Subscribe to the feed

I'm sure you recognize that ping is a common and relatively simple command. And, like many basic commands, there are some great options and techniques that make the tool even better. This article explores various tricks and tips to level up your ping knowledge.

I begin with some basic ping options and then interpret ping results. After that, I explore some advanced use cases. Finally, I cover some ping alternatives and additional approaches.

[ You might also like: Ping, traceroute, and netstat: The network troubleshooting trifecta ]

The basics

By way of quick review, you can simply enter the following two commands to test basic network connectivity to a remote machine with a hostname of server01 or an IP address of 192.168.2.200:

# ping server01
# ping 192.168.2.200
results of ping to 8.8.8.8

You can also test the local TCP/IP stack with either the localhost hostname or the loopback address:

# ping localhost
# ping 127.0.0.1

You can also use the ping 0 command to ping the localhost:

# ping 0
ping loopback by using ping 0 command

Less well-known options

By default, Linux sends continuous pings. Windows, by default, only sends four. One of my favorite uses of ping is to inform me when a remote server or network device has restarted. For example, imagine I'm remotely connected to a Windows server from my Linux laptop. The server needs to be rebooted before I can continue with its configurations. I can issue the reboot command and then set up a continuous ping from my laptop to the server. When the ping results show success, I know the reboot process on the remote machine has been completed. In the meantime, I can work on other projects.

Note: The options for ping vary somewhat between Linux and Windows. Plan for this if you work with both platforms.

I can even use an audible cue with ping, letting me know when the pings are successful.

# ping -a server01

You can adjust the number of pings by using the -c option, followed by the desired number of ping messages. For example, to send five pings, type:

# ping -c 5 192.168.2.200

You can use a variation of this to simply display the IP address of the destination by sending a single ping to a hostname. This is a quick name resolution query:

# ping -c 1 server01
displaying IP address with a single ping

Maybe you want to modify the level of detail ping returns? You can increase the detail level by adding the -v (verbose) option or summarize the results by using the -q (quiet) option.

# ping -v server01
# ping -c 1 -q server01
ping with quiet option

I've already uncovered some good uses for ping with the above options. I particularly like the ability do a quick name resolution query. I've used the continuous ping during reboots trick more than any other, however.

You can use the ping command to test name resolution services, too. If you ping a destination by IP address, and the ping succeeds, you know you have basic connectivity. If you ping the same destination by hostname, and it fails, you know name resolution is not working. This is because ping could not resolve the given hostname to an IP address in the second test.

Results and techniques

Delving a little deeper into the results, the ping output displays the hostname and IP address information, packet loss, response times, etc.

Output from ping

The two most common results to watch for are timeout and unknown host. Both of these indicate a failure, but did you know that you can use these two results to predict where the network problem lies?

The timeout message indicates that your machine believes it successfully sent ping queries to the destination. However, it did not receive replies within a specified time, so it "timed out." The misconfiguration is likely on the destination end or on the network between your machine and the destination. Your machine sent the queries, but the destination failed to reply. Start by checking that the destination device is on, physically connected to the network, and has a valid IP address. Verify router and firewall configurations after that.

The opposite is true with the unknown host output. This indicates a likely issue on your end of the connection. Your computer was unable to send the query out to the desired destination. This could mean an IP address misconfiguration on your end, a problem with the default gateway value, or that you're attempting to connect to a destination address that doesn't exist.

Work outward in

Many networking courses suggest that you use ping to test for configuration problems by pinging the nearest configurations first, working your way outward. I've always disagreed with this.

The nearest addresses first approach looks like this:

  1. Loopback: ping 127.0.0.1
  2. Localhost: ping 192.168.2.200
  3. Local router/default gateway: ping 192.168.2.1
  4. Remote destination by IP address: ping 192.168.8.42
  5. Remote destination by hostname: ping server01

I find it's more efficient to use the outward in approach because if step 1 succeeds, I can move on to other tests without wasting time. The chances of loopback and localhost tests failing are very low compared to other network configuration problems.

