Ping Issue Analysis

Ping Issue Analysis

What is Ping

Ping is a commonly used network management command and is also part of a communication protocol that belongs to the TCP/IP suite, suitable for Windows, Linux, and Unix. It checks whether the network is smooth or the network connection speed (time) is normal based on the reply feedback results. It primarily operates end-to-end, targeting a specific IP address or URL.

OSI Model

• Physical Layer: The physical layer is responsible for encoding information into electrical pulses or other signals for transmission over the network.

For example: RJ45 converts data into 0s and 1s.

• Data Link Layer: This layer provides data transmission through physical network links. Different data link layers define different network and protocol characteristics, including physical addressing, network topology, error checking, data frame sequencing, and flow control.

It can be simply understood as: defining the packet format of 0s and 1s, determining the structure of network packets.

• Network Layer: This layer is responsible for establishing connections between the source and destination.

It can be understood that the location of the computer needs to be determined, how to determine it? Using IPv4, IPv6!

• Transport Layer: This layer provides reliable end-to-end network data stream services to higher layers.

It can be understood that each application registers a port number on the network card, and this layer is the communication between ports! The commonly used protocols are (TCP/IP).

• Session Layer: This layer establishes, manages, and terminates communication sessions between the presentation layer and the entity.

Establish a connection (automatic network addressing).

• Presentation Layer: This layer provides various functions for encoding and converting application layer data to ensure that information sent from one system’s application layer can be recognized by another system’s application layer.

It can be understood as: solving communication issues between different systems, for example: QQ on Linux can communicate with QQ on Windows.

• Application Layer: The application layer protocols of the OSI model include File Transfer, Access and Management Protocol (FTAM), Virtual Terminal Protocol (VIP), and Common Management Information Protocol (CMIP), among others.

It defines the protocols for data transmission.

Ping Principle

The Ping command uses the ICMP protocol to test the connectivity between the source and destination IPs, which belongs to the network layer (Layer 3) of the IP protocol.

The Ping process, whether it is the source host sending a request or the destination host replying, first looks up the local routing table based on the destination IP to determine the next hop’s exit. Then, it checks the ARP cache to see if the MAC address of the next hop IP exists. If not, it sends an ARP request to find it. If it exists, it packages and sends it at Layer 2 and the IP layer.

The source host sends a request message containing a string of data (like 123456789abcde) packaged at Layer 2. The other party receives it and reflects the packet back to the source. Once the source PC receives it, it assumes the other party is reachable. Thus, it involves the interaction of Layer 2 MAC addresses and IP layers. When the other party has issues (e.g., IP address does not exist, no route, etc.), the other party’s IP or an intermediate network node returns an ICMP error message to the source IP. The ports and IP used must be determined based on the node’s routing table. The initiator generates an echo based on the returned results. If the Ping request message is sent and waits for some time (the default is 5 seconds in Windows), if no reply is received, the initiator shows a timeout (in Linux, the default timer is 1 second, and no display occurs in this case).

Possible Reasons for Ping Failure

Symptoms of Ping failure

  C:\Users> ping 192.168.4.41
  Pinging 192.168.4.41 with 32 bytes of data:
  Request timed out.
  Request timed out.
      ...
  Ping statistics for 192.168.4.41:
  Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),  

• The other party is shut down/IP does not exist.
• The subnet is different, and it cannot be found through routing.
• Firewall settings filter the ICMP packets sent by Ping, resulting in no feedback, timeout.
• Incorrect IP address settings; for servers with multiple network cards, the IP configuration of each port must not be in the same subnet, otherwise it will cause routing issues.
• Faulty network cable.
• No gateway set; this is crucial for small networks (128 subnet) that go through a router; if not configured, routing will fail.

These issues can generally be categorized into several types:

Computer configuration faults; physical line faults; ARP issues; VLAN issues; routing issues; access control.

Computer Configuration Faults

Use ipconfig /all to observe whether local network settings are correct.

Ethernet adapter Local Connection:
  Connection-specific DNS Suffix . . . . . . . : huawei.com
  Description. . . . . . . . . . . . . . . : Xen Net Device Driver
  Physical Address. . . . . . . . . . . . . : 28-6E-D4-88-B7-19
  DHCP Enabled . . . . . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . . . . . : Yes
  Local Link IPv6 Address. . . . . . . . . : fe80::dd9a:f549:2b85:b027%13(Preferred)
  IPv4 Address . . . . . . . . . . . . . . : 192.168.1.5(Preferred)
  Subnet Mask  . . . . . . . . . . . . . . : 255.255.255.0
  Default Gateway. . . . . . . . . . . . . . : 192.168.1.1

Ping the Other Party

ping -a command can probe the other party, resolving the IP address to the hostname. If it exists, it indicates that the host IP is valid, and then check if the firewall is off;

Ping 127.0.0.1

Pinging the address 127.0.0.1 checks whether the local TCP/IP protocol is set up correctly.

ping 127.0.0.1, if it cannot be pinged, there is a problem with the local TCP/IP protocol stack.
If the prompt is: no route to host, it indicates that the network card is not functioning properly.
If the prompt is: transmit failed error code, it indicates an issue with the network card driver.
If the prompt is: time out, it means the router has this route, but due to other reasons, the packet cannot be transmitted.
If the prompt is: destination host unreachable, it indicates that there is no such route in the router.

Ping the Local Machine (IPv4)

Pinging the local machine’s IP address is to check whether the IP address settings and network card installation configuration are correct.

