Many small network tools are out there: Ping, Traceroute, Dig, Host, etc.
However, it is not often that one of these small command-line utilities combines the functionality of two in a single program. The MTR command is such a case. It is a combination of ping and traceroute.
What is the MTR command?
MTR (Matt’s traceroute) is a program with a command-line interface that serves for network diagnostic and troubleshooting. The original code was created by Matt Kimball in 1997. One year later, Roger Wolff continued its work and renamed it to My traceroute.
The advantage of this software is that it combines the functionality of the Ping command and the Traceroute. Just like a typical traceroute query, a query from the MTR command will show the route from a computer to a specified host.
This has the edge over the traditional is that it will also provide a lot of statistics about each hop, like response time and percentage.
So, using the MTR command, you will get more information about the route and see problematic devices on the way. If you see a sudden increase in time of response or packet loss, you have found a bad link.
In a brief, the MTR command serves you for the following:
- Check the connectivity from the computer with the command to a destination.
- See packet loss. It will indicate the quality of the connectivity between the points.
- Time for a round-trip. You can see the exact time it takes for the packets to reach the destination and provide a report.
The MTR command is available on Unix-based OSes like Linux (Ubuntu, CentOS, Fedora, etc.), macOS, and FreeBSD. There is a version of MTR for Windows, but with limited functionality. There is also WinMTR for Windows, but its code is different.
Benefits of using it
The Linux MTR command offers a range of benefits in managing and troubleshooting networks:
First, it helps determine precisely where network issues are located. By running the command, the user can identify the host or router on a given path that is causing the problem, making it much easier to locate the source of the issue and resolve it quickly with minimal disruption.
Second, it is incredibly versatile and can be used for various tasks. Not only can it be used for troubleshooting purposes, but it can also be used for high-level performance monitoring and optimization. This is especially useful for administrators who need to keep an eye on the overall health of their networks.
Third, it is very easy to set up and use. The command is relatively straightforward, and the user can quickly start gathering valuable information without investing too much time and effort in setting it up or configuring it. In addition, once it is set up, it requires minimal maintenance and is well-suited for automated processes and long-term monitoring applications.
Performing MTR on Linux, macOS and Windows
How to use the MTR command on Linux or FreeBSD?
*You will need administrative privileges for MTR on Linux and FreeBSD (sudo)
- First, you will need to open the Terminal application.
- To get the MTR command on Linux (Ubuntu or Debian), you will need to install it with this command “sudo apt-get install mtr”, “sudo yum install mtr” for CentOS, Fedora or “sudo pkg iWnstall package_name” on FreeBSD.
- Use the following command “mtr -rw [destination_host]” for basic information or check the syntax and the examples below, to do more advanced tasks. Change the destination_host with the one you like. Use it for 10-15 minutes.
How to use the MTR command on macOS?
*You will need administrative privileges for MTR on macOS (sudo). The command won’t be pre-installed, so you will need to install it first.
- You will need Brew to install it. Go to Brew’s site and there choose a language.
- Under it, you will see a text command, copy it.
- On your Mac computer, go to Applications, then Utilities, and there open the Terminal application.
- Inside the Terminal, paste the text and press Enter.
- You will be prompted a message to put your password. Do it and press Enter.
- After Brew is already installed, you will need to write a new command: “brew install mtr” and press Enter.
- When the MTR gets installed, you can start it with “sudo mtr” and Enter. Use this code “mtr -rw [destination_host]” to perform a basic check. Change the destination_host with the one you like. Run it for 10-15 minutes.
- Now you can start using the MTR command on macOS. See the syntax below and the examples to learn how to do more complex tasks.
How to use the MTR command on Windows?
- First, you need to download WinMTR from GitHub.
- Get the file called WinMTR-v100-static.zip, unzip it, and there will be two versions: WinMTR.exe (32bit) and WinMTR64.exe.
- Choose depending on your version of Windows and double click it.
