

Reputation: 41 321

Another thing, though, why doesn't it show the local addresses? Isn't it supposed to show? – Loogai – 2015-10-07T11:35:40.577

@Loogai Please see my edit. – MariusMatutiae – 2015-10-07T11:59:17.923

I meant the local router like 192.168.0.0 – Loogai – 2015-10-07T13:05:08.050

@Loogai The local router is something like 192.168.0.1, it cannot end with a 0. Yes, in my Windows tracert my own router is displayed. – MariusMatutiae – 2015-10-07T13:12:46.457

1

You can use a service like who.is to find DNS information about certain IP addresses. That can give you an idea of who handles that IP address and where in the world it is.

ojs

Posted 2015-10-07T09:51:25.170

Reputation: 890

Asked: 2015-10-07T09:51:25.170

Viewed: 127 times

Active: 2015-10-07T12:09:33.763