How A Ping Works

Introduction

One of the basic things that is generally asked when carrying out any network diagnostics (including the internet) is to carry out a ping. Here we will discuss what a ping is and how useful it is.

What Is A Ping

A ping is 1 of the most basic tool in any diagnostics toolkit. When you find you cannot access a website or a service on the internet you should check that you can actually connect to it (obviously after you have checked that you can access other services).

When you initiate a ping you are requesting that your device (usually a PC) sends a particular type of packet to the IP specified (if you specify a URL it will be translated into an IP first). The results that you receive back from the ping indicate how long it too to receive a response from the ping.

In this instance the type of packet is an ICMP packet (a handy link at the end of the article that shows what an ICMP packet is).

How You Read The Results From A Ping

Running a trace route is a very simple task. Firstly open a Dos prompt (click the link for instructions).

Once open you should see something similar to the screenshot below.

DOS Prompt
DOS Prompt

Now that we have the dos prompt we type the following command to carry out the ping:

ping mywebsite.com

As usual replace mywebsite.com with the IP or URL for the service that you are trying to test. This command is equivalent of writing “ping -n 4 petermcdonald.co.uk” you will see the “-n” switch shortly. This will result in something like the following:

Basic Ping
Basic Ping

As you can see I have pinged petermcdonald.co.uk (this site). Prior to the ping starting we receive an acknowledgement that a ping is about to take place and we are advised within brackets what IP address is to be pinged.

As you can see we have received 4 lines each with recurring information. In my case these are exactly the same but this is more of a fluke. Each response contains the following information:

  • Status of request and the IP that responded
  • Size of the packet denoted by bytes=
  • Response time for the packet denoted by time=XXms
  • Time to live denoted by TTL=XX

So lets look at each of these in turn.

Request Status

The status of the request, Usually this would be “Reply From IP” (of course it would not say IP it would have the actual IP address. Alternatively you may receive “Request Timed Out” which indicates that the response from the sent packet did not arrive in a timely manner. This could indicate that your connection is faulty, the server is bogged down or there is a DNS issue to name a few.

Packet Size

This is the size of packet in bytes that we have sent. This can be modified using the “-l” switch however there is little reason to do this normally. The maximum size on most modern PC’s are 65527 (unless you are doing something nefarious).

Response Time

The response time is measured in milliseconds and is how long it has taken for the response to the packet that you have sent takes to arrive. People believe that this is how long it took the packet to arrive at its destination however this is not the case. The time it takes to arrive at the destination is around half of the response time.

TTL

TTL stands for Time To Live. Contrary to what quite a few people believe this is not actually how long a packet will last for. Instead it is the maximum amount of hops that the packet will pass through prior to failing (to learn more about hops check out my article “How A Trace Route Works“)

The last piece of information that we receive are the statistics for the test. The information we have gained here are as follows:

  • Packets: Sent – How many packets we sent.
  • Received – How many responses we received
  • Lost – hopefully this would be 0 indicating that we received a response for each packet
  • Minimum – The time taken to receive a response from the fastest packer
  • Maximum – The time taken to receive a response from the slowest packer
  • Average – The average time of all requests to receive a response. The lower this figure the better.

What Else Can I Do With Ping

Previously I mentioned that “ping petermcdonald.co.uk” was equivalent to “ping -n 4 petermcdonald.co.uk”. You may have guessed by now but the “-n” switch allows you to specify how many packets you send (and you will receive a response line for each 1).

As you can see below the output is very similar to before.

Ping 10 times
Ping 10 times

You may also wish o continually ping an IP. You can also do this simply in this case by using the “-t” switch. This will continually ping the IP until you specifically tell it to stop (by using ctrl + c).

Again an example is below.

Continual Ping
Continual Ping

1 consideration on using the “-t” switch however. I have spoken with many people in the past who have done this and ran it for hours then when they see “Request timed out” they believe they must have a packet loss issue. This may not be the case. A server is quite free to ignore ping requests. Some do not respond at all and some stop responding if they are being bombarded. Others may also choose not to respond if they have too much traffic from other sources to deal with (after all if someone kept banging on your door wouldn’t you stop answering after a while? Why should servers be any different?).

There are other switches that you can use with the ping command however I would say those mentioned above are the most common. If you would like to read more about the switches available check out the link to the Microsoft article at the bottom of the article.

Potential Issues

Could Not Find Host

If you receive an error stating that the “Ping request could not find host” such as the below example. This could be due to a couple of things such as:

  • The domain is not registered (as in my example).
  • The DNS cannot be resolved for the domain name you have tried to ping.
Failed Ping
Failed Ping

Pings Work When They Shouldn’t

At times you may find that you receive a response from a ping when you know it should not respond. Alternatively you may find the domain resolves to an IP but does not respond to pings.

In my example for Could Not Find Host above I came across this problem. In my case as my ISP’s DNS could not resolve the host it provided the IP address they use for capturing traffic for non registered domain names (I had to change my DNS to be that of Google’s namely 8.8.8.8 as the primary and 8.8.4.4 for the tertiary).

If you suspect that this is happening try pinging a completely random domain that is not registered (I personally button bash my keyboard and put .com after it). If you receive the same response (ie IP address) then you can safely assume that the ISP is hijacking the DNS,

Unfortunately this is quite common these days as ISP’s can benefit from advertising on pages you may come across if you mistype a URL.

Further Reading

If you would like to learn more about the more advanced features of pathping take a look at this Microsoft Ping guide.

For more information on what an ICMP packet is read the Microsoft Internet Control Message Protocol article.

I hope you enjoyed this article. If you have any questions feel free to ask. I will no doubt tidy this article up over time and make amendments.

How A Trace Route Works

Introduction

Previously I have posted an article titled “How A Pathping Works“. In this article i demonstrated how a pathping can help identify where an issue lies if you are unable to connect to a webpage.

Sometimes however a pathping is overkill and you may only need to see where the connection fails. This is where a trace route comes in handy. Continue reading “How A Trace Route Works”

Domains For Sale

I am currently looking to raise some cash and have just posted some quality domain names. I am open to offers. Feel free to comment or to post on Namepros or DNForum.

The domains for sale are:

Domain: DiverseBlog.com
Creation: 14 Dec 2006
Expiry: 14 dec 2011
Registrar: GoDaddy

Name and potential uses speak for themselves. A great little domain for a blog.

—————————————————————————-

Domain: DomainingArticles.com
Creation: 11 July 2009
Expiry: 11 July 2012
Registrar: GoDaddy

Another name thatspeaks for itself. I had partially created a script for this but thus far had not completed this.

—————————————————————————-

Domain: LinuxDaemon.com
Creation: 10 May 2008
Expiry: 10 May 2012
Registrar: eNom

I thought of creating a site with information on the common linux daemons. There are some sites that do this already but not have such an apt domain. You could also of course have tutorials detailing how to create a linux daemon.

—————————————————————————-

Domain: ObscureRecords.com
Creation: 25 Jan 2008
Expiry: 25 Jan 2013
Registrar: eNom

This domain has many possibilities. Obscure or rare LP’s, or maybe showing some of the oddest world records that have been achieved.

—————————————————————————-

Domain: PHPSecured.com
Creation: 18 June 2008
Expiry: 18 June 2012
Registrar: eNom

A perfect domain for articles or tutorials for showing how to secure PHP or possibly to code with security in mind (something that is often forgotten).