Learn everything about the Tech World!

MTR command – A network diagnostic tool for Linux

Many network diagnostic tools are already a part of Linux. For example, Nslookup command, Host command, Dig command, Traceroute command, and more. But, sometime in the past, there was a guy called Matt Kimball. He was just not satisfied with the traceroute command in the 90s, so he decided to make a new one – the MTR command.

What is the MTR command?

The MTR command is a great small tool to trace the route to a target and get information for the round-trip. It is an alternative to the common traceroute command and was written by Matt Kimball created in 1997 to perform functions both from traceroute command and ping command. It provides more information in comparison with the other two commands and is just as easy to use on Linux. Roger Wolff further improved the software in 1998, and the name was changed to My Traceroute. 

On Linux, you can use the MTR command straight through the Terminal application. If you don’t have it installed on your Linux distro, you first need to install it.

On Ubuntu, you can do it by typing: sudo apt update. Then press Enter and write your password. After that, type: sudo apt -y install mtr. Again press Enter.

How does it work?

The MTR command sends ICMP (Internet Control Message Protocol) data packets to the target you set. The target that you decide could be a hostname/domain name or an IP address (IPv4 or IPv6). 

You can use it using the following syntax:

mtr option value target

Mtr – shows which command you are using.

Option – it can use one of the following options to improve your probe further:

-h – help.

-v – version.

-r – report. You need to stop it by pressing the “C” key, and after that, you get a report.

-w – extended report.

-c – number of ICMP messages to be sent.

-s – the size of ICMP data packages.

-t – Curses-based terminal interface.

-n – don’t resolve the hostnames.

-g – GTK+ interface.

-p – split – Split-user interface.

-l – Raw output.

-a – address.

-i – seconds between the ICMP messages.

-u –use UDP.

-4 – IPv4 addresses only.

-6 – IPv6 addresses only.

Value – the value of the option, if it applies. An example of this is a number after the “-i” that indicates seconds between the ICMP messages.

When the command sends the pings, it will wait for them to return. The MTR command will show statistics – round-trip time, lost packets if any, and time to reach the hop)

So, the MTR command is a Linux diagnostic tool used to trace the route and see if you have a connection with the target.

How to clear the DNS cache?

Cleaning the DNS cache will remove all the DNS records that were stored inside your computer. After that, there won’t be any A or AAAA records showing which websites you have visited before. Here you can learn to flush the DNS cache!

​Clean the DNS cache on Windows (Windows 11, Windows 10, and more)

  1. Open the Command Prompt. Press “Windows Key + R”, then write “cmd” and open it.
  2. Inside the command-line interface, write “ipconfig /flushdns”, and press the Enter button on your keyboard.
  3. The result will be ready in a few seconds. You will get a configuration message “Successfully flushed the DNS Resolver Cache.

​Clean the DNS cache on macOS (Mojave 10.14, and newer)

  1. Open the Terminal application. To open it, go to Applications and then open Utilities. There you will find the Terminal application.
  2. Type “sudo kullall -HUP mDNSResponder”, and press the Return button on your keyboard.
  3. Insert your password as an administrator of the computer, and press the Return button again.

​Clean the DNS cache on Linux with Name Service Caching Daemon (NCSD)

  1. Start the Terminal application by pressing Ctrl + Alt + T buttons at the same time.
  2. Write down the following command: “sudo /etc/init.d/nscd restart”. Press the Enter button.
  3. Insert your password as an administrator of the computer, and press the Enter button again.

​Clean the DNS cache on Linux with dnsmasq

  1. Start the Terminal application by pressing Ctrl + Alt + T buttons at the same time.
  2. Write down the following command: “sudo /etc/init.d/dnsmasq restart”. Press the Enter button.
  3. Insert your password as an administrator of the computer, and press the Enter button again.

