Ping Overview:
Ping is an executable command brought by the Windows family. It can be used to check whether the network is connected, and it can help us to analyze and judge the network fault well. This command is only available if the TCP/IP protocol is installed. The primary role of the ping command is to detect whether a network is connected between two computers by sending a packet and receiving an answer message. When the network fails, this command can be used to predict the failure and determine the location of the failure. The ping command succeeds simply by stating that there is a connected path between the current host and the destination host. If unsuccessful, consider whether the network cable is connected, the NIC settings are correct, and the IP address is available.
It is important to note that the successful exchange of a datagram with another host is not the correct TCP/IP configuration, you must perform a large number of local host and remote host datagram Exchange to ensure the correctness of TCP/IP.
By default, the ping command running on Windows sends 4 ICMP (Inter-network Control Message Protocol) loopback requests, each 32-byte data, and you should get 4 loopback responses if everything works.
The ping can display the amount of time between sending a loopback request and returning an echo response in milliseconds. If the response time is short, it means that datagrams do not have to pass too many routers or network connections faster. Ping also displays the TTL (Time to live) value, and you can calculate the number of routers that the packet has passed through the TTL value: The source location TTL start value (that is, the number of a 2 of a power that returns a TTL slightly larger)-Returns the TTL value. For example, if you return a TTL value of 119, you can count the TTL starting value from the source address to be 128, and the source to the destination from 9 router network segments (128-119); If you return the TTL value of 246,ttl The starting value is 256, The source location to the target site is routed through 9 router segments.
ping command Parameters detailed
1.-a resolves the computer NetBIOS name.
Example:
C:>ping-a 192.168.1.21
Pinging iceblood.yofor.com [192.168.1.21] with bytes of data:
Reply from 192.168.1.21:bytes=32 time<10ms ttl=254
Reply from 192.168.1.21:bytes=32 time<10ms ttl=254
Reply from 192.168.1.21:bytes=32 time<10ms ttl=254
Reply from 192.168.1.21:bytes=32 time<10ms ttl=254
Ping statistics for 192.168.1.21:
Packets:sent = 4, Received = 4, Lost = 0 (0% loss), approximate round trips times in Milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
From the above you can know that the IP-192.168.1.21 computer NetBIOS name is iceblood.yofor.com.
2, n count sends the number of ECHO packets specified by count.
By default, typically only four packets are sent, by using this command, you can define the number of messages you send, which is helpful for measuring the speed of your network, for example, I want to test the average time of return of 50 packets, the fastest time and the slowest time can be learned by the following:
C:>ping-n 50 202.103.96.68
Pinging 202.103.96.68 with bytes of data:
Reply from 202.103.96.68:bytes=32 time=50ms ttl=241
Reply from 202.103.96.68:bytes=32 time=50ms ttl=241
Reply from 202.103.96.68:bytes=32 time=50ms ttl=241
Request timed out.
..................
Reply from 202.103.96.68:bytes=32 time=50ms ttl=241
Reply from 202.103.96.68:bytes=32 time=50ms ttl=241
Ping statistics for 202.103.96.68:
Packets:sent = Received = Lost = 2 (4% loss), approximate round trips times in Milli-seconds:
Minimum = 40ms, Maximum = 51ms, Average = 46ms
From the above I can know that in the process of sending 50 packets to 202.103.96.68, 48 were returned, two of which were lost for unknown reasons, the fastest return in the 48 packets is 40ms, the slowest is 51ms, the average speed is 46ms.
3,-l size. Defines the ECHO packet size.
By default, Windows Ping sends a packet size of 32byt, we can also define its size, but there is a size limit, that is, the maximum can only send 65500byt, perhaps someone will ask why to limit to 65500byt, Because the Windows family system has a security vulnerability (and perhaps other systems) is that when the packet sent to each other is greater than or equal to 65532, the other side is very likely to be a machine, so Microsoft to resolve this security vulnerability thus restricting the ping packet size. Although Microsoft has already made this restriction, this parameter is still very powerful with other parameters, such as we can use the-t parameter to implement an offensive command: (The following introduction is dangerous, only for testing, do not easily apply to others on the machine, otherwise the consequences of the ego)
C:>ping-l 65500-t 192.168.1.21
Pinging 192.168.1.21 with 65500 bytes of data:
Reply from 192.168.1.21:bytes=65500 time<10ms ttl=254
Reply from 192.168.1.21:bytes=65500 time<10ms ttl=254
..................
This way it will keep sending packets of 65500byt size to the 192.168.1.21 computer, if you have only one computer may have no effect, but if there are many computers can make the other side completely paralyzed, have done this experiment, when using more than 10 computers ping a Win2000pro System's computer, less than 5 minutes each other's network has been completely paralyzed, the network seriously blocked, HTTP and FTP service completely stopped, this shows the power.
4.-F sends a "do not fragment" flag in the packet.
In general, the packets you send will be sent to each other through the routing segment, and the route will not be processed again after this parameter is added.
5,-i TTL specifies the time that the TTL value stays in the other's system.
This parameter also helps you to check the operation of the network.
6.-V TOS Sets the service Type field to the value specified by TOS.
7,-R count records the routing of outgoing and returned packets in the Record route field. In general, you send packets are routed to the other side, but in the end is what route? This parameter allows you to set the number of routes you want to probe through, but it is limited to 9, which means you can only track to 9 routes, and if you want to detect more, you can do so through other commands.
C:>ping-n 1-r 9 202.96.105.101 (send a packet, record up to 9 routes)
Pinging 202.96.105.101 with bytes of data:
Reply from 202.96.105.101:bytes=32 time=10ms ttl=249
route:202.107.208.187->
202.107.210.214->
61.153.112.70->
61.153.112.89->
202.96.105.149->
202.96.105.97->
202.96.105.101->
202.96.105.150->
61.153.112.90
Ping statistics for 202.96.105.101:
Packets:sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trips times in Milli-seconds:
Minimum = 10ms, Maximum = 10ms, Average = 10ms
From the above I can know from my computer to 202.96.105.101 altogether through the 202.107.208.187, 202.107.210.214, 61.153.112.70, 61.153.112.89, 202.96.105.149, 202.96.105.97 these few routes.
8-S count specifies the timestamp of the metric specified by count.
This parameter is almost the same as-R, except that this parameter does not record the route that the packet returns, and records only 4.
9.-j Host-list uses the computer list specified by computer-list to route packets. Continuous computers can be separated by intermediate gateways (routing sparse source) IP allows the maximum number of 9.
10.-K Host-list routes packets using the computer list specified by Computer-list. Continuous computers cannot be separated by intermediate gateways (strict source routing) the maximum number of IP allowed is 9.