My translation.
If you are working as a network administrator, a system administrator or in any operational group, you may have heard about the Traceroute Tool. This is a very convenient tool available by default in many operating systems.
Network and system administrators use this tool in daily operation. This is essentially a convenient network diagnostic tool. There are three main tasks of Traceroute tool. These tasks performed by Traceroute are giving an understanding of your network error.
- The full path that passes the package.
- Names and identification of routers and devices on the way
- Network delay or, more precisely, the time needed to get and send data to all devices on the way
This is a tool that is used to check the path that your data pass to achieve the goal without actual data sending.
As I wrote, always well understand how some tool works. Because this is not the tool that will help you understand and eliminate the problem. But this is a tool that will always give you an idea of \u200b\u200bthe problem. How to use the command can always be found online or even in manual and information pages on Linux.
In this article, I will explain the work of Traceroute and Traceroute Tool Types and their differences. We will also consider different parameters available for the traceroute command in Linux
First the main thing
Each package that you send on the Internet has a field called TTL. TTL means time to live. Although it is called the time of life, in reality it is not time in seconds, but a completely different story.
TTL does not change or the number of seconds nor the number of hops. it maximum amount Hop that the package can go through the network before being destroyed.
Hops - this is nothing more than computers, routers or other devices that come between a source and destination
What would happen if there was no TTL at all? If there were no TTL, the IP packet would have flowed infinitely from one router to another and further, and further, infinitely looking for an appointment. The TTL value is set by the sender within the IP packet (a person using the system or sending package does not notice these things that occur "behind the scenes", but this is automatically processed by the operating system)
If the purpose is not found after passing too much the number of intermediate routers (hops), and the TTL value becomes zero (which means that there is no further passage) the receiving router destroys the package and informs the initial sender.
The initial sender is informed that TTL has expired, and it cannot transfer the package further.
Let's say that I need to reach the address 10.1.136.23, and my TTL is 30 hops, which means that I can follow the maximum of 30 hops to achieve the goal before the package is destroyed.
But how are the routers along the path define that the TTL limit is achieved? Each router along the path between the source and assignment continues to reduce the TTL value before sending the next router. Which means that if I have a default TTL is 30, my first router will reduce it to 29 and send the next router along the path.
The receiving router makes it equal to 28 and sends the following, etc. If the router receives a package with a TTL equal to one (this means that there are no further displacements or shipments), the package is destroyed. But the router that destroys the package informs the initial sender that TTL Value Has Exceeded! (the lifetime of the package has expired)
Information sent by the router that received a package with a TTL equal to one is called " ICMP TTL Exceeded Messages". Of course, on the Internet, when you send something to the recipient, the recipient recognizes the address of the sender.
Therefore, when the ICMP TTL Exceeded message is sent by the router, the initial sender learns the address of the router.
Traceroute uses TTL Exceeded messages To detect routers that are found on the path to the target (since these messages sent by the router contain its address).<>/ P\u003e
But as Traceroute uses the message "TTL Exceeded" to find out which routers / hops between them?
You must be thinking, / PCTO "TTL Exceeded" is sent only by the router, which receives a package with TTL 1. It is true, each router between you and the recipient will not send TTL exceeded messages. Then how can you find addresses of all routers / hops between you and the appointment? So after all, the main goal of traceroute is to identify hops between you and the appointment.
But you can use the behavior of TTL exceeded messages / hop routers along the way, purposefully sending packets with TTL equal to 1
See the approximate scheme of the entire process on the diagram where the sender uses Traceroute to one of the servers in a remote location.
Let's look at what is as follows the scenes. When I launch the traceroute -n 8.8.8.8 command, what does my computer do? - Sends the UDP package. (Yes, UDP. Do not worry, we will discuss it in detail). The UDP package contains the following:
- My address of the sender
- Appointment address (8.8.8.8)
- And the number of the destination port, which is incorrect. It certains that Traceroute sends a package to the UDP port, ranging from 33434 to 33534, which is not commonly used.
Let's see how it works
Step 1. My sender's address creates a package with the address of the destination 8.8.8.8 and the nasal port between 33434 and 33534. And most importantly, what he does - it makes TTL value equal to 1
Step 2. Of course, my package reaches a gateway server. Having obtained my package, the gateway reduces the TTL per unit (all routers / hops between the TTL are reduced by 1). When TTL decreases to 1 (1-1 \u003d 0), the TTL value becomes zero. Therefore, my gateway server shows me back TTL Time Exceeded. Please remember that when my gateway server sends TTL Exceeded to me, he sends me the first 28 bytes of that package that I expelled.
