How Does Internet Data Travel? Learn Through Traceroute
6 min read
Table of contents
- 📦 What Is traceroute?
- 🧭 What’s a "Hop"?
- 🧪 What Does Traceroute Show?
- 🧰 Traceroute Command Structure
- ⚙️ What Happens Internally (Simplified)
- 📌 Common Scenarios in Traceroute Output
- 🔍 Real-Life Use Case: Arjun Troubleshoots a Latency Issue
- 🧠 Traceroute vs. Ping
- 🔐 Does Traceroute Work Everywhere?
- 🧭 1. How to Judge the Length of a Route Without Locations
- 🛰️ 2. Can I See Physical Locations of Each Hop?
- 📘 SAA Exam & Real-World Cloud Use Cases
Arjun was troubleshooting why his AWS-hosted app was loading slowly for users in another country. He had already tried pinging the server, but the response looked fine.
“Something’s off. But I don’t know where it’s slowing down,” he thought.
That’s when he discovered the tool that reveals how internet traffic travels: Traceroute.
📦 What Is traceroute?
Traceroute is a command-line tool that shows the exact path your data takes to reach a destination (like a website or IP address), step by step.
It helps answer questions like:
Which network routers (called hops) your data passes through
Where slowdowns or failures happen
How long it takes to travel each segment
Think of traceroute as a map of your internet journey, showing each stop your packet makes on the way to its destination.
🧭 What’s a "Hop"?
A hop is one stop along the route your data takes across the internet.
For example:
- Your laptop → Wi-Fi router → ISP router → Internet exchange → Destination server
Each of these is a hop. Traceroute counts and shows them.
🧪 What Does Traceroute Show?
Here’s what Arjun saw when he ran it:
traceroute to example.com (93.184.216.34), 30 hops max
1 192.168.1.1 1.123 ms 0.932 ms 0.881 ms
2 10.0.0.1 3.435 ms 3.201 ms 3.408 ms
3 203.0.113.5 15.11 ms 14.94 ms 15.01 ms
4 93.184.216.34 45.66 ms 44.97 ms 45.12 ms
How to Read It:
| Column | Meaning |
| Hop Number | Sequence of the stop (1, 2, 3...) |
| IP Address or Hostname | Device/router at that hop |
| Three Times (ms) | The response times (in milliseconds) for three test packets sent to that router. |
🧰 Traceroute Command Structure
Basic Command:
traceroute <destination>
🔹 For Linux/macOS: traceroute
🔹 For Windows: tracert
Example:
traceroute google.com
You can also use an IP address:
traceroute 8.8.8.8
⚙️ What Happens Internally (Simplified)
Traceroute sends packets with a Time To Live (TTL) starting at 1.
Each router on the path decreases TTL by 1.
When TTL reaches 0, the router drops the packet and sends back a “Time Exceeded” ICMP message.
Traceroute logs that hop and tries again with TTL=2, then 3, etc.
This continues until:
The destination is reached
Or the max number of hops (default 30) is hit
📌 Common Scenarios in Traceroute Output
| What You See | What It Means |
* * * | The router didn’t respond (maybe firewalled or busy) |
| Very high time (e.g. 300ms) | Latency issue at that hop |
| Repeating hops | Possible loop or route misconfiguration |
| Final destination IP matches target | ✅ Success! |
🔍 Real-Life Use Case: Arjun Troubleshoots a Latency Issue
Arjun's site hosted in AWS Europe (Ireland) was slow for Indian users.
He ran:
traceroute myapp.com
He saw hops that included:
Ireland
Germany
Then suddenly… New York
Then back to India
This “U-turn” explained the latency — and was caused by routing policies (BGP).
Now he knew exactly where the problem was.
🧠 Traceroute vs. Ping
| Feature | ping | traceroute |
| Shows full path? | ❌ | ✅ |
| Shows delay? | ✅ (total) | ✅ (per hop) |
| Great for finding slow links? | ❌ | ✅ |
| Used in cloud & AWS VPCs? | ✅ | ✅ |
🔐 Does Traceroute Work Everywhere?
Not always.
Some routers block or ignore ICMP
Firewalls may drop or hide hops
NAT can mask internal IPs
But it’s still an excellent first step in network diagnosis.
🧭 1. How to Judge the Length of a Route Without Locations
Even though traceroute doesn’t always show geographic locations, you can still estimate how “long” the route is based on:
✅ A. Number of Hops
Each line in traceroute is a hop (router your packet passes through).
A typical route from your home to a major website like Google usually takes:
6–12 hops = short route (within a region or country)
12–20+ hops = medium to long
30 hops = likely inefficient, looped, or far away
📌 In your output: You reached Google in 9 hops → ✅ That’s a short route
✅ B. Latency (Time in ms)
Look at the latency times (in milliseconds):
<10ms = Local (within the same city or region)
10–40ms = National or nearby country
40–100ms = Cross-continent (e.g., India to Europe)
100ms+ = Intercontinental (e.g., India to US, Asia to South America)
📌 In your trace:
Your average latency was around 12–18ms
Final hop (Google) = 14.8ms
✅ This means the destination is quite close, likely within your country or region
🛰️ 2. Can I See Physical Locations of Each Hop?
Not directly from traceroute, but you can use tools like:
🌐 A. Online IP Lookup Tools:
https://whois.domaintools.com/
https://bgp.he.net/
Paste the IPs (like 103.241.47.89) and it will tell you:
Country
City (sometimes)
Organization / ISP
Hosting provider (Google, AWS, etc.)
Example:
bashCopyEditIP: 142.250.207.174 → Google India server (Mumbai or Hyderabad)
📘 If most IPs belong to the same ISP or Google directly, that usually means the route is short and efficient.
📘 SAA Exam & Real-World Cloud Use Cases
| Scenario | Use traceroute to... |
| Troubleshooting EC2 latency | See where slowness occurs between client and EC2 |
| VPC Peering debugging | Find if packets reach destination or get blocked |
| Public network routing | See how AWS routes traffic region-to-region |
| Partner whitelisting | Prove if traffic leaves through correct Elastic IP |
Learn more about Compliance
The Ultimate Guide to IP Address: Public, Private and Classes
ISO 27001 vs ISO 27701: Key Differences and How They Work Together