How to use the Linux mtr command
As a Linux sysadmin, you know that the general consensus is to blame every problem on infrastructure, which is your realm. Network engineers, our arch nemeses (kidding), always tell us that, "It's not a network problem." I really hate hearing those words because it means that now the focus is on me, my operating systems, and my hardware. Rather than rely on the word of my sworn enemy (kidding again) to tell me where the problem is, I can proactively investigate the network for myself. The
mtr utility allows me to do it without bothering anyone else or getting stewed during an all-hands, troubleshooting conference call. The
mtr command is a simple but effective network analysis and troubleshooting tool. This brief introduction will get you started.
The following description is from the
mtr command's package information.
Mtr is a network diagnostic tool that combines ping and traceroute into one program. Mtr provides two interfaces: an ncurses interface, useful for using Mtr from a telnet* session; and a GTK+ interface for X (provided in the mtr-gtk package).
*Obviously, this description is somewhat outdated. Replace 'telnet' with SSH.
You might wonder why I'm writing about a utility called My Traceroute (
mtr) when there is
ip, and other tools lying around that can help with troubleshooting network connectivity. Well,
mtr is a little different. It is analogous to the
top command in that it refreshes on its own and gives you a live look at network response and connectivity.
If you don't have
mtr, which lives in
/usr/sbin, install it the usual way with YUM or DNF. The
mtr command is included in the base repository.
$ sudo yum -y install mtr
$ sudo dnf -y install mtr
mtr command is simple to use. There are multiple options for using
mtr, but these are the most useful for my environment. Feel free to explore all of mtr's options. You can't do any damage to your system, or anyone else's, with this command. The
mtr command does not create security issues for you, so use it freely.
[ You might also enjoy: 5 Linux network troubleshooting commands ]
My favorite way to use mtr is with the 'IPv4 only' switch (
-4). The output is limited to IPv4 addresses. This option (switch) doesn't prevent DNS lookups. In other words, if the host resolves to a name, you'll probably see the DNS name rather than just the IPv4 address.
mtr updates in real-time, the following video provides a better illustration of how it works.
mtr continues to refresh until you press
q to quit. As you can see, there was some packet loss at one of the hops. It doesn't seem significant, but that's the type of information you need to see when troubleshooting a network problem or potential network problem.
You can also tell
mtr to report IP addresses rather than DNS resolved names by using the (
-b) option. For this example, I've combined IPv4 only and IP addresses. This is the way I use
mtr. Here's how it looks at the command line and in real-time:
$ mtr -4b google.com
On my system, it seems that IPv6 is the default option, which I don't like, so I always specify IPv4.
$ mtr google.com
And one final real-time display just for fun.
[ Free cheat sheet: Get a list of Linux utilities and commands for managing servers and networks. ]
I think you can see from these demonstrations that
mtr is a valuable command to have in your sysadmin toolbox. It isn't a superfluous command or a "boutique" command that you only use once a year. This is one you'll use over and over again when one, or more, of your users, says "The Internet is slow." A quick
mtr will show you where the problem is—if it's a network problem. Which, of course, we know it never is—until it is.