Step 3.: Having received this message "TTL Time Exceeded", my Traceroute program will be able to find out the address and other information about the first hop, which is my gateway server.
Step 4.: Now the trace program will again send the same UDP package with an appointment of 8.8.8.8.8 and a random UDP port of destination from 33434 to 33534. But this time I will do the original TTL \u003d 2. As a result, my gateway or router will reduce it to 1, and then give this packet to the next hop / router (the packet sent by my gateway to the next node will have TTL 1).
Step 5.: When receiving a UDP package, the next transition to my lumpy server will again reduce it to 1, which means that now TTL has again become 0. Therefore, he will send me from there ICMP Time Exceeded message with the source address as well as the first 28 bytes of the packet header, which I've posted.
Step 6.. When receiving TTL Time Exceeded, my Traceroute program learns the IP address of the router / hop and shows it on the screen.
Step 7.. Now my Traceroute program will again create the same UDP package with a random UDP port and destination address 8.8.8.8. But this time the TTL value is three, so TTL automatically becomes zero when it reaches the third hop / router (I ask you to remember that my gateway and the next Hop reduces it per unit). So he will answer me a TTL Time Exceeded message and my Taceroute program will learn about the router / hop IP address
Step 8.: Having received this answer, the Traceroute program will create a UDP package once again, this time with the value of TTL \u003d 4. If I get TTL TIME Exceeded and for him also, then my Tracerout program will send a UDP package with TTL \u003d 5 and so on.
But as my Traceroute program learns that the end item 8.8.8.8 will be achieved? The trace program learns about this as: when the initial receiver of the package 8.8.8.8.8 (remember that all UDP packets had the address of the recipient 8.8.8.8) receives a request, he will send me a message that will be completely different from all messages " TTL Time Exceeded".
When the initial recipient (8.8.8.8.8) gets my UDP package, he sends me a message " ICMP DESTINATION / PORT UNREACHABLE". This should happen because we always send a random UDP port between 33434 to 33534. Therefore, my Traceroute program will know that we have achieved the destination destination and stop sending any additional packages.
Now everything that is described in words is called the theory. We need to confirm this by running TCPDUMP during traceroute. Let's look at the TCPDUMP output. Please pay attention to that, then I do not show you the complete output of TCPDUMP, since it is too long.
Run Traceroute in the same terminal of your Linux machine. And in another terminal, run TCPDUMP to see what is happening.
The output above shows only UDP packets sent from my car. I will show the response messages separately to be clearer
Pay attention to the TTL in each row. It begins with a TTL equal to one, then 2, and then 3 to TTL equal to 6. You may seem strange why my server sends 3 UDP messages with TTL \u003d 1, and then 2, and then 3?
The reason for this is to calculate the average passage time. The Traceroute program sends three UDP packages for each hop to measure the exact average packet time. The average time of passage is nothing more than a time in milliseconds, which was required for sending, and then receiving the answer. I intentionally did not mention it at the very beginning to avoid confusion.
Thus, the lower line of my Traceroute program sends three UDP packages to each hop to simply calculate the approximate time of passage. therefore trackeroute output Shows these three values. Let's look closer to the TRACEROUTE pin. It shows three meanings in Miliseconds for each hop to get a clear idea of \u200b\u200bthe time of passage.
Now let's see, the answer we got from all hops through TCPDUMP. Please note that the response messages that are below are part of the same TSRDUMP, which I started earlier, but show them separately to be clearer.
Another one interesting thingTo note that every time my program sends various random UDP port numbers. This is to determine which packages belongs to the answer. As mentioned earlier, the response message that the hops sends and the addressee contains the title of the source package, which we sent, so the Traceroute program can accurately calculate exact time passing (for each of the three UDP packages sent to each hop), as it can easily determine the answer and compare. Random port numbers are a kind of identifiers to determine the response.
The response messages look like shown below.
Please note that ICMP Time Exceeded messages are shown above (I did not show all the responses)
Now let me show the last message that is different from ICMP Time Exceeded. This Destination Port Unreachable message (destination port is unattainable), as mentioned earlier. And the Traceroute program learns that our goal is achieved.
