Objective
Learn how to use traceroute to map the path packets take across a network, analyze network latency, and detect bottlenecks by simulating network congestion.
Scenario
As a network administrator, you are tasked with diagnosing network slowdowns. One essential tool for identifying where delays occur is traceroute, which shows the path packets take to reach a destination and the latency at each hop. In this exercise, you’ll use traceroute to identify network paths and simulate a network bottleneck to observe its impact on packet flow.
⚠️ Important: This exercise must be performed in a controlled lab environment. Do not intentionally disrupt production networks.
Lab Instructions
Step 1: Run Traceroute to a Public Website
On your machine, open the terminal and run:
Linux/macOS:
traceroute google.comWindows:
tracert google.comStep 2: Analyze Traceroute Results
- Identify each hop in the route.
- Note the IP addresses and latency for each hop.
Example Output
1 192.168.1.1 2.456 ms 1.984 ms 1.753 ms
2 203.0.113.1 10.231 ms 9.456 ms 9.789 ms
3 198.51.100.1 25.678 ms 24.876 ms 26.123 ms
4 142.250.74.142 45.567 ms 43.892 ms 44.210 ms
- Hop 1: Local router.
- Hop 2-3: ISP routers.
- Hop 4: Destination server (Google).
Step 3: Simulate a Network Bottleneck
On the test router or gateway, install the traffic control tool:
sudo apt update
sudo apt install iproute2 -yAdd artificial network delay:
sudo tc qdisc add dev eth0 root netem delay 300mseth0: Network interface to throttle.
300ms: Artificial delay.
Confirm the rule:
sudo tc qdisc show dev eth0Step 4: Re-run Traceroute and Observe Changes
Run the traceroute command again:
traceroute google.comObserve increased latency at the hop where the delay was introduced.
Example Output (After Delay)
1 192.168.1.1 2.456 ms 1.984 ms 1.753 ms
2 203.0.113.1 305.231 ms 309.456 ms 308.789 ms
3 198.51.100.1 325.678 ms 324.876 ms 326.123 ms
4 142.250.74.142 345.567 ms 343.892 ms 344.210 ms
- Hop 2 now shows significant latency, indicating a bottleneck.
Step 5: Remove Artificial Delay
Remove the delay to restore normal traffic flow:
sudo tc qdisc del dev eth0 root netemVerify that the rule has been removed:
sudo tc qdisc show dev eth0Solution & Explanation
How Traceroute Works
- Traceroute sends packets with incrementally increasing TTL (Time-To-Live) values.
- Each router decrements the TTL, and when it reaches zero, the router responds with an ICMP Time Exceeded message.
- This reveals each hop along the packet’s path and the latency to each.
Identifying Bottlenecks
- High latency at a specific hop suggests congestion or issues with that router.
- Packet loss at a hop indicates possible packet filtering or routing issues.
Impact of Artificial Delay
- Introducing delay using
tcsimulates real-world network congestion. - Traceroute reveals the exact point in the network where the bottleneck occurs.
Testing & Verification
- Confirm that the traceroute identifies increased latency at the simulated bottleneck.
- Verify that removing the delay restores normal latency.
Benefits of Using Traceroute
- Path Discovery: Identifies the path packets take to a destination.
- Latency Analysis: Detects high-latency links in the network.
- Bottleneck Detection: Pinpoints where network slowdowns occur.
- Routing Troubleshooting: Diagnoses routing misconfigurations.
Additional Script (Optional)
Automate delay simulation and removal:
#!/bin/bash
# Apply artificial delay
if [ "$1" == "add" ]; then
sudo tc qdisc add dev eth0 root netem delay 300ms
echo "300ms delay applied."
# Remove delay
elif [ "$1" == "remove" ]; then
sudo tc qdisc del dev eth0 root netem
echo "Delay removed."
else
echo "Usage: $0 {add|remove}"
fi
Run the script:
chmod +x simulate_delay.sh
sudo ./simulate_delay.sh add # To introduce delay
sudo ./simulate_delay.sh remove # To remove delay
Conclusion
In this exercise, you used traceroute to map network paths and identify bottlenecks. You simulated a network delay with tc and analyzed its impact on packet flow. This technique is essential for diagnosing network issues and optimizing network performance.
0 Comments