NAME
ping —
send ICMP ECHO_REQUEST packets
to network hosts
SYNOPSIS
ping |
[-aCDdfLnoPQqRrv]
[-c count]
[-E
policy]
[-g
gateway]
[-h host]
[-I
srcaddr]
[-i
interval]
[-l
preload]
[-p
pattern]
[-s
packetsize]
[-T ttl]
[-t tos]
[-w
deadline] host |
DESCRIPTION
ping uses the ICMP protocol's mandatory ECHO_REQUEST datagram
to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams
(``pings'') have an IP and ICMP header, followed by a “struct
timespec” and then an arbitrary number of ``pad'' bytes used to fill out
the packet. The options are as follows:
-
-
- -a
- Emit an audible beep (by sending an ascii BEL character to
the standard error output) after each non-duplicate response is received.
This is disabled for flood pings as it would probably cause temporary
insanity.
-
-
- -C
- Send timestamps in compat format; two 32 bit words in
little endian format, the first one representing seconds, and the second
one representing microseconds.
-
-
- -c
count
- Stop after sending (and waiting the specified delay to
receive) count ECHO_RESPONSE packets.
-
-
- -D
- Set the
Don't Fragment
bit in the
IP header. This can be used to determine the path MTU.
-
-
- -d
- Set the
SO_DEBUG
option on the
socket being used.
-
-
- -E
policy
- Use IPsec policy specification string
policy for packets. For the format of specification
string, please refer
ipsec_set_policy(3).
Please note that this option is same as -P in
KAME/FreeBSD and KAME/BSDI (as -P was already occupied
in NetBSD).
-
-
- -f
- Flood ping. Outputs packets as fast as they come back or
one hundred times per second, whichever is more. For every ECHO_REQUEST
sent a period ``.'' is printed, while for every ECHO_REPLY received a
backspace is printed. This provides a rapid display of how many packets
are being dropped. Only the super-user may use this option.
This can be
very hard on a network and should be used with caution.
-
-
- -g
gateway
- Use Loose Source Routing to send the ECHO_REQUEST packets
via gateway.
-
-
- -h
host
- is an alternate way of specifying the target host instead
of as the last argument.
-
-
- -I
srcaddr
- Set the source IP address to srcaddr
which can be a hostname or an IP number. For multicast datagrams, it also
specifies the outgoing interface.
-
-
- -i
interval
- Wait interval seconds
between sending each packet. The default is to wait for
one second between each packet, except when the -f option is used the wait
interval is 0.01 seconds.
-
-
- -L
- Disable loopback when sending to multicast destinations, so
the transmitting host doesn't see the ICMP requests.
-
-
- -l
preload
- If preload is specified,
ping sends that many packets as fast as possible before
falling into its normal mode of behavior. Only the super-user may use this
option.
-
-
- -n
- Numeric output only. No attempt will be made to look up
symbolic names for host addresses.
-
-
- -o
- Exit successfully after receiving one reply packet.
-
-
- -P
- Use a pseudo-random sequence for the data instead of the
default, fixed sequence of incrementing 8-bit integers. This is useful to
foil compression on PPP and other links.
-
-
- -p
pattern
- You may specify up to 16 ``pad'' bytes to fill out the
packet you send. This is useful for diagnosing data-dependent problems in
a network. For example, “
-p ff
” will
cause the sent packet to be filled with all ones.
-
-
- -Q
- Do not display responses such as Network Unreachable ICMP
messages concerning the ECHO_REQUESTs sent.
-
-
- -q
- Quiet output. Nothing is displayed except the summary lines
at startup time and when finished.
-
-
- -R
- Record Route. Includes the RECORD_ROUTE option in the
ECHO_REQUEST packet and displays the route buffer on returned packets.
This should show the path to the target host and back, which is especially
useful in the case of asymmetric routing. Note that the IP header is only
large enough for nine such addresses, and only seven when using the
-g option. This is why it was necessary to invent
traceroute(8). Many
hosts ignore or discard this option.
-
-
- -r
- Bypass the normal routing tables and send directly to a
host on an attached network. If the host is not on a directly-attached
network, an error is returned. This option can be used to ping a local
host through an interface that has no route through it (e.g., after the
interface was dropped by
routed(8)).
-
-
- -s
packetsize
- Specifies the number of data bytes to be sent. The default
is 56, which translates into 64 ICMP data bytes when combined with the 8
bytes of ICMP header data. The maximum allowed value is 65467 bytes.
-
-
- -T
ttl
- Use the specified time-to-live.
-
-
- -t
tos
- Use the specified hexadecimal type of service.
-
-
- -v
- Verbose output. ICMP packets other than ECHO_RESPONSE that
are received are listed.
-
-
- -w
deadline
- Specifies a timeout, in seconds, before ping exits
regardless of how many packets have been sent or received.
When using
ping for fault isolation, it should first be run on
the local host, to verify that the local network interface is up and running.
Then, hosts and gateways further and further away should be ``pinged''.
Round-trip times and packet loss statistics are computed. If duplicate packets
are received, they are not included in the packet loss calculation, although
the round trip time of these packets is used in calculating the
minimum/average/maximum round-trip time numbers.
