Understand what the PING, TRACERT and MTR commands are

You may have heard of someone’s PING command, but you’re not sure what it is, so this tutorial will explain not only the PING command, but also information to be able to
"bewilder" any technician who is knowledgeable and show that you can too, right?

On the Internet, we know that there is a network of computer networks, and also of devices that interconnect all computers, including routers, switches, back-bones, cables and more cables such as fiber optics, radio, etc. .

However, not all devices are always operational, and in order to find out exactly which one is at fault, we will then learn about the tools below.


The PING command was developed to identify whether a device on the network is responding or not. The source computer sends a data packet and, using the ICMP protocol, the destination server returns with a response.

From then on, it is possible to check other data such as response time, the famous data "latency" which is the time it takes for the data to come and go.

The shorter the time, it means that the faster your internet is, however do not confuse it with maximum speed, because an internet can be as slow as and traffic data at high speed.

An example of what latency is for you to understand: NASA receives images with latency of 15 minutes from Mars, but the data arrives at 10 Mbps. The difference is that there is 15 minutes for a given bit to reach Earth.

A PING on Mars would take 30 minutes to complete: (15 minutes to send and 15 minutes to receive).



On the Internet, each piece of information follows different types of technologies and systems until it reaches its final destination. The path that the information takes can be analyzed using the TRACERT command.

Every data packet has TTL (Time To Left) information in its header. Each time the packet leaves one router and goes to another, the TTL is subtracted.

By default, every TCP packet has its TTL set to 255, that is, it can be trafficked by up to 255 routers on the Internet, or the router is returned saying that the TTL has run out in transit.

PING: Parameter -i informs the TTL of the PING packet to be sent.

It expires in transit through a router halfway.

This is also useful so that packets lost on the Internet do not run forever on the Internet, if this happened, the Internet could crash.

The TRACERT command sends PING with several packets and each packet with a different TTL (increasing over time) to the final destination, so it is possible to see where all the information is being transferred.

TRACERT then is nothing more than a command that uses PING successively using as an example the parameter "-i" several times and brings you all the way on the screen.

TRACERT: PING information on the left, and the host name (and / or IP only) on the right.

When performing TRACERT for "", the complete route from where a package from your computer to Google's servers is transported is displayed, all these devices between and (from the image above), are routers and / or backbones on the Internet.

Through TRACERT, it is also possible to identify whether the data is going out of the country, passing through another continent, among other information, for example, if any network device has a very high response time.

See below a TRACERT for the "" website, currently hosted in Amazon's data center in the USA:

What would a handmade TRACERT look like?
PING -i 1
PING -i 2
PING -i 30

Then you could reap all the results and have the same information as just:

MTR (My traceroute or formerly known as Matt's traceroute)

What is MTR? Simple: The combination of PING and TRACERT in one tool.

At the same time that you perform the PING, you also perform the TRACERT, with the difference that: it continues to be executed so that you can check the current status of the network at that exact moment.

You can leave the MTR running for 1 minute or days, and the longer it runs, the more accurate the average responses will be, the minimum rates, among others.

As with PING, the MTR displays the amount of Packet Loss in a percentage.

In a common PING, 4 ICMP information is sent, and from these 4 tests, an average of time is performed, and an average of lost packets.

The MTR is more efficient because it doesn't just send 4 information, it sends 1 ping every second to each device on the way between you and the desired server.

The MTR is not an application installed on computers, nor is it from the Windows environment, it was developed for the Linux environment, for this we access a remote Linux terminal that already has the MTR application installed. (If not, you can use "yum install mtr" for Red Hat / CentOS or "apt-get mtr" for Debian and derivative distributions).

Starting an MTR on Google.
MTR on Google: A few seconds of using the tool.
Google MTR after 15 minutes of execution. The data is obviously more accurate.

Note that there is a TTL number (or counter) at the beginning of the line, after the IP (or host name) and then the columns:

Loss% = Packet Loss: Number of PING's lost.
Snt = Sent: Number of PING's packages sent to the destination.
Last = Latency time in milliseconds for the last PING sent.
Avg = Average / Average: Latency time in milliseconds of the average of all PING's sent.
Best = Best: Lowest latency in milliseconds of all sent PING's.
Wrst = Worse / Worst: Worse latency in milliseconds of all PING's sent.
StDev = Standart Deviation / Standard Deviation: Calculation to identify the dispersion of values (variance) between the best and worst results based on the mean.

Standard Deviation: The lower the number, it says that most times are closer to the average. The higher the number, the greater the dispersion of data across the period.

The standard deviation in this case also displays a fluctuation factor, how the average is distributed in its context.

See more about Standard Deviation at:

No comments