What is the Traceroute command?

The Traceroute command (Tracert on Windows) is a small network diagnostic software that you have built-in on your device and servers for tracing the route, hop by hop to a target.
Many network administrators use the Traceroute command daily. It is a convenient tool that you can use under different operation systems – Windows (Tracert), macOS, Linux (Traceroute), and even on mobile (Android and iOS).
To access the traceroute, you will need to use the Terminal (Linux and macOS) or the Command Prompt (Windows).
You can use the Traceroute and see the full route that the packets take to their destination (domain or IP address). Apart from that, you will see the hostnames and IPs of the routers on the way and the latency, the time it takes for each device to receive and resend the data.
You can see which gateway is discarding your data, and later you can fix it.

How does it work?

When you run a traceroute, you send an IP packet containing the source and destination addresses and the time to live (TTL) for each hop. TTL in packets decreases with each hop. This is to avoid server looping issues. Furthermore, when the TTL is reached, the packet expires and is discarded. When this occurs, Traceroute returns to the sender ICMP Time Exceeded messages (RFC 792). Because small TTL settings cause packets to expire quickly, traceroute forces all routers in a packet’s path to produce the ICMP messages that identify the router.

To better visualize the traceroute’s working mechanism, you can look at the following chart.

Why use the Traceroute or the Tracert command?

The benefits of using the traceroute command or its alternative for Windows called tracert command are:

• Complete route list. You will see all the routers on the way, with their IP addresses and the time it took. You can better understand the network.
• Route timing. See how much time does it take to finish the query. Is it ok for you? What can you do to speed it up? You can have a starting point for improvements.
• It is built-in. You don’t need to install additional software, and its use is free.
• Check if you can reach a target. See if there is a connection between your device and the hostname or IP address you put in the command.
• See problematic slow router. You can see how much time it took in each hop. So you can see a spot that significantly slows your network. You can fix the problem or add more presence in the area.

When will you need it?

Here are several scenarios where using a traceroute to diagnose a problem you are having can be necessary.

• Sluggish site

Run a traceroute from your computer to your website if you find it is operating slowly. With it, you will check for networking issues between your location and the server.

• Customer timeouts for email

Run a traceroute to assess the quality of the connection to the mail server if you have problems with your mail connection. In addition, you can find your mail server IP by running the following command: “ping smtp.server.com”. It will return the IP address of the Simple Mail Transfer Protocol (SMTP) server that you need for Traceroute purposes.

How to use the Traceroute command?

Use the Traceroute command by writing the command “traceroute + domain.com / IP address” or, in the Terminal on Linux and macOS or “tracert + domain.com / IP address” in the Command Prompt on Windows.

Traceroute (Linux and macOS)

traceroute domian.com or traceroute 12.23.34.45

Tracert (Windows)

tracert domian.com or tracert 12.23.34.45

On macOS, you can also use the Traceroute utility. Press the command button + space. Then write Network Utility. Inside it, navigate to Traceroute. Write the hostname or IP address and press enter. It will show you the result.

*You can change the domain.com with another domain you want to probe, and the same goes for the IP address.

Some differences between the Traceroute command, and the Tracert exist. Check the options below.

Traceroute command vs Tracert command

Apart from the small difference between typing traceroute and the Tracert, the fact that the first works on Linux and macOS, and the second on Windows, the other significant differences are the syntax and the options.

Syntax of the traceroute and Tracert commands

traceroute [options] host_Address [pathlength] (Linux)

traceroute [options] host [packetsize] (macOS)

tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name (Windows)

Example of Traceroute (Tracert on Windows)

The name of Traceroute on Windows is Tracert. It works very similar to the version on the other operating systems.

And this is how the Traceroute command looks on Linux and macOS:

Traceroute options for Linux

If you are a Linux user (Ubuntu, Linux Mint, Manjaro, Red Hat, Debian, etc.), you can specify your traceroute command with the following options:

rDNS explained in detail

Traceroute options for Windows

You can use the Tracert command with various options to perform more precise tests. The following options work on Windows Vista, Windows 7, Windows 8, and of course, Windows 10.

Traceroute options for macOS

While the Traceroute command on macOS is very similar to its Linux version, there are small differences in their options.

Save Traceroute results for later analysis

Traceroute outputs can be long and detailed, especially when diagnosing complex networks. Saving the results for future analysis helps document network issues, allowing users to track changes, compare routes, or share the data with colleagues or support teams.

To save traceroute results to a file, simply redirect the output into a text file using the following syntax:

For Linux/macOS:

traceroute example.com > traceroute_results.txt

For Windows:

tracert example.com > tracert_results.txt

This command captures the entire output of the traceroute (or tracert) command and saves it in a file called traceroute_results.txt in the current directory. You can then review or share this file at any time, making it easier to troubleshoot ongoing network issues without needing to rerun the command.

The TTL and Traceroute

Each packet that you send contains a TTL (time to live). It is not a time but a limit of hops it can do before getting the result.

