(I) How ping works
The source host (the host that inputs the ping command) sends an ECHO packet in the ICMP protocol to the target host.
If the recipient is alive, an ICMP echo-reply packet is returned to the source host.
(Ii) TTL
What does the TTL in Ping output mean?
C: \ Users \ Asus> Ping www.csdn.net is pinging www.csdn.net [117.79.93.222] with 32 bytes of data: reply from 117.79.93.222: byte = 32 time = 219 Ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 64 Ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 66 Ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 374 Ms TTL = 54
The above output shows that the csdn server address is 117.79.93.222.
What does TTL = 54 mean?
First, TTL is the survival time of the ECHO package on the network.
When we Ping hosts on the network, our local machine sends a packet.
Data packets are transmitted to the target host through a certain number of routers. However, for many reasons, some data packets cannot be transmitted to the target host normally.
If we don't give these packets a lifetime, these packets will be transmitted over the network all the time, resulting in an increase in network overhead.
After the data packet is transmitted to a vro, TTL is automatically reduced by 1. If the data packet is reduced to 0 but not transmitted to the target host, the data packet is automatically lost.
Secondly, the TTL field value helps us identify the operating system type.
The TTL value of the ICMP echo response in UNIX and UNIX operating systems is 255
Compaq Tru64 5.0 the TTL field value of the ICMP echo response is 64
The TTL field value of the WINXP-32bit echo response is 64
The TTL value of the ICMP echo response in Microsoft Windows NT/2 k/2003 operating system is 128.
The TTL field value of the ICMP echo response in Microsoft Windows 95 is 32.
Of course, the returned TTL value is the same
But in some cases, it is special:
The TTL field value of Linux kernel 2.2.x & 2.4.x ICMP echo response is 64.
FreeBSD 4.1, 4.0, 3.4;
Sun Solaris 2.5.1, 2.6, 2.7, 2.8;
OpenBSD 2.6, 2.7,
NetBSD
Hp ux 10.20
The TTL field value of the ICMP echo response is 255
Windows 95/98/98SE
Windows ME
The TTL field value of the ICMP echo response is 32.
Windows NT4 wrks
Windows NT4 Server
Windows 2000
Windows XP
The TTL field value of the ICMP echo response is 128
In this way, we can identify the operating system through this method.
The Registry location of the TTL value HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ Tcpip \ Parameters
There is a defaultttl DWORD value, and its data is the default TTL value. We can modify it, but it cannot be greater than 255 in decimal format.
(3) Ping Process
① If you do not know the MAC address of the other party, send the ARP broadcast and parse the MAC address of the other party.
② After knowing the MAC address, send the unicast ICMP packet again (that is, the ECHO packet in the ICMP protocol described above)
(Iv) Ping common results
① Ping www.csdn.net
Reply from 117.79.93.222: byte = 32 time = 66 Ms TTL = 54
The returned statement indicates that the connection to the target host is successful.
② Ping rocky.csdn.net
The host rocky.csdn.net cannot be found in the ping request. Check the name and try again.
The host of the other party does not exist. The first step of the ping operation is over.
Because the target host does not exist, the MAC address of the target host cannot be resolved.
③ Ping 192.168.2.78
Request timeout
The echo package successfully reaches the target host, and the target host also returns the echo-reply package to the source host.
However, the echo-reply package is lost halfway and cannot reach the source host.
④ Ping 192.168.1.10
Reply from 192.168.1.113: the target host cannot be accessed.
This is because the ECHO packet sent to the target host is terminated on 192.168.1.125, that is, the ECHO packet cannot reach the target host.
Possible cause: data packets from the source host are prohibited from passing through on the port 192.168.1.125 of a vro192.168 ..
(V) Ping Common commands
①-T: ping the specified computer until we press Ctrl + C to stop
C: \ Users \ Asus> Ping-T blog.csdn.net is pinging blog.csdn.net [117.79.93.222] with 32 bytes of data: reply from 117.79.93.222: byte = 32 time = 184 Ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 222 Ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 154 Ms TTL = 54 request timeout. Reply from 117.79.93.222: byte = 32 time = 177 Ms TTL = 54 reply from 117.79.93.222: byte = 32 time = 159 Ms TTL = 54 reply from 117.79.93.222: byte = 32 time = 342 Ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 156 Ms TTL = 54 request timeout. Reply from 117.79.93.222: byte = 32 time = 163 Ms TTL = 54 reply from 117.79.93.222: byte = 32 time = 293 Ms TTL = 54 reply from 117.79.93.222: byte = 32 time = 69 ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 227 Ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 64 Ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 98 ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 65 Ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 261 Ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 161 Ms TTL = 54 reply from 117.79.93.222: byte = 32 time = 66 Ms TTL = 54117.79.93.222 Ping statistics: Packet: Sent = 19, received = 17, lost = 2 (10% lost), estimated round-trip time (in milliseconds): Minimum = 64 ms, maximum = 342 ms, average = 168mscontrol-c ^ C
②-N count: Send the specified number of ECHO packets. If the-n parameter is not added, the system will ping the packet four times by default.
C: \ Users \ Asus> Ping-N 6 blog.csdn.net is pinging blog.csdn.net [117.79.93.222] with 32 bytes of data: reply from 117.79.93.222: byte = 32 time = 96 Ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 275 Ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 368 Ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 98 ms TTL = 54 replies from 117.79.93.222: byte = 32 time = 67 Ms TTL = 54 reply from 117.79.93.222: byte = 32 time = 208 Ms TTL = 54117.79.93.222 Ping statistics: Packet: Sent = 6, received = 6, lost = 0 (0% lost), estimated round-trip time (in milliseconds): Minimum = 67 Ms, maximum = 368 ms, average = 185 Ms
③-L length: Specify the echo data packet size. The default data packet size is 32 bytes, and the maximum number of bytes is 65527.
C: \ Users \ Asus> Ping-L 100 blog.csdn.net is pinging blog.csdn.net [117.79.93.222] with 100 bytes of data: reply from 117.79.93.222: byte = 100 time = 68 Ms TTL = 54 replies from 117.79.93.222: byte = 100 time = 73 Ms TTL = 54 replies from 117.79.93.222: byte = 100 time = 67 Ms TTL = 54 reply from 117.79.93.222: byte = 100 time = 67 Ms TTL = 54117.79.93.222 Ping statistics: Packet: Sent = 4, received = 4, lost = 0 (0% lost), estimated round-trip time (in milliseconds ):
(6) procedure of IP address troubleshoting
① Ping 127.0.0.1 to check whether the local IP stack is initialized. If the cluster fails, reload the TCP/IP protocol.
② Ping the Host IP address and check whether Nic functions are normal
③ If the gateway is successfully pinged, the NIC is connected to the network and the network communication is normal.
④ If the remote host is successfully pinged, IP communication can be performed between the host and the remote host.