​Clean the DNS cache on Linux with Berkely Internet Name Domain (BIND)

  1. Start the Terminal application by pressing Ctrl + Alt + T buttons at the same time.
  2. Write down the following command: “sudo /etc/init.d/named restart”. Press the Enter button.
  3. Insert your password as an administrator of the computer, and press the Enter button again.
  4. Another command is needed: “sudo rndc restart”. Rndc is the name server control utility.
  5. And now use this final command: “sudo rndc exec

​Clean the DNS cache on ChromeOS

  1. First, open the Chrome browser.
  2. Then open a new tab and write the following: “chrome://net-internals/#dns”. Press the Enter button to confirm.
  3. By doing so, you will be right inside the DNS cache tab. There you will see “Host resolver cache”, and you should click on “Clear host cache”.

Clearing the DNS cache is a simple process, no matter which OS you are using. Just don’t forget to clear it of the browser too. It could have an independent DNS cache that also needs to be flushed.

The future of IPv4

What does IPv4 mean?

IPv4 (Internet Protocol version 4) is a popular and broadly used version of the IP. Thanks to the IPv4 addresses, it is possible to identify devices on the network. It includes 4 numbers between 0 to 255, divided by dots, for instance,, and it uses a 32-bit address space. 

In addition, it is a connectionless protocol. That means it is possible to send the message without any prior adjustment between the two endpoints. So, a device can send the data without examining if the receiver is available and with the requirements for receiving the data. 

It is not a component of the mission of IPv4 to ensure proper delivery.

Moreover, it is not obligated to avoid duplicated delivery, keep the data integrity safe or ensure the order. For all of these tasks, it needs a different type of protocol, such as Transmission Control Protocol (TCP).

To summarize, IPv4 specifies the format, addresses, and routes data.

For these functionalities, it is a fundamental resource for various interconnecting networks, plus transferring data from sources to their targets. Moreover, if the format of the data is too big, it is divided into segments for better transportation.

What is the future of IPv4?

Since the 80s, when IPv4 was introduced, the progress in the digital field has been massive. In addition, the number of people using one or several devices has increased rapidly. Nowadays, there are almost 8 billion people worldwide, and the IPv4 and its 32-bit address provide just a bit more than 4 billion.

So, here appears the problem. With the deficiency of available IP addresses, network administrators are required to reuse IP addresses. Also, they have to control and maintain their IP address pool very carefully.  

The lack of available IPv4 addresses causes their price to go up. Mainly for that reason, the newest IPv6 version is gaining more popularity. 

Benefits of IPv4.

  • Compatibility – Every type of network device, brand-new or old, supports IPv4, and systems support is guaranteed. Now, it is not a concern for systems to operate with this version. Implementing IPv6 involves upgrades, yet it has to go a long way to be supported the same way as IPv4.
  • Easy to write – If it is needed, IPv4 addresses are way more simple to type manually. Compared to IPv6, they are shorter, which means less chances of human mistakes.
  • IPv4’s prefixes are easy. This is handy for networks’ topology logical and physical. They fit easier.

Moving on to IPv6

Eventually, we are going all to shift to IPv6. At the moment, we are gradually transitioning to the newer IPv6 model. It is a slow process, and currently, nearly every person who wants to apply the latest IPv6 additionally adds support for the earlier IPv4. Therefore, it takes more energy to work with the new one. Another difficulty is that not every DNS recursive server supports the latest IPv6 yet.

The IPv6 holds a lot of benefits, such as the amount of usable IPv6 addresses. Actually, there are a lot more than we could ever need. In addition, more reliable security, the opportunity to apply it directly without a NAT device and forwarding, and many more.

DNS resolution: What happens when you access a website?

Thanks to DNS resolution, we don’t even think about what is happening when we click to visit a particular website. It is actually a complete process running behind the scene. It truly happens so fast, and because of it, we are not required to remember and type the difficult IP addresses. Instead, we memorize just the simple domain names, and we can easily connect to our favorite website. So, let’s explain a little bit more about this interesting process!

What does DNS resolution mean?

DNS resolution is a process that is triggered every time you want to connect to a website. After you type the domain name into your browser, it should be translated into machine understandable language. They communicate through numbers. For that reason, each domain name has to be translated into its corresponding IP address. 

In some cases, a domain could have only one IP address, but it could have several IP addresses in other cases. For instance, one of them could be IPv4 and the other one IPv6. The DNS resolution will request both of them. Yet, it is enough for the user to get just one of these addresses, and it will be able to reach the particular website.

Why do we need it?

