How A Pathping Works.

Introduction

Every now and then you may find that you have a problem with your connection. If you are a webmaster you may on occasion have issues with your website not being accessible or being slow.

In each scenario’s there is a very good windows utility that you can use to help track down where the problem may lie.

The tool in question is a pathping.

What Is A Pathping

When using a pathping as standard the pathping carries out 2 functions. The first function (which is where path comes into it) is to check the path that you are taking through the internet to the desired site. This will be familiar to most as this is what a trace route does (I also have an article called “How A Trace Route Works” to cover this).

The seconds’ more useful function is where ping comes from in the name. Each hop from the path is pinged using an ICMP packet 100 times  (I also have an article called “How A Ping Works” to cover this). Now you may wonder why this is so useful. Well, usually when you ping a destination you will find out how many of the pings (packets) were dropped however you have no idea where this is occurring. The ping that is carried out as part of a pathping is a more intrusive ping.

Each hop within the route is pinged with 100 packets. This helps you find out where an issue could be originating from.

How You Read The Results From A Pathping

Firstly we need to open a dos prompt (click the link for full instructions)

Once done you will see a screen that is similar to the following:

DOS Prompt
DOS Prompt

Now that we have the dos prompt we type the following command to carry out the pathping:

pathping mywebsite.com

Of course, you need to replace mywebsite.com with a site that you wish to carry out a pathping on. If you are having issues with your site then this would be the address for the site in question. If you are having issues with the internet in general replace it with a site that you know is reliable (such as google.com).

After pressing enter you will start to see a basic traceroute being completed. As mentioned this is the route the information is taking when you are attempting to visit the site in question. Once the traceroute completes you will see a message that states:

Computing statistics for 400 seconds...

The number of seconds will vary and is actually an estimate of the time it will take for the ping section to complete.

Pathping Trace Section
Pathping Trace Section

Now you will notice that 2 lines have had the IP blanked out. I have done this to stop my IP being public.

After a patient wait we will slowly be presented with the ping section which will look like the following:

Pathping ping section
Pathping ping section

Now the output we have may be overwhelming when first looking at this but it is easy to fathom.

As you can see along the top there are column headers which have the following meanings:

  • Hop – The number of the hop. This corresponds with the hop number in the trace route section.
  • RTT – Round trip time. This is the average time taken for a packet to be sent and in turn, a response received (so the time taken for them to receive the information is actually roughly half the displayed figure). This is measured in milliseconds.
  • Source to Here Lost – The number of packets that a response was never received for.
  • Source to Here Sent – The total number of packets sent to this particular destination. This will usually be 100.
  • Source to Here Pct – The percentage of packets that were lost.
  • Address – If one is available this will show the hostname for the device followed by its IP in square brackets. If no hostname is available this will simply be the IP.

Now you may notice that I have missed out the “This Node” section. Do not worry about this section as it is not necessary for our needs.

On hop 5 you will notice that hop 5 displays “100/ 100 = 100%”. This indicates that none of the packets that we sent this device gave us a response. Now you might be concerned about this and believe that this is a cause of the issue. This is not the case. Any row that displays 0% or 100% should not be a problem. The only time 100% would be a problem is if no further hops occurred (and this hop was not that of the website, if you are not sure ping the website address and this will tell you the IP. Compare this IP with that of the hop in question).

Now on my sample pathping, you will see that on hop 13 we see “2/ 100 = 2%”. This is telling us that out of a total of 100 packets that we sent, we did not receive a response for 2 of them. You will also notice that hop 14 and 15 also display loss. Any issues like this are called packet loss.

So now you may be wondering how we would find out the issue at hand. The hop in this case that is potentially causing an issue is hop 13. Any later hop that displays packet loss will be caused by an earlier hop that has packet loss (all traffic to the later hop is passing through the earlier hop. If the earlier hop has loss then one of the packets of the later hop could also be affected).

Now, who would you contact to rectify this issue? This is where you need to carry out some investigatory work. If the packet loss starts to occur on your network, unfortunately, this is your issue.

If the packet loss starts at the 1st hop past your router again this could be your problem (carry out usual diagnostics, replace cables, router, filters etc).

If the packet loss occurs on an IP within your ISP area (usually identifiable by the host name, you will see hop 7, 8 and 9 show bt.net. My ISP is BT so I know these are my ISP. This also tells me that 2,3,4,5 and 6 must also be my ISP) then you should contact your ISP to report the problem. Depending on your ISP the people at the call center may not be aware of what packet loss is so you may need to describe the issue in more relative detail (such as if it is causing slow speeds tell them you have a slow speed issue).

If you are experiencing issues with your own website and there is no packet loss until it leaves your ISP, then, unfortunately, they may not be able to do anything about it. This is where it gets a bit trickier. You need to work out if the IP belongs to your host. If it does then great, contact your host and provide proof of the issue.

If the issue is outside both of these realms then, unfortunately, you have an issue on your hands. Nobody that you have contact with (or that will really take any notice) will be able to help much. Depending on your host or ISP they may be able to chase this up and liaise with that party but they would need to have good reason to do so (such as a lot of customers are affected).

Further Reading

If you would like to learn more about the more advanced features of pathping take a look at this Microsoft Pathping guide.

I hope you enjoyed this article. If you have any questions feel free to ask. I will no doubt tidy this article up over time and make amendments.

1 thought on “How A Pathping Works.”

Tell us your thoughts