~/ linuxnetwork.net

A Deep Dive into `tracepath`: Understanding Network Path Discovery

Network troubleshooting is an essential skill for system administrators, network engineers, and developers alike. When connectivity issues arise, one of the first questions is: "Where along the path is the problem occurring?" While traceroute is the well-known tool for this task, tracepath offers a simpler, often more accessible alternative that's built into many Linux distributions by default.

This comprehensive guide will explore tracepath in detail, covering its functionality, usage, and how it compares to its more famous counterpart, traceroute.

Table of Contents#

  1. Introduction
  2. What is tracepath?
  3. tracepath vs traceroute: Key Differences
  4. How tracepath Works
  5. Installation and Availability
  6. Basic Usage and Syntax
  7. Advanced Usage and Options
  8. Practical Examples and Use Cases
  9. Interpreting tracepath Output
  10. Best Practices and Common Pitfalls
  11. Conclusion
  12. References

What is tracepath?#

tracepath is a network diagnostic tool that traces the path packets take from your local machine to a destination host. It's part of the iputils package on Linux systems and is designed to be a simpler, more user-friendly alternative to traceroute.

The primary purpose of tracepath is to:

  • Identify the network path between two hosts
  • Detect points of failure or congestion
  • Measure round-trip times (RTT) to each hop
  • Discover Maximum Transmission Unit (MTU) information along the path

tracepath vs traceroute: Key Differences#

While both tools serve similar purposes, there are important distinctions:

Featuretracepathtraceroute
Root privilegesNot requiredRequired for ICMP/TCP modes
ProtocolUDP onlyUDP, TCP, or ICMP
MTU discoveryBuilt-in (default)Optional (--mtu flag)
Probes per hop13
ComplexitySimple, fewer optionsMore feature-rich, complex
InstallationOften pre-installed on LinuxMay require separate installation

Key Advantage of tracepath: It doesn't require root privileges for basic operation, making it more accessible for regular users.

How tracepath Works#

tracepath operates using a technique similar to traceroute:

  1. Time-to-Live (TTL) Manipulation: It sends packets with increasing TTL values
  2. ICMP Time Exceeded Messages: When a router decrements TTL to 0, it sends back an ICMP "Time Exceeded" message
  3. Path Reconstruction: By analyzing these responses, tracepath reconstructs the network path

The TTL mechanism works as follows:

  • First packet: TTL = 1 → reaches first hop, gets rejected, response received
  • Second packet: TTL = 2 → reaches second hop, gets rejected, response received
  • This continues until the destination is reached

Additionally, tracepath performs Path MTU Discovery by sending packets with the Don't Fragment (DF) bit set. If a router along the path has a smaller MTU than the packet size, it cannot fragment the packet and returns an ICMP "Fragmentation Needed" error containing its next-hop MTU. tracepath uses this information to reduce the packet size and continue probing, ultimately reporting the smallest MTU along the entire path.

Installation and Availability#

Checking if tracepath is Installed#

which tracepath
# or
tracepath --version

Installation on Various Distributions#

Ubuntu/Debian:

sudo apt update
sudo apt install iputils-tracepath

CentOS/RHEL/Fedora:

# On RHEL/CentOS 7 and older using yum
sudo yum install iputils
 
# On RHEL 8+, CentOS Stream, and Fedora using dnf
sudo dnf install iputils

Arch Linux:

sudo pacman -S iputils

Basic Usage and Syntax#

Basic Command Structure#

tracepath [options] destination [port]

Simple Example#

tracepath google.com

Sample Output:

 1?: [LOCALHOST]                      pmtu 1500
 1:  _gateway (192.168.1.1)                               0.567ms
 2:  10.10.10.1                                           10.123ms
 3:  96.120.112.1                                         12.456ms
 4:  68.85.143.25                                         14.789ms asymm  5
 5:  162.151.78.190                                       16.234ms
 6:  be-301-cr01.newyork.ny.ibone.comcast.net (68.86.85.221)   18.567ms
 7:  142.250.66.46                                        19.123ms
 8:  google.com (142.250.185.14)                         20.123ms reached
     Resume: pmtu 1500 hops 8 back 8

Advanced Usage and Options#

Common Options#

Force IPv4 or IPv6:

tracepath -4 google.com         # Use IPv4 only
tracepath -6 google.com         # Use IPv6 only

Limit the number of hops:

tracepath -m 20 google.com      # Limit to 20 hops maximum

Specify initial packet length:

tracepath -l 1500 google.com    # Set initial packet length to 1500 bytes
# Default: 65535 for IPv4, 128000 for IPv6