Usual limit is 30, but it can be more like 64 for example. This limit stops your data after a certain amount of hops so it won’t go forever. The IP packet will follow until it gets “time exceeded” or “port unreachable” when it gets to the host.

Starting at 30, on the next hop, it will drop to 29 and so on. If it can’t find the domain or IP that you wanted it will display a message where did it fail, so you will know where the problem is.

Distinction between Ping and Traceroute

Both Ping and Traceroute are tools for analyzing networks. However, the Traceroute is a little more advanced. For example, ping will check the connectivity between two hosts but does not reveal the route between them. On the opposite, the Traceroute shows every stop between the source and the final destination. This can be helpful when connectivity is patchy, such as when only 50% of ping attempts between two places are thriving.

So, to sum up, the Traceroute command can be used to identify connectivity issues, while ping is a quick approach to determine whether a host is reachable over a network. Both of these commands are beneficial to be aware of because knowing how they operate and what their output denotes can be very valuable when analyzing network connectivity issues.

Traceroute’s Restrictions

• It establishes the route at the interface level rather than at the router level.
• The Traceroute may not respond after crossing the maximum number of hops if there are firewalls between the source and destination routers that prevent the probe packets from being sent. Furthermore, despite the hops IP address, the router will display * (asterisk) if no response is received. Therefore, using a traceroute under these circumstances is not suggested.
• Based on the IP headers, load balancing routers can route the traffic via a number of different paths. Therefore, if we execute a traceroute in this case, it will give us an incorrect path between the origin and the goal. Accordingly, it is not advisable to employ traceroutes in this circumstance either.

Are there alternatives to the traceroute command?

Yes, there are various alternatives to the traceroute commands like MTR command, Dig command, Open Visual Traceroute, Nmap.

MTR command (Linux and macOS)

mtr domain.com

The MTR command is an improved traceroute command that can give more statistics and data for lost packets (percentage).

Dig command (Linux and macOS)

dig +trace domain.com

If you already use the Dig command, you can use it for tracing the route too.

Open Visual Traceroute (Linux, macOS, and Windows)

This one is for people who want a visual interface. It is heavier, but it can show you, in a graphical way, the route of the queries and also get Gantt graphs.

Nmap (Linux, macOS, Windows, BSD, and more)

nmap –traceroute domain.com

The results are very similar to the traceroute command.

Conclusion

By using the newly collected data, you can see if there is any problem on the route (not responsive server or very slow one) and later focus your attention to fix it. If you want to see few more tools you can check one of our previous article Тools – DNS trace, Ping, Traceroute, Nslookup, Reverse lookup.

The post Traceroute command and its options appeared first on ClouDNS Blog.

ClouDNS

Featuring in our list is the freshly launched ClouDNS DNS tool. This tool is intended for examining DNS records linked to a specific host alongside measuring the velocity of DNS queries. Some of the records that it will show information are A, CNAME, PTR (responsible for Reverse DNS lookup), MX, CAA, NS (needed to create DNSSEC), etc. It also incorporates a comprehensive audit feature. Developed by ClouDNS, the functionality of the tool has been designed considering the need of users to optimize their server’s performance effectively. The tool offers three types of assessments – DNS records, DNS audit, and DNS speed assessments, providing a holistic insight into the server’s DNS operation. The best part? It’s completely FREE!

DNS.Computer

DNS.Computer is highly efficient and simple to use. With just the insertion of the domain name and a click on ‘audit’, this tool generates a detailed report featuring observations and suggestions for optimization. This report, even available as a download in PDF format, provides valuable insights such as nameservers at the parent server, synchronization of NS records, and data contained in the SOA (Start of Authority) record.

It also showcases A record data by location with their response times, giving you insightful geographical distribution of your DNS. Plus, it displays an average response time for your DNS, advising a switch to Anycast DNS if the response time is significantly high. Overall, DNS.Computer is a dynamic tool that offers quick and specific insights to boost your DNS performance.

30-day Free Trial for Premium Anycast DNS hosting

Pingdom DNS Test

Pingdom DNS Test outshines its dual-feature of web page speed testing and DNS troubleshooting. It pinpoints performance bottlenecks, providing insights to optimize your site’s speed and user experience. Advanced diagnostics are visualized using color codes, icons, and dots, making it a hassle-free tool for improving site performance.

Additionally, the DNS tool provides intuitive visual aids, using color codes to denote different stages of a request, icons for various content types, and colored dots for different HTTP response codes. 

What is Web (HTTP/HTTPS) monitoring?

Into DNS

IntoDNS takes DNS evaluation to a new level by providing a detailed assessment of your server’s health and configuration status. It generates exhaustive DNS reports with actionable recommendations for improvements, backed by references to official protocol documentation. This covers a series of checks from MX records to SOA data and even WWW IPs, making it a powerful tool for enhancing server performance and stability.

Check Host

Check Host DNS tool provides substantial insight into any website’s domain. By entering a hostname or IP address, it can provide data from nameservers located in different countries concurrently. This quick global overview can provide you with pertinent information about your domain from various locations. 

