The ping command

Many people use the ping command to test connectivity on a TCP/IP network, without knowing all that it can tell them. This tip, excerpted from TCP/IP Network Administration, Help for UNIX System Administrators, tells all about ping, how you use it, what you can learn from it, and how to interpret the info it gives you.

The basic format of the ping command on a Solaris system is:*

Ping host [packetsize] [count]

host

The hostname or IP address of the remote host being tested. Use the hostname or address provided by the user in a trouble report.

packetsize

Defines the size in bytes of the test packets. This field is required only if the count field is going to be used. Use the default packetsize of 56 bytes.

Count

The number of packets to be sent in the test. Use the count field, and set the value low. Otherwise, the ping command may continue to send test packets until you interrupt it, usually by pressing CTRL-C (^C). Sending excessive numbers of test packets is not a good use of network bandwidth and system resources. Usually five packets are sufficient for a test.

% ping -s ns.uu.net 56 5
PING ns.uu.net: 56 data bytes
64 bytes from ns.uu.net (137.39.1.3): icmp_seq=0. time=32.0 ms
64 bytes from ns.uu.net (137.39.1.3): icmp_seq=1. time=15.3 ms
64 bytes from ns.uu.net (137.39.1.3): icmp_seq=2. time=13.1 ms
64 bytes from ns.uu.net (137.39.1.3): icmp_seq=3. time=32.4 ms
64 bytes from ns.uu.net (137.39.1.3): icmp_seq=4. time=28.1 ms

----ns.uu.net PING Statisticss----
5 packets transmitted, 5 packets received, 0% packet loss
round-trip (ms) min/avg/max = 13.1/24.3/32.8

This test shows an extremely good wide area network link to ns.uu.net with no packet loss and fast response. The round-trip between [the workstation] and ns.uu.net took an average of only 24.3 milliseconds. A small packet loss, and a round-trip time an order of magnitude higher, would not be abnormal for a connection made across a wide-area network. The statistics displayed by the ping command can indicate a low-level network problem. The key statistics are:

• The sequence in which the packets are arriving, as shown by the ICMP sequence number (icmp_seq) displayed for each packet.
• How long it takes a packet to make the round trip, displayed in milliseconds after the string time=.
• The percentage of packets lost, displayed in a summary line at the end of the ping output.

On a local network cable segment, the round-trip time should be near 0, there should be little or no packet loss, and the packets should arrive in order. If these things are not true, there is a problem with the network hardware. On an Ethernet the problem could be improper cable termination, a bad cable segment, or a bad piece of "active" hardware, such as a hub, switch or transceiver. Check the cable with a cable tester. Good hubs and switches often have built-in diagnostic software that can be checked. Cheap hubs and transceivers may require the "brute force" method of disconnecting individual pieces of hardware until the problem goes away.

The results of a simple ping test, even if the ping is successful, can help you direct further testing toward the most likely causes of the problem. But other diagnostic tools are needed to examine the problem more closely and find the underlying cause.

*Check your system's documentation. ping varies slightly from system to system. On Linux, the format shown above would be: ping [-c count] [-s packetsize] host

To learn more about TCP/IP Network Administration, Help for UNIX System Administrators, or to buy this book, click here.

Did you like this tip? If you did (or if you didn't) then send us an email and let us know. Or visit our tips page where you can rate this, and other tips.