Please note that there are three answers from 8.8.8.8 by my Traceroute program. As mentioned earlier, Traceroute sends three identical UDP packages with different ports to simply calculate the exact time of passage. The final destination is no different.
Different types of Traceroute programs
There are various types of Traceroute programs. Each of them works a little in its own way. But their overall concept is the same. All of them uses the TTL value.
Why are different implementations? This is because you can use the one that applies to your environment. If we assume that the firewall blocks UDP traffic, then you can use another tracing for this purpose. different types Led below.
That we used earlier - UDP tracing. This is the default protocol used by Traceroute in Linux. Nevertheless, you can ask our Traceroute utility in Linux to use the ICMP protocol instead of UDP using the following command.
[Email Protected]: ~ # traceroute -i -n 8.8.8.8
ICMP for traceroute works just like UDP Traceroute. Traceroute program will send ICMP ECHO queries and hops between them will respond to ICMP messages " ICMP Time Exceeded"(Time has expired). But the destination will send an ICMP ECHO response. Tracert command available in operating system Windows, default uses the ICMP route trace method.
And the latter is the most interesting. It is called tcptraceroute. It is used because almost all firewalls and intermediate routers allow you to transmit TCP traffic. And if the Package is port 80, which is a web traffic, most routers skip this package. TCPTRACEROUTE Default sends TCP SYN requests to port 80.
All routers between the source and destination will send the message "TTL TIME EXCEEDED" (TTL time expired), and the addressee will send either the RST package if the port 80 is closed or SYN / ACK. (But TCPTraceroute does not create a TCP connection. When receiving a SYN / ACK package, the trace program will send the RST package to close the connection). Consequently, the trace program becomes known that the goal is achieved. Pay attention to the fact that the -n option that I used in the previously shown Traceroute command will not resolve the DNS names. Otherwise, tracing will send DNS requests for all hops that she will meet on the way.
Now the main question is which trace should I use: ICMP, UDP or TCP?
It all depends on the environment. If we assume that intermediate routers block a specific protocol, you must try to use another.
There are in a network life (especially with Dial-UP users 😉 moments when it is impossible to reach some host (I often www.microsoft.com; - |) - here to help and this utility will come (in Windows - Tracert .exe). With its help you can try to determine on which site of the IP network there was a failure - whether the host fell, or the brake provider, or with you with the IP connection of Khrenovo :).
But for which I truly love Tracert - this is for the opportunities for the study of IP networks, which it gives - and they are different, scale and on targetedness;). The first step can be a study of the subnet of its provider. With the help of Traceroute, you can explore the network itself, applying the theoretical knowledge in practice - about routing, DNS servers, backclones, subnets, but you never know what else;).
How it works?
First you need to recall the IP packet header format, or rather one of its fields - TTL (Time to Live). This eight-bit field sets the maximum number of hops (HOP - "jump" - passage of the datagram from one router to another) during which the package may be on the network. Each router,
Processing this datagram, performs the operation TTL \u003d TTL-1. When TTL becomes zero, the router destroys the package,
The sender is sent to an ICMP message Time
Exceeded.
The utility sends a package with TTL \u003d 1 in the direction of the specified host, and waits from whom the answer will return Time Exceeded. The responding is written as the first hop (the result of the first step on the way to the goal). Then sequentially packets are sent to TTL \u003d 2, 3, 4, etc. In order, until at some TTL value, the package does not reach the goal and will not receive an answer from it.
* Nix Traceroute sends towards the specified Host UDP packets to an arbitrary port - most likely not occupied by another service (for example 28942, 30471) or reserved, for example 0, default - 33434. First, a series of 3 such packages is sent to TTL \u003d 1, after the arrival of answers, the passage time is measured and determined domain name transit node (although it depends on the specified options). Then, the next series of packages with the same TTL are sent intended to identify the same hop. At the end, we get from the final host, the port unreachable (port is not available), which means completing trace.
The standard Windows Tracert console works exactly as well, but sends only ICMP ECHO Request packages.
I myself willingly use both the standard tracert and engaged in Cyberkit (quite a good utility
Even the NECROSOFT Quick Traceroute). Under Linux, I can't advise anything else - I just used the standard Debian "Ovsky Traceroute :).
In conclusion, I will say, do not be afraid to experiment - it is only so possible to "understand" a real "understand". Look for information and use it. Good luck.
Practical classes No. 03-006
TRACERT network utility (Traceroute in Linux, Cisco iOS, Mac OS). Principles of work and use.
