Often during network troubleshooting a network administrator may desire to trace a packet matching to a specific requirement in the network and collect some useful feature information on the devices traversed by the packet. Typically, L2 and L3 traceroute utilities are used to trace a packet in network, but they suffer from certain usability issues.
For example, L2 and L3 traceroute utilities use packets with standard set of L2/L3/L4 parameters. However, the network administrator may be interested in tracing a specific packet with given set of L2/L3/L4/L7 parameters. The additional L7 data in packet could mean a different handling of specific packets. Hence there could be cases where a normal L2/L3 traceroute packet may pass through a given path, while the actual packet may get dropped on a device somewhere along the path due to policy configurations.
Another issue with prior traceroute utilities is that they may merely yield L2 and L3 layer parameters of the devices in the tracepath, This does not permit tracing Security Group Tags (“SGT”) tags attached to a given packet as it traverses through a security policy management frame work such as a TrustSec-enabled network. In other words, obtaining networking feature level information from devices in this manner is not possible. To achieve this in prior systems, a network administrator would need to login to each of the discovered devices and obtain such information. Moreover, such information may not even be available, as it may be attached to a given packet.