Traceroute vs. tracepath: What's the difference?

How to use traceroute

Let's begin with the more traditional traceroute command. When run, this command causes the system to use Internet Control Message Protocol packets to report the IP address of each router the test encounters. It also provides speed information, helping administrators determine whether a section of the network is slow.

More importantly, traceroute shows where connectivity ceases along the path, enabling network administrators to pinpoint the failed segment or router. The ping command, which network administrators use to test connectivity, would not provide this information; it would only state that the connection failed. Traceroute indicates where the connection failed.

It uses TCP/IP's time-to-live values to track the hops. The term hop describes each point -- or each router -- on the path.

However, traceroute usually requires elevated privileges to run. On many Linux distributions, standard users who cannot use su or sudo to elevate their credentials cannot use the tool.

How to use tracepath

Tracepath works similarly, but offers two significant differences from traceroute.

First, the tracepath command measures Maximum Transmission Unit (MTU) sizes along the path, which helps administrators recognize packet fragmentation issues that could affect performance. It provides slightly different network performance data than traceroute.

Second, tracepath does not typically require root privileges to run, enabling standard users to troubleshoot network issues without needing to elevate their privileges. Like traceroute, tracepath is a standard command on most Linux distributions.

How to install traceroute and tracepath

Most Linux distributions already have traceroute installed. It's likely to have tracepath, too. However, if a system doesn't have either of them, use the following commands to install them.

How to install traceroute

Traceroute is usually a standalone tool. On Debian, Ubuntu and similar, type the following command:

apt install traceroute

If using Red Hat Enterprise Linux (RHEL), Fedora, Rocky or AlmaLinux, type:

dnf install traceroute

How to install tracepath

Tracepath is usually part of a larger package of utilities called iputils.

RHEL, Fedora and other Red Hat-derived systems will accept the following command:

dnf install iputils

Debian, Ubuntu and similar users can type the following command to install tracepath:

apt install iputils-tracepath

Traceroute vs. tracepath: When to use either

Network administrators should plan to use traceroute to gather general network path information and latency data, assuming they have root or elevated privileges on the system.

They should rely on tracepath for MTU information, particularly when troubleshooting packet size and fragmentation issues. Most network administrators will likely not need elevated privileges for this, so it may be the only option.

Alternatives to traceroute and tracepath

Several other tools that aid in troubleshooting network connectivity and congestion using Linux systems exist beyond traceroute and tracepath. Examples include the following:

• Ping.
• My Traceroute (MTR).
• Nmap.

Ping

Traceroute and tracepath differ from the standard ping troubleshooting command. Ping indicates whether a path exists between the source and destination devices. Traceroute and tracepath, on the other hand, identify that path. All three are essential to network configuration.

MTR

MTR combines traceroute and ping to monitor the route and provide real-time performance statistics. It provides a steady monitoring feed rather than a traceroute single point-in-time report.

Type the following mtr command and the target IP address or name to start the query:

mtr <target-IP-address>

Nmap

Nmap with traceroute combines scanning and route investigation to provide a more complete network picture.

Use the following command as an example in a network environment:

nmap --traceroute <target-IP-address>

Network administrators can add many other useful Nmap options to fine-tune troubleshooting.

Best practices for traceroute and tracepath

Adding traceroute and tracepath to the sysadmin toolbox provides network administrators with extensive information for troubleshooting the most stubborn network problems.

Windows users don't have access to tracepath. However, tracert is the Windows equivalent of Linux's traceroute. MacOS admins also have access to traceroute, but tracepath is not included.

Follow these best practices to make the most of traceroute and tracepath:

• Use IP addresses rather than hostnames, when possible, to speed queries by avoiding DNS name resolution delays.
• Adjust timeout and maximum hops parameters on larger networks.
• Show developers, power users and other non-administrative users how to use tracepath to avoid them having to elevate privileges.
• Use traceroute6 and tracepath -6 for IPv6 networks.
• Run probes in both directions for the most complete results.
• Investigate hops with latency or timeouts that indicate network congestion.
• Use additional network troubleshooting tools, including ping, netstat, ip and pathping on Windows.

Damon Garn owns Cogspinner Coaction and provides freelance IT writing and editing services. He has written multiple CompTIA study guides, including the Linux+, Cloud Essentials+ and Server+ guides, and contributes extensively to TechTarget Editorial, The New Stack and CompTIA Blogs.