Solved

Tracing the Network Path

Posted on 2014-01-07
14
42 Views
Last Modified: 2015-09-23
I want to know what is the network path which is taken from Location A to Location B & the return path. What is the way to achieve this ?

Is there any way to identify the path taken from Location A to Location B is the same as the return path from Location B to Location A.

Let me know how to check it.
0
Comment
Question by:SrikantRajeev
  • 4
  • 3
  • 2
  • +3
14 Comments
 
LVL 6

Expert Comment

by:Jordan Medlen
ID: 39762589
tracert (Windows) or tracepath (Linux) will be what you'll want to run. Do you have access to a system at both locations? You will need to in order to find the return path.
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39762590
Extended ping can do that from a cisco device.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 39762594
Best way is to ping and use the record route function. But that only works up to 9 hops.

For example, for a windows PC, you can use "ping -r 9 10.2.3.4"
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39762599
Tracert/Traceroute will give the path info from source to destination but will not give return path info from destination to source.
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 39762677
it also kind of depends on the path that your packet takes between the two locations and how much detail you want to know.  you won't see every hop if it goes thru a tunnel of any kind (by design of how the technology works though) or MPLS networks (which is label switching, not IP so again by technology design).

Just something to be aware of anyway if you "know" there should be more in the trace list than you see.  There could be technologies used that mask "real" hops due to encapsulation.

but yes, trace route is what you want as that is the most, from a purely clients perspective, way to tell the path your packet takes.
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 39764154
pathping <destination ip or hostname>

Using a PC. This does not show return path either but you will have to assume or hope that the to and fro paths are the same. May not be the same if there are alternate paths, especially if traffic conditions or policy exist
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39764244
ping -r9 <IP Addresss> gives me the ping response with the path from source to destination.
I am not able to find out the reverse path for the ping reply to confirm if it the same path or diff path.

The traceroute also does the same. Any idea how to achieve this....
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 25

Expert Comment

by:Cyclops3590
ID: 39764957
run the same commands from the other side.  there's really no other way without having direct insight into the routing environment between the two points.
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 39765235
You can try the source route option with tracert. That will give you your return path but unfortunately, this is usually blocked as hackers take advantage of it.

Usage: tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout]
               [-R] [-S srcaddr] [-4] [-6] target_name

Options:
    -d                                  Do not resolve addresses to hostnames.
    -h maximum_hops    Maximum number of hops to search for target.
    -j host-list                  Loose source route along host-list (IPv4-only).
    -w timeout                 Wait timeout milliseconds for each reply.
    -R                                  Trace round-trip path (IPv6-only).
    -S srcaddr                    Source address to use (IPv6-only).
    -4                                   Force using IPv4.
    -6                                   Force using IPv6.





Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]
            [-r count] [-s count] [[-j host-list] | [-k host-list]]
            [-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name

Options:
    -t                             Ping the specified host until stopped.
                                   To see statistics and continue - type Control-Break;
                                   To stop - type Control-C.
    -a                            Resolve addresses to hostnames.
    -n count                 Number of echo requests to send.
    -l size                     Send buffer size.
    -f                            Set Don't Fragment flag in packet (IPv4-only).
    -i TTL                     Time To Live.
    -v TOS                    Type Of Service (IPv4-only. This setting has been deprecated
                                   and has no effect on the type of service field in the IP Head
er).
    -r count                  Record route for count hops (IPv4-only).
    -s count                  Timestamp for count hops (IPv4-only).
    -j host-list          Loose source route along host-list (IPv4-only).
    -k host-list         Strict source route along host-list (IPv4-only).
    -w timeout             Timeout in milliseconds to wait for each reply.
    -R                        Use routing header to test reverse route also (IPv6-only).
                                    Per RFC 5095 the use of this routing header has been
                                    deprecated. Some systems may drop echo requests if
                                    this header is used.

    -S srcaddr          Source address to use.
    -4                              Force using IPv4.
    -6                              Force using IPv6.




Usage: pathping [-g host-list] [-h maximum_hops] [-i address] [-n
                [-p period] [-q num_queries] [-w timeout]
                [-4] [-6] target_name

Options:
    -g host-list                 Loose source route along host-list.
    -h maximum_hops       Maximum number of hops to search for target.
    -i address                      Use the specified source address.
    -n                                    Do not resolve addresses to hostnames.
    -p period                        Wait period milliseconds between pings.
    -q num_queries             Number of queries per hop.
    -w timeout                      Wait timeout milliseconds for each reply.
    -4                                     Force using IPv4.
    -6                                     Force using IPv6.
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 39765281
source routing won't give reliable data though because you specify that list.  So it only pertains to that trace route test.  It's not the true return path for normal data.
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 500 total points
ID: 39768447
The ICMP record route function is bi-directional. As long as there's room in the field (up to 9 entries), there should be entries for each hop in both directions.

Of course that assumes the destination and intermediate devices support the feature.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39774946
Will check this options
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 40992202
I've requested that this question be closed as follows:

Accepted answer: 0 points for SrikantRajeev's comment #a39774946

for the following reason:

Thanks
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
ID: 40992203
Thanks
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
Is your computer hacked? learn how to detect and delete malware in your PC
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now