After you input a domain into the Check Host DNS tool, it will give you comprehensive information, including the DNS result under specific categories such as ‘Location,’ ‘Result,’ and ‘TTL (Time to Live).’ Each of these categories gives you insight into different aspects of your domain’s DNS performance in various locations worldwide. That means, you can evaluate the response time (ping) from a variety of locations, which aids in testing server speed globally.

What Ping monitoring is?

View DNS

ViewDNS offers an all-embracing analysis of your domain’s DNS settings. Aimed at assisting webmasters and system administrators, this tool completes multiple tests to uncover DNS-related issues. Moreover, it checks A records for each NS at parent servers and whether the local nameservers send the IP address (glue) along with your NS records. These results are displayed in a readily understood format, offering valuable insights for your DNS health and improvement recommendations.

Suggested article: What are Glue records?

WhatsmyDNS

WhatsmyDNS effectively simplifies DNS queries with its DNS Lookup tool. It allows you to query DNS servers and receive quick insights for any domain name. The tool is designed to support most common DNS record types and also lets you choose from a selection of DNS servers. It’s a valuable resource for conducting a fast and robust DNS check.

DNSdumpster

DNSdumpster also deserves a mention – this is a no-cost domain research tool that’s instrumental in identifying specific hosts associated with a particular domain. Conducting a visibility check of hosts from the perspective of potential attackers forms a crucial aspect of a security assessment process, and this is exactly what DNSdumpster assists with. It also features an additional unique functionality called ‘mapping the domain,’ the data for which can be conveniently downloaded in a .xlsx format for a comprehensive list of hosts. This tool is particularly useful for those focusing on enhancing their server security measures.

Benefits of regular DNS audits

Performing regular DNS audits is essential to maintaining the health of your server and website. These audits can identify issues such as outdated or incorrect DNS records, misconfigurations, and potential security vulnerabilities. By regularly checking the accuracy and performance of your DNS setup, you ensure your domain resolves correctly for all users, reducing the chances of downtime or delays. DNS audits also help you stay compliant with best practices, optimize load balancing, and improve your website’s speed by using the best available resources. Ultimately, consistent DNS audits lead to enhanced performance, increased security, and a better user experience.

Conclusion

In summary, these DNS tools offer a range of features to help you test and optimize your server’s DNS performance, ensuring global accessibility, troubleshooting, and security enhancement. Whether you’re a novice or an experienced user, these tools provide valuable insights into your DNS infrastructure’s health and performance

The post 8 DNS tools for testing your servers appeared first on ClouDNS Blog.

It helps determine if the transferred data is reaching its target destination on time. For that reason, ICMP is an essential element when it comes to the error reporting process and testing. However, it often gets utilized in DDoS (Distributed Denial-of-Service) attacks.

History of ICMP

The ICMP protocol was conceived as a vital component of the Internet Protocol Suite, introduced in 1981 with RFC 792. Its origins can be traced back to the early days of the internet when the need for a diagnostic and error-reporting tool was identified. Over the years, ICMP has experienced several refinements, with additional message types being introduced. Its fundamental purpose of providing feedback about issues related to datagram processing has remained consistent throughout, making it an indispensable tool for network diagnostics.

What is ICMP protocol used for?

The ICMP protocol could be used in several different ways. They are the following:

The main purpose of ICMP is to report errors

Let’s say we have two different devices that connect via the Internet. Yet, an unexpected issue appeared, and the data from the sending device did not arrive correctly at the receiving device. In such types of unpleasant situations, ICMP is able to help. For instance, the problem is occurring because the packets of data are too large, and the router is not capable of handling them. Therefore, the router is going to discard the data packets and send an ICMP message to the sender. That way, it informs the sending device of the issue.

ICMP is commonly used as a diagnostic tool

It is used to help determine the performance of a network. The two popular utilities, Traceroute and Ping, operate and use it. They both send messages regarding whether data was successfully transmitted.

• The Traceroute command is helpful for displaying and making it easy to understand the routing path between two different Internet devices. It shows the actual physical path of connected routers that handle and pass the request until it reaches its target destination. Each travel from one router to another is called a “hop.” The Traceroute command also reveals to you how much time it took for each hop along the way. Such information is extremely useful for figuring out which network points along the route are causing delays.
• The Ping command is similar, yet a little bit more simple. It tests the speed of the connection between two different points, and in the report, you can see precisely how long it takes a packet of data to reach its target and return to the sender’s device. Despite the fact that the Ping command does not supply additional data about routing or hops, it is still an extremely beneficial tool for estimating the latency between two points. The ICMP echo-request and echo-reply messages are implemented during the ping process.

Cybercriminals utilize it too

Their goal is to disturb the normal network performance. They initiate different attacks, such as an ICMP flood, a Smurf attack, and a Ping of death attack. Attackers are determined to overwhelm the victim and make the standard functionality not possible.

How does it work?

