Home > Article > Operation and Maintenance > How to perform link testing through the mtr command line tool in a Linux environment
How to perform link testing through the mtr command line tool in a Linux environment
- 坏嘻嘻Original
- 2018-09-28 14:44:407449browse
This article introduces how to perform link testing through the mtr command line tool in the Linux environment, and focuses on the specific steps. The content of this article is compact, and I hope you can gain something from it.
Linux instance website access packet loss delay is high
When the website access is very slow or inaccessible, if other obvious problems are eliminated and obvious packet loss is detected in ping, it is recommended that you Perform link testing. In a Linux environment, you can use the mtr command line tool (preferred) or the traceroute command line tool to conduct a link test to determine the source of the problem.
Normally, please follow the steps below:
Use the link test tool to detect network conditions and server status.
Analyze and process based on the link test results.
mtr command line tool (preferred)
mtr (My traceroute) is a network testing tool pre-installed in almost all Linux distributions. The graphical interface integrating tracert and ping commands is very powerful.
ping and tracert are usually used to detect network conditions and server status. The specific instructions are as follows:
mtr defaults to sending ICMP packets for link detection. Use the -u parameter to specify UDP packets for detection. Compared with traceroute, which only performs a link tracking test once, mtr will continuously detect relevant nodes on the link and provide corresponding statistical information. mtr can avoid the impact of node fluctuations on test results, so its test results are more accurate, and it is recommended to be used first.
Usage instructions
mtr [-hvrctglspni46] [--help] [--version] [--report]
[--report-cycles=COUNT] [--curses] [--gtk]
[--raw] [--split] [--no-dns] [--address interface]
[--psize=bytes/-s bytes]
[--interval=SECONDS] HOSTNAME [PACKETSIZE]Example output
[root@centos ~]# mtr 223.5.5.5
My traceroute [v0.75]
mycentos6.6 (0.0.0.0) Wed Jun 15 23:16:27 2016
Keys: Help Display mode Restart statistics Order of fields quit
Packets Pings
Host Loss% Snt Last Avg Best Wrst StDev
1. ???
2. 192.168.17.20 0.0% 7 13.1 5.6 2.1 14.7 5.7
3. 111.1.20.41 0.0% 7 3.0 99.2 2.7 632.1 235.4
4. 111.1.34.197 0.0% 7 1.8 2.0 1.2 2.9 0.6
5. 211.138.114.25 0.0% 6 0.9 4.7 0.9 13.9 5.8
6. 211.138.114.70 0.0% 6 1.8 22.8 1.8 50.8 23.6
211.138.128.134
211.138.114.2
211.138.114.66
7. 42.120.244.186 0.0% 6 1.4 1.6 1.3 1.8 0.2
42.120.244.198
8. 42.120.244.246 0.0% 6 2.8 2.9 2.6 3.2 0.2
42.120.244.242
9. ???
10. 223.5.5.5 0.0% 6 2.7 2.7 2.5 3.2 0.3Common optional parameter description
-r or -report: Display output in report mode.
-p or --split: List the results of each tracking separately, instead of counting the entire results like --report.
-s or --psize: Specify the size of ping packets.
-n or --no-dns: Do not perform domain name reverse resolution on the IP address.
-a or --address: Set the IP address for sending packets. Used when the host has multiple IPs.
-4: Only use IPv4 protocol.
-6: Only use IPv6 protocol.
While mtr is running, you can also enter the corresponding letters to quickly switch modes. The meaning of each letter is as follows:
? or h: Display the help menu.
d: Switch display mode.
n: Toggle enable or disable DNS domain name resolution.
u: Switch between using ICMP or UDP packets for probing.
Return result description
Under the default configuration, the description of each data column in the return result is as follows:
The first column (Host): Node IP address and domain name. As shown previously, pressing the n key switches the display.
The second column (Loss%): node packet loss rate.
The third column (Snt): Number of packets sent per second. The default value is 10, which can be specified with the -c parameter.
The fourth column (Last): the latest detection delay value.
The fifth, sixth and seventh columns (Avg, Best, Wrst): are the average, minimum and maximum values of detection delay respectively.
The eighth column (StDev): standard deviation. The larger it is, the more unstable the corresponding node is.
traceroute command line tool
traceroute is a network testing tool pre-installed on almost all Linux distributions for tracing Internet Protocol (IP) The path that a packet takes when delivered to its destination address.
traceroute first sends UDP probe packets with a small maximum time-to-live value (Max_TTL) and then listens for ICMP TIME_EXCEEDED responses on the entire link starting from the gateway. Probing starts with TTL=1 and increases the TTL value until an ICMP PORT_UNREACHABLE message is received. The ICMP PORT_UNREACHABLE message is used to identify that the target host has been located, or that the command has reached the maximum TTL value allowed for tracing.
traceroute sends UDP packets for link detection by default. ICMP packets can be sent for probing using the -I parameter.