- Put the host you want to check in the Host box. If you need extra options, you can see them in “Options”
- Press start and run it for a while (10-15 minutes).
- Stop it when you think you got enough information. You can copy the text and save it in a text file.
MTR command syntax and list of options
This is the syntax of MTR command on Linux:
mtr [-hvrctglspni46] [–help] [–version] [–report] [–report-cycles COUNT] [–curses] [–split] [–raw] [–no-dns] [–gtk] [–address IP.ADD.RE.SS [–interval SECONDS] [–psize BYTES | -s BYTES] HOSTNAME [PACKETSIZE]
You can see all the available options for MTR command on Linux:
Option | Description |
-h–help | Show all the available options. |
-v–version | Show the version of the MTR command. |
-r–report | This starts the report mode. In this mode, it will run the specified by “–c” number of times and show statistics at the end. |
-w–report-wide | Wide report mode. The difference with the previous is that it won’t cut hostnames in the report. |
-c COUNT–report-cycles COUNT | Specify the number of pings. |
-s BYTES–psize BYTES PACKETSIZE | Set the size of the packets. If set to a negative number, it will send packets of random size. |
-t–curses | Force curses-based terminal interface. |
-n–no-dns | Show numeric IP numbers and no hostname resolving. |
-g–gtk | Force GTK+ interface. |
-p–split | Set the mtr command for the split-user interface. |
-l–raw | With the letter “L”, you can set the use of the raw output format. |
-a IP.ADD.RE.SS–address IP.ADD.RE.SS | Bing outgoing packets’ sockets to a particular interface. |
-i SECONDS–interval SECONDS | Set the time in seconds between each ICMP ECHO request. |
-u | Force UDP use instead of ICMP ECHO. |
-4 | Force IPv4 only. |
-6 | Force IPv6 only. |
MTR command examples
We will show you multiple examples of the MTR command and how to use it on Linux. You can use the same examples when you are using macOS or FreeBSD (there might be small differences). We will use Google.com as a hostname and some public IP addresses. You can change them and use them for your purposes.
The basic mtr command
$ mtr google.com
It will show you the basic statistics: each hop (hostnames) with time and loss%.
Show numeric IP addresses
$ mtr -g google.com
If you use “-g” you will get IP addresses (numbers) instead of hostnames. You can use the IP addresses with another tool for further diagnosis.
Show the numeric IP addresses and hostnames too
$ mtr -b google.com
Now you will see both hostnames and IP addresses. The addresses will be inside brackets.
Set the number of pings that you want to send
$ mtr -c 10 google.com
In this case, you are setting the number of pings that you want to send (10 in this case). You can set it to a big number like 1000 to check a hostname for a longer period and get a better idea of the connectivity.
Get a report of the MTR command result
$ mtr -r -c 10 google.com >mtr-command-google
or
$ mtr -rw -c 10 google.com >mtr-command-google
We do that with the “-r”. Here we have set the number of pings to 10, and the last part, “mtr-command-google”, is the name that you can change the way you like.
When you use the “-rw” you can get a cleaner report, easier on the eyes.
Rearrange the report
$ mtr -o “LSDR NBAW JMXI” google.com
The “-o” is for output. You can change the report format with this code, so you get the information the way you like.
Time intervals between ICMP ECHO requests
$ mtr -i 10 google.com
With “-c”, we set the number of pings. With the “-i” you set the time interval between the ICMP ECHO pings.
Use TCP
$ mtr –tcp google.com
Force the use of the TCP instead of the ICMP.
Use UDP
$ mtr –udp google.com
Force the use of the UDP instead of the ICMP.
Set the maximum amount of hops
$ mtr -m 35 216.58.223.78
We will use “-m” and a value of 35 to a specific IP address. You can change it to a more significant value if the query does more hops on the way.
Define the packet size
$ mtr -r -s 50 google.com
You can decide the specific packet size for the pings. In this example of a MTR command, we are using 50 bytes.
