Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r count] [-s count] [[-j host-list] | [-k host-list]] [-w timeout] dest

ping function

Ping is a special term for submarine personnel, representing the sonar pulse of response. Ping is a very useful TCP/IP tool in the network. Its main function is to detect network connectivity and analyze network speed.

Ping has a good and a bad side. Let’s talk about the kind side first. As mentioned above, the purpose of Ping is to detect the network together with the situation and analyze the network speed, but what does it display the connection? This first requires understanding some parameters and return information of Ping.

The following are some parameters of PING:

ping [-t] [-a] [-n count] [-l length] [-f] [-i ttl] [-v tos] [-r count] [-s count] [-j computer-list] | [-k computer-list] [-w timeout] destination-list

-t Ping The specified computer is until interrupted.

-a Resolve the address to the computer name.

-n count Send count The specified number of ECHO packets. The default value is 4.

-l length Sends an ECHO packet containing the amount of data specified by length. The default is 32 bytes; the maximum value is 65,527.

-f Send the "Don't segment" flag in the packet. The packet will not be segmented by the gateway on the route.

-i ttl Set the "Survival Time" field to the value specified by ttl.

-v tos Set the "Service Type" field to the value specified by tos.

-r count Records the routes for outgoing and returning packets in the "Record Routing" field. count can specify a minimum of 1 computer and a maximum of 9 computers.

-s count Specifies the timestamp of the number of hops specified by count.

-j computer-list Use the computer-list to route packets using the computer-list specified. The maximum number of IPs that can be separated by an intermediate gateway (routed sparse source) is 9.

-k computer-list Use the computer-list to route packets using the computer-list specified by computer-list. Continuous computers cannot be separated by intermediate gateways (routed strictly source) The maximum number of IPs allowed is 9.

-w timeout Specifies the timeout interval in milliseconds.

destination-list Specifies the remote computer to ping. The return information of

Ping includes "Request Timed Out", "Destination Net Unreachable", "Bad IP address", and "Source quench received".

"Request Timed Out" This message indicates that the other party's host can reach TIME OUT, which is usually caused by the other party's refusal to receive the packet you sent it, causing the packet to be lost. Most of the reasons may be that the other party has a firewall or has been offline.

"Destination Net Unreachable" This message indicates that the other party's host does not exist or has not established a connection with the other party. Here we want to explain the difference between "destination host unreachable" and "time out". If the router passing through has a route to the target in the routing table, and the target cannot reach other reasons, "time out" will appear. If there is no route to the target in the routing table, "destination host unreachable" will appear.

"Bad IP address" This information means that you may not be connected to the DNS server so you cannot resolve the IP address, or the IP address does not exist.

"Source quench received" information is quite special, and it has very little chance of occurrence. It means that the other party or the server in the middle is busy and unable to respond.

How to use Ping command to test network connectivity?

connectivity problems are caused by many reasons, such as local configuration errors, remote host protocol failure, etc., and of course, failures caused by devices, etc.

First, let’s talk about the steps to use the Ping command.

There are five steps to use Ping to check connectivity:

1. Use ipconfig /all to observe whether the local network settings are correct;

2. Ping 127.0.0.1, 127.0.0.0.1 Loopback Address Ping loopback address is to check whether the local TCP/IP protocol is set well;

3. Ping the local IP address, this is to check whether the IP address of the machine is set incorrectly;

4. Ping the gateway or the IP address of this network, this is to check whether the hardware device has problems, and you can also check whether the connection between the machine and the local network is normal; (This step can be ignored in non-local networks)

5. Ping the remote IP address, this is mainly to check whether the connection between this network or the machine and the external one is normal.

may experience some errors during the process of checking network connectivity, and these errors are generally divided into two most common ones.

1. Request Timed Out

"request time out" This prompts that in addition to the other party mentioned in "PING (I)" that may have a firewall or have been shut down, the IP of the machine is incorrect and the gateway settings are incorrect.

①, IP incorrect:

IP incorrect is mainly due to an incorrect IP address setting or an IP address conflict. This can be checked using the ipconfig /all command. IP conflicts rarely occur under WIN2000, because the system will automatically detect whether there is the same IP address in the network and remind you whether the settings are correct. In NT, not only will the prompt "request time out" appear, but the prompt message will also appear "Hardware error" appear. This message is quite special. Don't be confused by the prompts you give it.

②. Gateway setting error: This error may appear in the fourth step. The gateway setting error is mainly because the gateway address is set incorrectly or the gateway does not forward data for you, and the remote gateway may fail. This is mainly an error when you ping the external network address. The error manifests as the external host cannot ping the message "Request timeout".

