Introduction to ICMP/Ping
The Ping utility is essentially a system administrator's tool that is used to see if a computer is operating and also to see if network connections are intact. Ping uses the Internet Control Message Protocol (ICMP) Echo function which is detailed in RFC 792. A small packet is sent through the network to a particular IP address. This packet contains 64 bytes - 56 data bytes and 8 bytes of protocol reader information. The computer that sent the packet then waits (or 'listens') for a return packet. If the connections are good and the target computer is up, a good return packet will be received. PING can also tell the user the number of hops that lie between two computers and the amount of time it takes for a packet to make the complete trip. Additionaly, an administrator can use Ping to test out name resolution. If the packet bounces back when sent to the IP address but not when sent to the name, then the system is having a problem matching the name to the IP address. As mentioned previously, Ping has also evloved from a noun/acronym into a verb, for example: "Ping server X to see if it is up" The time it takes for the packet to get to the target computer and back again is known as the round trip time. If this takes an extended period of time, it is indicative that something may be wrong.
How Ping was invented
The original PING utility stood for "Packet Internet Groper", and was a package of diagnostic utilities used by DARPA personnel to test the performance of the ARPANET. The modern Ping program was written by Mike Muuss in December, 1983, and has since become one of the most versatile and widely used diagnostic tools on the Internet. Muuss named his program after the sonar sounds used for echo-location by submarines and bats. Just like in old movies about submarines, sonar probes do sound like a metallic "pingggg".
How Ping works
The Ping program works much like a sonar echo-location. It sends a small packet of information containing an ICMP ECHO_REQUEST to a specified computer, which then sends an ECHO_REPLY packet in return. The IP address 127.0.0.1 is set by convention to always indicate your own computer. Therefore, a ping to that address will always ping yourself and the delay should be very short.
How to use Ping
You can use Ping to perform several useful network diagnostics, such as the following:
- Access - You can use Ping to see if you can reach another computer. If you can't ping a site at all, but you can ping other sites, then it's a pretty good sign that your network is fine and that site is down. On the other hand, if you can't ping any site, then likely your entire network connection is down - try rebooting;
- Time & distance - You can use Ping to determine how long it takes to bounce a packet off of another site, which tells you its distance in network terms. For example, a site hosted on your neighbor's computer next door with a different Internet service provider might go through more routers and be farther away in network distance than a site on the other side of the ocean with a direct connection to the Internet backbone. If a site seems slow, you can compare ping distances to other sites to determine whether it is the site, the network, or your system that is slow. You can also compare ping times to get an idea of which sites have the fastest network access and would be most efficient for downloading, chat, and other applications;
- Domain IP address - You can ping either a domain name or an IP address. If you ping a domain name, it will helpfully display the corresponding IP address in the response.
You can perform a ping on a Windows computer by opening an MSDOS window and then typing "ping" followed by the domain name or IP address of the computer you wish to ping. You can list the available options with the command "ping -?".
If you can't use Ping from your own computer because of a firewall or other restriction, or want to do a ping from another location than your own, you can use one of the following web sites:
These pings are sent from the computer hosting the web site, not from your computer, so the times returned reflect the time for communication from that web site, not from your computer. However, they are useful to determine if an address can be reached from different places around the Internet, and to determine how long it takes to reach one site compared to others from most sites.
If the times returned by several web ping sites to a given site are long, then the site's network is likely having problems. If you can ping a site from a web ping site but not from your own computer, then there is some block in your network preventing you from reaching that site.
Muuss originally developed the ping command for the Unix system, and that version has the range of options summarized below:
|ping -c count
|ping -c 10
|Specify the number of echo requests to send.
|Set the SO_DEBUG option.
|Flood ping. Sends another echo request immediately after receiving a reply to the last one. Only the super-user can use this option.
|Specify the host name (or IP address) of computer to ping
|ping -i wait
|ping -i 2
|Wait time. The number of seconds to wait between each ping
|ping -l preload
|ping -l 4
|Sends "preload" packets one after another.
|Numeric output, without host to symbolic name lookup.
|Ping -p pattern
|ping -p ff00
|Ping Pattern. The example sends two bytes, one filled with ones, and one with zeros.
|Quiet output. Only summary lines at startup and completion
|Direct Ping. Send to a host directly, without using routing tables. Returns an error if the host is not on a directly attached network.
|Record Route. Turns on route recording for the Echo Request packets, and display the route buffer on returned packets (ignored by many routers).
|ping -s PacketSize
|ping -s 10
|Sets the packet size in number of bytes, which will result in a total packet size of PacketSize plus 8 extra bytes for the ICMP header
|Verbose Output. Lists individual ICMP packets, as well as Echo Responses