The process of quick and easy translation becomes necessary long ago. Before the creation of DNS, each IP address was stored in a Host file, which was manually updated. Yet eventually, the devices that wanted to connect to the Internet increased into a higher number that it was not practical anymore to store the addresses that way.

So, the Domain Name System was developed, including the DNS resolution process. Thanks to it, the Internet nowadays is simple and easy to use. We are not required to remember the IP addresses but only the domain names. 

What is the process behind the DNS resolution?

There are several steps in which the DNS resolution is completed. It is initiated when a user desires to connect to a website, a domain name for the first time.

  1. You write a domain name inside the browser. That is how the DNS query is made. After that starts a process for searching the analogous IP address – DNS lookup.
  2. The DNS recursive server receives the query, and it checks if the IP address is still available in its cache memory. If it is the first time requesting that specific domain, the answer won’t be there. So, the DNS recursive server is going to look for the address in the rest of the servers – Root, TLD, and finally, the authoritative DNS server.
  3. The Root server is on the top of the DNS hierarchy, which is the first stop of the lookup. It gives information and directs to the responsible Top Level Domain (TLD) server, for instance, .com, .info, etc. 
  4. The TLD server is going to provide information about which is the responsible nameserver for that specific domain name.
  5. Next, the DNS recursive server can ask the authoritative DNS server for the IP address of the domain.
  6. After receiving the answer, the Recursive DNS server can return to your browser with the needed data to access the website. Moreover, it will keep the IP address in its cache memory if you want to explore the site later.
  7. Finally, the browser loads the website you have typed.

So, now you know what process stands behind the DNS resolution. An how fast it actually happens! 

What are the characteristics of an Authoritative DNS Server?

What is an Authoritative DNS server?

The Authoritative DNS server is an essential part of every DNS network. It stores all of the important DNS data, including the DNS records for a specific domain. That server could belong to a domain registrar or a DNS hosting provider. 

A lot of authoritative servers cover various areas. They also provide responses to the queries, but just for the DNS zones they are set up for.

Every Authoritative DNS server has two main purposes. The first one is to store and keep the database of one or several domain names and their analogous IP addresses. The second duty of this server is to supply the recursive DNS servers with answers such as the accurate IP address for each domain requested by a user. 

It is crucial to remember that the authoritative server does not cache the results of queries. The reason for that is because it operates with the original data that is stored straight in its system.


  1. Primary DNS server (Master DNS server) – It holds the original zone file with all DNS records. The administrator of the DNS zone only makes adjustments to the DNS records here in the Master DNS server. Every Slave DNS server receives the updated data via a mechanism called a zone transfer.
  2. Secondary DNS server (Slave DNS server) – Every Slave DNS server is an actual copy of the Master DNS server. That means different servers are capable of providing an answer to the DNS queries. It is necessary to note that you can’t make any adjustment to the DNS records inside a Secondary DNS server. Yet, you are going to have added points of presence (PoPs) that could reply to queries of the DNS resolvers.

Authoritative DNS server vs. Recursive DNS server

The Authoritative DNS server contains the original source of the DNS data, including the DNS records. On the other hand, the Recursive DNS server could only provide a copy of the DNS data if it’s still accessible in its DNS cache. That depends on the time-to-live (TTL) value established for the various DNS records.   

In case the TTL has been expired, and the data is not available there, the Recursive DNS server is going to produce a whole new search through the Root server, TLD server, when eventually it reaches the Authoritative DNS server. There it is going to receive an answer with the required DNS records finally.

How to check the Authoritative DNS servers?

You can easily check your Authoritative DNS server by using the NSlookup command. It is a simple tool available on Linux, macOS, and Windows. The DNS lookup for the NS DNS records is going to show you all the nameservers for the domain.

First, you have to open the Terminal on Linux and macOS or the Command Prompt on Windows. Next, just write the following:  

nslookup -type=ns

You are going to receive a list of all of the nameservers for that particular domain, plus their analogous IP addresses. Just make sure to replace “” with the domain name you wish to check. In addition, you are able to check every nameserver separately. That way, you examine if they respond accurately.

DNS Record Types Cheat Sheet

In case you are just starting managing your DNS, these DNS record types are fundamental. So, let’s explain a little bit more about them.