Here is the outward in approach:

  1. Remote destination by hostname: ping server01 (Note: If this succeeds, move on to other network tests)
  2. Remote destination by IP address: ping 192.168.8.42
  3. Local router/default gateway: ping 192.168.2.1
  4. Localhost: ping 192.168.2.200
  5. Loopback: ping 127.0.0.1

Advanced use cases

There are several miscellaneous ping commands you can use for various tests.

For example, what if you don't have Nmap installed but need to see what hosts are up? Add the -b option to run a ping broadcast to an entire subnet. This displays the hosts that are currently up, thought it's not as effective as a simple Nmap scan.

# ping -b -c 3 -i 20 192.168.2.255

You can also change the size of the ping packet payload. The header is always 28 bytes, so add on the amount you want plus 28 bytes to get the total size. The default is 64 bytes. To send a ping with 128 bytes, type the following:

# ping -s 100 server01

This is the basic technique used in Ping of Death attacks.

Limit the number of hops (routers) the ping will pass through by configuring a time-to-live (TTL) value. For example, to limit the query to ten hops, type:

# ping -t 10 server01

In addition, while doing a continuous ping, try Ctrl+pipe to display statistics.

Final tricks

I'll wrap up with one final tool and a reminder about routers.

There is a GUI for ping - gping. Using a GUI could be handy for tasks like monitoring rebooting servers, as mentioned above. From across the room, you could view the status of a continuous ping result. Sometimes a graphical view is just easier to work with or useful for demonstrations. You can find gping at its official Git page. It's available for various Linux distributions, macOS, and Windows. There are several different package types available for several other installers.

Here are a couple of gping syntax examples. The first establishes a graphical ping to server01, and the second displays the gping help:

# gping server01
# gping --help

Here is a screenshot of gping testing connectivity to the 8.8.8.8 address.

gping 8.8.8.8 display

Finally, a reminder: Many routers are set to drop ICMP-based packets, such as those used by ping (and traceroute). ICMP, in general, can be used for various attacks, and so routers may be configured neither pass nor respond to ping requests. This is something to keep in mind while troubleshooting network connectivity.

[ Free download: Advanced Linux commands cheat sheet. ] 

Wrap up

Sure, ping is a simple tool that you've all worked with a lot, but there are some great options to modify its behavior and some good techniques to use when troubleshooting. Did you discover at least one useful thing you didn't know from the above list? And how about gping? Can you think of any good uses for a graphical version of ping


About the author

Damon Garn owns Cogspinner Coaction, LLC, a technical writing, editing, and IT project company based in Colorado Springs, CO. Damon authored many CompTIA Official Instructor and Student Guides (Linux+, Cloud+, Cloud Essentials+, Server+) and developed a broad library of interactive, scored labs. He regularly contributes to Enable Sysadmin, SearchNetworking, and CompTIA article repositories. Damon has 20 years of experience as a technical trainer covering Linux, Windows Server, and security content. He is a former sysadmin for US Figure Skating. He lives in Colorado Springs with his family and is a writer, musician, and amateur genealogist.

Read full bio
UI_Icon-Red_Hat-Close-A-Black-RGB

Browse by channel

automation icon

Automation

The latest on IT automation for tech, teams, and environments

AI icon

Artificial intelligence

Updates on the platforms that free customers to run AI workloads anywhere

open hybrid cloud icon

Open hybrid cloud

Explore how we build a more flexible future with hybrid cloud

security icon

Security

The latest on how we reduce risks across environments and technologies

edge icon

Edge computing

Updates on the platforms that simplify operations at the edge

Infrastructure icon

Infrastructure

The latest on the world’s leading enterprise Linux platform

application development icon

Applications

Inside our solutions to the toughest application challenges

Original series icon

Original shows

Entertaining stories from the makers and leaders in enterprise tech