Utility tracert. used to study IP packet routes in networks operating using TCP / IP protocol stack including global Network Internet. When using this program, it is necessary to remember that when it works, a sufficiently large number of IP packets are generated both on your host and in intermediate routers. This creates an additional load on the network.
tracert. [- d.] [- h.maximum number] [- j. list of nodes] [-w. interval] [quality_name_computer]
Options:
- d.refusal to resolve IP addresses of intermediate nodes in names
- h.maximum numbermaximum number of transitions (jumps) when searching for a node assignment
-J. list_usesspecifies the use of the free routing parameter in the IP title with a set of intermediate destination points specified in list_uses (now practically not supported on mascrouses)
-w. intervalspecifies in milliseconds the waiting time of each answer
quality_name_computerspecifies the destination point identified by the IP address or node name.
The utility operation is based on manipulating the contents of the standard header fields and the IP packet header options. The main tool utility is the contents of the field "Life Life" (or TTL) field.
The required element is the IP address or name of the destination node.
Having received it from the user, the utility sends a series to the network (usually three) packets to this address with a set TTL value equal to 1. There are no chances to reach the addressee. And such a package it is obliged to destroy after the expiration of the allowed lifetime on the network. But at the same time, the router is obliged to send an ICMP to the sender of this package message about its tragic fate (type 11, code 0).
As a result, your computer will very quickly get three notifications about the destruction of previously sent packages. Praying the departure time and fixing the time for receiving ICMP notifications, the TRACERT utility is not difficult to calculate the average response time, which is displayed on the screen.
The next series of packages with TTL is then sent to 2, and so until the packets have reached the destination.
When the address of the host or router comes addressed to it with TTL, which reached 1, it is accepted. Since there is no need to send it further, ICMP message about the expiration of the lifetime will not be generated.
To find out that tracing has been successfully completed, all series of packages are sent with UDP messages in them, indicating the portion of the port number that does not exist at the recipient. On intermediate routers, it does not matter, but the recipient, failure to use invested information, it turns out to be forced to report this to the sender using the same ICMP protocol, but with other values \u200b\u200bof type (3) and code (3) messages.
Such a message is interpreted by the sender as confirming the completion of the trustee.
An important feature of the TRACERT utility is the ability to find out the names of intermediate nodes. This allows you to make an idea of \u200b\u200bthe organizational structure and geographical location of the route of the packets.
Nizar names are based on the domain name system (DNS):
Formally, users and programs can apply to hosts, postal boxes and other Internet resources for their IP addresses, but if the "memorization" procedure program does not differ from the "memorization" of any other 4-bytes of any type of information, then for the user to memorize the digits of the form 111.124.133.44 it is hard just from the point view of the device of our memory. In addition, identifying any services with IP addresses of hosts or servers, on which they function extremely hampered by the procedure of their transfer if necessary. To account for the "human factor" and separating machine names from their addresses, it was decided to use text ASCII names. However, the network understands only numerical addresses, so you need a mechanism for converting ASCII rows to IP addresses.
When everything just started, in the ARPANET network, the correspondence between text and binary addresses was stored in special files , in which all hosts and their IP addresses were listed. In a network, consisting of several hundred large cars, such an approach worked quite acceptable.
But when thousands of workstations were connected to the network, problems arose: the number of records that needed to be stored, and centralized management of all hosts of the giant international network was quite difficult.
To solve these problems was developed domain name service (DNS,DOMAIN NAME SYSTEM). This system is used to convert host names and destination. email IP addresses, but also can also be used for other purposes. The definition of the DNS system was given in RFC 1034 and 1035.
The domain name is a name consisting of words separated by dots. The left word of the name refers to the host. All other words form the name of the domain. The name system has a hierarchical, tree structure.
Each node (mugs in the figure) has a label to 63 characters long. Tree root is a special knot without a label. Tags may contain capital letters or small. Domain Name for any node in a tree is a sequence of tags that starts with a node of the root of the root, while the labels are separated by points. (Here is seen the difference from the usual file Systemwhere the full path always starts from the top (root) and lowers down the tree.) Each tree node must have a unique domain name, but the same labels can be used at different points of wood.