SOA record

The acronym SOA stands for Start Of Authority, and it is essential to explain this record first. With it, you can show the origin of the authority DNS zone. This DNS record holds inside very important information about the DNS zone. It is a must-have if you want your DNS network to operate normally. The SOA record points to the primary DNS server. In addition, it stores information for the domain administrator and contact information. It also includes parameters such as the domain serial number and how often it should refresh. It is important to note that there should be just one SOA record for a particular DNS zone.

A and AAAA record

The A record is probably the most well-known of all DNS record types. The reason for that is simple, and it is in use in nearly every DNS system. The purpose of the A (address) record is to map a domain name to its corresponding IP address. Thanks to it, people are not obliged to memorize long and challenging numbers. However, the A record is applicable only when it comes to IPv4 addresses.

On the other hand, the AAAA record comes in handy when we want to map a domain name to an IPv6 address. However, compared to the A record, it is not so frequently used. With increasing the number of devices worldwide, eventually, the IPv6 address and the AAAA record are going to get more popular. 

MX record

The MX (Mail Exchanger) record is another one of the common and essential DNS record types. With it, you are able to point the email server responsible for receiving emails for your domain. It includes the domain name, which points to the hostname of the incoming mail server. Remember, it has to point to a hostname, not an IP address.

It is possible to set several MX records with different priorities and establish a backup in case of some difficulties. This DNS record type is crucial for you if you want to receive emails. 

CNAME record

The CNAME record indicates the actual, canonical domain name for the domain or subdomain. A popular way of implementing this DNS record type is for subdomains. That way, the administration of your DNS becomes easier. You only have to make a CNAME record for each of your subdomains and point it to the domain name. Then, every time you make any modifications to your domain, you don’t have to update the changes over for each subdomain.

PTR record

The PTR record is another fundamental DNS record, which is oftentimes called pointer record. It performs quite the opposite to the A record and it is used for backchecks. It points an IP address (IPv4 or IPv6) to a hostname. It is necessary because the rest of the servers worldwide might require proving that an IP address actually relates to a hostname before accepting a service, involving in communication, or some other action. Therefore, it is principally used a lot in the verification of the host.

7 tactics to protect against DDoS attacks in 2021.

Statistics of cyber attacks are multiplying fast every year. Online businesses really have to strengthen their security in 2021 to prevent or mitigate these threats. Don’t wait any longer! Enable today the necessary these 7 tactics to protect your business against DDoS attacks.

Know what a DDoS attack is.

A distributed denial of service (DDoS) is an attack where criminals look to drown a victim (network or server) by sending it massive traffic loads from multiple sources (infected devices). 

There are different types of DDoS, and each uses a specific technique to produce the traffic. But generally, criminals send a massive amount of requests to their victim to shut it down and get the denial of service for legit users.

Let’s get deeper into the threat and its techniques to build an efficient strategy against it.

Monitor your network’s traffic.

Online businesses have traffic patterns. You must understand them to distinguish normal traffic from abnormal. Constant monitoring can point sudden spikes or strange activity. Knowing your traffic, plus a smart monitor will help you catch the first DDoS symptoms before it is too late.

Add bandwidth.

Especially talking about large-scale volumetric DDoS, to increase bandwidth means the chance for making your highway wider to handle the traffic. Bandwidth itself won’t stop an attack, but it can make it possible to handle if detected at an early stage.

Get a load balance solution.

A load balance solution efficiently distributes big traffic loads. It directs them from one server to another to balance their workload and to prevent them from stress or the exhaustion of their resources. 

Get a CDN solution.

A content distribution network (CDN) is a network of web hosting servers distributed in different points of the world. Due to the amount and different location of its servers, they back each other up. If a server suffers an attack, traffic can be directed to another, keeping your online business available for users. 

Besides, CDN providers include in their plans security features to protect you. If you need extra protection, they usually supply this in their more robust plans. 

Get security and anti-DDoS technology. 

Building efficient defenses against DDoS attacks requires modern technology. It can’t sort it out with a single tool. You need multi-level protection. Monitoring tools, firewalls, load balancer, filters, and more to prevent intrusions in your system, to detect malicious activity before it harms.

