ping

One of the most recognized utilities is the ping command. The ping command
can be used in your IP network to assist in determining whether or not an IP
addressed node is reachable.
ping sends an echo request within an Internet Control Message Protocol
(ICMP) packet. Once the echo request has been sent, the device that sent the
ping will monitor for a reply to the echo request. Once the reply is received,
the results are measured and the following statistics are recorded and printed
on the screen:
Packet loss (if any)
The time it takes for the data to make a round trip (to and from the
destination or target node)
Statistics gathered during the ping session
Here is an example of a typical11 successful ping session:
C:\>ping 64.233.167.99
Pinging 64.233.167.99 with 32 bytes of data:
Reply from 64.233.167.99: bytes=32 time=44ms TTL=235
Reply from 64.233.167.99: bytes=32 time=38ms TTL=235
Reply from 64.233.167.99: bytes=32 time=37ms TTL=236
Reply from 64.233.167.99: bytes=32 time=37ms TTL=235
Ping statistics for 64.233.167.99:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 37ms, Maximum = 44ms, Average = 39ms
In the example, the host issues an echo request to the target IP and
received the reply. The reply was 32 bytes in size. There were a total of four
echo request packets sent with 100 percent success. The average round trip
was 39 ms.
Unfortunately, because of our friends the ‘‘Ker’’ brothers (see Chapter 14),
many network administrators are now setting filters to not accept the IGMP
echo request packets. This choice is mainly because of the growing con-
cern of Internet worms that use ping to locate nodes that they can attack.
By not accepting the echo requests, the node is less vulnerable to attacks
than if it did accept them. This makes the ping utility useless when try-
ing to troubleshoot issues with the filtered interface and therefore may lead
to misleading diagnosis of problems in the network. Also keep in mind that
filtering these packets is only an annoyance for the Kers . . . they can still get to
the interface if they really want to.
The format of the ICMP echo request and reply packets are shown in
Figure 16-1.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Type Code Checksum
Identifier Sequence Number
Data
Figure 16-1 The ICMP echo reply/request datagram format
As mentioned already, the ICMP echo reply is returned for any ICMP echo
requests that are sent to the target node. The target node must respond to
echo requests when it can, and the reply will contain the data that was sent
to it from the originating node.
The echo request datagram type will be set to 8.12
The echo reply will have a datagram type set to 0.
The code field will be set to 0 for both the request and reply.
The Identifier and the Sequence number fields are used to
ensure that the proper reply is sent to the proper request.
The data field in the request and reply must contain the same data.
The ping command will also give you an idea of what the problem may be
when you are not able to get a valid response as shown in the example below.
The two error messages that you may receive when you are not able to reach
your target are:
Request timed out: There was no reply from the host.
Destination host unreachable: There is no route to the destination.