How to Use MTR (Traceroute and Ping Combined)
One of the not so well know networking tools available on Linux is MTR. MTR combines the functionality of the traceroute and ping programs in a single net-work diagnostic tool. As mtr starts, it investigates the network connection between the host mtr runs on and a user-specified destination host. After it determines the address of each network hop between the machines, it sends a sequence ICMP ECHO requests to each one to determine the quality of the link to each machine. As it does this, it prints running statistics about each machine. A sudden increase in packet-loss or response time is often an indication of a bad (or simply overloaded) link. mtr is fairly easy to use once you have a look at the different options possible:
This shows us the usage flags and options.
So in order to know more about the different flags we will take a look at them now:
Print the summary of command line argument options.
Print the installed version of mtr.
This option puts mtr into report mode. When in this mode, mtr will run for
the number of cycles specified by the -c option, and then print statistics and
This mode is useful for generating statistics about network quality. Note
that each running instance of mtr generates a significant amount of network
traffic. Using mtr to measure the quality of your network may result in
decreased network performance.
-c COUNT –report-cycles COUNT
Use this option to set the number of pings sent to determine both the machines
on the network and the reliability of those machines. Each cycle lasts one
-s BYTES –psize BYTES
These options or a trailing PACKETSIZE on the commandline sets the packet size
used for probing. It is in bytes inclusive IP and ICMP headers
If set to a negative number, every iteration will use a different, random
packetsize upto that number.
Use this option to force mtr to use the curses based terminal interface (if available).
Use this option to force mtr to display numeric IP numbers and not try to
resolve the host names.
Use this option to force mtr to use the GTK+ based X11 window interface (if
available). GTK+ must have been available on the system when mtr was built
for this to work. See the GTK+ web page at
www DOT gimp DOTorg/gtk/for more information about GTK+.
Use this option to set mtr to spit out a format that is suitable for a split-
Use this option to tell mtr to use the raw output format. This format is better
suited for archival of the measurement results. It could be parsed to be
presented into any of the other display methods.
Use this option to bind outgoing packets’ socket to specific interface, so
that any packet will be sent through this interface. NOTE that this option
doesn’t apply to DNS requests (which could be and could not be what you want).
Use this option to specify the positive number of seconds between ICMP ECHO
requests. The default value for this parameter is one second.
Use IPv4 only.
Use IPv6 only.
Ok now we see that we have lots of options to play with here.
Ok back to the terminal we are going to look at a target computer with the -r (report mode) and -c (count) set to 1
We only care about the first two columns. The first is the name of the nodes along the route,and the second is the percent of packets that were lost. If we lose packets then the traceroute must find a new way to get to the destination. Sometimes nodes along our route will drop these packets. You can see that our query was didnt have any isues until hop #13 where it clearly failed and had to find a new route. Remember just like any traceroute the first node returned is the closest to your box and the last is farthest away. The next step we would take is do do individual whois on the hops which failed in order to determine the reasons for the packet loss.
If your distribution of choice does not have the MTR program installed or it is not available with the package manager it can be downloaded from here