Written by 10:10 am Tools

Linux MTR command

There are many small network tools out there: Ping, Traceroute, Dig, Host, etc. 

But, it is not so often when one of these small command-line utilities has combined the functionality of two in a single program. MTR command is such a case. It is a combination of ping and traceroute. 

What is the MTR command?

MTR (Matt’s traceroute) is a program with a command-line interface that serves for network diagnostic and troubleshooting. The original code was created by Matt Kimball in 1997. One year later, Roger Wolff continued its work and renamed it to My traceroute.

The advantage of this software is that it combines the functionality of the Ping command and the Traceroute. Just like a typical traceroute query, a query from the MTR command will show the route from a computer to a specified host.  

This has the edge over the traditional is that it will also provide a lot of statistics about each hop, like response time and percentage.  

So, using the MTR command, you will get more information about the route and see problematic devices on the way. If you see a sudden increase in time of response or packet loss, you have found a bad link. 

In a brief, the MTR command serves you for the following:

  • Check the connectivity from the computer with the command to a destination. 
  • See packet loss. It will indicate the quality of the connectivity between the points. 
  • Time for a round-trip. You can see the exact time it takes for the packets to reach the destination and provide a report.

The MTR command is available on Unix-based OSes like Linux (Ubuntu, CentOS, Fedora, etc.), macOS, and FreeBSD. There is a version of MTR for Windows, but with limited functionality. There is also WinMTR for Windows, but its code is different.  

Benefits of using it

The Linux MTR command offers a range of benefits in managing and troubleshooting networks: 

First, it helps determine precisely where network issues are located. By running the command, the user can identify the host or router on a given path that is causing the problem, making it much easier to locate the source of the issue and resolve it quickly with minimal disruption. 

Second, it is incredibly versatile and can be used for various tasks. Not only can it be used for troubleshooting purposes, but it can also be used for high-level performance monitoring and optimization. This is especially useful for administrators who need to keep an eye on the overall health of their networks.

Third, it is very easy to set up and use. The command is relatively straightforward, and the user can quickly start gathering valuable information without investing too much time and effort in setting it up or configuring it. In addition, once it is set up, it requires minimal maintenance and is well-suited for automated processes and long-term monitoring applications.

Performing MTR on Linux, macOS and Windows

How to use the MTR command on Linux or FreeBSD?

*You will need administrative privileges for MTR on Linux and FreeBSD (sudo)

  • First, you will need to open the Terminal application.
  • To get the MTR command on Linux (Ubuntu or Debian), you will need to install it with this command “sudo apt-get install mtr”, “sudo yum install mtr” for CentOS, Fedora or “sudo pkg iWnstall package_name” on FreeBSD. 
  • Use the following command “mtr -rw [destination_host]” for basic information or check the syntax and the examples below, to do more advanced tasks. Change the destination_host with the one you like. Use it for 10-15 minutes.

How to use the MTR command on macOS?

*You will need administrative privileges for MTR on macOS (sudo). The command won’t be pre-installed, so you will need to install it first.

  • You will need Brew to install it. Go to Brew’s site and there choose a language. 
  • Under it, you will see a text command, copy it. 
  • On your Mac computer, go to Applications, then Utilities, and there open the Terminal application. 
  • Inside the Terminal, paste the text and press Enter. 
  • You will be prompted a message to put your password. Do it and press Enter. 
  • After Brew is already installed, you will need to write a new command: “brew install mtr” and press Enter. 
  • When the MTR gets installed, you can start it with “sudo mtr” and Enter. Use this code “mtr -rw [destination_host]” to perform a basic check. Change the destination_host with the one you like. Run it for 10-15 minutes.
  • Now you can start using the MTR command on macOS. See the syntax below and the examples to learn how to do more complex tasks. 

How to use the MTR command on Windows? 

  • First, you need to download WinMTR from GitHub.
  • Get the file called WinMTR-v100-static.zip, unzip it, and there will be two versions: WinMTR.exe (32bit) and WinMTR64.exe. 
  • Choose depending on your version of Windows and double click it.   
  • Put the host you want to check in the Host box. If you need extra options, you can see them in “Options”
  • Press start and run it for a while (10-15 minutes). 
  • Stop it when you think you got enough information. You can copy the text and save it in a text file. 

MTR command syntax and list of options

This is the syntax of MTR command on Linux: 

mtr [-hvrctglspni46] [–help] [–version] [–report] [–report-cycles COUNT] [–curses] [–split] [–raw] [–no-dns] [–gtk] [–address IP.ADD.RE.SS [–interval SECONDS] [–psize BYTES | -s BYTES] HOSTNAME [PACKETSIZE]

You can see all the available options for MTR command on Linux:

OptionDescription
-h–helpShow all the available options.
-v–versionShow the version of the MTR command.
-r–reportThis starts the report mode. In this mode, it will run the specified by “–c” number of times and show statistics at the end.  
-w–report-wideWide report mode. The difference with the previous is that it won’t cut hostnames in the report. 
-c COUNT–report-cycles COUNTSpecify the number of pings. 
-s BYTES–psize BYTES PACKETSIZESet the size of the packets. If set to a negative number, it will send packets of random size. 
-t–cursesForce curses-based terminal interface.
-n–no-dnsShow numeric IP numbers and no hostname resolving.
-g–gtkForce GTK+ interface. 
-p–splitSet the mtr command for the split-user interface. 
-l–rawWith the letter “L”, you can set the use of the raw output format. 
-a IP.ADD.RE.SS–address IP.ADD.RE.SSBing outgoing packets’ sockets to a particular interface. 
-i SECONDS–interval SECONDSSet the time in seconds between each ICMP ECHO request. 
-uForce UDP use instead of ICMP ECHO.
-4Force IPv4 only.
-6Force IPv6 only.