Internet Control Message Protocol stands as one of the leading protocols of the IP suite. Yet, it is not associated with any transport layer protocol, for instance, Transmission Control Protocol (TCP) or User Datagram Protocol (UDP).

ICMP is one of the connectionless protocols, which means that a sending device is not required to initiate a connection with the receiving party before transmitting the data. That is why it differs from TCP, for instance, where a connection between the two devices is a mandatory requirement. Only when both devices are ready through a TCP handshake, a message could be sent.

All ICMP messages are sent as datagrams and include an IP header that holds the ICMP data. Each datagram is a self-contained, independent entity of data. Picture it as a packet holding a portion of a larger message across the network. ICMP packets are IP packets with ICMP in the IP data part. ICMP messages also include the complete IP header from the original message. That way, the target system understands which precise packet failed. 

ICMP Packet Format

ICMP is designed to be used within IP packets. When an ICMP message is sent, it is encapsulated within an IP packet, and the ICMP header follows the IP header within that packet.

In the ICMP packet format, the first 32 bits of the packet are divided into three fields:

Type (8-bit): The initial 8 bits of the packet specify the message type, providing a brief description so the receiving network knows the kind of message it is receiving and how to respond. Common message types include:

• Type 0: Echo reply
• Type 3: Destination unreachable
• Type 5: Redirect Message
• Type 8: Echo Request
• Type 11: Time Exceeded
• Type 12: Parameter problem

Code (8-bit): The next 8 bits are for the code field, which provides additional information about the error message and its type.

Checksum (16-bit): The last 16 bits are for the checksum field, which checks the number of bits in the complete message to ensure that all data is delivered correctly.

Extended Header (32-bit): The next 32 bits of the ICMP header are the Extended Header, which points out issues in the IP message. Byte locations are identified by the pointer which causes the problematic message. The receiving device uses this information to pinpoint the issue.

Data/Payload: The final part of the ICMP packet is the Data or Payload, which is of variable length. In IPv4, the payload includes up to 576 bytes, while in IPv6, it includes up to 1280 bytes.

Types and codes in ICMP

ICMP messages are distinguished by their type and, in some cases, a code to further specify the nature of the message. There are numerous types, each serving a unique purpose. A few common types include:

• Echo Reply (Type 0): A response to an echo request, commonly used in ping.
• Destination Unreachable (Type 3): Indicates that the destination is unreachable for some reason. Various codes further specify the reason, such as network unreachable (Code 0), host unreachable (Code 1), or protocol unreachable (Code 2).
• Redirect (Type 5): Informs the host to send its packets on an alternative route. The accompanying codes provide more details, like redirect for the network (Code 0) or redirect for the host (Code 1).
• Time Exceeded (Type 11): Generated when a packet takes too long to transit a network or when reassembly time is exceeded.

These are just a few examples, and there are many other types and codes in the ICMP specification that serve various purposes.

Configuring ICMP on routers and firewalls

Configuring ICMP settings on routers and firewalls is essential to either allow ICMP traffic, prioritize it, or block it to enhance security. Here’s a brief guide:

On Routers:

1. Access the router’s admin panel, usually through a web interface or command line.
2. Navigate to the advanced settings or firewall settings.
3. Look for an option related to ICMP or ‘Ping Request’ and either enable or disable it as required.

On Firewalls:

1. Open the firewall management interface.
2. Search for a rule or setting related to ICMP traffic.
3. Modify the rule to allow, block, or prioritize ICMP traffic based on your needs.

It’s crucial to consult the router or firewall’s documentation or seek expert advice, as incorrect configurations might result in network vulnerabilities or communication problems.

Router vs firewall, can you guess which is better?

ICMP Port?

As we mentioned earlier, the Internet Control Message Protocol is a part of the Internet protocol suite, also known as the TCP/IP protocol suite. That means it relates only to the Internet Layer. Port numbers are only found in the Transport Layer, which is the layer above.

Although Internet Control Message Protocol does not implement the concept of ports like TCP and UDP, it utilizes types and codes. Typically employed ICMP types are echo request and echo reply (used for Ping) and TTL (time-to-live) exceeded in transit (used for Traceroute).

What is ICMP Ping?

The ICMP echo request and the ICMP echo reply messages are also known as ping messages. Ping command is a beneficial troubleshooting tool that system administrators use to test for connectivity between network devices manually. They also use it for examining for network delay and loss packets.

ICMP Ping is especially useful for performing Ping Monitoring. It works by frequently pinging a precise device. This type of check sends an ICMP echo request to a specific server or device on the network, and the device instantly answers with an ICMP echo reply. That means the connection is successful, and the target server or device is up and running without any issues. 

In case the ping time, which is measured in milliseconds (ms), is prolonged, that is a sure sign of some network issues. 

ICMP vs TCP

The Internet Control Message Protocol, or ICMP, has a completely different function compared to TCP (Transmission Control Protocol). Unlike it, ICMP is not a standard data packet protocol. Moreover, it is a control protocol, and it is not designed to deal with application data. Instead, it is used for inter-device communication, carrying everything from redirect instructions to timestamps for synchronization between devices. It is important to remember that ICMP is not a transport protocol that sends data between different devices.

