How to use Ping command in Linux

Leave a Comment / Linux Networking, Networking / By

Table of Contents

Introduction

Wondering how to use the ping tool to troubleshoot and test the networks ?

This article covers the use case of the ping tool and the options available to use along with the ping command 

Ping command in linux overview

Ping (Packet InterNet Groper) is a tool used to check the reachability between two host IPs. In the following example we tested the reachability of the Host 192.168.94.100 from the ubuntu machine we are using and we were able to see there were some responses , which means that our host was able to successfully send the ICMP echo request packet to the host 192.168.94.100 and the Host 192.168.94.100 was able to send a ICMP echo response to our machine. The basic ping command will send continuous ICMP requests until we do the  “ctrl +c “ to stop it  

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100
PING 192.168.94.100 (192.168.94.100) 56(84) bytes of data.
64 bytes from 192.168.94.100: icmp_seq=1 ttl=64 time=0.864 ms
64 bytes from 192.168.94.100: icmp_seq=2 ttl=64 time=0.490 ms
^C
--- 192.168.94.100 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.490/0.677/0.864/0.187 ms

Analyzing the ICMP packets sent while using the ping tool

Lets capture the ICMP echo request and echo response packets while we do a ping between the same hosts using the tcpdump 

Each  set of ping will have a unique ICMP ID , this ICMP ID will remain the same for the set of pings we send towards the destination host. This ID will be useful to track the replies sent and group them all part of the same set of pings . In the example capture below for the first few packets the ICMP ID is 5 which groups them as the same set of pings sent during the given time 

Each ICMP packet will also have a unique ICMP seq number  along with the ICMP ID . These two combinations uniquely differentiates  an ICMP packet among the other packets sent. We should also note that the ICMP reply for the ICMP echo request sent will also have the same combination of the ICMP ID and the ICMP seq number. This helps to track that this ICMP echo reply is for a particular echo request sent. 

PIng can also detect duplicate replies received if we receive two or more ICMP reply packets for the single ICMP echo request sent . thai was possible using the unique ICMP ID and ICMP sequence number combination 

In the below example capture we have shown two set of PIng packets , each having its own ICMP ID and ICMP sequence number combinations 

#[ this is one set of pings ]

23:52:43.094916 00:0c:29:c0:a8:c1 > 00:0c:29:5f:1c:7d, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 51528, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.94.200 > 192.168.94.100: ICMP echo request, id 5, seq 1, length 64

23:52:43.094991 00:0c:29:5f:1c:7d > 00:0c:29:c0:a8:c1, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 22290, offset 0, flags [none], proto ICMP (1), length 84)
    192.168.94.100 > 192.168.94.200: ICMP echo reply, id 5, seq 1, length 64



23:52:44.094916 00:0c:29:c0:a8:c1 > 00:0c:29:5f:1c:7d, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 51528, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.94.200 > 192.168.94.100: ICMP echo request, id 5, seq 2, length 64

23:52:44.094991 00:0c:29:5f:1c:7d > 00:0c:29:c0:a8:c1, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 22290, offset 0, flags [none], proto ICMP (1), length 84)
    192.168.94.100 > 192.168.94.200: ICMP echo reply, id 5, seq 2, length 64

#[this is another set of ping ]

00:25:48.880079 00:0c:29:c0:a8:c1 > 00:0c:29:5f:1c:7d, ethertype IPv4 (0x0800), length 1042: (tos 0x0, ttl 64, id 9712, offset 0, flags [DF], proto ICMP (1), length 1028)
    192.168.94.200 > 192.168.94.100: ICMP echo request, id 89, seq 1, length 1008

00:25:48.880129 00:0c:29:5f:1c:7d > 00:0c:29:c0:a8:c1, ethertype IPv4 (0x0800), length 1042: (tos 0x0, ttl 64, id 44525, offset 0, flags [none], proto ICMP (1), length 1028)
    192.168.94.100 > 192.168.94.200: ICMP echo reply, id 89, seq 1, length 1008

How to use ping command with different supported options in linux

How to use ping command with help option (-h)

To view details on all the options supported along with the ping command you can use the help option (-h)

root@DiscoveringSystems-ubuntu:/# ping -h

Usage
  ping [options] <destination>

Options:
  <destination>      dns name or ip address
  -a                 use audible ping
  -A                 use adaptive ping
  -B                 sticky source address
.
.
.< output trimmed for brevity  >

How to use ping command with count option (-c)

If we want to send a specific number of pings ( ICMP echo requests towards the destination ) , we can use the count option(-c). In the following example we were sending 5 icmp echo requests and we got 5 icmp echo responses  

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100 -c 5
PING 192.168.94.100 (192.168.94.100) 56(84) bytes of data.
64 bytes from 192.168.94.100: icmp_seq=1 ttl=64 time=0.309 ms
64 bytes from 192.168.94.100: icmp_seq=2 ttl=64 time=0.917 ms
64 bytes from 192.168.94.100: icmp_seq=3 ttl=64 time=0.293 ms
64 bytes from 192.168.94.100: icmp_seq=4 ttl=64 time=0.332 ms
64 bytes from 192.168.94.100: icmp_seq=5 ttl=64 time=0.272 ms

--- 192.168.94.100 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4049ms
rtt min/avg/max/mdev = 0.272/0.424/0.917/0.246 ms

How to use ping command with size option (-s)

By default when we use the ping tool without any options it sends the ICMP packets with payload size of 32 bytes or 64 bytes depending upon the OS we use. Sometimes while testing the network path we may have to size the pings as per our needs to check the path MTU. If the Path MTU is less than the size of the actual data packets we  transfer , it will cause the packets to get fragmented and reduce the overall speed and data transfer rate.  To test this ping tool has size option (-s) to test this before enabling production traffic into the network.

In the following example we sized our ping as 1000 bytes  and we also got echo replies with the same size 

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100 -s 1000
PING 192.168.94.100 (192.168.94.100) 1000(1028) bytes of data. —-> size 
1008 bytes from 192.168.94.100: icmp_seq=1 ttl=64 time=0.303 ms
1008 bytes from 192.168.94.100: icmp_seq=2 ttl=64 time=0.340 ms
^C
--- 192.168.94.100 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1009ms
rtt min/avg/max/mdev = 0.303/0.321/0.340/0.018 ms

Please note that the  option -s is not equivalent to the MTU size of the packet we are sending out, it sets the size of the payload being sent out. For example , when we took a look at the packet capture of the ping executed above , we can see that the total length of the frame is 1042 ( including ethernet header ).  

Let’s do the math on how we end up getting the frame size as 1042 bytes

Ethernet header = 14 bytes 

IP header = 20 bytes 

ICMP header = 8 bytes 

Payload length = 1000 Bytes

00:25:48.880079 00:0c:29:c0:a8:c1 > 00:0c:29:5f:1c:7d, ethertype IPv4 (0x0800), length 1042: (tos 0x0, ttl 64, id 9712, offset 0, flags [DF], proto ICMP (1), length 1028)
    192.168.94.200 > 192.168.94.100: ICMP echo request, id 89, seq 1, length 1008

00:25:48.880129 00:0c:29:5f:1c:7d > 00:0c:29:c0:a8:c1, ethertype IPv4 (0x0800), length 1042: (tos 0x0, ttl 64, id 44525, offset 0, flags [none], proto ICMP (1), length 1028)
    192.168.94.100 > 192.168.94.200: ICMP echo reply, id 89, seq 1, length 1008

How to use ping command with interval option (-i)

By default , in most linux systems , we will be able to see the interval between two successive Ping ICMP echo requests sent will be 1 second.  However the ping command provides an interval option (-i) to change the behavior. 

In the following ping example , I was setting the interval to be 5 seconds . So it sends one ping ICMP echo request every 5 seconds , and for each echo request sent i will receive one echo reply immediately

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100 -i 5
PING 192.168.94.100 (192.168.94.100) 56(84) bytes of data.
64 bytes from 192.168.94.100: icmp_seq=1 ttl=64 time=0.380 ms
.
.
.<after 5 second  >
.
.
64 bytes from 192.168.94.100: icmp_seq=2 ttl=64 time=0.300 ms
^C
--- 192.168.94.100 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 5036ms
rtt min/avg/max/mdev = 0.300/0.340/0.380/0.040 ms

How to use ping command with TTL option (-t)

By default most of the linux systems set the TTL value to be 64 for the ICMP ping packets sent. We can change the ttl value as per the requirement using the ttl option (-t) 

In the following example I was setting the TTL value to be 3 instead of the default value 64. You might be wondering why the ICMP replies still have the TTL value to be 64. This TTL option setting will control only the ICMP ping echo request packets. ICMP Echo reply packet TTL will be decided by the responding host 

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100 -t 3
PING 192.168.94.100 (192.168.94.100) 56(84) bytes of data.
64 bytes from 192.168.94.100: icmp_seq=1 ttl=64 time=0.355 ms
64 bytes from 192.168.94.100: icmp_seq=2 ttl=64 time=0.305 ms
64 bytes from 192.168.94.100: icmp_seq=3 ttl=64 time=0.392 ms
^C
--- 192.168.94.100 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2037ms
rtt min/avg/max/mdev = 0.305/0.350/0.392/0.035 ms

Here is the packet capture made while sending those TTL optioned pings and we can see the change in the TTL value as 3  for the echo request packet , but the echo reply packet TTL  remained the same as 64 

[root@discoveringsystems-centos /]# tcpdump -nevvi ens33
tcpdump: listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes

00:02:32.431888 00:0c:29:c0:a8:c1 > 00:0c:29:5f:1c:7d, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 3, id 1922, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.94.200 > 192.168.94.100: ICMP echo request, id 9, seq 1, length 64

00:02:32.431985 00:0c:29:5f:1c:7d > 00:0c:29:c0:a8:c1, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 24621, offset 0, flags [none], proto ICMP (1), length 84)
    192.168.94.100 > 192.168.94.200: ICMP echo reply, id 9, seq 1, length 64

How to use ping command with timestamp option (-D)

We can print the timestamp in unix time + microseconds  format along with the ping response received when using the timestamp option ( -D) . Following example shows the responses with the timestamp. Please note that we don’t send anything extra  in the ping ICMP echo request packets sent to calculate any time , this timestamp option (-D) prints this timestamp based on the local ICMP reply receive time

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100 -D -c5
PING 192.168.94.100 (192.168.94.100) 56(84) bytes of data.
[1657772593.372432] 64 bytes from 192.168.94.100: icmp_seq=1 ttl=64 time=0.256 ms
[1657772594.378865] 64 bytes from 192.168.94.100: icmp_seq=2 ttl=64 time=0.260 ms
[1657772595.402427] 64 bytes from 192.168.94.100: icmp_seq=3 ttl=64 time=0.291 ms
[1657772596.426858] 64 bytes from 192.168.94.100: icmp_seq=4 ttl=64 time=0.265 ms
[1657772597.450615] 64 bytes from 192.168.94.100: icmp_seq=5 ttl=64 time=0.310 ms

--- 192.168.94.100 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4075ms
rtt min/avg/max/mdev = 0.256/0.276/0.310/0.020 ms

How to use ping command with Interface option (-I ) for sourcing ping from a particular Ip 

With Interface option (-I ) along with the ping command we can either set the interface in which the pings will be tried to be sent out , or the can influence the Source IP of the ping packets sent out. 

In the first example , we were sending the ping packets with the source as 192.168.44.151 and we can see it in the packet capture as well 

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100 -I 192.168.44.151
PING 192.168.94.100 (192.168.94.100) from 192.168.44.151 : 56(84) bytes of data.
^C
--- 192.168.94.100 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6111ms

[root@discoveringsystems-centos /]# tcpdump -nevvi ens33
tcpdump: listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
01:00:52.085510 00:0c:29:c0:a8:c1 > 00:0c:29:5f:1c:7d, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 33175, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.44.151 > 192.168.94.100: ICMP echo request, id 51, seq 4, length 64

How to use ping command with Interface option (-I ) for sourcing ping from a particular Interface 

In this  example , with this Interface option ( -I ) we are trying to force an ICMP packet to be sent out of an interface as per our wish instead of the auto chosen interface based on the Host routing table .  Ip address 192.168.44.1 and its subnet 192.168.44.0/24 is configured on the ens33 interface , However in the example we were forcing the traffic destined to 192.168.44.1  via the ens38 interface , which actually configured with subnet 192.168.94.0/24 

root@DiscoveringSystems-ubuntu:/# ping 192.168.44.1 -I ens38
PING 192.168.44.1 (192.168.44.1) from 192.168.94.200 ens38: 56(84) bytes of data.
From 192.168.94.200 icmp_seq=1 Destination Host Unreachable
From 192.168.94.200 icmp_seq=2 Destination Host Unreachable
From 192.168.94.200 icmp_seq=3 Destination Host Unreachable
From 192.168.94.200 icmp_seq=4 Destination Host Unreachable
From 192.168.94.200 icmp_seq=5 Destination Host Unreachable
From 192.168.94.200 icmp_seq=6 Destination Host Unreachable
^C
--- 192.168.44.1 ping statistics ---
7 packets transmitted, 0 received, +6 errors, 100% packet loss, time 6105ms


root@DiscoveringSystems-ubuntu:/# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.168.44.2    0.0.0.0         UG        0 0          0 ens33
192.168.44.0    0.0.0.0         255.255.255.0   U         0 0          0 ens33
192.168.44.2    0.0.0.0         255.255.255.255 UH        0 0          0 ens33
192.168.94.0    0.0.0.0         255.255.255.0   U         0 0          0 ens38

How to use ping command with mark option (-p)

We can send the ICMP pings by marking a specific set of characters in the payload carried using the mark option (-p). The following examples shows how to mark the packets and viewing the change in the packet through the packet capture which captures showing its headers and payload in hex and ASCII

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100 -p aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
PATTERN: 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
PING 192.168.94.100 (192.168.94.100) 56(84) bytes of data.
64 bytes from 192.168.94.100: icmp_seq=1 ttl=64 time=1.27 ms
64 bytes from 192.168.94.100: icmp_seq=2 ttl=64 time=0.285 ms
64 bytes from 192.168.94.100: icmp_seq=3 ttl=64 time=0.311 ms
64 bytes from 192.168.94.100: icmp_seq=4 ttl=64 time=0.314 ms


[root@discoveringsystems-centos /]# tcpdump -nevvXi ens33


01:14:08.305579 00:0c:29:5f:1c:7d > 00:0c:29:c0:a8:c1, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 34163, offset 0, flags [none], proto ICMP (1), length 84)
    192.168.94.100 > 192.168.94.200: ICMP echo reply, id 60, seq 22, length 64
        0x0000:  4500 0054 8573 0000 4001 b6b8 c0a8 5e64  E..T.s..@.....^d
        0x0010:  c0a8 5ec8 0000 cabc 003c 0016 20a6 cf62  ..^......<.....b
        0x0020:  0000 0000 ec92 0300 0000 0000 aaaa aaaa  ................
        0x0030:  aaaa aaaa aaaa aaaa aaaa aaaa aaaa aaaa  ................
        0x0040:  aaaa aaaa aaaa aaaa aaaa aaaa aaaa aaaa  ................
        0x0050:  aaaa aaaa                                ....

How to use ping command with allow broadcast option (-b)

In order to  send an ICMP echo request for the broadcast IP address we will be needing to use the allow broadcast pings option (-b). Please note that  some systems are configured by default not to respond to the broadcast pings, so we might not get responses for the broadcast pings sent out 

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.255 -b
WARNING: pinging broadcast address
PING 192.168.94.255 (192.168.94.255) 56(84) bytes of data.
^C
--- 192.168.94.255 ping statistics ---
81 packets transmitted, 0 received, 100% packet loss, time 81708ms

We also captured the packets to see the changes in the packets sent and was able to find that the destination mac is set to broadcast mac and the destination IP is the broadcast Ip as per the subnet we are using. In our case the subnet in use is 192,168.94.0/24 so the broadcast address is 192.168.94.255

[root@discoveringsystems-centos /]# tcpdump -nevvi ens33
tcpdump: listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
01:22:02.017219 00:0c:29:c0:a8:c1 > Broadcast, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.94.200 > 192.168.94.255: ICMP echo request, id 62, seq 11, length 64
01:22:03.043643 00:0c:29:c0:a8:c1 > Broadcast, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.94.200 > 192.168.94.255: ICMP echo request, id 62, seq 12, length 64

How to use ping command with quiet option (-q)

Quiet option (-q) is used if we would like to ping without printing all the responses received, but print the statistics at last. 

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100 -q
PING 192.168.94.100 (192.168.94.100) 56(84) bytes of data.
^C
--- 192.168.94.100 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3050ms
rtt min/avg/max/mdev = 0.287/0.347/0.385/0.037 ms

How to use ping command with Qos option (-Q)

With the Qos option (-Q) we can set the TOS fields in the IP header of the ping packets. In the following example we can see that the TOS value is set to 7 in the IP header for the ping ICMP echo request packets and since ICMP echo reply mostly will reflect the settings from the echo request we see the ICMP reply also has the same QOS settings 

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100 -Q 7 -c 1
PING 192.168.94.100 (192.168.94.100) 56(84) bytes of data.
64 bytes from 192.168.94.100: icmp_seq=1 ttl=64 time=0.338 ms

--- 192.168.94.100 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.338/0.338/0.338/0.000 ms


02:53:31.099645 00:0c:29:c0:a8:c1 > 00:0c:29:5f:1c:7d, ethertype IPv4 (0x0800), length 98: (tos 0x7,CE, ttl 64, id 64919, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.94.200 > 192.168.94.100: ICMP echo request, id 110, seq 1, length 64

02:53:31.099740 00:0c:29:5f:1c:7d > 00:0c:29:c0:a8:c1, ethertype IPv4 (0x0800), length 98: (tos 0x7,CE, ttl 64, id 57903, offset 0, flags [none], proto ICMP (1), length 84)
    192.168.94.100 > 192.168.94.200: ICMP echo reply, id 110, seq 1, length 64

 Lets compare the same with a normal ping and we will see the difference in the TOS value in the Ip header. Here the TOS value in the Ip header is default tos 0x0 

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100  -c 1
PING 192.168.94.100 (192.168.94.100) 56(84) bytes of data.
64 bytes from 192.168.94.100: icmp_seq=1 ttl=64 time=0.442 ms

--- 192.168.94.100 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.442/0.442/0.442/0.000 ms


02:56:54.325864 00:0c:29:c0:a8:c1 > 00:0c:29:5f:1c:7d, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 23807, offset 0, flags [DF], proto ICMP (1), length 84)
    192.168.94.200 > 192.168.94.100: ICMP echo request, id 111, seq 1, length 64

02:56:54.325946 00:0c:29:5f:1c:7d > 00:0c:29:c0:a8:c1, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 37624, offset 0, flags [none], proto ICMP (1), length 84)
    192.168.94.100 > 192.168.94.200: ICMP echo reply, id 111, seq 1, length 64

How to use ping command with Path MTU discovery options ( -M )

Path MTU discovery option has few combination settings which we can enable along with the Ping command to discover the path MTU 

How to use “-M do “ type option with ping command

In the below example “ -M do “  option will set DF bit ( Don’t Fragment ) on the Ip header for the ICMP echo request packets . DF bit tells the intermediate devices routing this packet not to fragment the packet if the egress interface MTU is less than the size of the packet. In that case  the intermediate devices like switches won’t be able to fragment it , but will drop the packet and send an ICMP error message to the sender about the MTU issue with the size it supports. With that we should be able detect the MTU size in the path. By repeating this steps couple of times we should be able identity the Path MTU 

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100 -s 1000 -c1 -M do
PING 192.168.94.100 (192.168.94.100) 1000(1028) bytes of data.
1008 bytes from 192.168.94.100: icmp_seq=1 ttl=64 time=0.362 ms

--- 192.168.94.100 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.362/0.362/0.362/0.000 ms

02:22:46.046768 00:0c:29:c0:a8:c1 > 00:0c:29:5f:1c:7d, ethertype IPv4 (0x0800), length 1042: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 1028)
    192.168.94.200 > 192.168.94.100: ICMP echo request, id 91, seq 1, length 1008
02:22:46.046872 00:0c:29:5f:1c:7d > 00:0c:29:c0:a8:c1, ethertype IPv4 (0x0800), length 1042: (tos 0x0, ttl 64, id 34953, offset 0, flags [none], proto ICMP (1), length 1028)
    192.168.94.100 > 192.168.94.200: ICMP echo reply, id 91, seq 1, length 1008

In this example we received an ICMP error from the intermediate device 10.1.1.20 on the MTU it supports ( 1000 Bytes ) after dropping the packet we sent which is of size 1472 with the DF bit set. 

root@DiscoveringSystems-ubuntu:/# ping 192.168.95.100 -s 1472 -c1 -M do
PING 192.168.95.100 (192.168.95.100) 1472(1501) bytes of data.
From 10.1.1.20 icmp_seq=1 Frag needed and DF set (mtu = 1000)

--- 192.168.94.100 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

In another example , I sent an ICMP echo request packet of MTU size 1501 with DF bit set  , but the local interface MTU itself is 1500 bytes ( by default setting ) . So technically It will not be able to send out the packet , so I see the following error

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100 -s 1473 -c1 -M do
PING 192.168.94.100 (192.168.94.100) 1473(1501) bytes of data.
ping: local error: message too long, mtu=1500

--- 192.168.94.100 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
How to use “-M dont “ type  option with Ping command

In this example we are not adding the DF-bit to the ICMP echo request packets sent out , Here when the Intermediate devices like switches after receiving this packet should be able to fragment the packet while routing  if the egress interface MTU is less than the size of the ICMP packet. The packet capture is used to check that there is no DF bit set in the packets 

root@DiscoveringSystems-ubuntu:/# ping 192.168.94.100 -s 1000 -c1 -M dont
PING 192.168.94.100 (192.168.94.100) 1000(1028) bytes of data.
1008 bytes from 192.168.94.100: icmp_seq=1 ttl=64 time=0.355 ms

--- 192.168.94.100 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.355/0.355/0.355/0.000 ms

02:22:53.074538 00:0c:29:c0:a8:c1 > 00:0c:29:5f:1c:7d, ethertype IPv4 (0x0800), length 1042: (tos 0x0, ttl 64, id 25710, offset 0, flags [none], proto ICMP (1), length 1028)
    192.168.94.200 > 192.168.94.100: ICMP echo request, id 92, seq 1, length 1008
02:22:53.074609 00:0c:29:5f:1c:7d > 00:0c:29:c0:a8:c1, ethertype IPv4 (0x0800), length 1042: (tos 0x0, ttl 64, id 36383, offset 0, flags [none], proto ICMP (1), length 1028)
    192.168.94.100 > 192.168.94.200: ICMP echo reply, id 92, seq 1, length 1008

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Subscribe
Subscribe