Contact Info

Crumbtrail » Network Component » Tutorials » Introduction to ICMP

Introduction to ICMP/Ping

The Ping utility is essentially a system administrator's tool that is used to see if a computer is operating and also to see if network connections are intact. Ping uses the Internet Control Message Protocol (ICMP) Echo function which is detailed in RFC 792. A small packet is sent through the network to a particular IP address. This packet contains 64 bytes - 56 data bytes and 8 bytes of protocol reader information. The computer that sent the packet then waits (or 'listens') for a return packet. If the connections are good and the target computer is up, a good return packet will be received. PING can also tell the user the number of hops that lie between two computers and the amount of time it takes for a packet to make the complete trip. Additionaly, an administrator can use Ping to test out name resolution. If the packet bounces back when sent to the IP address but not when sent to the name, then the system is having a problem matching the name to the IP address. As mentioned previously, Ping has also evloved from a noun/acronym into a verb, for example: "Ping server X to see if it is up" The time it takes for the packet to get to the target computer and back again is known as the round trip time. If this takes an extended period of time, it is indicative that something may be wrong.

How Ping was invented

The original PING utility stood for "Packet Internet Groper", and was a package of diagnostic utilities used by DARPA personnel to test the performance of the ARPANET. The modern Ping program was written by Mike Muuss in December, 1983, and has since become one of the most versatile and widely used diagnostic tools on the Internet. Muuss named his program after the sonar sounds used for echo-location by submarines and bats. Just like in old movies about submarines, sonar probes do sound like a metallic "pingggg".

How Ping works

The Ping program works much like a sonar echo-location. It sends a small packet of information containing an ICMP ECHO_REQUEST to a specified computer, which then sends an ECHO_REPLY packet in return. The IP address is set by convention to always indicate your own computer. Therefore, a ping to that address will always ping yourself and the delay should be very short.

How to use Ping

You can use Ping to perform several useful network diagnostics, such as the following:

You can perform a ping on a Windows computer by opening an MSDOS window and then typing "ping" followed by the domain name or IP address of the computer you wish to ping. You can list the available options with the command "ping -?".

If you can't use Ping from your own computer because of a firewall or other restriction, or want to do a ping from another location than your own, you can use one of the following web sites:

These pings are sent from the computer hosting the web site, not from your computer, so the times returned reflect the time for communication from that web site, not from your computer. However, they are useful to determine if an address can be reached from different places around the Internet, and to determine how long it takes to reach one site compared to others from most sites.

If the times returned by several web ping sites to a given site are long, then the site's network is likely having problems. If you can ping a site from a web ping site but not from your own computer, then there is some block in your network preventing you from reaching that site.

Unix version

Muuss originally developed the ping command for the Unix system, and that version has the range of options summarized below:

ping -c count ping -c 10 Specify the number of echo requests to send.
Ping -dping -d Set the SO_DEBUG option.
Ping -fping -fFlood ping. Sends another echo request immediately after receiving a reply to the last one. Only the super-user can use this option.
Ping hostping the host name (or IP address) of computer to ping
ping -i waitping -i 2Wait time. The number of seconds to wait between each ping
ping -l preload ping -l 4Sends "preload" packets one after another.
Ping -n ping -n Numeric output, without host to symbolic name lookup.
Ping -p pattern ping -p ff00 Ping Pattern. The example sends two bytes, one filled with ones, and one with zeros.
Ping -q ping -q Quiet output. Only summary lines at startup and completion
ping -r ping -r Direct Ping. Send to a host directly, without using routing tables. Returns an error if the host is not on a directly attached network.
Ping -R Ping -R Record Route. Turns on route recording for the Echo Request packets, and display the route buffer on returned packets (ignored by many routers).
ping -s PacketSize ping -s 10 Sets the packet size in number of bytes, which will result in a total packet size of PacketSize plus 8 extra bytes for the ICMP header
ping -v ping -v Verbose Output. Lists individual ICMP packets, as well as Echo Responses