Understanding tracert command on Windows

So I am studying routing protocols and TTL/hop count/etc etc etc for Net+, and decided to mess around with tracert in cmd.
I traced google.com. Why does each hop have 3 separate values? Why is 1 not sufficient? For example on the 3rd hop it says 16, 10, and 11 ms. Also, the 2nd hop timed out, what allows the trace to continue after a hop timed out? I would think it would just cancel.

I have pasted the first part of the trace for better understanding:

1 1 ms 1 ms 1 ms . [192.168.2.1]
2 * * * Request timed out.
3 16 ms 10 ms 11 ms 24.29.2.13
4 10 ms 10 ms 21 ms tge0-13-0-1.fpkhoh0301r.midwest.rr.com [65.29.34
.232]
5 16 ms 13 ms 24 ms be11.blasohdp01r.midwest.rr.com [65.29.33.66]

Thanks yall!

Find more posts tagged with

Comments

TechGuru80

Devices like firewalls get configured to prevent ICMP packets like ping from getting responses so that's why you don't see a response. Prevents things like recon for malicious people trying to attack those devices.

volfkhat

TechGuru80 wrote: »

Devices like firewalls get configured to prevent ICMP packets like ping from getting responses so that's why you don't see a response. Prevents things like recon for malicious people trying to attack those devices.

Yes, but in this case, the 2nd hop is generally your cable/dsl modem. I'm kind of surprised that it did Not respond. Or perhaps he is tracing from a Starbucks/school-campus, etc?

Profamous,
to answer your other question (which is a Good Question btw

, watch this video:
CompTIA Network+ N10-005: 4.3 - Traceroute | Professor Messer - CompTIA A+, Network+, Security+, Linux, Microsoft Technology Training

Great resource!

wes allen

Just going to leave this here:

https://www.youtube.com/watch?v=SXmv8quf_xM

TechGuru80

Generally at home yes...but network dependent because some modems these days have switches built-in.

echo_time_cat

ProFamous wrote: »

So I am studying routing protocols and TTL/hop count/etc etc etc for Net+, and decided to mess around with tracert in cmd.
I traced google.com. Why does each hop have 3 separate values? Why is 1 not sufficient? For example on the 3rd hop it says 16, 10, and 11 ms. Also, the 2nd hop timed out, what allows the trace to continue after a hop timed out? I would think it would just cancel.

I have pasted the first part of the trace for better understanding:

1 1 ms 1 ms 1 ms . [192.168.2.1]
2 * * * Request timed out.
3 16 ms 10 ms 11 ms 24.29.2.13
4 10 ms 10 ms 21 ms tge0-13-0-1.fpkhoh0301r.midwest.rr.com [65.29.34
.232]
5 16 ms 13 ms 24 ms be11.blasohdp01r.midwest.rr.com [65.29.33.66]

Thanks yall!

You have three different 'pings' per hop for the purpose of "averages". Most of the time, a trace route is used to determine a bottleneck or slow down in a network, or to narrow down a routing issue.. Having three responses just gives the hop in question a chance to redeem itself

This is still a function of ICMP, and this kind of request is low priority for a router. Sometimes a higher response time is simply because the router/hop had something more important to do. Also, sometimes you may get a response like "17ms * * 24.13.2.5" , this could either be the router being too busy, or, being set to only provide one ICMP echo response.