Ping which stands for Packet INetrnet Gropper, is a great utility when it comes to troubleshooting network issues. It is part of iputils package. It sends ICMP “echo request” packets to the target system and listen for “echo response” replies. Ping records the round-trip time and records any packet loss. It prints a summary at the end showing number of packets sent and received, percent packet loss and total time. It also prints out minimum, average, maximum and maximum deviation (standard deviation).
After the brief introduction, let’s dig into the nitty-gritty of ping
In its simplest and usual form, ping is used to to see if a host is alive.
We will ping www.google.com and analyze the output, so type
The first line shows that ping is sending ICMP “echo request” to the host www.l.google.com with an IP 64.233.169.103 with 56 bytes of data. This first line proves that our DNS resolution is working so ping can be used as a simple name resolution tool.
The second line states information about the echo response packet. It received 64 bytes (why 64 bytes while it said 56 bytes above? I will explain it later), name of the host with its IP the data was received from, icmp sequence number, time to live value and the the time duration between the packet was sent and then received. Important things to look for in these lines is sequence numbers which should increment by 1 if there are no packet loss and time where a higher value would indicate network latency.
At the end we have summary of pings performed. Here 4 packets were sent, 4 received with 0% packet loss. The whole process, from the time when I start ping to the point when I stopped it, took 3001 milliseconds.
Then we have minimum, average, maximum and standard deviation of round-trip traffic.
ICMP echo request and echo reply contains 8 byes worth of ICMP headers. That’s why we see 8 bytes more than the amount of data (default 56) we sent.
By default all Linux distributions continuously ping the target host until stopped with ctrl+c.
To send a limited number of pings, use -c (for count). The following will send 5 ICMP packets of type echo request
Maximum packet size is 65,535 bytes.
Be careful of sending very large packets to target host.
Different options can be combined as well. For example to send 3 packets of size 200 bytes with .5 sec interval, we would use
After the brief introduction, let’s dig into the nitty-gritty of ping
In its simplest and usual form, ping is used to to see if a host is alive.
We will ping www.google.com and analyze the output, so type
ping www.google.com PING www.l.google.com (64.233.169.103) 56(84) bytes of data. 64 bytes from yo-in-f103.google.com (64.233.169.103): icmp_seq=1 ttl=128 time=31.7 ms 64 bytes from yo-in-f103.google.com (64.233.169.103): icmp_seq=2 ttl=128 time=30.9 ms 64 bytes from yo-in-f103.google.com (64.233.169.103): icmp_seq=3 ttl=128 time=32.0 ms 64 bytes from yo-in-f103.google.com (64.233.169.103): icmp_seq=4 ttl=128 time=31.2 ms — www.l.google.com ping statistics — 4 packets transmitted, 4 received, 0% packet loss, time 3001ms rtt min/avg/max/mdev = 30.979/31.509/32.093/0.481 msLet’s see what we have from the output.
The first line shows that ping is sending ICMP “echo request” to the host www.l.google.com with an IP 64.233.169.103 with 56 bytes of data. This first line proves that our DNS resolution is working so ping can be used as a simple name resolution tool.
The second line states information about the echo response packet. It received 64 bytes (why 64 bytes while it said 56 bytes above? I will explain it later), name of the host with its IP the data was received from, icmp sequence number, time to live value and the the time duration between the packet was sent and then received. Important things to look for in these lines is sequence numbers which should increment by 1 if there are no packet loss and time where a higher value would indicate network latency.
At the end we have summary of pings performed. Here 4 packets were sent, 4 received with 0% packet loss. The whole process, from the time when I start ping to the point when I stopped it, took 3001 milliseconds.
Then we have minimum, average, maximum and standard deviation of round-trip traffic.
ICMP echo request and echo reply contains 8 byes worth of ICMP headers. That’s why we see 8 bytes more than the amount of data (default 56) we sent.
By default all Linux distributions continuously ping the target host until stopped with ctrl+c.
To send a limited number of pings, use -c (for count). The following will send 5 ICMP packets of type echo request
ping -c 5 www.google.comBy default ping waits one second between sending packet. It can be changed with –i (for interval) option. The following will wait 2 second before sending another packet.
ping –i 2 www.google.comInterval can be made even smaller. For example, to wait half a second before sending a packet, use
ping -i .5 www.google.comTo change the default packet size of 56 bytes, use -s (for size) option. To send 168 bytes, use the following
ping -s 168 www.example.com PING www.example.com (208.77.188.166) 168(196) bytes of data. 176 bytes from www.example.com (208.77.188.166): icmp_seq=1 ttl=128 time=93.6 ms 176 bytes from www.example.com (208.77.188.166): icmp_seq=2 ttl=128 time=94.3 ms 176 bytes from www.example.com (208.77.188.166): icmp_seq=3 ttl=128 time=95.1 ms — www.example.com ping statistics — 3 packets transmitted, 3 received, 0% packet loss, time 2000ms rtt min/avg/max/mdev = 93.667/94.391/95.167/0.708 msNotice the new size 176 bytes because of the addition of 8 bytes header data.
Maximum packet size is 65,535 bytes.
Be careful of sending very large packets to target host.
Different options can be combined as well. For example to send 3 packets of size 200 bytes with .5 sec interval, we would use
ping -i .5 -s 200 -c 3 www.example.comAnother option (can be dangerous) is –f (for flood). It sends a lot packets very fast. If interval is not given, it sets interval to zero and outputs packets as fast as they come back or one hundred times per second, whichever is more. Only the super-user may use this option with zero interval.
ping -f www.host.com
No comments:
Post a Comment