Fortinet black logo

CLI reference

Home FortiNDR 7.0.2 CLI reference
7.0.2
7.4.3
7.4.2
7.4.1
7.4.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0

execute traceroute

execute traceroute

Use this command to use ICMP to test the connection between FortiNDR and another network device, and display information about the time required for network hops between FortiNDR and that device.

Syntax

execute traceroute {<fqdn_str> | <host_ipv4>}

Variable

Description

Default

traceroute {<fqdn_str> | <host_ipv4>}

IP address or FQDN of the host.

Example 1

This example tests connectivity between FortiNDR and http://docs.fortinet.com. In this example, the trace times out after the first hop indicating a possible connectivity problem at that point in the network.

execute traceoute docs.fortinet.com

traceroute to docs.fortinet.com (65.39.139.196), 30 hops max, 38 byte packets

1 172.16.1.200 (172.16.1.200) 0.324 ms 0.427 ms 0.360 ms

2 * * *

Example 2

This example tests the availability of a network route to the server example.com.

execute traceroute example.com

The CLI displays the following:

traceroute to example.com (192.168.1.10), 32 hops max, 72 byte packets

1 172.16.1.2 0 ms 0 ms 0 ms

2 10.10.10.1 <static.isp.example.net> 2 ms 1 ms 2 ms

3 10.20.20.1 1 ms 5 ms 1 ms

4 10.10.10.2 <core.isp.example.net> 171 ms 186 ms 14 ms

5 10.30.30.1 <isp2.example.net> 10 ms 11 ms 10 ms

6 10.40.40.1 73 ms 74 ms 75 ms

7 192.168.1.1 79 ms 77 ms 79 ms

8 192.168.1.2 73 ms 73 ms 79 ms

9 192.168.1.10 73 ms 73 ms 79 ms

10 192.168.1.10 73 ms 73 ms 79 ms

Example 3

This example attempts to test connectivity between FortiNDR and example.com. However, FortiNDR cannot trace the route because the primary or secondary DNS server that FortiNDR is configured to query cannot resolve the FQDN example.com into an IP address, and so it does not know to which IP address it should connect. As a result, an error message displays.

execute traceroute example.com

traceroute: unknown host example.com

Command fail. Return code 1

To resolve the error in order to perform connectivity testing, the administrator would first configure FortiNDR with the IP addresses of DNS servers that are able to resolve the FQDN example.com.

Previous
Next

execute traceroute

Use this command to use ICMP to test the connection between FortiNDR and another network device, and display information about the time required for network hops between FortiNDR and that device.

Syntax

execute traceroute {<fqdn_str> | <host_ipv4>}

Variable

Description

Default

traceroute {<fqdn_str> | <host_ipv4>}

IP address or FQDN of the host.

Example 1

This example tests connectivity between FortiNDR and http://docs.fortinet.com. In this example, the trace times out after the first hop indicating a possible connectivity problem at that point in the network.

execute traceoute docs.fortinet.com

traceroute to docs.fortinet.com (65.39.139.196), 30 hops max, 38 byte packets

1 172.16.1.200 (172.16.1.200) 0.324 ms 0.427 ms 0.360 ms

2 * * *

Example 2

This example tests the availability of a network route to the server example.com.

execute traceroute example.com

The CLI displays the following:

traceroute to example.com (192.168.1.10), 32 hops max, 72 byte packets

1 172.16.1.2 0 ms 0 ms 0 ms

2 10.10.10.1 <static.isp.example.net> 2 ms 1 ms 2 ms

3 10.20.20.1 1 ms 5 ms 1 ms

4 10.10.10.2 <core.isp.example.net> 171 ms 186 ms 14 ms

5 10.30.30.1 <isp2.example.net> 10 ms 11 ms 10 ms

6 10.40.40.1 73 ms 74 ms 75 ms

7 192.168.1.1 79 ms 77 ms 79 ms

8 192.168.1.2 73 ms 73 ms 79 ms

9 192.168.1.10 73 ms 73 ms 79 ms

10 192.168.1.10 73 ms 73 ms 79 ms

Example 3

This example attempts to test connectivity between FortiNDR and example.com. However, FortiNDR cannot trace the route because the primary or secondary DNS server that FortiNDR is configured to query cannot resolve the FQDN example.com into an IP address, and so it does not know to which IP address it should connect. As a result, an error message displays.

execute traceroute example.com

traceroute: unknown host example.com

Command fail. Return code 1

To resolve the error in order to perform connectivity testing, the administrator would first configure FortiNDR with the IP addresses of DNS servers that are able to resolve the FQDN example.com.

Previous
Next