On the other hand, TCP (Transmission Control Protocol) is a transport protocol, which means it is implemented to pass the actual data. It is a very popular protocol, thanks to its reliability. TCP transfers the data packets in a precise order and guarantees their proper delivery and error correction. Therefore, the Transmission Control Protocol finds its place in many operations, including email and file transfers. It is the preferred choice when we want to ensure ordered, error-free data, and speed is not the top priority.

Suggested page: What TCP monitoring is?

ICMP in IPv6 (ICMPv6)

With the growing adoption of IPv6, ICMP has also evolved to cater to the needs of the newer IP protocol. ICMPv6, introduced with RFC 4443, is more than just an adaptation; it incorporates various features and functionalities tailored for IPv6. For instance:

• Neighbor Discovery Protocol (NDP): ICMPv6 includes NDP, replacing the ARP (Address Resolution Protocol) used in IPv4, facilitating the discovery of neighboring devices.
• Router Solicitation and Advertisement: ICMPv6 aids in the discovery of routers in a network and can solicit advertisements from them.
• Enhanced Error Reporting: ICMPv6 offers more detailed feedback, facilitating improved troubleshooting in IPv6 networks.

As the internet continues its transition from IPv4 to IPv6, the importance and relevance of ICMPv6 will only grow, making it vital for network professionals to familiarize themselves with its intricacies.

Suggested article: IPv4 vs IPv6 and where did IPv5 go?

How is ICMP used in DDoS attacks?

DDoS (Distributed Denial-of-Service) attacks are extremely popular cyber threats. They are initiated with the main goal to overwhelm the victim’s device, server, or network. As a result, the attack prevents regular users from reaching the victim’s services. There are several ways an attacker can utilize ICMP to execute these attacks, including the following:

• ICMP flood attack

ICMP flood, also commonly called Ping flood attack, attempts to overwhelm the target device with ICMP echo request packets. That way, the victim device is required to process and respond to each echo request with echo reply messages. That consumes all of the existing computing resources of the target and prevents legitimate users from receiving service.

The basics of flood attacks

• Ping of death attack

The Ping of Death attack appears when a cybercriminal sends a ping larger than the maximum permitted size for a packet to a victim device. As a result, the device crashes. The large packet is fragmented on its way to the victim. However, when the device reassembles it into its original, the size exceeds the limit and causes a buffer overflow. 

The Ping of Death is considered a historical attack that does not appear anymore. Yet, that is not completely true. Operating systems and networking equipment that is more aged could still become a victim of it.

• Smurf attack

The Smurf attack is another common threat where the cybercriminal sends an ICMP packet with a spoofed source IP address. The network equipment responds to the packet and sends the replies to the spoofed IP, which floods the target with large amounts of ICMP packets. 

Just like the Ping of Death attack, the Smurf attack should not be disregarded. Unfortunately, in a lot of different companies and organizations, the equipment is a bit aged, and the threat is real!

Conclusion

The ICMP (Internet Control Message Protocol) is an incredible network layer protocol that allows devices to report errors and improve their communication. Moreover, it is a great tool for network diagnosis. It is not a surprise that a lot of administrators use it daily for a better understanding of their network with the popular utilities Ping and Traceroute. Even more beneficial is the Ping monitoring, which completes regular checks. Lastly, keep in mind to take proper supervision of your network, so it stays protected from DDoS attacks that utilize the protocol for malicious purposes.

The post What is ICMP (Internet Control Message Protocol)? appeared first on ClouDNS Blog.

DNS trace (dig + trace)

Using DNS trace, you can troubleshoot your DNS. You can use it on Linux OS, Mac OS and even on Windows (using Cygwin). You will trace the route of a DNS query. If there is a problem, you will see exactly where it is.

$ dig +trace www.cloudns.net

(you can write your website)

First, you request a webpage, for example, www.cloudns.net.

The query gets to the root name server for it.

This name server will show you the TLD authoritative server.

Your recursive resolver queries the .com TLD authoritative server for www.cloudns.net.

The .com TLD authoritative server refers your recursive server to the authoritative servers for cloudns.net.

Your recursive resolver queries the authoritative servers for www.cloudns.net and receives the IP as the answer.

Your recursive resolver caches the answer for the duration of the time-to-live (TTL) specified on the record and returns it to you.

This is how domain resolution works. You can get valuable information about the speed and accuracy of the answer.

Additionally, DNS trace is invaluable for diagnosing and understanding DNS propagation issues. It helps identify delays in DNS updates or misconfigurations across different levels of the DNS hierarchy. By understanding the path a DNS query takes, administrators can pinpoint issues more efficiently and ensure that DNS records are correctly resolved. Additionally, DNS trace is an excellent educational tool for those learning about the complexities of internet addressing and domain name resolution.

Premium DNS Service!

