The working process of the Ping command and the reason for one-way Ping

When a network problem occurs, the most common test tool is the Ping command. But sometimes we encounter Ping in one direction, for example, A and B computers connected to the same LAN through A HUB or A cross line, when checking the network connectivity between them, it is found that the Ping from host A to host B is normal and from host B to Ping host A, there is A "no response timeout" error. Why?
To understand the mysteries of the Ping command, we need to see how the Ping command works.

Assume that host A's IP address is 192.168.1.1 and host B's IP address is 192.168.1.2, all of which are in the same subnet. After you run "Ping 192.168.1.2" on host, what happened?

First, the Ping command will construct a fixed format ICMP request packet, and then the ICMP protocol will send this packet together with the address "192.168.1.2" to the IP layer protocol (like ICMP, is actually a group of processes running in the background. The IP layer protocol uses the address "192.168.1.2" as the destination address, the local IP address as the source address, and some other control information to construct an IP packet, find the physical address (also called MAC address) corresponding to the IP address 192.168.1.2 in a ing table. You are familiar with Nic configuration, this is the transmission unit for the data link layer protocol to build the data link layer-frames are required), and are handed over to the data link layer. The latter constructs a data frame. The destination address is the physical address transmitted from the IP layer, the source address is the physical address of the local machine, and some control information is attached, according to the Ethernet Media access rules, send them out.

After receiving the data frame, host B checks its destination address and compares it with the physical address of the Local Machine. If yes, it receives the data frame; otherwise, it is discarded. After receiving the data frame, check the data frame and extract the IP data packet from the frame to the local IP layer protocol. Similarly, after the IP layer check, extract the useful information and send it to the ICMP protocol. After the latter completes the process, build an ICMP response packet and send it to host, the process is exactly the same as that when host A sends an ICMP request packet to host B.

From the Ping process, we can know that host A receives A response packet from host B, indicating that both the de-and back-to-path between the two hosts are normal. That is to say, it is normal from host A to host B, or from host B to host. So, why can only Ping from one direction?

1. Install the Personal Firewall

For the sake of security, most servers are installed with personal firewall software, while others are generally not installed as clients. By default, almost all personal firewall software cannot be pinged by other machines. The general practice is to filter out ICMP request packets from outside, but it does not impose any restrictions on ICMP request packets sent from the local machine and ICMP response packets from outside. In this way, when you Ping other machines from the local machine, if the network is normal, there is no problem. However, if you Ping this machine from another machine, even if everything is normal on the network, the error "timeout and no response" may occur.

This is the reason for most single-direction Ping. The solution is also very simple. You can adjust the corresponding settings based on the different types of firewalls you use.

Ii. Incorrect IP Address Setting

Under normal circumstances, a host should have one Nic, one IP address, or multiple NICs, and multiple IP addresses (these addresses must be in different IP subnets ). However, for computers used in public places, especially Internet cafes, there are a lot of people, but there is no "Explorer ". There was a single Ping between two computers. After careful inspection, we found that one computer's "dial-up network adapter" (equivalent to a soft network card) in the TCP/IP Settings of, set an IP address in the same subnet as the nic ip address, so that in the IP layer protocol, this host has two different interfaces in the same network segment. When you Ping other machines from this host, the following problems may occur:

(1) The host does not know which network interface to send data packets to, because two network interfaces are connected to the same network segment;

(2) The host does not know which address is used as the source address of the data packet. Therefore, if you Ping other machines from this host, the IP layer protocol will not be able to process it. After the timeout, Ping will give an error message indicating "no response timeout. However, when you Ping the host from another host, the request packet is sent from a specific network adapter. ICMP only needs to swap the destination and source addresses and change some signs, the ICMP response packet can be sent smoothly, and other hosts can successfully Ping this machine.

Article entry: csh responsible editor: csh