Ping and Privileged Extended Ping Commands

These commands are available for Cisco, Microsoft, and UNIX platforms.

The ping utility can determine basic connectivity. It is based on the specifications for RFC 1256 and RFC 791. Ping is assigned a low priority. It is not an indicator of performance, and it is not used for other more sophisticated tests. During a ping test, the host sends an ICMP echo packet and receives a reply ICMP message if basic connectivity exists.

NOTE An ICMPv6 is available for the IPv6 protocol (see RFC 1885).

The IOS-based ping can be used in two modes: user mode and ping EXEC mode (or Privileged Ping). The user mode ping command is for users who do not have privileged mode access to the device. The command syntax is as follows:

Router>ping [protocol] [host | address]

The protocol option allows you to define several options such as IP, source-route bridging (SRB), and tag. Only the non-verbose form is available, and if the host address can be resolved by the Domain Name System (DNS) server, the ping command returns !!!!!. If it

cannot be resolved by DNS, the host returns If it fails, it is always a good idea to try to ping by IP address and bypass possible DNS issues. The command returns success rate in percent and RTT in minimum, average, and maximum. For example, if you see a RTT value equal to 50 ms, 500 ms, and 5 seconds, your next questions is: Is this what I should expect, or is this far from the baseline? These questions can be answered by using ping and knowing the topology of the network, the baseline, the expected performance characteristics, and the way that the traffic is carried (local exchange carriers [LECs], inter-exchange carriers [IXCs], local loop, and if it is dial, ISDN, Frame Relay, or any other technology). As an example, for satellite-based VPN connections, 0.7 seconds RTT is what you should expect; however, this RTT is unacceptable for Frame Relay.

The extended ping is much more useful and interesting for troubleshooting. The command provides a variety of options for protocols such as IP, Internetwork Packet Exchange (IPX), AppleTalk, Connectionless Network Service (CLNS), Digital Equipment Corporation net (DECnet), Virtual Integrated Network Service (VINES), and Xerox Network Systems (XNS). The results can be interpreted differently (see Example 4-3).

Example 4-3 Example of Extended Ping to 10.68.10.70

Router#ping Protocol [ip]:

Target IP address: 10.68.10.70 Repeat count [5]: 100 Datagram size [100]: 3000 Timeout in seconds [2]: 3 Extended commands [n]: y Source address or interface: Type of service [0]: Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: 0x0000

Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Type escape sequence to abort.

Sending 100, 3000-byte ICMP Echoes to 10.68.10.70, timeout is 3 seconds: Packet has data pattern 0x0000

The first important consideration is the ability to modify the repeat count (the default is 5), datagram size, and the timeout period (the default is 2). A higher number of ICMP echoes creates traffic for a longer period of time, and combined with the increased size of the packet (3000 bytes), allows you to test Point-to-Point Protocol (PPP), Multilink PPP (MPPP), and Multichassis Multilink PPP (MMP) (see Part II, "Dial," and Part III, "ISDN," for more detail on PPP, MPPP, and MMP) for dialup or ISDN connections, and for thresholds, reliability, txload, and rxload in some interfaces. It is rare to receive a timeout greater than two seconds in wired networks; however, the option is available and can be used accordingly in a wireless environment. One indicator for successfully running compression over a WAN connection is a non-proportional increase in RTT, when you

112 Chapter 4: Troubleshooting Approaches, Models, and Tools increase the packet size following every test. This is based on the fact that the compression ratio is not a linear function of the packet size.

RFC 791 defines different types of reports that can be used to analyze connectivity issues. The reports are Loose, Strict, Record, Timestamp, and Verbose, and are based on the content of the IP packet. The same is true for TOS parameters and for setting the fragmentation bit. The latter plays a significant role in some connectivity issues and MTU issues in VPN solutions. This, combined with the sweep range of sizes, automatically modifies the packet size and determines the minimum MTU in the path.

NOTE More about MTU is discussed in Chapter 21, "Remote Access VPN Troubleshooting."

Regarding data patterns, in some instances, it is not appropriate to use the Cisco standard 0xABCD sequence because some connectivity tests are much more productive based on certain specifics of the technology. In T1 and Primary Rate Interface (PRI) connectivity issues, the ones density requirement requires a certain number of 1s to be available. Their absence is referred to as a loss of signal (LOS) (see Chapter 3, "The Cloud"). Running 0x0000 or 0xffff provides more information than a standard Cisco sample. Another example for the same purpose is 0xAAAA, 0xA5A5, and 0x4040. Because of the specifics of T1 lines, it is recommended that you use the 0x0000 pattern for testing. Long series of 0s are indistinguishable from LOS (see Chapter 3 and Chapter 7, "Dial Troubleshooting"), so if the T1 is functional, a zero-insertion procedure is in effect (see Part IV, "Frame Relay"). 0xFFFF helps to localize repeater power problems, and 0x4040 is recommended for timing problems. It is also recommended to use different patterns when testing the compression ratio in a lab environment because of the deficiencies in the standard 0xABCD pattern.

In general, ping returns the following replies:

• U—Destination unreachable

• N—Network unreachable

• P—Protocol unreachable

ICMP type messages are listed in Table 4-3.

When the ICMP type is 3 (destination unreachable), the ICMP codes identify the failure. The failures are defined in Table 4-4.

Table 4-3 ICMP Type Messages and Descriptions

Table 4-4

Table 4-3 ICMP Type Messages and Descriptions

ICMP Type Message

Description of ICMP Types

0

Echo Reply

3

Destination Unreachable

4

Source Quench

5

Redirect Message

8

Echo Request

11

Time Exceeded

12

Parameter Problem

13

Timestamp Request

14

Timestamp Reply

15

Information Request (No Longer Used)

16

Information Reply (No Longer Used)

17

Address Mask Request

18

Address Mask Reply

ICMP Codes When the ICMP TYPE Is 3—Destination Unreachable

ICMP Codes for the ICMP Message

Type = 3—Destination Unreachable Description

0

Network unreachable

1

Host unreachable

2

Protocol unreachable

3

Port unreachable

4

Fragment needed and Don't Fragment (DF) bit set

5

Source route failed

6

Network unknown

7

Host unknown

8

Source Host isolated

9

Communication with destination network is

administratively prohibited

10

Communication with destination is administratively

prohibited

11

Bad type of service for destination network

12

Bad type of service for destination host

13

Administratively blocked by filter

114 Chapter 4: Troubleshooting Approaches, Models, and Tools

Ping tests the end-to-end connectivity, but if the ping fails, it does not provide you with information on where the possible problem exists. The hop-by-hop information is available in the traceroute command, which in a sense extends ping's functionality.

Was this article helpful?

+1 0

Post a comment