Online Ping

Online Ping is a DNS tool that administrator use for checking the connectivity and the speed. Using this command, you send a small data packet to a particular IP address. Then wait to get a feedback packet. You can also use it to ping a name resolution. If you get an answer when you do a ping to an IP but not when you do it to a name, then the two don’t match.

ping www.cloudns.net

Beyond checking connectivity and speed, Online Ping can be used to monitor the availability and response time of a server or network device continuously. This is crucial for maintaining high uptime for critical services and websites. Regular ping tests can alert administrators to network congestion, latency issues, or outages that may affect user experience. It’s a simple yet powerful tool for ensuring that network paths are optimal and services remain accessible.

What is ICMP Ping monitoring?

Traceroute

Tracing the route is similar to the ping. Using this DNS tool, you send a packet of data to an internet host, and it gives you back a result for every hop your query makes in seconds. If your website has a slow response, using this tool you can see where exactly it is the problem.

Try our Free DNS tool! 

traceroute www.cloudns.net

Traceroute not only helps in identifying where problems lie in the network path but also in understanding network infrastructure and performance. By showing the route data packets take to reach their destination, traceroute can reveal unexpected routing behavior or bottlenecks. This insight is useful for network optimization and planning, as well as for security purposes to detect any unauthorized or suspicious network paths.

DNS lookup (nslookup)

You can use this tool on different Operating systems for making DNS queries to get to an IP address or for specific DNS records. You can use it to see if you have any problems with any kind of DNS record that you are using.

nslookup www.cloudns.net

In addition to querying IP addresses or specific DNS records, nslookup is also useful for verifying and troubleshooting DNS configurations and propagation status. This tool can help ensure that your DNS settings are correctly implemented and propagated across the internet, which is critical for website accessibility and performance. It’s also beneficial for security analysis, allowing administrators to check for DNS-based threats or misconfigurations.

10 most used nslookup commands

Reverse DNS lookup

It does what it says, here you start with an IP address and you can find the domain name. This process uses PTR records that show exactly that. You can use it for troubleshooting.

dig -x 136.243.33.126

Reverse DNS lookup is not only crucial for troubleshooting but also plays a significant role in network security and anti-spam efforts. By verifying the domain name associated with an IP address, administrators can identify potential sources of spam or malicious activity. Furthermore, reverse DNS lookups are used in email authentication processes to reduce spam by verifying that the IP address sending the email matches the domain from which it claims to come.

Read more for the Reverse DNS and PTR records in our article: rDNS explained in detail

Conclusion

In conclusion, mastering the use of essential DNS tools like DNS trace, Ping, Traceroute, Nslookup, and Reverse lookup is paramount for network administrators and troubleshooters. These tools offer invaluable insights into diagnosing connectivity issues, optimizing network performance, and ensuring the smooth operation of online services. By harnessing their capabilities effectively, administrators can navigate the complexities of DNS management with confidence, ultimately leading to a more stable and reliable networking environment.

The post Тools – DNS trace, Ping, Traceroute, Nslookup, Reverse lookup appeared first on ClouDNS Blog.

Ping is a very universal command between all the operating systems. You can use it to test if you can reach your target and how much time it will take to do it. Ping sends Internet Control Message Protocol (ICMP) packets to the destination. Then it waits for the echo reply. It can show statistic for this request, errors and packet loss.

When you use this command, you will send few echo requests, usually 4. Then you will receive a result for each of them, that indicates if they were successful, how much data was received, the time it took for the response and TTL (Time to live).

Brief History

The Ping command is a foundational tool in computer networking, tracing its origins back to the earliest days of the Internet. Developed by Mike Muuss in 1983, Ping emerged as a simple yet powerful utility for testing the reachability of a host on an Internet Protocol (IP) network.

Muuss, a respected computer scientist, created the tool while working at the Ballistic Research Laboratory. The name “Ping” itself reflects the sonar concept from submarines, where a pulse is sent to measure the distance to an object. Similarly, the Ping command dispatches small packets of data to a target device, awaiting their return to measure the round-trip time. 

Initially implemented for Unix-based systems, Ping swiftly gained widespread adoption due to its effectiveness in troubleshooting network connectivity issues. Over time, it has evolved alongside networking technologies, remaining a staple tool for network administrators, system engineers, and enthusiasts alike. Its versatility extends beyond connectivity testing, serving as a vital diagnostic tool for assessing network performance and identifying potential bottlenecks.

How does it work?

Imagine the Ping command as an echo locater. When you use it on your computer, it sends a specific small packet with the ICMP ECHO_REQUEST to its destination (it could be a server, another computer on the network or a router). The recipient must bounce back the message, and send ECHO_REPLY as an answer. 

Your computer will always have 127.0.0.1 IP address. If you try to ping it, you will always get fast result. The command will verify that the TCP/IP on your device is working fine. 

You can use ping localhost and get the same result since it is the same.

What is Localhost (IP 127.0.0.1)?

If you get 4x Request timed out, then it is not working ok.  