When the specified number of packets have been sent (and received) or if the
program is terminated with a
SIGINT
, a brief summary
is displayed. The summary information can be displayed while
ping is running by sending it a
SIGINFO
signal (see the “status” argument
for
stty(1) for more information).
ping continually sends one datagram per second, and prints one
line of output for every ECHO_RESPONSE returned. On a trusted system with IP
Security Options enabled, if the network idiom is not MONO,
ping also prints a second line containing the hexadecimal
representation of the IP security option in the ECHO_RESPONSE. If the
-c count option is given, only that number of requests is
sent. No output is produced if there is no response. Round-trip times and
packet loss statistics are computed. If duplicate packets are received, they
are not included in the packet loss calculation, although the round trip time
of these packets is used in calculating the minimum/average/maximum round-trip
time numbers. When the specified number of packets have been sent (and
received) or if the program is terminated with an interrupt (SIGINT), a brief
summary is displayed. When not using the
-f (flood) option,
the first interrupt, usually generated by control-C or DEL, causes
ping to wait for its outstanding requests to return. It will
wait no longer than the longest round trip time encountered by previous,
successful pings. The second interrupt stops ping immediately.
This program is intended for use in network testing, measurement and management.
Because of the load it can impose on the network, it is unwise to use
ping during normal operations or from automated scripts.
ICMP PACKET DETAILS
An IP header without options is 20 bytes. An ICMP ECHO_REQUEST packet contains
an additional 8 bytes worth of ICMP header followed by an arbitrary amount of
data. When a
packetsize is given, this indicated the
size of this extra piece of data (the default is 56). Thus the amount of data
received inside of an IP packet of type ICMP ECHO_REPLY will always be 8 bytes
more than the requested data space (the ICMP header).
If the data space is at least
sizeof(struct timespec)
(16) large,
ping uses the first
sizeof(struct timespec)
bytes to include a timestamp
to compute round trip times. Otherwise if the data space is at least eight
bytes large (or the
-C flag is specified),
ping uses the first eight bytes of this space to include a
timestamp to compute round trip times. If there are not enough bytes of pad no
round trip times are given.
DUPLICATE AND DAMAGED
PACKETS
ping will report duplicate and damaged packets. Duplicate
packets should never occur, and seem to be caused by inappropriate link-level
retransmissions. Duplicates may occur in many situations and are rarely (if
ever) a good sign, although the presence of low levels of duplicates may not
always be cause for alarm.
Damaged packets are obviously serious cause for alarm and often indicate broken
hardware somewhere in the
ping packet's path (in the network
or in the hosts).
TRYING DIFFERENT DATA
PATTERNS
The (inter)network layer should never treat packets differently depending on the
data contained in the data portion. Unfortunately, data-dependent problems
have been known to sneak into networks and remain undetected for long periods
of time. In many cases the particular pattern that will have problems is
something that doesn't have sufficient ``transitions'', such as all ones or
all zeros, or a pattern right at the edge, such as almost all zeros. It isn't
necessarily enough to specify a data pattern of all zeros (for example) on the
command line because the pattern that is of interest is at the data link
level, and the relationship between what you type and what the controllers
transmit can be complicated.
This means that if you have a data-dependent problem you will probably have to
do a lot of testing to find it. If you are lucky, you may manage to find a
file that either can't be sent across your network or that takes much longer
to transfer than other similar length files. You can then examine this file
for repeated patterns that you can test using the
-p option
of
ping.
TTL DETAILS
The TTL value of an IP packet represents the maximum number of IP routers that
the packet can go through before being thrown away. In current practice you
can expect each router in the Internet to decrement the TTL field by exactly
one.
The TCP/IP specification states that the TTL field for TCP packets should be set
to 60, but many systems use smaller values (
4.3BSD
uses 30,
4.2BSD used 15).
The maximum possible value of this field is 255, and most
UNIX systems set the TTL field of ICMP ECHO_REQUEST
packets to 255. This is why you will find you can ``ping'' some hosts, but not
reach them with
telnet(1) or
ftp(1).
In normal operation ping prints the ttl value from the packet it receives. When
a remote system receives a ping packet, it can do one of three things with the
TTL field in its response:
- Not change it; this is what Berkeley
UNIX systems did before the
4.3BSD-Tahoe release. In this case the TTL value
in the received packet will be 255 minus the number of routers in the
round-trip path.
- Set it to 255; this is what current Berkeley
UNIX systems do. In this case the TTL value in the
received packet will be 255 minus the number of routers in the path
from the remote system to the
pinging host.
- Set it to some other value. Some machines use the same
value for ICMP packets that they use for TCP packets, for example either
30 or 60. Others may use completely wild values.
EXIT STATUS
ping returns 0 on success (the host is alive), and non-zero if
the arguments are incorrect or the host is not responding.
SEE ALSO
netstat(1),
icmp(4),
inet(4),
ip(4),
ifconfig(8),
routed(8),
spray(8),
traceroute(8)
HISTORY
The
ping command appeared in
4.3BSD.
IPsec support was added by WIDE/KAME project.
BUGS
Flood pinging is not recommended in general, and flood pinging a broadcast or
multicast address should only be done under very controlled conditions.
The
ping program has evolved differently under different
operating systems, and in some cases the same flag performs a different
function under different operating systems. The
-t flag
conflicts with
FreeBSD. The
-a,
-c,
-I,
-i,
-l,
-P,
-p,
-s, and
-t flags conflict with
Solaris.
Some hosts and gateways ignore the RECORD_ROUTE option.
The maximum IP header length is too small for options like RECORD_ROUTE to be
completely useful. There's not much that that can be done about this,
however.