One of the basic things that is generally asked when carrying out any network diagnostics (including the internet) is to carry out a ping. Here we will discuss what a ping is and how useful it is.
What Is A Ping
A ping is 1 of the most basic tool in any diagnostics toolkit. When you find you cannot access a website or a service on the internet you should check that you can actually connect to it (obviously after you have checked that you can access other services).
When you initiate a ping you are requesting that your device (usually a PC) sends a particular type of packet to the IP specified (if you specify a URL it will be translated into an IP first). The results that you receive back from the ping indicate how long it too to receive a response from the ping.
In this instance the type of packet is an ICMP packet (a handy link at the end of the article that shows what an ICMP packet is).
How You Read The Results From A Ping
Running a trace route is a very simple task. Firstly open a Dos prompt (click the link for instructions).
Once open you should see something similar to the screenshot below.
Now that we have the dos prompt we type the following command to carry out the ping:
As usual replace mywebsite.com with the IP or URL for the service that you are trying to test. This command is equivalent of writing “ping -n 4 petermcdonald.co.uk” you will see the “-n” switch shortly. This will result in something like the following:
As you can see I have pinged petermcdonald.co.uk (this site). Prior to the ping starting we receive an acknowledgement that a ping is about to take place and we are advised within brackets what IP address is to be pinged.
As you can see we have received 4 lines each with recurring information. In my case these are exactly the same but this is more of a fluke. Each response contains the following information:
Status of request and the IP that responded
Size of the packet denoted by bytes=
Response time for the packet denoted by time=XXms
Time to live denoted by TTL=XX
So lets look at each of these in turn.
The status of the request, Usually this would be “Reply From IP” (of course it would not say IP it would have the actual IP address. Alternatively you may receive “Request Timed Out” which indicates that the response from the sent packet did not arrive in a timely manner. This could indicate that your connection is faulty, the server is bogged down or there is a DNS issue to name a few.
This is the size of packet in bytes that we have sent. This can be modified using the “-l” switch however there is little reason to do this normally. The maximum size on most modern PC’s are 65527 (unless you are doing something nefarious).
The response time is measured in milliseconds and is how long it has taken for the response to the packet that you have sent takes to arrive. People believe that this is how long it took the packet to arrive at its destination however this is not the case. The time it takes to arrive at the destination is around half of the response time.
TTL stands for Time To Live. Contrary to what quite a few people believe this is not actually how long a packet will last for. Instead it is the maximum amount of hops that the packet will pass through prior to failing (to learn more about hops check out my article “How A Trace Route Works“)
The last piece of information that we receive are the statistics for the test. The information we have gained here are as follows:
Packets: Sent – How many packets we sent.
Received – How many responses we received
Lost – hopefully this would be 0 indicating that we received a response for each packet
Minimum – The time taken to receive a response from the fastest packer
Maximum – The time taken to receive a response from the slowest packer
Average – The average time of all requests to receive a response. The lower this figure the better.
What Else Can I Do With Ping
Previously I mentioned that “ping petermcdonald.co.uk” was equivalent to “ping -n 4 petermcdonald.co.uk”. You may have guessed by now but the “-n” switch allows you to specify how many packets you send (and you will receive a response line for each 1).
As you can see below the output is very similar to before.
You may also wish o continually ping an IP. You can also do this simply in this case by using the “-t” switch. This will continually ping the IP until you specifically tell it to stop (by using ctrl + c).
Again an example is below.
1 consideration on using the “-t” switch however. I have spoken with many people in the past who have done this and ran it for hours then when they see “Request timed out” they believe they must have a packet loss issue. This may not be the case. A server is quite free to ignore ping requests. Some do not respond at all and some stop responding if they are being bombarded. Others may also choose not to respond if they have too much traffic from other sources to deal with (after all if someone kept banging on your door wouldn’t you stop answering after a while? Why should servers be any different?).
There are other switches that you can use with the ping command however I would say those mentioned above are the most common. If you would like to read more about the switches available check out the link to the Microsoft article at the bottom of the article.
Could Not Find Host
If you receive an error stating that the “Ping request could not find host” such as the below example. This could be due to a couple of things such as:
The domain is not registered (as in my example).
The DNS cannot be resolved for the domain name you have tried to ping.
Pings Work When They Shouldn’t
At times you may find that you receive a response from a ping when you know it should not respond. Alternatively you may find the domain resolves to an IP but does not respond to pings.
In my example for Could Not Find Host above I came across this problem. In my case as my ISP’s DNS could not resolve the host it provided the IP address they use for capturing traffic for non registered domain names (I had to change my DNS to be that of Google’s namely 18.104.22.168 as the primary and 22.214.171.124 for the tertiary).
If you suspect that this is happening try pinging a completely random domain that is not registered (I personally button bash my keyboard and put .com after it). If you receive the same response (ie IP address) then you can safely assume that the ISP is hijacking the DNS,
Unfortunately this is quite common these days as ISP’s can benefit from advertising on pages you may come across if you mistype a URL.
If you would like to learn more about the more advanced features of pathping take a look at this Microsoft Ping guide.
I am always a fan of freebies and of course I am always eager to learn new things so when I saw a post by Admin Magazine on Facebook to advise that to celebrate Sysadmin day 2012 they have partnered with Splunk to offer a free IPv6 download special.
The special covers numerous subjects covering what IPv6 is and how it works through too how to programme using IPv6. Be aware however the download is only available today.