Common Tools You Can Use To Diagnose Network Issues

From time to time you may experience network performance issues. This could include download speeds, upload speeds, or even laggy interactive desktops. Below are a few utilities that you can use to test your network performance.

How To Use Traceroute

Traceroute is a simple tool to show the pathway to a remote server. A pathway is generally a "hop" to other devices, like a router or firewall, between you and the end-point you're trying to reach.

The traceroute program is installed by default on just about every Linux distribution, so you shouldn’t need to install it.

To use it, you simply need to provide a hostname/FQDN and or an IP address, like in the example below: 

Linux

traceroute platform.jarvice.com

Windows

tracert platform.jarvice.com
traceroute to platform.jarvice.com (165.254.188.20), 64 hops max, 52 byte packets
1 192.168.128.1 (192.168.128.1) 5.708 ms 3.803 ms 4.524 ms
2 192.168.0.1 (192.168.0.1) 3.388 ms 2.651 ms 3.476 ms
3 142.254.130.173 (142.254.130.173) 15.311 ms 24.615 ms 12.443 ms
4 tge0-0-4.rcsntxiw02h.texas.rr.com (24.164.210.145) 53.782 ms 381.648 ms 42.707 ms
5 agg24.grldtxdw02r.texas.rr.com (24.175.50.31) 12.319 ms 16.224 ms 17.797 ms
6 agg21.dllbtxlb02r.texas.rr.com (24.175.36.201) 17.940 ms 17.911 ms 23.496 ms
7 agg21.hstqtxl301r.texas.rr.com (24.175.49.8) 25.419 ms 27.011 ms 25.869 ms
8 ae-1-0.p0.atl90.tbone.rr.com (66.109.1.218) 29.930 ms 45.762 ms 19.684 ms
9 bu-ether12.dllstx976iw-bcr00.tbone.rr.com (66.109.6.39) 26.000 ms 22.830 ms 25.965 ms
10 * 66.109.5.121 (66.109.5.121) 23.235 ms 24.234 ms
11 66.109.9.91 (66.109.9.91) 21.231 ms 24.859 ms 20.984 ms
12 ae28.cs1.dfw2.us.zip.zayo.com (64.125.26.24) 21.605 ms 21.725 ms 25.149 ms
13 ae30.er1.dfw2.us.zip.zayo.com (64.125.27.107) 21.818 ms 22.078 ms 18.856 ms
14 64.125.129.126.ipyx-123594-zyo.zip.zayo.com (64.125.129.126) 22.533 ms 21.399 ms 18.875 ms
15 * * *

How To Read Traceroute’s Output

The first line tells us the conditions that traceroute is operating under:

traceroute to platform.jarvice.com (165.254.188.20), 64 hops max, 52 byte packets 

It gives the specified host, the IP address that DNS returns for that domain, the maximum number of hops to check, and the size of the packet that will be used.

The maximum number of hops can be adjusted with the -m flag. If the host you are trying to route to is over 30 hops away, you may need to specify a larger value here. The maximum value you can set is 255.

traceroute -m 255 platform.jarvice.com 

You can adjust the size of the packet that is sent to each hop by giving the integer after the hostname:

traceroute platform.jarvice.com 70
traceroute to platform.jarvice.com (165.254.188.20), 64 hops max, 70 byte packets

After the first line, each subsequent line represents a “hop”, or intermediate host that your traffic must pass through to reach the computer represented by the host you specified.

Each line has the following format:

hop_number   host_name   (IP_address)  packet_round_trip_times

Here is an example of a hop you might see:

3 142.254.130.173 (142.254.130.173) 15.311 ms 24.615 ms 12.443 ms 

Here is what each field means:

  • hop_number: A sequential count of the number of degrees of separation the host is from your computer. Traffic from hosts with higher numbers have to go through more computers to get routed.

  • host_name: This field contains the result of a reverse DNS lookup on the host’s IP address, if available. If no information is returned from the reverse DNS query, the IP address itself is given.

  • IP_address: This field contains the IP address for this network hop.

  • packetroundtrip_times: The remainder of the line gives the round-trip times for a packet to the host and back again. By default, three packets are sent to each host and each attempt is appended to the end of the line.

    • If you would like to change the number of packets that are tested against each host, you can specify a number with the -q option, like this:

      traceroute -q1 platform.jarvice.com
      

If you would like to forgo the reverse DNS lookup to speed up the trace, you can pass the -n flag:

traceroute -n platform.jarvice.com

If your traceroute dissolves into some asterisks (*), there could be a problem with the route to the host.

5  * * *
6  * * *

What Does a Route Issue Mean?

If your traceroute attempt stops at a particular hop or node and cannot find a route to the host, you may have a problem.

Due to the fact that each ping represents a round-trip packet and the situation where packets often use different pathways in either direction, it may indicate a problem in a completely different, possibly closer route.

It also may be the case that the problem is with the hop directly after the last hop you see. It is difficult to diagnose the exact location of the problem unless you can get a return traceroute from that specific hop. This is usually not possible outside of your own network.

Another thing to consider when reviewing the output of your traceroute and you see a *, is that often times devices will de-prioritize ICMP traffic, which is what traceroute uses. When devices de-prioritize this, you'll see a * which doesn't necessarily mean there's an issue. The real value of using a traceroute is to in-fact determine which path you're taking to arrive at a particular destination.

How To Use MTR

Another alternative to the traceroute is mtr. While not available on Windows, mtr is generally available on Linux platforms. We'll get into a Windows alternative, shortly, after discussing the value of mtr on Linux. Combining the functionality of ping and traceroute, mtr allows you to constantly poll a remote server and see how the latency and performance change over time.

Screen_Shot_2019-10-17_at_11.23.03_AM.png

How To Use Pathping?

As we mentioned above, while mtr is only available on Linux, Pathping is available on Windows and is very similar to mtr and mtr values when determining possible network issues. Pathping is one of the most extremely useful built-in Windows network utilities that allows you to check the packet loss on a route to some remote network node (server or router), information about latency (delay) on a network, and also to understand at what stages of the packet transmission these losses or delays are happening. The pathping.exe utility has been included in the Windows since Windows NT/2000 and is located in the %windir%\System32 directory. It is also present in modern OSs like Windows 10 and Windows Server 2016/2019.

The utility combines the capabilities of two other standard Windows network utilities: ping and tracert, and also works on the basis of the ICMP protocol. The pathping first performs a route tracing to a remote node (like tracert), and then polls the destination node and all transit nodes using ICMP echo requests like ping. In this way, it is possible to obtain information about the losses at each stage of the transmission of network packets between your computer and a remote server.

Screen_Shot_2019-10-17_at_11.29.57_AM.png

Usage: pathping [-g host-list] [-h maximum_hops] [-i address] [-n] [-p period] [-q num_queries] [-w timeout [-4] [-6] target_name

image__6_.png

image__8_.png

In our example above we don't see any packet loss, during our testing effort. Keep in mind, some packet loss is expected, which can be for a number of reasons. Typically if you see 100% packet loss, this is likely due to ICMP being blocked, and not a network performance issue. That said, any consistent packet loss of over 2-3% could indicate an issue, where you might normally expect ICMP traffic to be allowed.

 

Conclusion

Hopefully, the above utilities and tools are useful in helping you determine and test if you have potential network issues.

Let us know if you have a favorite tool you like to use in troubleshooting network performance-related issues, we'd love to hear from you.

Was this article helpful?
0 out of 0 found this helpful