UNIX System Administration Handbook - Evi Nemeth [373]
2 cs-gw-dmz.cs.colorado.edu (128.138.243.193) 2.720 ms 4.378 ms 5.052 ms
3 engr-cs.Colorado.EDU (128.138.80.141) 5.587 ms 2.454 ms 2.773 ms
4 hut-engr.Colorado.EDU (128.138.80.201) 2.743 ms 5.643 ms 2.772 ms
5 cuatm-gw.Colorado.EDU (128.138.80.2) 5.587 ms 2.784 ms 2.777 ms
6 204.131.62.6 (204.131.62.6) 5.585 ms 3.464 ms 2.761 ms
7 border-from-BRAN.coop.net (199.45.134.81) 5.593 ms 6.433 ms 5.521 ms
8 core-gw-eth-2-5.coop.net (199.45.137.14) 53.806 ms * 19.202 ms
9 xor.com (192.225.33.1) 16.838 ms 15.972 ms 11.204 ms
This output shows that packets must traverse five of our internal gateways before leaving the colorado.edu network (cs-gw3-faculty to cuatm-gw). The next-hop gateway on the BRAN network (204.131.62.6) doesn’t have a name in DNS. After two hops in coop.net, we arrive at xor.com.
At hop 8, we see a star in place of one of the round trip times. This notation indicates that no response (error packet) was received in response to the probe. In this case, the cause is probably congestion, but that is not the only possibility. traceroute relies on low-priority ICMP packets, which many routers are smart enough to drop in preference to “real” traffic. A few stars shouldn’t send you into a panic.
If you see stars in all of the round trip time fields for a given gateway, no “time exceeded” messages are arriving from that machine. Perhaps the gateway is simply down. Sometimes, a gateway will be configured to silently discard packets with expired TTLs. In this case, you will still be able to see through the silent host to the gateways beyond. Another possibility is that the gateway’s error packets are slow to return and that traceroute has stopped waiting for them by the time they arrive.
Some firewalls block ICMP “time exceeded” messages entirely. If there’s one of these firewalls along the path, you won’t get information about any of the gateways beyond it. However, you can still determine the total number of hops to the destination because the probe packets will eventually get all the way there. Also, some firewalls may block the outbound UDP datagrams that traceroute sends to trigger the ICMP responses. This problem causes traceroute to report no useful information at all.
A slow link does not necessarily indicate a malfunction. Some physical networks have a naturally high latency. Sluggishness can also be a sign of congestion on the receiving network, especially if the network uses a CSMA/CD technology that makes repeated attempts to transmit a packet (Ethernet is one example). Inconsistent round trip times would support such a hypothesis, since collisions increase the randomness of the network’s behavior.
Sometimes, you may see the notation !N instead of a star or round trip time. It indicates that the current gateway sent back a “network unreachable” error, meaning that it doesn’t know how to route your packet. Other possibilities include !H for “host unreachable” and !P for “protocol unreachable.” A gateway that gives you any of these error messages will usually be the last hop you can get to. That host usually has a routing problem (possibly caused by a broken link): either its static routes are wrong or dynamic protocols have failed to propagate a usable route to the destination.
If traceroute doesn’t seem to be working for you (or is working incredibly slowly), it may be timing out while trying to resolve the hostnames of gateways by using DNS. If DNS is broken on the host you are tracing from, use traceroute -n to request numeric output. This option prevents the use of DNS; it may be the only way to get traceroute to function on a crippled network.
20.4 NETSTAT: GET TONS O’ NETWORK STATISTICS
netstat provides a wealth of information about the state of your computer’s networking software, including interface statistics, routing information, and connection tables. There isn’t really a unifying theme to the different sets of output, except for the fact that they all relate to the network. Every system provides netstat, but since the command is kind of a “kitchen