Troubleshooting using the Cisco ping command

Isolating network problems can be a horrific task. With countless tools provided by a number of manufacturers, where does a systems administrator start? The ping command is a great starting point, and Cisco does not fall short in this area.

Network problems can be challenging to isolate. Thankfully, Cisco Systems gives us a variety of tools to assist in locating and correcting the situation. The ping command, while simple, can yield a wealth of information, even when working with a router thousands of miles away. While the ping command has been ported to many platforms, Cisco Systems has integrated additional functions within this vital tool.

An introduction to ping
The ping command first appeared in IOS version 10.0 and therefore should be available on any modern Cisco equipment. When ping is issued on a router, the IOS sends ICMP echo messages dependent on the information received, or not received, and feedback is generated. The data generated can be useful in determining the reachability of a host, time delay or latency, and network health. One caveat with the use of ICMP tools like ping is to remember that some administrators will block ICMP traffic, so do not assume that an unpingable host is down without further analysis.

User exec mode
Cisco allows users without enable privileges to use the basic ping command. This provides the user with the ability to issue the ping command to a host name or IP address using IP protocol. When using a host name, valid DNS server information and domain-lookup must be enabled on the router.

Figure A shows an example of user-mode ping at work.

Figure A
The user-mode ping as seen through the eyes of an MS-DOS window.

Even in user exec mode we are able to gather the following information:
  • The host name ( was reachable using 100-byte packets.
  • The average round trip time is 90ms.
  • We sent and received five packets.
  • The success rate was 100 percent.

User-mode ping is a good way to determine connectivity to another host on the network or the Internet. With the ping test characters (below), you can easily diagnose issues with network connectivity.

Table 1
! Exclamation points indicate receipt of a reply.
. Periods indicate that the reply has timed out.
U Destination is unreachable.
N Network is unreachable.
P Protocol is unreachable.
Q Source quench
M Could not fragment the packet.
? Unknown packet type
A description of the ping test characters

Privileged mode
The ping command offers even more functionality when in privileged or enable mode. Privileged mode will allow us to send more than the default five packets and change the datagram size of the packets being sent. When diagnosing a connectivity issue, it is best to send at least 100 packets. This will usually show if a link is bouncing or if latency problems are occurring. When testing Ethernet networks, using the maximum transmission unit (mtu) size of 1500 bytes will more accurately test these segments.

Figure B shows an example of a successful ping in privileged mode.

Figure B
A privileged mode ping

I was able to successfully send and receive 100 1500-byte packets with an average round-trip of 92 ms.

Networks are great when they function properly. When they do not, however, it is a nightmare. As a system administrator, your mission is to fix problems when they occur. Our next example, Figure C, shows a connection that is not functioning properly.

Figure C
Ping discovering a problem with a network

In Figure C, we see 14 percent packet loss; the problem was a loose Ethernet cable. Frequently, when diagnosing wireless or leased line connections, this would indicate a serious problem. Further testing, such as running a longer test, power cycling equipment, or contacting the circuit provider, would be in order.

Privileged mode with extended commands
In the previous example I chose <no> for the Extended Commands option. We will now explore the use of extended commands. The extended command set has a multitude of options. One that I frequently find useful is specification of the source address.

The router, by default, will use the gateway interface; however, you can specify either another interface or the IP address of an interface. Frequently I find routers that will allow me to ping out, using the serial interface, but on which pings will fail when the source specified is an Ethernet interface. This is usually due to an interface being down, congestion, or routing problems.

In this example I use the extended commands to send my packets out the Ethernet 1 interface of this 1605 router rather than the gateway interface of Ethernet 0.

You will notice that I have not used a number of the extended commands available. In everyday troubleshooting I typically do not use any of the other extended options. There are some cases where they can be useful, and a complete reference is available on Cisco Systems’ Web site at the Cisco IP command listing.

The ping command is a simple yet powerful tool available to network administrators. It can be used to test the reliability of links and the reachability of hosts and to give a basic view of network health. The command can allow a junior administrator without enable privileges to do a basic reachability test. Advanced functionality is also available to the Administrator to vary the size of packets, the interface they are being sent out on, and numerous other advanced functions.
The authors and editors have taken care in preparation of the content contained herein but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for any damages. Always have a verified backup before making any changes.

Editor's Picks