- Pip install Boto3 - Thu, Mar 24 2022
- Install Boto3 (AWS SDK for Python) in Visual Studio Code (VS Code) on Windows - Wed, Feb 23 2022
- Automatically mount an NVMe EBS volume in an EC2 Linux instance using fstab - Mon, Feb 21 2022
You probably know the route tracing command-line tools tracert and pathping, which can be helpful to troubleshoot network connection issues quickly. For a more professional analysis of route traces, you need a GUI that gives you a visual overview of the different routes that Internet packets take to their destination.
TCP and UDP
Another major drawback of tracert and pathping is that they only support ICMP. Many firewalls block or drop ICMP packets, which means that you often can’t use these tools if you want to find out where a network connection is having a problem. Sometimes TCP and UDP packets can take a different route than ICMP packets. Because your Internet application most likely uses TCP or UDP, an ICMP route might not give you the information you need to troubleshoot network connection problems.
Visual Traceroute
WhatsUp Visual Traceroute supports ICMP, UDP, and TCP and allows you to configure the source and destination ports for the latter two protocols. TCP and destination port 80 are your best bet if you want to measure response times from every router along the path to your destination. However, if you are not troubleshooting a web application, the ability to use another port can be helpful. Note that you have to install the WinPcap packet capture library if you want to work with UDP and TCP.
Visual Traceroute also allows you to decide whether the SYN flag or the FIN flag is set in the TCP packet. If the SYN flag is set to 1, the TCP connection is initiated; a set FIN flag initiates the termination phase of a TCP connection. In most cases, you will want to set the SYN flag because this is how Internet applications start a network connection. The FIN flag option can be helpful if you want to find out more about the behavior of firewalls between source and destination. Most stateful firewalls drop such packets that don’t belong to a previously initiated TCP connection; thus, you probably won’t get any responses with this setting on the public Internet because stateless firewalls are rare nowadays.
In addition, you can configure the packet length for UDP and TCP connections, the timeout (for each reply), the maximum TTL, and pings per TTL. You might want to play with the timeout settings if you are troubleshooting a very slow connection. The pings per TTL setting is important for the latency deviation visualization (see below).
Latency
The latency thresholds of Visual Traceroute are perhaps more interesting. The two sliders allow you to define which latency performance is displayed as good (green), marginal (yellow), and red (bad) on the Results tab.
The Results tab gives you a graphical overview of the trace statistics. The y-axis represents the latency in milliseconds, and the x-axis stands for the hops (routers) along the network path. If you move the first latency threshold slider to the right, you change your definition of good vs. marginal latency and, therefore, the colored areas in the diagram. The second slider represents the marginal vs. bad latency. Note that you can also change these settings after the trace is complete.
Latency thresholds and maximum latency difference
The circles around each hop represent the maximum latency deviations between separate measurements for a particular hop. By default, Visual Traceroute sends three pings in a trace. A big circle indicates that the performance of a router changes significantly over time. If you see many big circles in a trace, you can expect a high network jitter between source and target. This is the kind of information you easily miss with a command-line tool.
A broken line between two hops indicates that the hop didn’t respond to the ping request. You can also define your acceptable loss thresholds, as a percent. If you move this slider from left to right, entries in the loss column change color if the packet loss exceeds the setting of the slider.
Topologoy
The Topology tab gives you an overview of alternate routes to the destination. On the Results tab, hops with multiple possible routers have a + sign in front of the hop number. Clicking the sign reveals the data for the corresponding routers.
Visual Traceroute - Topology tab
Visual Traceroute tries to combine network providers in the topology. However, in my test, the assignment was often wrong if an alternate route went to a different provider’s network.
In addition to the Topology tab, Visual Traceroute also offers a Topology map that you access through the link in the upper right corner of the application. The Topology map shows a combined view of all traces.
Topology map
You can add a trace by adding a new destination tab.
Destination tab
Logs and Whois
If this is all too colorful for your taste and you prefer the spartan output of a command-line tool, simply click the Logs tab. The Target Information tab offers Whois information about the destination host.
Logs tab
Conclusion
Overall, I like Visual Traceroute. For a free tool, it has quite a few nice features. One thing I really missed is a world map in the topology map. I find it interesting to see which countries a packet travels to until it reaches its target. The only problem I had with the tool was that, when I tried it in a VirtualBox machine with NAT enabled, it only displayed one hop to every destination. The tool only worked properly when I changed the VirtualBox network settings to “bridged.”
Do you know another good traceroute tool?