How to use Ping command?

You have the ping utility on whatever operating system you have. 

On Windows, open the Command Prompt and on macOS and different Linux distros, open the Terminal. 

There are small differences in the syntax of the ping command on the OSes. You can see them down below. 

You can ping: 

• A domain name and see how much time it will take to respond.
• An IP address. It will also show response time, but it will the important part is that it will show that the device is well-connected. 

We will try to use it with www.google.com. Write the following: 

ping www.google.com

The first part that you will see, who are you pinging, its IP address, and the packet’s size – 32 bytes. 

After that, you will get 4 results. Ping sends 4 echo messages unless you specify a different number. Those 4 answers will have response times in ms – milliseconds and TTL value showing the time to live of the packet. 

You will also get a few stats – completion rate that shows how many packets managed to arrive and a minimum, maximum, and average time. 

Ping switches and variables 

There are a lot of small differences when you use ping on Windows and Linux or macOS. For example, the option in Windows is “–n” and in Linux and macOS is “–c”. The best thing you can do is to check the syntax first. You can see all the available variables, switches, and options with a short command. 

Ping command syntax for Windows 

To get to the list of all possible options for the ping command on Windows, you can write in the Command Prompt:

ping -?

It will give you a result with a full list of options that can make your troubleshooting easier.

Ping command syntax for Linux and macOS 

To get to the ping syntax on Linux or a computer with macOS, you need to type this in the Terminal: 

ping –h

Troubleshooting

• Ping an IP address to see if the device is well connected. If it fails, then the device is not connected at this moment or not reachable over the network we are checking.
• Another scenario is that it is successful but the response times are very long. It means that you or the other side might have problems with the connection.
• You can test different parts of the network to check which are working fine and which are not.
• If you want to check if you are connected to the Internet, you can check one of Google’s IPs, “ping 172.217.6.164”. Why Google you ask? It is just effortless to remember. And do you remember Google been offline? Not really.
• You can use it as a constant checker. Put it with an option to “run until stopped,” and as long as everything is okay, it will continue, but if something fails you will see it immediately.
• If you can’t reach the name, but you can reach the IP address, this shows a problem with the hostname resolution. Probably the DNS servers are not pointed correctly, or they are not accessible.

Monitoring

Ping command appears to be a great tool for monitoring the network availability of different devices. If the command runs as a scheduled task, it can offer simple polling of any network computer or machine. The great thing about it is that it is not necessary to install any additional software or open additional ports.

ICMP Ping monitoring is easy to accomplish due to the ‘run until stopped’ option, which allows the most basic of any up/down monitor. So, whenever the pings start failing, that means there are some difficulties reaching the system.

The ping time, measured in milliseconds (ms), is preferred to be as lower as possible. That is going to indicate the good quality of the ping. In addition, it can deliver signals about the health of your network and its performance speed. Ping monitoring sends an Internet Control Message Protocol (ICMP) echo request. That means when the monitored device receives the request, it replies immediately with the echo reply packets.

Monitoring service by ClouDNS

Security

Sometimes, a cybercriminal is enough to know that a precise system exists and is connected to the global network to initiate a malicious attack. Thankfully, performing a detailed analysis of the Ping command replies could be extremely helpful. You could perhaps find valuable details, like which operating system (OS) the target is running, where the device is located, and so on.

There are different hacking tools that allow taking advantage of “walking the range.” They use the Ping command for each IP address on a targeted network in order to obtain a list of systems that are reachable and will reply. For that reason, a lot of firewalls are configured in a way that stops Ping requests coming from untrusted networks.

More examples of Ping command (Windows, Linux and macOS)

Here we have a few more use cases of ping command for Windows, Linux and macOS users:

*You can change the IP addresses of the examples or the hostnames and use them with yours. Also feel free to modify the command for your needs.  

Interval – ping –i 5 8.8.8.8 (Linux)

This will make it wait 5 seconds before sending the following packet. 

Custom number of pings – ping –n 8 google.com (Windows) ; ping google.com –c 8 (Linux and macOS)

You can decide how many echo messages to send. 

Check version – ping –V (Linux)

You will see the version of the ping you have. 

Flood – ping –f 127.0.0.1 (Linux)

This will flood the network with many pings. 

Only Statistic – ping google.com –q (Linux and macOS)

It will show you just the statistic, not each individual ping time. 

Change packet size – ping –s 100 google.com (Linux)

It will change the size of the packets. The original is 32 bytes (Windows) and 56 (Linux and macOS), and in this example we have set it to 100. 

Timeout – ping –w 20 google.com (Linux)

If you use this example, the ping will exit in 20 seconds. It will terminate regardless of the number of packets send or received. 

Constant ping – ping –t google.com (Windows) ; ping google.com (Linux and macOS)

It will run without stopping. Endless loop. On Linux and macOS, it runs forever by default. You can stop it with Ctrl+C.

Extra tip

Did you know that you can use the ping command online, straight from your browser? This can come in handy if you only have a mobile phone around. 