There is a root name denoted by the "." Symbol, it is often not written in the domain name. There are first level domain names. They are divided into 2 categories - the names of the domains of the territories and the names of domains of subject areas. The names of the second level domains and subsequent can be anyhow, it cannot exist two identical domain names or hosts. So, if N i is the domain name of the i-th level, and the T- word, then the domain name I + 1 level is formed according to rule N i +1 \u003d T + N i. The domain name that ends with a point is called the absolute name of the domain (Absolute Domain Name) or the full domain name (FQDN - Fully Qualified Domain Name).
We emphasize once again that since IP addresses uniquely identify hosts on the network, there is a mutually unambiguous relationship between multiple host names and multiple addresses.
This relationship is set by a table in which so many entries of the type of host, IP address, as there are domain names of hosts. When the new host name is named, the table must be added if the existing one is renamed, the recording must be changed. It is convenient to use such a name system, because they are easily remembered and are not attached to geographically localized IP networks. Transferring the named resource from one host to another, you just need to change the record for its name in the names table. On one site it is difficult to contain such a table for the Internet and cannot be maintained up to date.
DNS database is distributed. The hierarchical name system corresponds to the hierarchical system dNS serverswhich contains table fragments. Ideally, a separate name server should exist for each domain. In any level name server database, records of all subsidiary domains of the next level should be contained. All domains of the first level are contained in the root server database (Root Name Servers). They are served by the NIC organization.
In reality, the base for several domains can be placed on one host, and the same or intersecting bases can be located on several hosts. The branch of the name tree, located under a single control, along with hosts, on which the database of this tree branch is called the DNS zone. Usually in the zone there is one main DNS server (Primary Name Server) and several backup (Secondary Name Servers). Changes in the zone are entered into the primary zone server database, followed by duplicating this information to the secondary servers.
The process of transmitting information from the primary server is secondary called the zone transmission (Zone Transfer). When a new host appears in the zone, the administrator adds the appropriate information (minimum, name and ip address) to the disk file on the primary server. Secondary servers regularly poll primary (usually every 3 hours), and if the primary contains new information, the secondary receives it using the transfer of the zone.
Based on the specified functionality of the system and its structure, it follows that the protocol must include two components - the name-resolution protocol in the IP address and data exchange protocol between the distributed database nodes, in particular, between the main and backup zone servers.
Address resolution system.
In order for the TCP / IP protocol software to use the names service, the IP address of the name server should be specified in the stack settings, which includes a host or other server that accepts requests from the host network. When the application element uses a domain name to designate the second side in a session, the IP address resolution process is initiated. The application element of the host names sends a request to the name server. If the name server can resolve the address, it sends a response containing this address. If the name server cannot allow the query, it can initiate two name permissions scenario
the server sends the address of the name server address as part of the response, and the host generates a request to this server (iterative query).
The zone server generates a request to the root server and, having received an answer, saves it in the buffer and sends a response to the host address that requested the service (recursive request).
The response of the server controlling the domain is called authoritative.
Each server names in the Internet must contain in the database of the root servers.
Permission of names . In addition to the main function of resolving the domain name of the host to its IP address, the DNS protocol also provides the opposite resolution of the IP address in the domain name using the reversible zone of the IN_ADDR.ARPA.
It is the possibilities of this protocol that the TRACERT utility is not only successfully operating when setting the trace site in the form of a DNS name, but also provide us with information about the names of intermediate nodes.
Questions for self-test
What is a domain name system and what it is used for.
What is the maximum size of the domain node
What name has a root domain DNS
What types and ICMP messages use the TRACERT utility
What field of the IP packet header is used to task the time of the packets of the TRACERT utility
TRACERT utility parameters
Purpose TRACERT utility and options for its use
Necessary equipment
IBM PC is a compatible computer with a Windows licensed operating system, connecting to local network, Internet access.
Tasks
1. Taking advantage of the TRACERT command Rford the route of the distribution of IP packets to the site www.sgu.ru
2. Taking advantage of the TRACERT command Rfporder the route of the distribution of IP packets to one of the above sites: www. nLA. gOV.. aU. , www. ibge.. gOV.. br. , www. kunaicho.. go.. jP. (You can choose any site outside of Russia).
3. Repeat the trace with the -D option.
4. Describe the DNS structure of the server traced you.
5. Use the services of the service www. iP2 location. com./ demo.. aSPX. (or similar) and determine the approximate location of the intermediate points of the route.
6. Draw a route scheme.
7. Comment on the results.
Report on the performance of work Print or electronic form with the view of copies of the screens of the utility.
