Understanding tracert command on Windows

ProFamousProFamous MemberMember Posts: 63 ■■□□□□□□□□
So I am studying routing protocols and TTL/hop count/etc etc etc for Net+, and decided to mess around with tracert in cmd.
I traced google.com. Why does each hop have 3 separate values? Why is 1 not sufficient? For example on the 3rd hop it says 16, 10, and 11 ms. Also, the 2nd hop timed out, what allows the trace to continue after a hop timed out? I would think it would just cancel.

I have pasted the first part of the trace for better understanding:

1 1 ms 1 ms 1 ms . [192.168.2.1]
2 * * * Request timed out.
3 16 ms 10 ms 11 ms 24.29.2.13
4 10 ms 10 ms 21 ms tge0-13-0-1.fpkhoh0301r.midwest.rr.com [65.29.34
.232]
5 16 ms 13 ms 24 ms be11.blasohdp01r.midwest.rr.com [65.29.33.66]

Thanks yall!

Comments

  • TechGuru80TechGuru80 Senior Member Member Posts: 1,539 ■■■■■■□□□□
    Devices like firewalls get configured to prevent ICMP packets like ping from getting responses so that's why you don't see a response. Prevents things like recon for malicious people trying to attack those devices.
  • volfkhatvolfkhat Senior Member Member Posts: 1,022 ■■■■■■■■□□
    TechGuru80 wrote: »
    Devices like firewalls get configured to prevent ICMP packets like ping from getting responses so that's why you don't see a response. Prevents things like recon for malicious people trying to attack those devices.

    Yes, but in this case, the 2nd hop is generally your cable/dsl modem. I'm kind of surprised that it did Not respond. Or perhaps he is tracing from a Starbucks/school-campus, etc?

    Profamous,
    to answer your other question (which is a Good Question btw :), watch this video:
    CompTIA Network+ N10-005: 4.3 - Traceroute | Professor Messer - CompTIA A+, Network+, Security+, Linux, Microsoft Technology Training

    Great resource!
  • wes allenwes allen Senior Member Member Posts: 540 ■■■■■□□□□□
  • TechGuru80TechGuru80 Senior Member Member Posts: 1,539 ■■■■■■□□□□
    Generally at home yes...but network dependent because some modems these days have switches built-in.
  • echo_time_catecho_time_cat Member Member Posts: 74 ■■□□□□□□□□
    ProFamous wrote: »
    So I am studying routing protocols and TTL/hop count/etc etc etc for Net+, and decided to mess around with tracert in cmd.
    I traced google.com. Why does each hop have 3 separate values? Why is 1 not sufficient? For example on the 3rd hop it says 16, 10, and 11 ms. Also, the 2nd hop timed out, what allows the trace to continue after a hop timed out? I would think it would just cancel.

    I have pasted the first part of the trace for better understanding:

    1 1 ms 1 ms 1 ms . [192.168.2.1]
    2 * * * Request timed out.
    3 16 ms 10 ms 11 ms 24.29.2.13
    4 10 ms 10 ms 21 ms tge0-13-0-1.fpkhoh0301r.midwest.rr.com [65.29.34
    .232]
    5 16 ms 13 ms 24 ms be11.blasohdp01r.midwest.rr.com [65.29.33.66]

    Thanks yall!

    You have three different 'pings' per hop for the purpose of "averages". Most of the time, a trace route is used to determine a bottleneck or slow down in a network, or to narrow down a routing issue.. Having three responses just gives the hop in question a chance to redeem itself :)

    This is still a function of ICMP, and this kind of request is low priority for a router. Sometimes a higher response time is simply because the router/hop had something more important to do. Also, sometimes you may get a response like "17ms * * 24.13.2.5" , this could either be the router being too busy, or, being set to only provide one ICMP echo response.
Sign In or Register to comment.