My website is down. Now what? Part 3 – Routing

This is part of a series on diagnosing your website outage issues. This is part three; links to the other parts are here.

In Part 1 of this series we covered the overview of what could have broken to cause your website to go down. In Part 2, we started working through those possible issues by diagnosing DNS issues. Now that we know your domain’s DNS is good, we’re going to start looking at the routing. In other words, now that we know where your domain is (DNS), are there any roads to get there (routing)?

Many people misunderstand how the web works. I blame the media and well-meaning explainers for suggesting and continuing to propagate the notion that we “log on” or “visit” websites. The problem with these terms is that they naturally call to mind the concept of “going” to a website which is the exact opposite of how web surfing works. Instead of your browser being some sort of vehicle that goes to websites, it is a static piece of software that sits on your computer and issues demands for websites to come to it. Websites come to you, you do not go to them.

Internet routing imageWhen you click a link or type in a domain name, your browser issues a request across the Internet to that domain’s web server and says “give me that page”. Well behaved web hosts comply and the content your browser requested is downloaded to your computer and your web browser then renders it nicely so you can see and interact with it. In order for this to happen, there has to be a pathway on the Internet that can transfer your web browser’s request to the web server and transfer the response (content) from the web server back to your web browser. Those pathways are called routes and a big part of website troubleshooting involves diagnosing routing issues.

As you might surmise, there are tools for testing routes and the grandaddy of them all is called traceroute because it…traces…routes. For unexplained reasons, Microsoft and Linux have different commands for invoking a traceroute, but the basic functionality is the same. On Windows the command is tracert and on Linux and Mac the command is traceroute.

Routes are comprised of hops. Your request for a website is broken down in to many packets and each packet is forwarded to the destination web server via a series of hops between the many routers that are present between you and the web server. A traceroute sends packets to your web server destination, but it tells each packet to only go one hop further than the last packet. When a packet returns (or times out and doesn’t return) traceroute sends another packet with instructions to go one hop further than the last one. This repeating process ends up mapping the route all the way to the destination web server and it looks something like this.

This particular traceroute does not complete. The *** lines mean that the device at that hop did not respond and eventually it gave up because it doesn’t know how many hops might be left after the last hop to There’s an important lesson about traceroutes in this output and that is that you cannot trust incomplete traceroute information. There are different reasons why traceroutes sometimes do not complete. The Windows implementation of traceroute uses the ICMP protocol which is more likely to complete hops due to how most routers handle ICMP packets. The Linux and Mac implementation of traceroute use UDP packets which are more likely to be dropped and result in incomplete traceroutes. There are also situations where pesky traffic like pings and traceroutes are throttled in some devices so they are dropped one day, but not the next. It’s not an exact science and a traceoute can only be really viewed as one tool, not THE tool, to diagnose routing issues. This doesn’t necessarily indicate a routing problem, however. Note how I am able to bring up the disney website despite the traceroute showing me there is no route to the site.

Screenshot 2016-07-12 at 20.26.07

So what good is a traceroute? Well, it can tell you when the route is good and it can tell you if there is congestion along the way. The lines like “85.310 ms 84.853 ms 85.127 ms” tell you how long the packet took to make the round trip. Those numbers will steadily increase as the packets get farther away but if you see a sudden jump in time that could indicate a congestion problem at a particular hop. However, an incomplete traceroute cannot tell you with certainty that there are routing issues.

Another, less verbose, method of testing a route is to simply ping the site. A ping works much like traceroute except that it just tries to hit the destination web server without bothering to tell you about all the hops along the way and it looks like this:

As part of interpreting this ping, it’s interesting to note that the round trip time is about 84 ms which is very close to the round trip time of the last complete line in the traceroute above. This indicates that the traceroute probably stopped on the very last hop before the web server.

It’s important to note that these route tests only prove that the networking route is good. They do nothing to prove that the web server is functioning properly or what your website loads. The network route is one of the basic building blocks of troubleshooting outages.

Now that the route is proven, it’s time to look at the layers that we discussed in Part 1. That’s the subject of the next post and I will link to it here once it is complete.

Image credit to Stanford University.