Network Path Analysis with mtr

mtr stands for “My Traceroute” and, in a nutshell, it’s traceroute on steroids. They both work the same way: a host sends probing packets to routers, measures and reports latency and packet loss.

mtr takes that to the next level by giving you the ability to run the probe packets continuously and produce statistics and baselines automatically over the number of probing packets.

mtr Installation

To install it on Debian based Linux hosts you just have to type:

apt-get install mtr

If your host doesn’t already have the libraries that mtr depends on, you may need up to 60MB of disk space for the installation.

In most systems, that won’t be a problem, but it’s something to keep in mind.

How it Works

There are two main types of information it provides: packet loss and latency per hop. As an example, let’s run mtr against baidu.com. If you type mtr baidu.com, mtr launches an interactive console and runs continuously until you decide to stop it by pressing ‘q’.

                                 My traceroute  [v0.85]
panos-DX4870 (0.0.0.0)                                Mon Mar 23 21:48:19 2020
Keys:  Help   Display mode   Restart statistics   Order of fields   quit
                                          Packets              Pingsa
 Host                                Loss%   Snt   Last   Avg  Best  Wrst StDev
 1. 172.31.0.1                       0.0%   136    0.3   0.3   0.2   0.4   0.0
 2. 192.168.1.254                   27.9%   136    5.0   6.9   2.3  48.7   4.8
 3. 108-193-0-1.sbcglobal.net        3.7%   136    8.8  14.2   6.3  28.8   4.4
 4. 71.148.135.196                   0.0%   136    6.0 602.8   4.6 3033. 693.8
 5. cr2.sffca.ip.att.net             0.0%   136   11.8  15.5   7.6  89.9   7.5
 6. 12.122.114.5                     0.0%   136   13.0  14.1   7.7 103.5   8.4
 7. 192.205.32.78                    0.0%   136   13.0  17.6  10.0  58.6   5.1
 8. 202.97.50.61                     0.0%   136   18.4  17.1  11.1  27.5   3.1
 9. 202.97.59.105                    0.0%   136  170.2 170.7 164.5 204.8   4.4
10. 202.97.12.61                     0.0%   136  173.3 175.3 170.4 198.3   3.5
11. 202.97.18.213                   21.3%   136  164.2 164.9 159.3 176.4   2.7
12. 180.149.159.22                  60.7%   136  163.7 162.0 158.7 172.9   2.1
13. 218.30.112.121                  61.8%   136  186.4 191.5 181.3 229.9  12.8
14. ???
15. 220.181.17.146                  25.2%   136  169.1 173.6 167.8 190.4   3.7
16. ???
17. ???
18. ???
19. ???
20. 220.181.38.148                  20.1%   134  183.8 176.3 170.9 201.9   3.9

Here is what each column displays:

1st column: The IP or name of each hop
2nd column: Percentage of packet lost per hope
3rd column: Number of packets sent
4th column: Latency as measured on the last packet sent
5-8th column: Average, best, worst and standard deviation of the latency for each hop

mtr has the limitations of the traceroute: if a route has rate limiting or completely rejects ICMP traffic, then mtr (and traceroute) will display a high packet loss, but in reality normal data traffic might not experience any loss.

In the above example, on the second hop we see a packet loss of 27.9% on my home router (192.168.1.254), which would raise an alert. On hop 3, we see a 3.7% packet loss, which tells us that the 27.9% packet loss we see on hop 2 is most likely due to ICMP rate limiting by the router and not actual packet loss.

Compare that with the columns 11-20: we see that the packet loss after hop 11 is at least as high as 21.3%. That tells us that the packet loss is real, and the subsequent hops are impacted by the packet loss on hop 11 as well as whatever other new losses come into play. Of course, part of the packet loss can be ICMP rate limiting as well.

Other options

To get more details on the available mtr options you can read either the manual with  man mtr or press ‘h’ during the interactive console. Among others, you are able to run mtr with a predetermined number of packets and print a report at the end with mtr baidu.com --report. You can specify the interval between each packet and the packet size with mtr baidu.com --interval 2.

During the interactive console if you hit the option ‘j’ (j stands for jitter) you get the following output:

   Packets               Pings
 panos-DX4870 (0.0.0.0)                                 Mon Mar 23 21:48:19 2020
 Keys:  Help   Display mode   Restart statistics   Order of fields   quit
 Host                                Drop   Rcv    Avg Gmean Jttr Javg Jmax Jint
 1. 172.31.0.1                          0    28    0.3   0.3  0.0  0.0  0.1  0.3
 2. 192.168.1.254                       1    27    5.5   5.4  1.3  1.1  3.3 13.5
 3. 108-193-0-1.sbcglobal.net           0    28   12.2  11.7  7.4  4.1 12.2 62.1
 4. 71.148.135.196                      0    28  452.1 103.5  0.3 230. 1171 2418
 5. cr2.sffca.ip.att.net                0    28   18.7  15.1  1.7 11.8 127. 110.
 6. 12.122.114.5                        0    28   14.7  12.5  3.4  7.9 79.9 77.5
 7. 192.205.32.222                      0    27   14.3  13.6  2.8  3.8 32.3 47.0
 8. 920-sjo-b21.c.telia.net             0    27   12.8  12.7  1.3  1.5  5.4 21.4
 9. 221.183.30.177                      0    27  439.1 193.0  0.8 545. 7329 3259
10. 221.183.25.118                     12    15  244.3 244.2  6.2  6.0 17.5 62.5
11. 221.176.24.5                        8    18  654.4 310.1  4.1 803. 7168 5713
12. 221.176.15.209                      9    17  284.3 284.1 46.7 11.3 46.7 139.
13. 221.183.62.138                     16    11  296.3 296.0 11.6 10.5 22.5 83.5
    221.183.19.50
14. 111.13.0.174                       18     8  292.5 292.4 10.2 11.1 31.3 74.5
15. 39.156.27.5                         8    19  292.1 292.0  2.3  7.8 22.1 94.2
    39.156.27.1
16. ???
17. ???
18. ???
19. ???
20. ???
21. 39.156.69.79                       13    14  2559. 404.7 17.7 4550 3179 4766

Now the jitter information is visible per hop in terms average, geometric mean, and others. The jitter information can be really useful when troubleshooting VoIP issues where latency and jitter play a big role. 

decoration image

Get your free trial now

Monitor your network from the user perspective

You can share

Twitter Linkedin Facebook

Let's keep in touch

decoration image