Use specific port (for UDP tracing):

tracepath -p 33434 google.com   # Use port 33434

Display numerical addresses only (no DNS resolution):

tracepath -n google.com         # Show IPs only

Display both hostnames and IP addresses:

tracepath -b google.com         # Show both hostnames and IPs

Advanced Examples#

Tracing to a specific port:

tracepath -p 80 8.8.8.8

Combining options for detailed analysis:

tracepath -b -l 1280 -m 15 example.com

Practical Examples and Use Cases#

1. Basic Network Troubleshooting#

# Check connectivity to a web server
tracepath api.github.com
 
# Check connectivity to an IP address
tracepath 192.168.1.1

2. Identifying Network Bottlenecks#

# Compare paths to different destinations
tracepath google.com
tracepath amazon.com
tracepath microsoft.com

3. MTU Discovery for VPN or Tunnel Configurations#

# Check MTU along the path to optimize VPN settings
tracepath vpn-server.company.com

4. Monitoring Network Path Changes#

# Run periodically to detect routing changes
while true; do tracepath important-server.com; sleep 60; done

Interpreting tracepath Output#

Understanding the output is crucial for effective troubleshooting:

Sample Output Breakdown:

 1?: [LOCALHOST]                      pmtu 1500
 1:  _gateway (192.168.1.1)           0.567ms 
 2:  10.10.10.1                        10.123ms
 3:  96.120.112.1                      12.456ms
 4:  68.85.143.25                      14.789ms asymm  5
 5:  162.151.78.190                    16.234ms
 6:  be-301-cr01.newyork.ny.ibone.comcast.net (68.86.85.221)   18.567ms
 7:  142.250.66.46                     19.123ms
 8:  google.com (142.250.185.14)      20.123ms reached
     Resume: pmtu 1500 hops 8 back 8

Key Elements:

  • Hop Number: Sequential number of the router/hop
  • Hostname/IP: The address of the intermediate node
  • Response Time: Round-trip time in milliseconds
  • pmtu: Path Maximum Transmission Unit discovered
  • asymm: Indicates asymmetric routing (different forward/return paths)
  • reached: Destination successfully reached (connection refused)
  • pmtu N: Message too long; reports the Path MTU at this hop
  • !A: Communication administratively prohibited
  • !H: ICMP error — destination host unreachable
  • !N: ICMP error — destination network unreachable
  • !P: ICMP error — destination protocol unreachable

Best Practices and Common Pitfalls#

Best Practices#

  1. Use Numerical IPs for DNS-independent Testing

    tracepath -n 8.8.8.8

  2. Combine with Other Tools for Comprehensive Analysis

    # Cross-verify with ping and mtr
ping -c 3 example.com
tracepath example.com
mtr --report example.com

  3. Document Baseline Measurements

    • Keep records of normal tracepath results for comparison during outages

  4. Consider Time of Day

    • Network performance can vary significantly based on time and load

  5. Use Appropriate Hop Limits

    # For local network troubleshooting
tracepath -m 10 local-server
 
# For internet routing analysis
tracepath -m 30 remote-host

Common Pitfalls to Avoid#

  1. Misinterpreting Timeouts

    • Some routers are configured not to respond to traceroute packets
    • A single timeout doesn't necessarily indicate a problem

  2. Ignoring MTU Information

    • MTU mismatches can cause mysterious packet loss
    • Always check the discovered PMTU

  3. Overlooking Asymmetric Routing

    • The asymm indicator shows different forward/return paths
    • This can affect troubleshooting and performance analysis

  4. Not Verifying with Multiple Runs

    • Run tracepath multiple times to identify consistent vs. transient issues

Troubleshooting Common Scenarios#

High Latency at Specific Hop:

tracepath problem-site.com
# Look for significant latency increases between consecutive hops

Destination Unreachable:

tracepath unreachable-host.com
# Identify where the path fails and what error message is returned

MTU Issues:

tracepath vpn-endpoint.com
# Check if PMTU is significantly lower than expected (1500)

Conclusion#

tracepath is a powerful, user-friendly tool for network path discovery and troubleshooting. Its simplicity and lack of root requirement make it an excellent choice for quick diagnostics and routine monitoring. While it may lack some advanced features of traceroute, its built-in MTU discovery and straightforward output make it invaluable for both novice and experienced users.

Key takeaways:

  • Use tracepath for quick, privilege-free path tracing
  • Leverage its MTU discovery capabilities for network optimization
  • Combine with other tools like ping and mtr for comprehensive analysis
  • Always interpret results in context and verify with multiple runs

As networks continue to evolve, understanding the path your traffic takes remains fundamental to maintaining robust, performant connectivity.

References#

  1. Man Pages

    man tracepath
man traceroute

  2. Official Documentation

  3. RFC Standards

    • RFC 792 - Internet Control Message Protocol (ICMP)
    • RFC 1191 - Path MTU Discovery

  4. Additional Resources

  5. Related Tools

    • mtr - combines traceroute and ping functionality
    • tcptraceroute - traceroute using TCP packets
    • pathping - Windows equivalent with additional statistics

Note: Output and options may vary slightly between different versions and distributions of tracepath. Always consult your system's man pages for version-specific information.

2026-04