MTR command examples 

We will show you multiple examples of the MTR command and how to use it on Linux. You can use the same examples when you are using macOS or FreeBSD (there might be small differences). We will use Google.com as a hostname and some public IP addresses. You can change them and use them for your purposes.

The basic mtr command 

$ mtr google.com

It will show you the basic statistics: each hop (hostnames) with time and loss%. 

Show numeric IP addresses

$ mtr -g google.com

If you use “-g” you will get IP addresses (numbers) instead of hostnames. You can use the IP addresses with another tool for further diagnosis.

Show the numeric IP addresses and hostnames too

$ mtr -b google.com

Now you will see both hostnames and IP addresses. The addresses will be inside brackets. 

Set the number of pings that you want to send 

$ mtr -c 10 google.com

In this case, you are setting the number of pings that you want to send (10 in this case). You can set it to a big number like 1000 to check a hostname for a longer period and get a better idea of the connectivity. 

Get a report of the MTR command result

$ mtr -r -c 10 google.com >mtr-command-google

or

$ mtr -rw -c 10 google.com >mtr-command-google

We do that with the “-r”. Here we have set the number of pings to 10, and the last part, “mtr-command-google”, is the name that you can change the way you like. 

When you use the “-rw” you can get a cleaner report, easier on the eyes.

Rearrange the report 

$ mtr -o “LSDR NBAW JMXI” google.com

The “-o” is for output. You can change the report format with this code, so you get the information the way you like. 

Time intervals between ICMP ECHO requests

$ mtr -i 10 google.com

With “-c”, we set the number of pings. With the “-i” you set the time interval between the ICMP ECHO pings. 

Use TCP 

$ mtr –tcp google.com

Force the use of the TCP instead of the ICMP. 

Use UDP

$ mtr –udp google.com

Force the use of the UDP instead of the ICMP. 

Set the maximum amount of hops 

$ mtr -m 35 216.58.223.78

We will use “-m” and a value of 35 to a specific IP address. You can change it to a more significant value if the query does more hops on the way. 

Define the packet size

$ mtr -r -s 50 google.com

You can decide the specific packet size for the pings. In this example of a MTR command, we are using 50 bytes. 

Print to CSV Output

$ mtr –csv google.com

Use it if the CSV format works better for you than the traditional report. 

Print to XML Output

$ mtr –xml google.com

Use it if the XML format works better for you than the regular report. 

More information and help

$ man mtr

or

$ mtr –help

Those two commands can give you more information about the MTR command and how to use it

MTR and Traceroute, Ping, Nslookup, Host, and Dig

MTR is a powerful yet versatile network monitoring and troubleshooting command, and in combination with Traceroute, Ping, Nslookup, Host, and Dig, you can have a complete overview of your network. Let’s look at them in more detail:

The traceroute command is a valuable utility for measuring the latency between two points on a network. By running a traceroute, the user can view all of the hops between two systems and quickly identify network problems such as packet loss or slow speeds.

For more basic load measuring, the ping command is often used. It measures latency, packet loss, and other metrics between two devices on the network. Ping is a simple tool that is easy to understand and use, making it a popular choice for those just starting with network monitoring.

The nslookup command (abbreviated from “name server look-up”) allows users to query domain name servers from a command line interface. This command can be used to query a DNS server for a specific domain name or IP address, obtaining information about the associated record and the underlying DNS records. nslookup is a helpful tool for troubleshooting name resolution problems and verifying the results of another name resolution query.

The host command is an alternative to nslookup, providing advanced features such as recursion and low-level control over the query process. It allows users to perform DNS lookup operations in bulk, as well as query a DNS server for multiple records in a single command. It provides more control over the entire name resolution process than nslookup and is a valuable troubleshooting tool for more complicated name resolution issues. 

The dig command (short for “domain information groper”) is a robust DNS troubleshooting tool that provides a variety of features and settings for configuring and optimizing DNS queries. Unlike nslookup and host, dig allows users to send numeric requests, giving them more control over the behavior of their DNS queries. It also provides detailed information about the results of its queries, making it a great choice for more experienced users who are looking for in-depth analysis of the DNS records.

Security Concerns with MTR

The Linux MTR command offers a range of benefits for managing and troubleshooting networks, but it is important to consider the security implications of using it. Here are some of the most common security concerns with MTR: 

First, MTR commands can potentially reveal private information. For example, the command may reveal the operating system running on a remote machine or the precise network path between two computers. This can facilitate attacks and data breaches, as malicious actors can use this information to launch more targeted attacks.

Second, MTR commands can also be used to initiate Denial of Service (DoS) or DDoS (Distributed Denial of Service) attacks. For example, a malicious user could send multiple MTR requests to a given server to overwhelm it with requests and cause a DoS event.

Finally, MTR commands can be deployed in networks to gain unauthorized access. By running MTR commands, a malicious user may be able to discover vulnerabilities in networking configurations and gain access to sensitive data. Any unauthorized access to networked systems needs to be blocked and reported as soon as possible.

Conclusion

The MTR command is a good combination of two popular tools: Ping and Traceroute. It is easy to use and can be found on different OSes. Using the MTR command efficiently and effectively measures network latency, identifies potential issues, and troubleshoots connections.

 

(Visited 17,594 times, 6 visits today)
Enjoy this article? Don't forget to share.
Tags: , , Last modified: February 8, 2024
Close