2. Destination Host Unreachable

When you start PING network computer, if the network device errors, it will prompt "destination host unreachable". If DHCP is used to allocate IP in the LAN and DHCP happens to fail, this error will be generated by using the PING command. Because the client cannot allocate to the IP system when DHCP fails, only the set IP is set, it is often set to the IP of different subnets. So "Destination Host Unreachable" will appear. In addition, this error will also occur if the subnet mask is set incorrectly.

has another special feature, which is that the route returns an error message. It usually adds an IP address before "Destination Host Unreachable" to indicate which route cannot reach the target host. This means that your machine has no problem connecting to the external network, but there is a problem connecting to a certain host.

Let’s give an example.

The network I manage has 19 machines, a 100M hub is connected to the server, and the IP address is dynamically allocated using DHCP.

Once a colleague hurriedly told me "My OUTLOOK cannot be turned on". I went to his machine to check. First, I checked the local network settings. I used ipconfig /all to see the IP allocation situation. Then I started to PING one of the machines in the network. The first PING result was normal, but OUTLOOK still couldn't use other network software and Copy network files to use, but the network speed was very slow. I used a parameter -t (-t can PING the other party without interruption. At that time, I thought PING might not be able to find the problem at one time) and found that there were time=30ms and request time out. It was even more interesting to PING from the server. Request time out has more data than normal. In the local area, it was too abnormal. At first I thought it was a problem with the network card, but the fault still remained after changing the network card. Re-working the network cable still couldn’t solve the problem. This fault is really interesting! In the end, I couldn't help plugging it into the other end of the hub port to switch to another port, ha! The fault was resolved. It turned out that the hub port was broken.

How to use the Ping command to determine the speed of a link? In addition to checking network connection and detecting faults, the

Ping command has another interesting purpose, which is to use some of its return data to estimate the speed between you and a certain host.

will first look at what return data it has.

Pinging 202.105.136.105 with 32 bytes of data:

Reply from 202.105.136.105: bytes=32 time=590ms TTL=114

Reply from 202.105.136.105: bytes=32 time=590ms TTL=114

Reply from 202.105.136.105: bytes=32 time=590ms TTL=114

Reply from 202.105.136.105: bytes=32 time=601ms TTL=114

Ping statistics for 202.105.136.105:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in million-seconds:

Minimum = 590ms, Maximum = 601ms, Average = 593ms

In the example "bytes=32" means that there are 32 bytes of test data in the ICMP message (this is the key data for estimating the speed), and "time=590ms" is the round trip time. How to estimate the speed of the link? Let's give an example. We set A and B as PPP link.

From the PING example above, you can notice that by default, the ICMP message sent has 32 bytes. In addition to these 32 bytes, plus 20 bytes of IP header and 8 bytes of ICMP header, the total length of the entire IP data packet is 60 bytes (because IP and ICMP are the main protocols for the Ping command, they must be added to the entire data packet). In addition, another protocol is used for transmission when using the Ping command, that is, the PPP protocol (point-to-point protocol), so 8 bytes are added at the beginning and end of the data. During the transmission process, since each byte contains 8 bit data, 1 bit start bit and 1 bit end bit, the transmission rate is 2.98ms per byte. From this we can estimate that it will take 405ms. That is, 68*2.98*2 (multiplying 2 is because we also have to calculate its round trip time).

Let's test the link of 33600 b/s:

Pinging 202.105.36.125 with 32 bytes of data:

Reply from 202.105.36.125: bytes=32 time=415ms TTL=114

Reply from 202.105.36.125: bytes=32 time=415ms TTL=114

Reply from 202.105.36.125: bytes=32 time=415ms TTL=114

Reply from 202.105.36.125: bytes=32 time=415ms TTL=114

Reply from 202.105.36.125: bytes=32 time=415ms TTL=114

Reply from 202.105.36.125: bytes=32 time=415ms TTL=114

Reply from 202.105.36.125: bytes=32 time=415ms TTL=114

Reply from 202.105.36.125: bytes=32 time=415ms TTL=114

Reply from 202.105.36.125: bytes=32 time=415ms TTL=114

Reply from 202.105.36.125: bytes=32 time=415ms TTL=114

Reply from 202.10 202.105.36.125: bytes=32 time=421ms TTL=114

Ping statistics for 202.105.36.125:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in million-seconds:

Minimum = 415ms, Maximum = 421ms, Average = 417ms

Here you may need to notice that there is an error between this estimated value and the actual value. Why? Because we are estimating a theoretical value now, there are some things we have not considered. For example, other interferences in the network, these interferences are mainly different from computers. Because it is impossible for all computers to stop using the network to test you when you are testing, this is not practical. Another is transmission equipment, because some devices such as MODEM will compress the data and then send it during transmission, which greatly reduces the transmission time. We cannot avoid the errors generated by these things, but our values ​​are about 5% and we can accept them (exceptions using MODEM transmission), but the error generation can be reduced. For example, turn off the compression function of MODEM and test it when the network is not that busy. Sometimes errors need not be eliminated. Because we need these errors to be compared and analyzed with the obtained theoretical values, so as to find out the defects of the network and optimize them. At this time, all data, including errors, in the test network, will become the basis for our optimization.

Also note that this algorithm is not applicable to LANs, because the speed is very fast and almost less than 1ms, and the minimum time resolution of Ping is 1ms, so the Ping command cannot be used to detect the speed. If you want to test the speed, you need to use special instruments to detect it.

In general, the Ping command is a very useful and convenient tool in fault checking. You should not ignore its existence.

I believe everyone is familiar with the ping command, but there are not many people who can maximize the ping function. Of course, I am not saying that I can make the ping function play the greatest role. I just use the ping tool often and summarize some small experiences. I will share it with you now.

Now I will refer to the auxiliary instructions of the ping instruction to tell you the skills I will use when using ping. ping can only be used after installing the TCP/IP communication protocol:

ping [-t] [-a] [-n count] [-l length] [-f] [-i ttl] [-v tos] [-r count] [-s count] [[-j computer-list] | [-k computer-list]] [-w timeout] destination-list

Options:

-t Ping the specified host until stopped.To see statistics and continue - type Control-Break;To stop - type Control-C.

keeps pinging the local host until you press Control-C.

What are the special tricks for this function, but it can be used with other parameters, which will be mentioned below.

-a Resolve addresses to hostnames.

parses computer NetBios names.

example: C:＼ping -a 192.168.1.21

Pinging iceblood.yofor.com [192.168.1.21] with 32 bytes of data:

Reply from 192.168.1.21: bytes=32 time10ms TTL=254

Reply from 192.168.1.21: bytes=32 time10ms TTL=254

Reply from 192.168.1.21: bytes=32 time10ms TTL=254

Reply from 192.168.1.21: bytes=32 time10ms TTL=254

Reply from 192.168.1.21: bytes=32 time10ms TTL=254

Ping statistics for 192.168.1.21:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Approximate round trip times in million-secods:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

From the above, we can know that the computer with an IP of 192.168.1.21 is called iceblood.yofor.com.

-n count Number of echo requests to send.

sends the count specified number of Echo packets.

By default, only four data packets are sent. Through this command, you can define the number of sending by yourself, which is very helpful in measuring network speed. For example, I want to test the average time to return to send 50 data packets, the fastest time, and the slowest time can be obtained by following:

C:＼ping -n 50 202.103.96.68

Pinging 202.103.96.68 with 32 bytes of data:

Reply from 202.103.96.68: bytes=32 time=50ms TTL=241

Reply from 202.103.96.68: bytes=32 time=50ms TTL=241

Reply from 202.103.96.68: bytes=32 time=50ms TTL=241

Request timed out.

………………

Reply from 202.103.96.68: bytes=32 time=50ms TTL=241

Reply from 202.103.96.68: bytes=32 time=50ms TTL=241

Ping statistics for 202.103.96.68:

Packets: Sent = 50, Received = 48, Lost = 2 (4% loss),Approximate round trip times in million-seconds:

Minimum = 40ms, Maximum = 51ms, Average = 46ms

From the above, I can know that in the process of sending 50 packets to 202.103.96.68, 48 were returned, two of which were lost due to unknown reasons. The fastest return speed of these 48 packets was 40ms, the slowest was 51ms, and the average speed was 46ms.

-l size Send buffer size.

defines the echo packet size.