The network does not always work as it is required of it, sometimes a certain computer in your local network of the company, or the remote may not respond. It would seem that everything works, everything is connected, but it looks like some of the nodes, on the way from your computer, an error does not have.
The Ping utility allows you to only determine the presence of the problem that the node does not respond, but how to find out where the connection is broken? To do this, the Traceroure utility is applied. In this small instruction, we will look at how to use Traceroute Linux, how to understand its conclusion and determine where the problem is. But first consider how Traceroute works.
You probably already know that all information on the network is transmitted in the form of packages. Data flow is divided by special software On small packages and transmitted through the Internet to the target node, and there is going back.
Each package passes on its path a certain number of nodes until it reaches its goal. Moreover, each package has its own lifetime. This is the number of nodes that the package can pass before it is destroyed. This parameter is recorded in the TTL header, each router through which the package will take place reduces it per unit. When TTL \u003d 0, the packet is destroyed, and the sender is sent to the message Time Exceeded.
The Traceroute Linux command uses UDP packages. It sends a package with TTL \u003d 1 and watches the address of the response node, then TTL \u003d 2, TTL \u003d 3 and so that does not reach the target. Each time it is sent to three packages and the passage time is measured for each of them. The package is sent to a random port, which is most likely not busy. When the traceroute utility receives a message from the target node that the port is not available to the trace is considered completed.
Traceroute utility
Before moving to the examples of working with the utility, let's look at its syntax and main options. Call syntax is very simple:
$ traceroute option address_uzla
The IP address or domain name can be used as an address. Consider the main options:
- -4 or -6 - use IPv4 or IPv6 protocol;
- -I. - use ICMP packets instead of UDP;
- -T. - use TCP packets instead of UDP;
- -F. - do not fragment packages;
- -f. - specify the TTL from which you need to start;
- -G. - transfer the package through the specified gateway;
- -I. - transfer the package through the specified interface;
- -m. - the maximum number of nodes through which the package will pass;
- -Q. - the number of packets sent for the default three;
- -N. - Do not recognize domain names;
- -p. - specify the port instead of the default port;
- -w. - set the time waiting time from the node, by default half a second;
- -r. - use another router instead of the fact that specified in the routing table;
- -Z. - the minimum interval between the packages;
- -U. - use UDP with an increase in the port number;
- -Ul. - Use the UDPLITE protocol;
- -D. - use DCCP protocol;
- --mtu. - specify the size of the package;
- -P. - Protocol, values \u200b\u200bare available: RAW, DCCP, UDPLITE, UDP, TCPCONN, TCP, ICMP.
These are not all options utility, but all the basics you will use. Further, we proceed the practice of how the Linux network tracing is performed.
Network trace examples in Linux
For example, run tracing to the server website:
sudo Traceroute Site
As you can see, the package passed through 6 knots before walking to the target. For each node, three packages were departed and the time of passage was dressed for each of them. And if a problem arises on one of the nodes, now you will know on what.
You probably have a question why the passage time for some nodes is such a long? After all, if you perform Ping, the total time will be much smaller. The fact is that time flows for the path of the package and back. From request to answer. This time, but still need to take into account that routers give the highest priority for incoming packets when for service delays may be longer.
Also, instead of one node you can see the stars traceroute. It does not mean that it does not work. This means that only he did not want to answer us. Let's check anything else, for example, a public DNS Google:
sudo Traceroute 8.8.8.8.
There are already more nodes, and the same situation with asterisks. If an error occurred on the way to the server, we would see it. For example, a node 195.153.14.1 did not answer us and we were able to track the request only to 212.162.26.169.
sudo Traceroute 195.153.14.1.
Sometimes tracing with UDP does not work, it can occur because the firewall blocks all the extra packages. We can use ICMP using the -i option.
sudo Traceroute History.pl.
sudo Traceroute -i History.pl
But tracing can be used not only to detect the cliff in the routers chain. She still has a fairly interesting application for networking. For example, you can try to determine the use of subnets by the provider. Send three requests to different addresses:
sudo Traceroute Site
$ sudo traceroute history.pl
$ sudo traceroute habrahabr.ru
Then compare the conclusions of these commands. You will see that the initial IP addresses are the same. We can conclude that our router 192.168.1.1 is connected to the local network of the provider 195.5.8.0/24, which, in turn, is connected to the network 10.50.50.0/24 where it also gets access to the external network.