PING(8) | iputils | PING(8) |
NAME
ping - send ICMP ECHO_REQUEST to network hosts
SYNOPSIS
ping [-aAbBdCDfhHLnOqrRUvV346] [-c count] [-e identifier] [-F flowlabel] [-i interval] [-I interface] [-l preload] [-m mark] [-M pmtudisc_option] [-N nodeinfo_option] [-w deadline] [-W timeout] [-p pattern] [-Q tos] [-s packetsize] [-S sndbuf] [-t ttl] [-T timestamp option] [hop...] {destination}
DESCRIPTION
ping uses the ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (“pings”) have an IP and ICMP header, followed by a struct timeval and then an arbitrary number of “pad” bytes used to fill out the packet.
ping works with both IPv4 and IPv6. Using only one of them explicitly can be enforced by specifying -4 or -6.
ping can also send IPv6 Node Information Queries (RFC4620). Intermediate hops may not be allowed, because IPv6 source routing was deprecated (RFC5095).
OPTIONS
-3
-4
-6
-a
-A
-b
-B
-c count
-C
-d
-D
-e identifier
-f
-F flow label
-h
-H
-i interval
-I interface
-l preload
-L
-m mark
-M pmtudisc_opt
-N nodeinfo_option
help
name
ipv6
ipv6-global
ipv6-sitelocal
ipv6-linklocal
ipv6-all
ipv4
ipv4-all
subject-ipv6=ipv6addr
subject-ipv4=ipv4addr
subject-name=nodename
subject-fqdn=nodename
-n
-O
-p pattern
-q
-Q tos
In RFC2474, these fields are interpreted as 8-bit Differentiated Services (DS), consisting of: bits 0-1 (2 lowest bits) of separate data, and bits 2-7 (highest 6 bits) of Differentiated Services Codepoint (DSCP). In RFC2481 and RFC3168, bits 0-1 are used for ECN.
Historically (RFC1349, obsoleted by RFC2474), these were interpreted as: bit 0 (lowest bit) for reserved (currently being redefined as congestion control), 1-4 for Type of Service and bits 5-7 (highest bits) for Precedence.
-r
-R
-s packetsize
-S sndbuf
-t ttl
-T timestamp option
-U
-v
-V
-w deadline
-W timeout
When using ping for fault isolation, it should first be run on the local host, to verify that the local network interface is up and running. Then, hosts and gateways further and further away should be “pinged”. Round-trip times and packet loss statistics are computed. If duplicate packets are received, they are not included in the packet loss calculation, although the round trip time of these packets is used in calculating the minimum/average/maximum/mdev round-trip time numbers.
Population standard deviation (mdev), essentially an average of how far each ping RTT is from the mean RTT. The higher mdev is, the more variable the RTT is (over time). With a high RTT variability, you will have speed issues with bulk transfers (they will take longer than is strictly speaking necessary, as the variability will eventually cause the sender to wait for ACKs) and you will have middling to poor VoIP quality.
When the specified number of packets have been sent (and received) or if the program is terminated with a SIGINT, a brief summary is displayed. Shorter current statistics can be obtained without termination of process with signal SIGQUIT.
This program is intended for use in network testing, measurement and management. Because of the load it can impose on the network, it is unwise to use ping during normal operations or from automated scripts.
ENVIRONMENT
IPUTILS_PING_PTR_LOOKUP environment variable set to 0
disable reverse DNS resolution (PTR lookup) by default. It will be
overrided by -H or -n option.
.SH "EXIT STATUS"
If ping does not receive any reply packets at all it will exit with code 1. If a packet count and deadline are both specified, and fewer than count packets are received by the time the deadline has arrived, it will also exit with code 1. On other error it exits with code 2. Otherwise it exits with code 0. This makes it possible to use the exit code to see if a host is alive or not.
IPV6 LINK-LOCAL DESTINATIONS
For IPv6, when the destination address has link-local scope and ping is using ICMP datagram sockets, the output interface must be specified. When ping is using raw sockets, it is not strictly necessary to specify the output interface but it should be done to avoid ambiguity when there are multiple possible output interfaces.
