Finding out a bad or simply overloaded network link with Linux/UNIX oses

by on April 20, 2006 · 3 comments· LAST UPDATED November 8, 2006

in , ,

Traditionally the traceroute (print the route packets take to network host) and ping (send ICMP ECHO_REQUEST to network hosts) programs are used in a single network as diagnostic tool.

It takes some time to use both tools to diagnose such problem. However, you can use mtr program which is a network diagnostic tool. It is the combination of traceroute and ping programs (in terms of functionality) and works as a single network diagnostic tool.

How mtr works?

Once mtr invoked it starts investigates the network connection between the hosts mtr runs on and HOSTNAME by sending packets with purposely low TTLs (time to live). It will continue to send packets with low TTL, noting the response time of the intervening routers. This allows mtr to print the response percentage and response times of the internet route to HOSTNAME

During this run if you notice a sudden increase in packet-loss or response time is an indication of overloaded link or a bad link.


mtr works on both GUI and curses based terminal interface (good for remote Linux boxes).

To start mtr just type command (default is GUI interface):$ mtr
$ mtr
$ mtr -n router-ip
$ mtr

Force mtr to use the curses based terminal interface:$ mtr -t
An example of failed router ($ mtr

Use mtr from shell/perl script:$ mtr -c 5 -r >/tmp/output.vsnl.routerWhere,

  • -c: Use this option to set the number of pings sent to determine both the machines on the network and the reliability of those machines.
  • -r: This option puts mtr into report mode.
  • -t: Force mtr to use the curses based terminal interface
  • -n: Disable DNS (i.e. not try to resolve the host names)
TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 3 comments… read them below or add one }

1 Anonymous April 24, 2006 at 6:06 pm

Very nice tool. Thanks for this great tutorial.

Edinaldo La-Roque
Author of XFwall


2 Tiago November 8, 2006 at 12:51 pm

Well…great, but…

What criteria is used for distint bad link of link overloaded ? How to identify the diference betwen overloaded and bad link?



3 nixCraft November 8, 2006 at 1:09 pm


if you notice a sudden increase in packetloss or response time is an indication of overloaded link or a bad link.


Leave a Comment

Previous post:

Next post: