In this article, we’re going to be looking at one of the most basic yet probably one of the most important and effective troubleshooting tools ever made. Of course, I’m talking about the ping command.
We’re going to be talking about ping. We’ll look at what the ping command is, how it works, and most importantly, we’ll look at some examples of how to use it effectively.
What is Ping
The ping command is a widely used and supported network troubleshooting utility. It can be found on pretty much any operating system, from Windows, Mac, and Linux to even switches, routers, and firewalls. It’s probably the most universal command that exists. It uses ICMP or the Internet Control Message Protocol to test connectivity between two nodes. The name comes from sonar. Now, sonar works by sending out ultrasonic waves and detecting any echoes that come back, reflected by objects. And ping works in a similar way.
Let’s take these two computers, for example. If I open a command prompt and type the command ping and then host B’s IP address, host A will send a message called an “echo request” to host B. Now, host B could be right next to host A in the local network, or it could be on the other side of the world. It doesn’t really matter. Ping is publicly routable, meaning we can send pings across the internet. Host B receives this request and then responds back with an “echo reply.”
Now, usually, more than one echo request is sent. By default, Windows will send four echo requests at once. This way, if one or two packets get lost, we can still see if the host is responding by sending and receiving a successful ping. You can determine if a system is on the network and, most importantly, if you can reach it.
Okay, great. So now let’s take a look at this in practice. Here is my computer. To access the ping command, we simply need to open a command prompt or PowerShell. So, I’m going to open the Start button and just type cmd to open the command prompt. We just need to type the command ping and then the IP address or the domain of the system we’re trying to reach.
In this example, I want to see if I can reach another host in my local network with the address 192.168.1.2. And when I press Enter, we can see we receive four echo replies back from 192.168.1.2. This tells us we have connectivity to this system. We also see some other bits of information: we can see how many bytes were sent (32), how long each reply took (less than one millisecond), and the last value is TTL, which stands for “time to live.” This value is set by the operating system sending the message and states how many hops or routers this message can pass through before being discarded. This helps prevent a routing loop where the message just goes round and round forever and ever.
So, that’s what happens when everything is working as expected. But there will be times where some or none of the replies come back, and there are a few things that could cause this. You may receive a “Request Timed Out” error. The most obvious cause for this error is that the system you’re trying to reach doesn’t exist, isn’t powered on, or isn’t connected to the network. Another reason why a system might not respond to a ping is due to the firewall. Firewalls can be configured to allow or block traffic based on things like port number, protocol, and IP address. The reason this might be blocked is because ping could be used for reconnaissance by an attacker. So, if you ever find yourself in a position where you just can’t figure out why ping isn’t working, remember to check the firewall.
You may also receive an error saying “Destination Host Unreachable.” This error generally indicates a route to the destination cannot be found, and this could be from the local host or the default gateway. To resolve this, first check your IP settings and default gateway address. If you receive the error “Ping could not find the host,” this means your computer was unable to resolve a hostname to an IP address, indicating a potential DNS server issue.
That’s what happens when you have complete packet loss. Now, where things can get a bit more difficult to troubleshoot is when you only get partial packet loss, meaning some pings get replies but others don’t. This can be caused by any number of things, but generally, it means something is not behaving the way it should. Some examples are broken network cards, broken cables, problems with the switch or the routers, and this could be at any point between your system and the system you’re trying to reach. So, for that reason, complete packet loss is usually easier to troubleshoot.
Using Ping for Troubleshooting:
So now we know what ping is and we’ve seen some of the basic uses, now let’s look at how we can use this fantastic tool to help us troubleshoot some problems.
Here is my computer. As we can see, something is wrong with the internet. I have no access at all. How can we use ping to try and solve this issue? The first thing to do when troubleshooting any problem is to work out what should be happening, and from there, we can narrow down the problem.
For my computer to reach a website, let’s say google.com, first, it needs to find the IP address for google.com. To do this, it first checks the local cache called the hosts file. If the IP address for google.com isn’t found in the hosts file (which it probably won’t be), it then checks with a DNS server. The DNS server would then respond with the IP address. Now that we have the address for google.com, we can send our request to the google servers via the default gateway. Google should then respond back with the Google homepage.
So now we know what should happen, we can start to use ping to try and figure out where the problem is. We’ll do this by pinging every step in the process to narrow down the problem. We can work our way forward or work our way back; it doesn’t really matter. But in this example, let’s work our way back.
So first, let’s open a command line by clicking Start and typing cmd. First, let’s try pinging www.google.com and hit Enter. No, so we can’t reach google.com. It says “Ping request could not find host,” which indicates a potential DNS issue. But we’ll continue each step just to be on the safe side.
Before we can test anything else, we need to check the IP information. We do that by typing ipconfig and we want to do forward slash all and then Enter. This will bring up all the interface settings, but the one we’re interested in is Ethernet 2. So we can see our
IP address (192.168.1.3), the default gateway is 1.254, and the DNS server is 1.2.
Now, let’s try pinging our default gateway. So we’ll type ping 192.168.1.254 and yes, we can see some replies from the default gateway. Now, let’s try our DNS server. Again, ping 192.168.1.2. Enter. Perfect, we can also reach the DNS server. So we seem to be able to reach everything in our own network.
The only other thing to test is to see if our DNS is actually working the way it should, and again, we can test this using the ping command. Instead of pinging a domain, we can ping an IP address that we know is up and working. To test internet connectivity, probably the easiest address is Google’s public DNS server, which is 8.8.8.8. So, to test this, we’ll type ping 8.8.8.8 and hit Enter, and yes, we can see some replies.
Okay, so as we can see, we can ping 8.8.8.8, which means we do, in fact, have internet access. But we still can’t reach google.com. What does that mean? Well, we probably have a bad DNS server. We can confirm our suspicions by changing the DNS server to Google’s public DNS server, which we know is working. So, the way to do that is we can just come down here, right-click on our internet, open network and internet settings, and the option we want is to change the adapter options.
For Ethernet 2, right-click, properties, then Internet Protocol Version 4, again properties, and here is where the DNS server is set. So, we can change this to that Google DNS server, which is 8.8.8.8, click OK, close this, and this, and this, and let’s try pinging google.com again, ping www.google.com, enter, and yes, as we can see, we are now receiving replies from google.com.
To confirm this even further, we can open up Chrome and browse to a website such as subrose.com, hit enter, and yes, we do have internet access. So, this was a pretty straightforward example, but it shows that just by using this simple tool, we were able to pinpoint the exact cause of a problem.
Conclusion:
That’s it for the ping command, a really simple yet powerful tool that’s found pretty much everywhere. If you like this article, don’t forget to share.