Just google it, and you will see more than a few sites. If you decide to use it in this way, please make sure that the site you visit is safe, and it is not going to harm your device or personal data in any way. 

Conclusion:

The ping is not the most sophisticated tool, but it is incredibly handy thanks to the fact it works on any device. Using it, you can quickly diagnose different part of the network and find the problem. You can also check our previous article and find more useful tools in our article Тools – DNS trace, Ping, Traceroute, Nslookup, Reverse lookup.

The post What is Ping command and how to use it? appeared first on ClouDNS Blog.

However, like every other IT problem, DNS issues can be resolved. You just have to know the right tools and commands. In this blog post, we’ll delve into some of these essential DNS troubleshooting tools and commands that every network administrator ought to arm themselves with.

Common DNS Issues 

Before we dive into the tools and commands, let’s understand the most common DNS issues that most administrators often encounter:

1. DNS Downtime: This occurs when DNS servers that translate domain names are temporarily unavailable.
2. Incorrect DNS Configuration: This involves errors in the setup of DNS settings which may lead to problems accessing certain websites or the internet.
3. DNS Cache Poisoning: Also known as DNS Spoofing, it refers to fraudulent entries in the DNS cache, causing traffic to be directed to the wrong place.
4. DNS Propagation Delays: This happens when you make changes to your DNS records and they are not immediately effective due to the time taken to update network servers around the globe.

Now that we have a basic understanding of common DNS issues, let’s explore the essential DNS troubleshooting commands that can help you diagnose and resolve these problems.

DNS Troubleshooting Tools

There are plenty of tools that you can use. The tools can be specific for Linux, Windows, or Mac OS, or they can be browser-based. Most of the tools that we will show you overlaps in functionality, and it will be your decision which one you would use in the future.

Check if the problem is not just in your device

Before you start with the DNS troubleshooting, check if the problem is only local. If you are trying to access your website, but you are getting this message “DNS_PROBE_FINISHED_NXDOMAIN” the problem might be in your device. We recently wrote a way to fix it. Go and read the article. 

Dig command

The ‘dig’ command, which stands for ‘Domain Information Groper,’ is a handy command-line tool used in the DNS name resolution process. It sends a DNS query to a specified DNS server and gets a response. It’s a useful tool for finding DNS-related issues. 

With this command you can see all the DNS records. You can use it on Linux and Mac OS, but you can search for a port for Windows too. A typical dig command will show you an Authority Section. You can see if the DNS is pointing correctly.

Use it with +trace in dig +trace combination “dig +trace YOURDOMAIN” to see the whole route of your query. This way you can locate the exact problem.

ClouDNS Free DNS tool

ClouDNS brings to you a valuable Free DNS tool that has transformative capabilities to enhance your DNS troubleshooting tactics. With this tool, you can inspect the DNS records for a specific host and assess the speed of DNS queries. Aside from these, you can also create a comprehensive audit, a feature that helps in in-depth analysis and identification of problematic areas.

Designed to facilitate the work of their customers, the ClouDNS Free DNS tool is user-friendly and accessible, making DNS troubleshooting a breeze even for beginners in the field. All you need to do is enter your domain and host into the tool, select the tool type as “DNS Records”, and choose ‘Google’ as your DNS resolver, then hit ‘CHECK’. 

What’s more, this powerhouse tool is free of cost, making it a stellar choice for efficient network management. The value it provides, particularly in terms of insight into DNS records and query speed, can go a long way in troubleshooting DNS-related problems swiftly and effectively.

Traceroute

The ‘traceroute’ command enables you to track the pathway that a packet takes from the host to the destination server. As the name suggests, this will be ideal for checking the entire route of a DNS query. You can use it on Windows as Tracert, Linux and Mac OS as traceroute. You can try it with a domain or IP address, and you will see a result with all the hops and response time.

NSLookup

‘NSLookup‘ stands for ‘Name Server Lookup’. This command-line tool is used for obtaining information about DNS settings. It allows users to enter a host name and find out the corresponding IP address, or vice versa.

This command lets you check any type of DNS record. You can use it to see all the available DNS records, or you can look for a specific type like – A, AAAA, SOA, MX, PTR, NS, etc. You can use it to troubleshoot a domain using a particular port too. 

Host command

‘Host’ command is very similar to the NSLookup but available only on Linux. You have to write the commands in the Terminal, and you can see the different types of DNS records.

One thing that you can troubleshoot if you have problems with your emails are the TXT records. You can see if there is a SPF record. It is a TXT record that prevents spoofing and stops your outgoing emails from going directly into the spam folder.

Generate SPF record for free!

Conclusion

There are plenty of useful tools that you can use for DNS troubleshooting. Try all of these and find the right one for you and your problem. Many overlaps in functionality, but have some small differences that can help you in a specific case.

As you saw, there are utilities for every operating system so that you can find the problem easily. After you see where the problem is, it is easy to fix it.  

The post DNS Troubleshooting – tools and commands appeared first on ClouDNS Blog.