There are two ways to specify the output interface:
• using the % notation
ping fe80::5054:ff:fe70:67bc%eth0
ping fe80::5054:ff:fe70:67bc%2
• using the -I option
ICMP PACKET DETAILS
An IP header without options is 20 bytes. An ICMP ECHO_REQUEST packet contains an additional 8 bytes worth of ICMP header followed by an arbitrary amount of data. When a packetsize is given, this indicates the size of this extra piece of data (the default is 56). Thus the amount of data received inside of an IP packet of type ICMP ECHO_REPLY will always be 8 bytes more than the requested data space (the ICMP header).
If the data space is at least of size of struct timeval ping uses the beginning bytes of this space to include a timestamp which it uses in the computation of round trip times. If the data space is shorter, no round trip times are given.
DUPLICATE AND DAMAGED PACKETS
ping will report duplicate and damaged packets. Duplicate packets should never occur, and seem to be caused by inappropriate link-level retransmissions. Duplicates may occur in many situations and are rarely (if ever) a good sign, although the presence of low levels of duplicates may not always be cause for alarm.
Damaged packets are obviously serious cause for alarm and often indicate broken hardware somewhere in the ping packet's path (in the network or in the hosts).
ID COLLISIONS
Unlike TCP and UDP, which use port to uniquely identify the recipient to deliver data, ICMP uses identifier field (ID) for identification. Therefore, if on the same machine, at the same time, two ping processes use the same ID, echo reply can be delivered to a wrong recipient. This is a known problem due to the limited size of the 16-bit ID field. That is a historical limitation of the protocol that cannot be fixed at the moment unless we encode an ID into the ping packet payload. ping prints DIFFERENT ADDRESS error and packet loss is negative.
ping uses PID to get unique number. The default value of /proc/sys/kernel/pid_max is 32768. On the systems that use ping heavily and with pid_max greater than 65535 collisions are bound to happen.
TRYING DIFFERENT DATA PATTERNS
The (inter)network layer should never treat packets differently depending on the data contained in the data portion. Unfortunately, data-dependent problems have been known to sneak into networks and remain undetected for long periods of time. In many cases the particular pattern that will have problems is something that doesn't have sufficient “transitions”, such as all ones or all zeros, or a pattern right at the edge, such as almost all zeros. It isn't necessarily enough to specify a data pattern of all zeros (for example) on the command line because the pattern that is of interest is at the data link level, and the relationship between what you type and what the controllers transmit can be complicated.
This means that if you have a data-dependent problem you will probably have to do a lot of testing to find it. If you are lucky, you may manage to find a file that either can't be sent across your network or that takes much longer to transfer than other similar length files. You can then examine this file for repeated patterns that you can test using the -p option of ping.
TTL DETAILS
The TTL value of an IP packet represents the maximum number of IP routers that the packet can go through before being thrown away. In current practice you can expect each router in the Internet to decrement the TTL field by exactly one.
The TTL field for TCP packets may take various values. The maximum possible value of this field is 255, a recommended initial value is 64. For more information, see the TCP/Lower-Level Interface section of RFC9293.
In normal operation ping prints the TTL value from the packet it receives. When a remote system receives a ping packet, it can do one of three things with the TTL field in its response:
BUGS
SEE ALSO
HISTORY
The ping command appeared in 4.3BSD.
The version described here is its descendant specific to Linux.
As of version s20150815, the ping6 binary doesn't exist anymore. It has been merged into ping. Creating a symlink named ping6 pointing to ping will result in the same functionality as before.
SECURITY
ping requires CAP_NET_RAW capability to be executed 1) if the program is used for non-echo queries (see -N option) or when the identification field set to 0 for ECHO_REQUEST (see -e), or 2) if kernel does not support ICMP datagram sockets, or 3) if the user is not allowed to create an ICMP echo socket. The program may be used as set-uid root.
AVAILABILITY
ping is part of iputils package.
iputils 20240905 |