5.3 Basic ICMP Tools

Before you configure your network devices, you should learn how to use some ICMP (Internet Control Message Protocol) tools. ICMP packets help you root out problems with connectivity and routing.

ping (see http://ftp.arl.mil/~mike/ping.html) is one of the most basic network debugging tools. It sends ICMP echo request packets to a host. If the host gets the packet and feels nice enough, it sends an ICMP echo response packet in return.

Let's say that you run ping 10.1.2.21 and you get this output:

 PING 10.1.2.21 (10.1.2.21): 56 data bytes 64 bytes from 10.1.2.21: icmp_seq=0 ttl=255 time=8.0 ms 64 bytes from 10.1.2.21: icmp_seq=1 ttl=255 time=3.2 ms 64 bytes from 10.1.2.21: icmp_seq=2 ttl=255 time=3.4 ms 64 bytes from 10.1.2.21: icmp_seq=4 ttl=255 time=3.4 ms 64 bytes from 10.1.2.21: icmp_seq=5 ttl=255 time=3.2 ms

The most important parts of the output are the icmp_seq number and the round-trip time. ping sends a sequence of echo request packets, one every second.

Notice that there's a gap between 2 and 4 in this example. This usually means that there's some kind of connectivity problem. It is possible to get packets out of order, but if this happens, there's still some kind of problem because ping sends only one packet a second. If a response takes more than a second to arrive , the connection is extremely slow.

The round-trip time is the total elapsed time between the moment that the request packet was transmitted and moment that the response packet arrived. If there are incomplete routes between the request source and the destination, ping immediately reports the ICMP "host unreachable" packets that come back as a result of the disconnection.

On a wired LAN, you should expect absolutely no packet loss and very low numbers for the round-trip time (the preceding example output is from a wireless network). You should also expect no packet loss from your network to and from your ISP, as well as reasonable, steady round-trip times.

Sadly, not all hosts on the Internet respond to ICMP echo request packets as they once did. Therefore, you may come across situations where you can connect to a Web site on a host, but not get a ping response.

Another useful ICMP-based program is traceroute ; it will come in handy when you reach the material on routing later in the chapter. Use traceroute host to see the exact path your packets take to a remote host. One of the best things about traceroute is its reporting of return-trip times at each step in the route, as demonstrated in this output fragment:

 4  206.220.243.106  1.163 ms  0.997 ms  1.182 ms  5  4.24.203.65  1.312 ms  1.12 ms 1.463 ms  6  64.159.1.225  1.421 ms  1.37 ms 1.347 ms  7  64.159.1.38  55.642 ms  55.625 ms  55.663 ms  8  209.247.10.230  55.89 ms  55.617 ms  55.964 ms  9  209.244.14.226  55.851 ms  55.726 ms  55.832 ms 10  209.246.29.174  56.419 ms  56.44 ms  56.423 ms

Because this output shows a big latency jump between hop 6 and hop 7, that part of the route is probably some sort of long-distance link.

You can put these ICMP tools to use when setting up a working network interface, as the next few sections will show you how to do.