Usage instructions
traceroute [-I] [ -m Max_ttl ] [ -n ] [ -p Port ] [ -q Nqueries ] [ -r ] [ -s SRC_Addr ] [ -t TypeOfService ] [ -f flow ] [ -v ] [ -w WaitTime ] Host [ PacketSize ]
Example output
[root@centos ~]# traceroute -I 223.5.5.5 traceroute to 223.5.5.5 (223.5.5.5), 30 hops max, 60 byte packets 1 * * * 2 192.168.17.20 (192.168.17.20) 3.965 ms 4.252 ms 4.531 ms 3 111.1.20.41 (111.1.20.41) 6.109 ms 6.574 ms 6.996 ms 4 111.1.34.197 (111.1.34.197) 2.407 ms 2.451 ms 2.533 ms 5 211.138.114.25 (211.138.114.25) 1.321 ms 1.285 ms 1.304 ms 6 211.138.114.70 (211.138.114.70) 2.417 ms 211.138.114.66 (211.138.114.66) 1.857 ms 211.138.114.70 (211.138.114.70) 2.002 ms 7 42.120.244.194 (42.120.244.194) 2.570 ms 2.536 ms 42.120.244.186 (42.120.244.186) 1.585 ms 8 42.120.244.246 (42.120.244.246) 2.706 ms 2.666 ms 2.437 ms 9 * * * 10 public1.alidns.com (223.5.5.5) 2.817 ms 2.676 ms 2.401 ms
Common optional parameter description
-d Use the Socket level debugging function.
-f Set the size of the survival value TTL of the first detection packet.
-F sets no segmentation flag.
-g Set source routing gateways, up to 8 can be set.
-i Use the specified network card to send data packets. Used when the host has multiple network cards.
-I Use ICMP packets instead of UDP packets for probing.
-m Set the size of the maximum survival value TTL of the detection packet.
-n Use IP address directly instead of hostname (disable DNS reverse lookup).
-p Set the communication port of UDP transmission protocol.
-r Ignore the ordinary Routing Table and send the data packet directly to the remote host.
-s Set the IP address of the local host to send data packets.
-t Set the TOS value of the detection packet.
-v displays the execution process of the command in detail.
-w Set the time to wait for a packet return from the remote host.
-x Turn on or off the correctness check of data packets.
Analysis of link test results
Based on the following link test result example diagram:
Operation steps
Determine whether there are abnormalities in each area, and handle them separately according to the situation in each area.
Area A: Client local network, that is, local LAN and local network provider network. For abnormalities in this area and node issues related to the client's local network, please troubleshoot and analyze the local network; for node issues related to the local network provider's network, please provide feedback to the local operator.
Area B: Carrier backbone network. For abnormalities in this area, you can query the operator based on the abnormal node IP, and then report the problem to the corresponding operator directly or through Alibaba Cloud after-sales technical support.
Area C: The local network of the target server, that is, the network provider network to which the target host belongs. For abnormalities in this area, the problem needs to be reported to the network provider to which the target host belongs.
Combine Avg (average) and StDev (standard deviation) to determine whether there is an abnormality in each node.
If StDev is very high, observe the Best and Wrst of the corresponding node synchronously to determine whether there is an abnormality in the corresponding node.
If StDev is not high, use Avg to determine whether there is an abnormality in the corresponding node.
Note: There is no specific time range standard for the above StDev to be high or not high. A relative evaluation needs to be made based on the delay values of other columns of the same node. For example, if Avg is 30 ms, then when StDev is 25 ms, this is considered a high deviation. And if Avg is 325 ms, the same StDev (25 ms) is considered to be a low deviation.
Check the node packet loss rate. If Loss% is not zero, it means there may be a problem with this hop network.
There are usually two reasons for node packet loss:
Artificially limiting the ICMP sending rate of the node, resulting in packet loss.
There is indeed an abnormality in the node, resulting in packet loss.
Determine the reason for packet loss of the current abnormal node.
If no subsequent nodes lose packets, it means that the packet loss of the current node is due to the operator's policy restrictions and can be ignored. As shown in the 2nd hop in the previous link test result example diagram.
If subsequent nodes also experience packet loss, it means that there is a network abnormality on the current node, resulting in packet loss. As shown in the link test result example diagram above, hop 5 is shown.
Note: The above two situations may occur at the same time, that is, the corresponding node has both policy speed limit and network abnormality. For this situation, if the current node and its subsequent nodes continuously experience packet loss, and the packet loss rates of each node are different, the packet loss rate of the last few hops usually prevails. As shown in the link test result example picture above, packet loss occurred at the 5th, 6th, and 7th hops. Therefore, the final packet loss situation is based on 40% of the 7th hop as a reference.
Confirm whether the node is abnormal by checking whether there is an obvious delay. Analyze from the following two aspects:
If the delay after a certain hop increases significantly, it is usually judged that the node has a network abnormality. As shown in the link test result example picture above, the delay of subsequent nodes after the 5th hop increases significantly, and it is inferred that a network abnormality occurs at the 5th hop node.
Note: High latency does not necessarily mean that there is an abnormality in the corresponding node. Large latency may also be caused by the data return link. It is recommended to analyze it together with the reverse link test.
ICMP policy rate limit may also cause the delay of the corresponding node to increase sharply, but subsequent nodes will usually return to normal. As shown in the link test result example above, the third hop has a 100% packet loss rate, and the delay also increases significantly. But then the node delay immediately returned to normal. Therefore, it is determined that the sudden increase in delay and packet loss of the node is due to the policy speed limit.
The above is the detailed content of How to perform link testing through the mtr command line tool in a Linux environment. For more information, please follow other related articles on the PHP Chinese website!