— send ICMP
ECHO_REQUEST packets to network hosts
[-w maxwait] host
uses the ICMP protocol's mandatory
datagram to elicit an ICMP
from a host or gateway.
(“pings”) have an IP and ICMP header, followed by a
“struct timeval” and then an arbitrary number of
“pad” bytes used to fill out the packet. The options are as
- Stop sending after count
ECHO_REQUEST packets have been sent. If
count is 0, send an unlimited number of
- Set the
- Set the
on the socket being used.
- Emit an audible beep (by sending an ASCII BEL character to
the standard error output) when no packet is received before the next
packet is transmitted. To cater for round-trip times that are longer than
the interval between transmissions, further missing packets cause a bell
only if the maximum number of unreceived packets has increased. This
option is disabled for flood pings.
- Emit an audible beep (by sending an ASCII BEL character to
the standard error output) after each non-duplicate response is received.
This option is disabled for flood pings.
- Flood ping. Outputs packets as fast as they come back or
one hundred times per second, whichever is more. For every
ECHO_REQUEST sent, a period
‘.’ is printed, while for every
ECHO_REPLY received a backspace is
printed. This provides a rapid display of how many packets are being
dropped. Only the superuser may use this option.
This can be
very hard on a network and should be used with caution.
- Specify the interface address to transmit from on machines
with multiple interfaces. For unicast and multicast pings.
- Wait wait seconds between
sending each packet. The default is to wait for one second between each
packet. The wait time may be fractional, but only the superuser may
specify a value less than one second. This option is incompatible with the
- Disable the loopback, so the transmitting host doesn't see
the ICMP requests. For multicast pings.
- If preload is specified,
ping sends that many packets as fast as
possible before falling into its normal mode of behavior. Only root may
set a preload value.
- Numeric output only. No attempt will be made to look up
symbolic names for host addresses.
- You may specify up to 16 “pad” bytes to fill
out the packet you send. This is useful for diagnosing data-dependent
problems in a network. For example, “-p ff” will cause the
sent packet to be filled with all ones.
- Quiet output. Nothing is displayed except the summary lines
at startup time and when finished.
- Record route. Includes the
RECORD_ROUTE option in the
ECHO_REQUEST packet and displays the
route buffer on returned packets. Note that the IP header is only large
enough for nine such routes. If more routes come back than should, such as
due to an illegal spoofed packet, ping will
print the route list and then truncate it at the correct spot. Many hosts
ignore or discard this option.
- Bypass the normal routing tables and send directly to a
host on an attached network. If the host is not on a directly attached
network, an error is returned. This option can be used to ping a local
host through an interface that has no route through it.
- Specifies the number of data bytes to be sent. The default
is 56, which translates into 64 ICMP data bytes when combined with the 8
bytes of ICMP header data.
- Change IPv4 TOS value.
toskeyword may be one of
reliability, or one of the DiffServ Code
af11 ... af43,
cs0 ... cs7; or a number in either hex or
- Use the specified time-to-live.
- Set the routing table to be used for outgoing packets. The
default is 0.
- Verbose output. ICMP packets other than
ECHO_REPLY that are received are
- Specifies the maximum number of seconds to wait for
responses after the last request has been sent. The default is 10.
When using ping
for fault isolation, it should
first be run on the local host to verify that the local network interface is
up and running. Then, hosts and gateways further and further away should be
Round trip times and packet loss statistics are computed. If duplicate packets
are received, they are not included in the packet loss calculation, although
the round trip time of these packets is used in calculating the
minimum/average/maximum round trip time numbers and the standard deviation.
When the specified number of packets have been sent (and received), or if the
program is terminated with a
brief summary is displayed. The summary information can also be displayed
is running by sending it a
signal (see the
This program is intended for use in network testing, measurement and management.
Because of the load it can impose on the network, it is unwise to use
during normal operations or from automated
exits 0 if at least one reply is received, and
>0 if no reply is received or an error occurred.
An IP header without options is 20 bytes. An ICMP
packet contains an additional
8 bytes worth of ICMP header followed by an arbitrary amount of data. When a
is given, this indicates the size
of this extra piece of data (the default is 56). Thus the amount of data
received inside of an IP packet of type ICMP
will always be 8 bytes more than
the requested data space (the ICMP header).
If the data space is at least eight bytes large,
uses the first eight bytes of this space to
include a timestamp which it uses in the computation of round trip times. If
less than eight bytes of pad are specified, no round trip times are given.
will report duplicate and damaged packets.
Duplicate packets should never occur, and seem to be caused by inappropriate
link-level retransmissions. Duplicates may occur in many situations and are
rarely (if ever) a good sign, although the presence of low levels of
duplicates may not always be cause for alarm.
Damaged packets are obviously serious cause for alarm and often indicate broken
hardware somewhere in the ping
packet's path (in
the network or in the hosts).
The (inter)network layer should never treat packets differently depending on the
data contained in the data portion. Unfortunately, data-dependent problems
have been known to sneak into networks and remain undetected for long periods
of time. In many cases the particular pattern that will have problems is
something that doesn't have sufficient “transitions”, such as
all ones or all zeros, or a pattern right at the edge, such as almost all
zeros. It isn't necessarily enough to specify a data pattern of all zeros (for
example) on the command line because the pattern that is of interest is at the
data link level, and the relationship between what you type and what the
controllers transmit can be complicated.
This means that if you have a data-dependent problem you will probably have to
do a lot of testing to find it. If you are lucky, you may manage to find a
file that either can't be sent across your network or that takes much longer
to transfer than other similar length files. You can then examine this file
for repeated patterns that you can test using the
option of ping
The TTL value of an IP packet represents the maximum number of IP routers that
the packet can go through before being thrown away. In current practice you
can expect each router in the Internet to decrement the TTL field by exactly
The TCP/IP specification states that the TTL field for TCP packets should be set
to 60, but many systems use smaller values (4.3 BSD uses 30, 4.2 used 15).
The maximum possible value of this field is 255, and most
systems set the TTL field of ICMP
packets to 255. This is why
you will find you can “ping” some hosts, but not reach them with
In normal operation, ping
prints the TTL value from
the packet it receives. When a remote system receives a ping packet, it can do
one of three things with the TTL field in its response:
- Not change it; this is what Berkeley
UNIX systems did before the
4.3BSD-Tahoe release. In this case the TTL value
in the received packet will be 255 minus the number of routers in the
round trip path.
- Set it to 255; this is what current Berkeley
UNIX systems do. In this case the TTL value in the
received packet will be 255 minus the number of routers in the path from
the remote system to the pinging host.
- Set it to some other value. Some machines use the same
value for ICMP packets that they use for TCP packets, for example either
30 or 60. Others may use completely wild values.
command appeared in
Many hosts and gateways ignore the
The maximum IP header length is too small for options like
to be completely useful.
There's not much that can be done about this, however.
Flood pinging is not recommended in general, and flood pinging the broadcast
address should only be done under very controlled conditions.