Some anti-DDoS solutions can be outsourced for the convenience of your pocket. There are plans in which you can scale resources up or down based on your real needs. 

Keep good practices and quality maintenance.

Prevention of risks is a daily practice. Your employees must take security seriously. The importance of passwords and authentication processes, risks of phishing, etc. Close the gaps human errors leave for criminals to take advantage of.

Scan and run tests to detect failures in your system that can become weak spots for criminals to intrude. Updating will help you to patch on time possible holes in your software. 

Design a response plan. 

Response time is a critical factor in stopping a DDoS, reducing damages, or being devastated by it. Steps to face the emergency must be defined in advance to react accurately and fast – people in charge, how to prioritize the system’s resources, who to warn, etc. 


DDoS attacks are a dangerous reality. There are tactics to be protected and to fight back if needed. Not to be prepared in advance, it’s like playing with fire!  

How to use the Traceroute command to diagnose IP routing problems?

Among the many commands you have built-in in your operating system (OS), there is one that helps you see each point of the path of the data packets from your device to its destination, and it is called the Traceroute command. It is a useful diagnostic tool for checking IP routing problems.

​What is the Traceroute command?

The Traceroute command is software with a command-line interface, and you can use it to troubleshoot network problems. You can use it for these specific purposes: 

  • To see the complete route of data packets from your device to the target that you have chosen. That will open your eyes to each router/hop that the packets pass through. 
  • To see the time it takes for a complete route from your device to the target. You could see if it is within the norms. 
  • Identify the devices that your packets pass through. Most of them will be visible with their IP address and hostname. 
  • To find the bottleneck. You can see a particular hop that is responding too slow, or it is not responding at all. The Traceroute command can serve you to show you this problematic spot. That step could have a problem that you can further check by other tools.

​Understanding the Traceroute command

The Traceroute command has the following syntax:

traceroute [options] host_Address [pathlength] (Linux)

1. First, you start with the name of the command that you want to use. In our case, it is the “traceroute”.

2. Second, we can add an option for a more specific query. You have many choices like using IPv6, use another protocol for the data packets, change the waiting period, change the total number of packets sent, forbid fragmentation, maximum hops, and more. You can see the whole list of options with the following command, written inside the Terminal:

traceroute -help

3. The third will be the target of your query. You can use a hostname like your site’s domain name, or you can use an IP address like the address of your server.

​How to use the Traceroute command and to read the results

So, let’s just trace the route to


What you will see is an answer that is devised in a few columns. The first will show the hops it takes to reach the target. The second will show the IP addresses of those hops. And the last part will show each of the ping messages that the traceroute have sent, with the time they took. 

Now you have a good picture of all the hops that the query takes. You can see if there are any particular delays on the route, and you know between which two devices the problem is occurring. 

​Problems with the Traceroute command that you could experience. 

Sometimes you could have some problems with the command and have some data missing. 

​Request timed out.

This message could appear because: 

  • the target that you are checking is down and can’t respond. 
  • The command is disabled on a gateway.
  • The firewall is blocking the request. 
  • A connection problem. 

​An asterisk sign (*) in the result. 

  • A packet has been lost.
  • The particular router is discarding the packet on purpose. 

​Abnormal round trip time.

You can see an abnormal round trip time between different hops, where there is a very low number on one and higher on another. Repeat the command a few times to see if these numbers are consistent. The routers treat the ping messages as a low-priority process, and sometimes they process it later. This might be the reason. You can investigate further to see what the problem is. 

​Ping command basics for testing your network

The ping command might seams too basic for many people, but it is still around, and there is a reason for that. It is one of the fastest and easiest ways to find out if a particular device is connected. Just ping it, and in a matter of moments, you will see a clear answer. 

​What is the Ping command? 

The Ping command is a command that you can find on various Oses, including Windows, Linux, macOS, FreeBSD, and more. It serves to check if there is a direct connection between your device (the origin of the command) and the target (the IP address or domain name of the one you want to check). It uses Internet Control Message Protocol (ICMP) packets that it sends to the target. The target should receive them and answer back with echo messages. The echo message travels back to the origin and shows a statistic that includes the time it took to reach the target and if there were any lost packets. 