. Under the default situation? The packet size sent by Windows ping is 32byt. We can also define its size by ourselves, but there is a size limit, that is, the maximum can only be sent 65500byt. Some people may ask why it is limited to 65500byt, because Windows series systems have a security vulnerability (maybe other systems) that is, when the packet sent to the other party at one time is greater than or equal to 65532, the other party is likely to crash, so in order to solve this security vulnerability, Microsoft restricts the packet size of the ping.Although Microsoft has made this restriction, this parameter is still very harmful after being combined with other parameters. For example, we can implement an aggressive instruction by combining with the -t parameter: (The following introduction is dangerous and only used for testing. Please do not apply it to other computers easily. Is it at your own risk)

C:＼ping -l 65500 -t 192.168.1.21

Pinging 192.168.1.21 with 65500 bytes of data:

Reply from 192.168.1.21: bytes=65500 time10ms TTL=254

Reply from 192.168.1.21: bytes=65500 time10ms TTL=254

Reply from 192.168.1.21: bytes=65500 time10ms TTL=254 ……………

so that it will constantly send packets of 65500byt to the 192.168.1.21 computer. If you only have one computer, maybe? What's the effect, but if there are many computers, it can completely paralyze the other party. I have done such an experiment. When I ping a computer with more than 10 computers at the same time, the other party's network was completely paralyzed in less than 5 minutes, and the network was severely blocked, and the HTTP and FTP services were completely stopped. This shows that the power is extraordinary.

-f Set Don't Fragment flag in packet.

Send "Don't segment" flag in packet.

Generally, the data packets you send will be sent to the other party in segments through the route. After adding this parameter, the route will not be processed in segments.

-i TTL Time To Live.

specifies the time when TTL value stays in the other party's system.

This parameter also helps you check the network operation.

v TOS Type Of Service.

Sets the "Service Type" field to the value specified by tos.

-r count Record route for count hops.

records the routes that are sent out and returned to packets in the "Record Routing" field.

In general, the data packets you send arrive at the other party through routes one by one, but what routes did they go through? Through this parameter, you can set the number of routes you want to detect, but it is limited to 9, which means you can only track 9 routes. If you want to detect more, you can achieve it through other commands. I will explain it to you in a future article. The following is an example of the business:

C:＼ping -n 1 -r 9 202.96.105.101 (send a data packet, record up to 9 routes)

Pinging 202.96.105.101 with 32 bytes of data:

Reply from 202.96.105.101: bytes=32 time=10ms TTL=249

Route: 202.107.208.187 -

202.107.210.214 -

61.153.112.70 -

61.153.112.89 -

202.96.105.149 -

202.96.105.97 -

202.96.105.101 -

202.96.105.150 -

61.153.112.90

Ping statistics for 202.96.105.101:

Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),

round trip times in million-seconds:

Minimum = 10ms, Maximum = 10ms, Average = 10ms

From the above, I can know that from my computer to 202.96.105.101, a total of 202.107.208.187, 202.107.210.214, 61.153.112.70, 61.153.112.89, 202.96.105.149, 202.96.105.97 were passed.

-s count Timestamp for count hops.

specifies the timestamp of the number of points specified by count.

This parameter is similar to -r, but this parameter does not record the routes passed by the packet, and only 4 are recorded at most.

-j host-list Loose source route along host-list.

uses the computer list specified by computer-list to route packets. The maximum amount allowed by the IP of continuous computers can be separated by an intermediate network (routed sparse source).

-k host-list Strict source route along host-list.

uses the computer list specified by computer-list to route packets. The maximum number of IPs that cannot be separated by intermediate networks (routing grid sources) is 9.

-w timeout Timeout in million seconds to wait for each reply.

specifies the timeout interval in milliseconds.

This parameter? What other tips are there?Other tips for

ping instruction: In general, you can also ping the other party and let the other party return the TTL value to you by ping the other party. You can roughly determine whether the system type of the target host is the Windows series or UNIX/Linux series. Generally, the Windows series system returns the TTL value between 100-130, while the TTL value returned by the UNIX/Linux series system is between 240-255. Of course, the TTL value can be modified in the other party's host. The Windows series system can be implemented by modifying the following key values:

[HKEY_LOCAL_MACHINE＼SYSTEM＼CurrentControlSet＼Services＼Tcpip＼Parameters]

"DefaultTTL"=dword:000000ff

255---FF

128---80

64----40

32----20

OK, the ping command has basically been fully explained, and there are also the -j and -k parameters I have not explained in detail yet.

C:\ping /?

Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] destination-list

Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

To stop - type Control-C.

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don't Fragment flag in packet.

-i TTL Time To Live.

-v TOS Type Of Service.

-r count Record route for count hops.

-s count Timestamp for count hops.

-j host-list Loose source route along host-list.

-k host-list Strict source route along host-list.

-w timeout Timeout in million seconds to wait for each reply

Supplement:

traceroute Use it to detect the network to know which network link is a problem, which is conducive to network personnel to check and repair. Specific usage: Use man to take a look.