traceroute
Use this command to use ICMP to test the connection between the FortiWeb appliance and another network device, and display information about the time required for network hops between the device and the FortiWeb appliance.
To use this command, your administrator account’s access control profile must have at least r
permission to the sysgrp
area. For details, see Permissions.
Syntax
execute traceroute {"<host_fqdn>" | "<host_ipv4>"}
Variable | Description | Default |
Enter either the IP address or fully qualified domain name (FQDN) of the host. | No default. |
Example
This example tests connectivity between the FortiWeb appliance and docs.fortinet.com. In this example, the trace times out after the first hop, indicating a possible connectivity problem at that point in the network.
FortiWeb# execute traceroute docs.fortinet.com
traceroute to docs.fortinet.com (65.39.139.196), 30 hops max, 38 byte packets
1 192.0.2.200 (192.0.2.200) 0.324 ms 0.427 ms 0.360 ms
2 * * *
Example
This example tests the availability of a network route to the server example.com.
execute traceroute example.com
The CLI displays the following:
traceroute to example.com (192.168.1.10), 32 hops max, 72 byte packets
1 172.16.1.2 0 ms 0 ms 0 ms
2 10.10.10.1 <static.isp.example.net> 2 ms 1 ms 2 ms
3 10.20.20.1 1 ms 5 ms 1 ms
4 10.10.10.2 <core.isp.example.net> 171 ms 186 ms 14 ms
5 10.30.30.1 <isp2.example.net> 10 ms 11 ms 10 ms
6 10.40.40.1 73 ms 74 ms 75 ms
7 192.168.1.1 79 ms 77 ms 79 ms
8 192.168.1.2 73 ms 73 ms 79 ms
9 192.168.1.10 73 ms 73 ms 79 ms
10 192.168.1.10 73 ms 73 ms 79 ms
Example
This example attempts to test connectivity between the FortiWeb appliance and example.com. However, the FortiWeb appliance could not trace the route, because the primary or secondary DNS server that the FortiWeb appliance is configured to query could not resolve the FQDN example.com
into an IP address, and it therefore did not know to which IP address it should connect. As a result, an error message is displayed.
FortiWeb# execute traceroute example.com
traceroute: unknown host example.com
Command fail. Return code 1
To resolve the error message in order to perform connectivity testing, the administrator would first configure the FortiWeb appliance with the IP addresses of DNS servers that can resolve the FQDN example.com
. For details, see system dns.