Using Visual Traceroutes to Troubleshoot Issues


The Visual Traceroute Tool maps each hop along a traceroute, and graphically calls out dropped packets and unresponsive nodes.  It also allows you to drill down into errors and visualize traceroutes from different locations on a hop by hop basis.

The best way to explain how this works is to show you an example.
The map that is created may show you a number of different paths taken for each monitoring task within the specified timeframe. Hovering over each node along the traceroute path, you can see:

  • The Hostname and IP Address
  • The number of Packets sent to the node within the specified timeframe
  • The number and percentage of packets lost
  • The fastest response time
  • The slowest response time

The Dotcom-Monitor platform automatically generates visual traceroutes when a website you are monitoring experiences an error status. For further details, visit the Dotcom-Monitor’s Wiki article about visual trace routes.

Reading a Visual Traceroute Chart

In your Dotcom-Monitor account, when you click to view a visual traceroute for a selected device from the online report page, it is best to start by selecting all monitoring locations, and expanding your date/time rage to view multiple results on the map.  From here you may be able to identify incomplete paths – which would point to issues with a DNS record or a router along the path, or nodes that seem to be dropping a lot of packets, possibly indicating an overloaded node. The left hand side of the visual traceroute map starts with the monitoring agent location. Each subsequent hop along the path takes you closer to the destination, which are lined up on the right hand side of the screen. If a particular node along the path drops a number of packets, then the circle representing the node will change from green to orange. A red circle indicates that the node did not respond to any of the ICMP requests. The dotted lines leading to a red circle indicate that it is unknown how the traffic passed across that node because no response was received. The size of the circle for each node increases as the number of packets sent to it grows, so you can quickly see if there are certain nodes that are relied on more heavily than others.

Interpreting Packet Loss

You may notice red nodes appearing within a traceroute while the traceroute still completes successfully.  This occurs as traceroutes run by exploiting the TTL feature of ICMP packets. When the TTL reaches 0, most routers will send back a TTL expired in transit message.  A traceroute essentially sends ICMP calls with an increasing TTL starting at 1 to each hop along the path until it reaches the final destination.  Some routers are configured to not send “TTL expired in transit messages” or to rate-limit such messages which means that some or all requests sent to such a router would simply receive no reply.  Therefore, these routers would appear to have 100% packet loss on our map, but they actually still pass the request along to the next hop in the chain.  For this same reason, you may notice a node is orange because it did not send a response to a few packets due being overloaded or rate limited. Visualizing a traceroute with this tool can help you focus on areas where problems may occur while quickly filtering out non-issues.

Now that you have a better understanding of how the visual traceroute can help you troubleshoot intermittent issues, sign up for a free trial to start monitoring your websites right now, so that the next time you experience issues, you will have a visual traceroute available to help diagnose and fix the issue. If you already have a Dotcom-Monitor account, contact your account representative for a demo of how visual traceroutes work within your monitoring account.

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on print