How to Use the Ping Command in the Cisco IOS by irisdan


									        How to Use the Ping Command in the Cisco IOS?
The ping command is irreplaceable when it comes to troubleshooting. At some point,
you will undoubtedly use this command to solve a networking problem. But how do
you properly use this command in the Cisco IOS?

The Basics of Ping
The ping command works just like on those old submarine movies. You are on one
network device and you “ping” another. When you do this, in your head think of the
sound that you heard on those old submarine movies- “PPiiiiiiiiiiiing”. The sound
would go out and, on the sonar operator’s-screen, he would or would not see the
other submarine. This is exactly how the ping-command in networking, works. Your
sonar screen is your Cisco router’s command prompt. Usage of the ping command
can be as simple as this:

As you can see in this example, I simply typed ping, and the IP address of the host I
wanted to ping. In response, I got five exclamation points that told me that I sent 5
ping packets out, and they were all returned (a complete success).

In other words, a ping request is sent out to the remote device, and a ping response
is received back, acknowledging the request. As ping uses the ICMP protocol, these
packets are technically called ICMP echo request, and ICMP echo reply. ICMP is
considered the management protocol for IP. ICMP uses the IP protocol but ICMP is
not TCP, or UDP. ICMP does work at Layer 3.

Note that if the ping was not successful, you would have received one of the
following (instead of an exclamation point): - “.” = network server timed out - “U” =
destination unreachable - “Q” = source quench (destination too busy) - “M” = could
not fragment - “?” = unknown packet type - “&” = packet lifetime exceeded Besides
the five exclamation points, I was also told that I was sending “5, 100-byte ICMP
echoes”. This means that I actually sent five “ping packets” of 100 bytes each. I was
told that the timeout was 2 seconds. That means that if a response was not received
within 2 seconds, ping would decide that the packet was not going to return at all.
This is a safe assumption considering 2 seconds is 2000ms and I am getting pings
back in about 36ms. Notice on the last line that the “Success rate is 100 percent”.
That is because it says that I sent 5 pings and received 5 ping replies back (that is the
“(5/5)”). I was told that the round-trip minimum time for a ping reply to return was
36ms, the average time (of all 5 pings) for a reply to return is 36ms, and the
maximum time for a ping reply to return was 40ms. If you have DNS or a local
hostname configured, you can use ping with names, like this:

You should know that there are many more types of ICMP traffic other than that
used for “pinging” (echo and echo-reply). ICMP is used to redirect hosts to the
proper router, to inform hosts that they need to resize their packets, and many types
of IP management communications. Each of these types of ICMP packets has a type
number (and optionally, a code number). For example, an ICMP echo is type 8. An
echo-reply is a type 0. A redirect to another router for an entire network is a type 5,
code 0 (with there being possible codes of 0-3). Finally, you can abbreviate ping by
only typing “p”. For example: Router# p

What Else Can I Do With Ping?
Now that you understand the basics, let’s look at an advanced version of ping. Cisco
calls this “extended ping”. Extended ping will ask you many questions and
“interactively” configure the options for ping. If you have never seen this before, you
may be surprised at how many options the ping command can have. Here is an
In typing ping, by itself, I was asked a list of questions. I have put a red arrow by each
of the questions for which I typed a response. On other lines, I simply
pressed Enter to take the default. In this example, I still ping-ed “Router3”. I stuck
with the default of 5 ping packets (but could have changed it). I kept the default of a
100 byte ping packet but could have changed this to a ping packet as large as 18,024
bytes. Next, I chose to use the extended options, where I was able to choose the
source interface of my ping packets. I also chose verbose output. With verbose
output, I was able to see each reply to each ICMP echo that I sent, and the time it
took for that reply to return to my router. One thing you may be surprised by, is the
first question that asked what protocol you want to ping with. Yes, you can ping with
protocols other than IP (such as Appletalk, DECnet, and IPX), but rarely are those
protocols used anymore.

How Do I Allow Ping Through An IOS Access-list?
Because ICMP is not TCP or UDP, you must specify ICMP specifically when you create
an access-list (ACL). Here is an example: access-list 101 permit icmp any any
echo-reply In this ACL, we are permitting ICMP traffic from any source, and any
destination, as long as it is a reply to an echo request. Many administrators enter the
following ACL and expect ICMP to flow through it: access-list 101 permit ip any
any This ACL does NOT allow ICMP traffic. To allow ICMP and IP, you need the
following two entries in your ACL: access-list 101 permit ip any any access-list 101
permit icmp any any
In summary, the ping utility is invaluable when it comes to troubleshooting network
issues. While just about everyone has “pinged” something at one point or another,
most people don’t know that there is more to ping than the simple ping command.
Extended ping on Cisco routers and switches is a very powerful troubleshooting
utility. While the ping command does use the ICMP protocol, there is much more to
ICMP than just “ping”. Finally, don’t forget to save yourself three keystrokes by
abbreviating the ping command with “p”. Over the years, those keystrokes add up!

More Related Cisco Networking Tips:
Top Five Cisco IOS Commands Every Network Admin Should Know
How to Configure IPSEC Encryption with the Cisco IOS?
Configuring Local Username Database in Cisco IOS

To top