C:\Users> ping 192.168.1.5
Pinging 192.168.1.5 with 32 bytes of data:
Reply from 192.168.1.5: bytes=32 time<1ms TTL=128
Reply from 192.168.1.5: bytes=32 time<1ms TTL=128
...

If it times out, it indicates that there is a fault in the network card installation or configuration. Disconnect the network cable and execute this command again; if it shows normal, it indicates that the IP address being used may conflict with another machine’s IP address. If it still shows abnormal, it indicates that there is a fault in the local network card installation or configuration, and further checks on related network configurations are needed.

Ping the Gateway

Pinging the network gateway or local IP address is to check whether there are hardware faults and whether the local machine is connected to the local network properly.

C:\Users> ping 192.168.1.11
Pinging 192.168.1.11 with 32 bytes of data:
Reply from 192.168.1.11: bytes=32 time<1ms TTL=128
Reply from 192.168.1.11: bytes=32 time<1ms TTL=128
...

Analysis of Physical Link Faults in Ping Failure

The ports of fiber or network cable connections and network link deployments may not be consistent; the wavelength parameters of optical modules may not match actual needs; the communication interface of the device may be damaged; physical connection cables may be aging or damaged; interfaces may be blocked.

Common methods for diagnosing physical link faults are as follows:

• Check the status of device port indicators; if they are constantly gray, it indicates no connection. In this case, replace the interface or network cable and try again.
• Use the display interface interface-type interface-number command to check the status of the interface and determine the fault cause based on the port status.
• Use the display stp brief, display rrpp verbose, and display smart-link group all commands to check whether STP, RRPP, or SMART LINK layer 2 protocols are running on the device, confirming whether the physical interface through which the Ping service passes is blocked. If the port is blocked, the relevant configuration needs to be modified.

Analysis of ARP Issues in Ping Failure

Using the previous Ping failure troubleshooting approach, it can be determined whether the Ping failure is due to ARP issues. The device needs the MAC address when encapsulating ICMP packets; if the corresponding MAC address does not exist, ARP learning is required. If ARP learning fails, the Ping packets will be discarded, resulting in Ping failure. Common ARP issues causing Ping failures are usually due to the device not properly performing ARP learning. Common methods for diagnosing ARP issues are as follows:

• Use the display arp interface interface-type interface-number command to check whether ARP learning is normal for directly connected addresses.
• Use the display mac-address interface-type interface-number command to view MAC table entries, confirming whether the MAC address output port and the physical output port of ARP are consistent.
• If ARP learning is not normal, first check whether the interface configuration, VLAN configuration, VLANIF interface configuration, and IP address configuration are correct, and then check whether ARP and ARP security configurations restrict ARP learning.

Analysis of VLAN Issues in Ping Failure

Using the previous Ping failure troubleshooting approach, it can be determined whether the Ping failure is due to VLAN issues. Common VLAN issues include the following three:

The interface has not been added to the planned VLAN; the link type configuration of the interface is incorrect; the state of the VLANIF interface is not UP, or the configured IP address is incorrect.

Common methods for diagnosing VLAN issues are as follows:

• Use the display port vlan interface-type interface-number command to check which VLAN the interface has been added to. The VLAN to which the interface belongs is generally completed during network planning; if configured incorrectly, it needs to be reconfigured.
• Use the display port vlan interface-type interface-number command to check the link type of the interface. Different link types handle passing packets differently, so attention must be paid during configuration; if configured incorrectly, it needs to be reconfigured.
• Use the display interface brief and display ip interface brief interface-type interface-number commands to check the interface status and the relationship between the interface and IP.
• After configuring the VLANIF interface and adding the actual physical port to the specified VLAN, ensure that the VLANIF interface status is UP to enable communication. If configured incorrectly, it needs to be reconfigured.

Analysis of Routing Issues in Ping Failure

Using the previous Ping failure troubleshooting approach, it can be determined whether the Ping failure is due to routing issues. Common routing issues include the following three: no route to the destination subnet; the destination device has no return route; the device’s routing table is overloaded; routing configuration errors.

• The common method for diagnosing routing issues is to use the display ip routing-table command to check the routing table information to see if there is a route to the destination subnet. If there is no route, it needs to be reconfigured.

When configuring routing, it is important to pay attention not only to the route from this end to the other end but also to the return route of the other end. Devices support configuring various routing protocols, which can be selected based on actual conditions.

Analysis of Access Control Issues in Ping Failure

Using the previous Ping failure troubleshooting approach, it can be determined whether the Ping failure is due to access control issues. Access control is often configured on devices to protect security or for business needs; if the Ping packets happen to fall under access control, it may lead to Ping failure.

Common access control may restrict packet types, filter source or destination addresses, etc. Common methods for diagnosing access control issues are as follows: capture packets under the interface, analyze the obtained packet information, and check the corresponding configuration.

• Use the display current-configuration interface interface-type interface-number command to check whether there are relevant access control configurations on the interface.

Since access control is generally configured based on device security or business needs, even if Ping fails, it does not affect the operation of the business. Modifying such issues needs to be done cautiously to avoid impacting the normal use of the device.

Common Network Layer Protocols

For more content, follow the public account Programmer’s Path to Financial Freedom

Public Account: Programmer’s Path to Financial Freedom

Blog: CSDN Wang Xiaoming

Follow us for more information

After following: reply with “idea” or “referral” or “book” for surprises.

References

• http://www.023wg.com/guzhang/298.html
• https://blog.csdn.net/wj31932/article/details/89633071
• https://www.cnblogs.com/michael-xiang/p/10467825.html