Print to CSV Output
$ mtr –csv google.com
Use it if the CSV format works better for you than the traditional report.
Print to XML Output
$ mtr –xml google.com
Use it if the XML format works better for you than the regular report.
More information and help
$ man mtr
or
$ mtr –help
Those two commands can give you more information about the MTR command and how to use it
MTR and Traceroute, Ping, Nslookup, Host, and Dig
MTR is a powerful yet versatile network monitoring and troubleshooting command, and in combination with Traceroute, Ping, Nslookup, Host, and Dig, you can have a complete overview of your network. Let’s look at them in more detail:
The traceroute command is a valuable utility for measuring the latency between two points on a network. By running a traceroute, the user can view all of the hops between two systems and quickly identify network problems such as packet loss or slow speeds.
For more basic load measuring, the ping command is often used. It measures latency, packet loss, and other metrics between two devices on the network. Ping is a simple tool that is easy to understand and use, making it a popular choice for those just starting with network monitoring.
The nslookup command (abbreviated from “name server look-up”) allows users to query domain name servers from a command line interface. This command can be used to query a DNS server for a specific domain name or IP address, obtaining information about the associated record and the underlying DNS records. nslookup is a helpful tool for troubleshooting name resolution problems and verifying the results of another name resolution query.
The host command is an alternative to nslookup, providing advanced features such as recursion and low-level control over the query process. It allows users to perform DNS lookup operations in bulk, as well as query a DNS server for multiple records in a single command. It provides more control over the entire name resolution process than nslookup and is a valuable troubleshooting tool for more complicated name resolution issues.
The dig command (short for “domain information groper”) is a robust DNS troubleshooting tool that provides a variety of features and settings for configuring and optimizing DNS queries. Unlike nslookup and host, dig allows users to send numeric requests, giving them more control over the behavior of their DNS queries. It also provides detailed information about the results of its queries, making it a great choice for more experienced users who are looking for in-depth analysis of the DNS records.
Security Concerns with MTR
The Linux MTR command offers a range of benefits for managing and troubleshooting networks, but it is important to consider the security implications of using it. Here are some of the most common security concerns with MTR:
First, MTR commands can potentially reveal private information. For example, the command may reveal the operating system running on a remote machine or the precise network path between two computers. This can facilitate attacks and data breaches, as malicious actors can use this information to launch more targeted attacks.
Second, MTR commands can also be used to initiate Denial of Service (DoS) or DDoS (Distributed Denial of Service) attacks. For example, a malicious user could send multiple MTR requests to a given server to overwhelm it with requests and cause a DoS event.
Finally, MTR commands can be deployed in networks to gain unauthorized access. By running MTR commands, a malicious user may be able to discover vulnerabilities in networking configurations and gain access to sensitive data. Any unauthorized access to networked systems needs to be blocked and reported as soon as possible.
Best practices when using the MTR command
In order to ensure that the MTR command works to its fullest potential, it is recommended that you follow some best practices that can help maximize its effectiveness. These practices can help ensure that the MTR command serves you efficiently and accurately and provides you with the information you need to troubleshoot network issues effectively.
- Selecting Destination Hosts: Choose destination hosts strategically to diagnose specific network segments or endpoints relevant to the precise issue.
- Results Interpretation: Understand the significance of packet loss and latency values, considering factors like network topology, distance, and time of day.
- Comparative Analysis: Compare MTR outputs from different time periods or under different network conditions to identify patterns and trends.
- Collaboration: Share MTR reports with network peers or ISPs when seeking assistance or troubleshooting network issues collaboratively.
- Security: Be aware of the importance of privacy and security when sharing network traces, especially if they contain sensitive information. Remove or anonymize any sensitive data before sharing the results.
Tech Enthusiast & Knowledge Sharer
I am a passionate technologist dedicated to demystifying the world of networking, cloud computing, and automation. Focusing on simplicity and practicality.
I believe in breaking down complex concepts into understandable and actionable insights.