​How to use it? 

On Windows devices, there are two ways to use the Ping command – through the Command Prompt or through the Windows PowerShell. 

On macOS and Linux, you can use it through the Terminal application. 

​What can you test with the Ping command? 

  • See if a particular device like your server is connected at the moment. If it is reachable, that means there is a connection between you and the target.
  • See if the target responds fast enough. You can check the target on a regular basis and write it down. If the target responds slower than usual, there might be a problem that you can further explore. 
  • You can check different parts of the network and see if there is a bottleneck. 
  • Keep the Ping command constantly on so you can monitor the target constantly. This can be used with your server so you can be sure it is working normally. 

​Examples of the Ping command

No matter the OS and the Software you are using (Command Prompt, Terminal, etc.), you can ping a target using their domain name or their IP address. 



​How to get additional options for the Ping command? 

There are many more options that you can use with this command. You can adjust the number of the pings sent, set an interval between them, extend or shorten the TTL, and more. 

On Windows, you can write the following in the Command Prompt and see all the options: 

ping -?

On macOS, you can write the following in the Terminal and see all the options: 

ping -h

On Linux, you can write the following in the Terminal and see all the options: 

ping -h


So, the Ping command is a basic tool for testing devices on your network. It can be found on almost any OS and works almost the same on them. Send ICMP messages and see how long it takes them to return the echo. Simple and perfect. 

What is the Transmission Control Protocol (TCP)?

Networks are essentially communication – a non-stop interaction between machines exchanging information. To guarantee the success, efficiency, and security of that communication is a complex task. It can’t really be compiled through the use of a single technology. Instead, a combination of protocols and tools is what makes it possible.

What is the Transmission Control Protocol (TCP)?

The Transmission Control Protocol (TCP) is a communication protocol used to protect data exchanged between a client and a server. It has a specific way for organizing the data to keep their integrity, from the moment they are sent and until they are delivered. It’s a popular protocol used on many networks and supported by applications and devices.

It’s worth mentioning that the TCP is used by most networks, combined with the Internet Protocol (IP). They are different protocols, but since their combination became the official standard for applications and devices to communicate over networks (TCP/IP) a long time ago, in the late 1970s, some don’t differentiate them anymore.

Just keep in mind these teammates complement each other, but each has its own functionality. The IP routes and addresses data packets (sender-recipient). TCP organizes and protects them.

How does the Transmission Control Protocol (TCP) work?

First, TCP is a connection-oriented protocol. That means that to secure the data during their trip through the network (or networks), TCP requires an active connection between the sender and the recipient. And this connection has to keep active from the moment data are sent until they are delivered to complete the process successfully.

Then, when communication starts, the first action executed by TCP is to cut the message into packets. As a security measure to protect the integrity of the message, all packets get numbered by TCP and transferred to the IP layer after that for transporting them. 

It’s important to say that even all packets belonging to the same message, once cut in pieces, will not necessarily all travel together or follow the same route. They can move through different routers and gateways, and still, they all have to arrive at the same destination. 

Once they all hit this point (destination), TCP must reassemble all data packets to shape the original message that must be delivered to its recipient. Here, a process without problems should finish. But there can be issues, and TCP functionality is designed to react in case they arise. 

For instance, data packets can get disordered, duplicated, or lost during the process. TCP can detect and fix those types of problems. TCP will ask the packets that are missing to be sent again to re-organize them, re-order and deliver the message correctly. If the message definitely can’t be delivered, TCP will report the situation to the sender.

If you imagine the number of messages that are sent every minute, then cut in pieces by TCP, you can get an interesting image of how active and massive the transit of data packets is on every network. 

Advantages of the TCP.

  • It’s an open protocol. 
  • It’s a light protocol. Its presence doesn’t stress networks or devices.
  • It’s not dependent on the operating system.
  • It supports different protocols for routing, communication within a network, and different networks.

Disadvantages of the TCP.

  • It’s not a choice for LAN or PAN.
  • It has vulnerabilities. Cybercrime could take advantage. 


TCP can totally contribute to the safe exchange of data on your network. The right combination with other technologies can enhance it.