Section H-1. ping


H-1. ping

ping is probably the most widely used tool for network troubleshooting. It uses ICMP packets to measure how long it takes to send a packet to a remote host and receive a response. ECHO_REQUEST and ECHO_REPLY are used by ping for this purpose. ECHO_REQUEST is used to indicate that a host requests an ICMP reply, and ECHO_REPLY is used to denote a reply to an ICMP request. In theory, all TCP/IP-based devices should respond to an ECHO_REQUEST. In practice, this is not always the case.

ping can be viewed as a layer-three testing tool. If ping doesn't work, suspect layers three and below. If it does work, suspect layers four and higher.

Note that some routers can be configured to block ICMP responses to ICMP packets, so be aware of this.

Here are some general ping error messages you should know about, and an explanation of what they indicate:

  • A message similar to "Unknown Host" is usually indicative of a DNS problem. If this type of message is received, try to use the IP address of the remote host you are trying to reach.

  • If you receive a host or network unreachable message, it could be due to networking problems like a missing router or misconfigured gateway. A router will respond with an ICMP DESTINATION_HOST_UNREACHABLE message if it has no path to the host.

  • If a timeout message is displayed by ping, any number of problems could be to blame, including the simple case that the remote host is not turned on.

Here is some ping output from Windows:

 C:\> ping www.yahoo.com   Pinging www.yahoo.akadns.net [68.142.226.49] with 32 bytes of data:   Reply from 68.142.226.49: bytes=32 time=34ms TTL=47 Reply from 68.142.226.49: bytes=32 time=26ms TTL=47 Reply from 68.142.226.49: bytes=32 time=29ms TTL=47 Reply from 68.142.226.49: bytes=32 time=27ms TTL=47   Ping statistics for 68.142.226.49:     Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds:     Minimum = 26ms, Maximum = 34ms, Average = 29ms 

The ping times look pretty good. Now look at the ping output from Unix:

 $ ping www.yahoo.com PING www.yahoo.akadns.net (68.142.226.46) 56(84) bytes of data. 64 bytes from p15.www.re2.yahoo.com (68.142.226.46): icmp_seq=1 ttl=52 time=18.7 ms 64 bytes from p15.www.re2.yahoo.com (68.142.226.46): icmp_seq=2 ttl=53 time=19.8 ms 64 bytes from p15.www.re2.yahoo.com (68.142.226.46): icmp_seq=3 ttl=53 time=19.3 ms 64 bytes from p15.www.re2.yahoo.com (68.142.226.46): icmp_seq=4 ttl=53 time=19.5 ms ^C --- www.yahoo.akadns.net ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3002ms rtt min/avg/max/mdev = 18.724/19.342/19.820/0.412 ms $ 

This set of ping times is higher than the one we saw from Windows. Could this be a problem? Not necessarily. It could be that someone was transferring a large file on the network when we decided to perform our test. Also, some network devices may place ICMP at a lower priority than other protocols, so the response you get may look delayed, but in reality, it was a victim of priority scheduling.

You may be tempted to use the TTL to estimate hop counts, but it isn't an accurate measurement because it may be reset along the path to prevent routing loops.

Finally, here are the basic steps for using ping to troubleshoot network problems:

  • Repeatedly run ping to isolate problems. Change the destination IP address as you work your way through each intermediate device between you and the destination.

  • Next, to rule out problems with your network interface, your network cable, or the switch or hub you are connected to, try to ping an IP address on your local network.

  • Next, to rule out DNS name resolution problems, try to ping the destination by name. If this fails, you can continue to use ping, but you must use the destination's IP address.

  • Use traceroute (described later in this appendix) to determine the IP addresses of the intermediate hosts between you and the destination host.

  • Responding to a failure at this point depends on who is responsible for the systems beyond your router. If you are responsible, you will need to test the machines beyond the router and work back in your direction from behind the router.

  • Running ping over a time interval can help diagnose problems that seem to come and go, for example.

  • If you are looking at performance over a long period of time, you will almost certainly want to use the -i option to space your packets in a more network-friendly manner. This is a reasonable approach to take if you are experiencing occasional outages and need to document the time and duration of the outages. You should also be aware that over extended periods of time, you may see changes in the paths the packets follow.




Essential SNMP
Essential SNMP, Second Edition
ISBN: 0596008406
EAN: 2147483647
Year: 2003
Pages: 165

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net