LIS 525 - Ping and Other Diagnostics

Ping is a network diagnostic that allows you to test for a connection to a remote site on the Internet and get some information about how the data are transmitted.

There are various programs that implement Ping on different platforms. For instance, there are versions for Unix (available on panther at UWO, but useless for normal users, because socket permission is denied) and for Windows (available on FIMS workstations).

To run the Ping program in Windows, you should first go to the Command (MS-DOS) prompt, so that you can see the results displayed. Enter your Ping command; for example,


The form of a Windows Ping command is

ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r count] [-s count] [[-j host-list] | [-k host-list]] [-w timeout] destination-list
The various options have the following meanings:
-t Continue until stopped (with Ctrl-C).
-a Resolve addresses to hostnames.
-n count Send count echo requests.
-l size Send with buffer of size=size.
-f Set Don't Fragment flag in packet (the flags are a field in the IP header).
-i TTL Time To Live (maximum number of nodes through which the packet can travel: another of the fields in the IP header).
-v TOS Type Of Service (e.g., "http", "ftp") (another field in the IP header).
-r count Record route for count hops (count must be in the range 0-9).
-s count Timestamp for count hops (count must be in the range 0-4).
-j host-list Loose source route along host-list (host-list can be an IP number but not a domain name).
-k host-list Strict source route along host-list (host-list can be an IP number but not a domain name).
-w timeout Timeout after timeout milliseconds when waiting for each reply.

A simple Ping to a server looks like this:


Pinging [] with 32 bytes of data:

Reply from bytes=32 time=9ms TTL=56
Reply from bytes=32 time=8ms TTL=56
Reply from bytes=32 time=8ms TTL=56
Reply from bytes=32 time=9ms TTL=56

Ping statistics for
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 8ms, Maximum = 9ms, Average = 8ms

Options that are likely to make an actual difference to the results that you see are -a (if destination-list uses IP numbers rather than domain names), -t, -l, -i (if TTL is sufficiently small), -r, -j, and -k.

Repeated pinging of the same server at frequent intervals might be interpreted as a sign that someone is trying for a way to hack into the server.

A host may be set not to respond to pinging. For example, this is the default for the integrated firewall in Windows XP.

Other Diagnostics

Both Unix and Windows also provide Trace Route diagnostics. The Windows version, Tracert, has the following form:
tracert [-d] [-h maximum_hops] [-j host- list] [-w timeout] target_name
where the options are
-d Do not resolve addresses to hostnames.
-h maximum_hops Maximum number of hops to search for target (where maximum-hops < 256).
-j host-list Loose source route along host-list.
-w timeout Wait timeout milliseconds for each reply.

Here is a simple example of using Tracert:


Tracing route to []
over a maximum of 30 hops:

  1     7 ms    <1 ms    <1 ms
  2    <1 ms    <1 ms    <1 ms  gate1.netmgmt.uwo.pri []
  3     1 ms     1 ms     1 ms []
  4    <1 ms     1 ms     6 ms [66.
  5     6 ms     5 ms     5 ms
  6     6 ms     5 ms     6 ms
  7     6 ms     6 ms     7 ms [198.32.2
  8     7 ms     7 ms     7 ms
  9     8 ms     7 ms     6 ms
 10     7 ms     6 ms     6 ms
 11     9 ms     9 ms     8 ms []
 12     8 ms     8 ms     8 ms []

Trace complete.

Versions of both Windows and Unix have an NSLookup program that will give some basic information about a server or servers given a server name. For example:


Non-authoritative answer:


Other Useful Tools


Last updated April 13, 2007.
This page maintained by Prof. Tim Craven
E-mail (text/plain only):
Faculty of Information and Media Studies
University of Western Ontario,
London, Ontario
Canada, N6A 5B7