Are you experiencing network problems or packet loss? If so you will need network diagnostics tools like the traceroute, ping, or the MTR command. In this post we will touch on the latter, the MTR command line on Linux. We cover what it is, installation, syntax, how to read the results, flags, and examples using the flags.
What Is MTR?
MTR also known as My Traceroute, is a tool for network troubleshooting tool. It is a network diagnostic tool that combines the best of ping and traceroute commands into one application. Instead of the stats to a destination from a single moment in time like a traceroute, the MTR command runs many more times providing a more accurate representation of what’s going in between the source and destination.
Installation
The MTR command is available for most Linux distributions directly from the provided repositories under the package name MTR.
To Install On Debian/Ubuntu
sudo apt install mtr
To Install On RPM-based OS
sudo yum install mtr
or
sudo dnf install mtr
Basic Syntax
The Syntax of the command will typically follow the format shown below at the least you will need to add an IP address or hostname.
mtr [options] [IP/Host]
The most basic version of this command without any options will look like.
mtr [IP/Host]
Understanding The Results
So for example say you ran the following:
mtr 1.1.1.1
What Does It Mean?
- Start: This indicates the timestamp when started.
- HOST: This is the hostname or alias of the machine from which the command was run.
- Loss%: This is the percentage of packet loss at each hop.
- Snt: This is the number of packets sent to each hop.
- Last: The round-trip time (RTT) of the last packet sent.
- Avg: The average RTT for all packets sent to that hop.
- Best: The best RTT recorded for that hop.
- Wrst: The worst RTT recorded for that hop.
- StDev: The standard deviation of the RTT, indicating a difference between the attempts.
Summary
- (10.88.0.1): This hop shows a very low and consistent RTT with no packet loss.
- (???): This hop is not responding to ICMP requests, resulting in 100% packet loss. Which is often due to configuration to drop ICMP packets.
- (141.101.73.18): This hop shows differences in RTT between test, with an average of 43.7 ms and a standard deviation of 25.5 ms.
- (one.one.one.one): This hop shows very low and consistent RTT with no packet loss.
What Can We Infer From This?
- Hops 1 and 2 are inside the same network because hop 1 is an internal IP.
- Hops 3 and 4 are other networks based on whois lookups.
- Hops 2 and 3 are likely edge routers connecting the two networks, based on hop 1 not being a public IP and hop 3 being another provider.
- There is likely significant distance or something else complex happening between hops 2 and 3 based on the RTT time.
Overall
Overall there is nothing wrong in this specific example and everything is functioning as expected.
Flags
Here are some of the flags you will find most helpful.
-F, –filename FILE read hostname(s) from a file
-4 use IPv4 only
-6 use IPv6 only
-u, –udp use UDP instead of ICMP echo
-T, –tcp uses TCP instead of ICMP echo
-P, –port PORT target port number for TCP, SCTP, or UDP
-n, –no-dns do not resolve host names
-b, –show-ips show IPs and host names
-y, –ipinfo NUMBER select IP information in output
-z, –aslookup display AS number
-r, –report output using report mode
-w, –report-wide output wide report
-i, –interval SECONDS ICMP echo request interval
-G, –gracetime SECONDS number of seconds to wait for responses
-Z, –timeout SECONDS seconds to keep probe sockets open
-c, –report-cycles COUNT set the number of pings sent
-j, –json output json
-x, –xml outputs infomation in xml format
-C, –csv output comma separated values
-l, –raw outputs data in a raw output format
Don’t see the flag you’re looking for, for the fill list check out the man page for the full list.
Advanced Examples
Using those flags here are some examples.
Use UDP Instead Of ICMP Echo
mtr -u [IP/Host]
This tells MTR to use UDP packets instead of ICMP.
Do Not Resolve Host Names
mtr -n [IP/Host]
This tells MTR to not resolve host names.
Show IPs and Host Names
mtr -b [IP/Host]
This shows both IP addresses and hostnames in the output.
Display AS Number
mtr -z [IP/Host]
This includes the Autonomous System (AS) number in the output.
Output Wide Report
mtr -w [IP/Host]
This outputs the results in a wide report format.
Output in CSV Format
mtr -C [IP/Host]
This outputs the results in comma-separated values (CSV) format.
Use TCP, Target Port 443, and Output JSON
mtr -T -P 443 -j [IP/Host]
Explanation: This command uses TCP packets targeting port 443 (typically HTTPS) and outputs the results in JSON format.
Use IPv4, No Name Resolution, and Report Mode
mtr -4 -n -r [IP/Host]
Explanation: This command forces the use of IPv4, does not resolve hostnames, and outputs the results in MTR report mode.
Conclusion
In this post, we have discussed the MTR command line tool. It is a network diagnostic tool used to troubleshoot network issues like packet loss. Unlike traditional tools like traceroute or ping, the MTR command includes features from both these tools into one. In this post, we cover what it is, installation, syntax, how to read the results, flags, and examples using the flags.
Additional Links
Done reading and looking for additional information, why not check these out?
Embracing a lifelong passion for technology since childhood, CJ delved into the intricate workings of systems, captivated by the desire to understand the unknown. This innate curiosity led to his discovery of Linux, a revelation that resonated deeply. With more than 7 years of on the job experience, he’s honed his technical skills as a Geek and Senior Linux Systems Administrator.
Leave a Reply