Ping and Traceroute

First Published: NetAnswers Internet Extra newsletter
Date Published: 1998
Copyright © 1998 by Kevin Savetz


Internet connection on the fritz? Can't reach any web sites and wondering what the problem is? Two diagnostic tools -- Ping and Traceroute -- can tell volumes about your Net connection. Learn all about them here.

Oh dear, what can the matter be? Yesterday you visited your favorite web site and everything was copasetic. But today, you can't reach it. In fact, you can't access any of your favorite sites. You begin to wonder -- are they all down? Or is your Internet connection flinky today? Is your Internet provider having technical trouble or is the whole Net in a tailspin? Two network tools, Ping and Traceroute, give you the power to diagnose Internet connection problems yourself.

-.-.- Ping -.-.-

Ping is a simple and very useful diagnostic tool. Its job is to report whether a particular computer is connected to the Internet and able to send and receive packets. When your computer sends a "ping packet" to another computer, that computer will -- assuming it is online -- quickly respond with acknowledgment that it is alive. A Ping program will typically send several ping packets in rapid succession, and report on how many replies it received.

Most Ping programs also report on the amount of time that elapsed between the times it sent the ping packet and received the reply. These numbers are a good way to access the quality of the connection between your computer and the remote machine. If you send ten ping packets, and you receive ten replies with quick turnaround times, there's a fast, stable connection between those computers. If some of those ping packets don't receive fast replies (or get no reply at all), your Internet connection may be suffering.

Now, if your tests indicate that you have a poor connection to the Internet, that doesn't necessarily mean that you should find a new Internet access provider. Routers on the Internet do their best to move your data around quickly, but transient problems can muddle your connection. Network congestion, for instance, can be a temporary problem. If you suspect there's a problem with your Internet connection, try testing it again a few hours later.

Here's an example of Ping, in which I tested the connection between my computer and Yahoo. Ping tested the connection by sending five packets -- as each was acknowledged, the program reported the elapsed time to receive the reply. The fastest round trip was 39.4 milliseconds, the maximum was 62.1 ms, and the average was 48 ms. Today I am graced with a fast, stable Net connection.

PING yahoo.com (204.71.177.35): 56 data bytes
64 bytes from 204.71.177.35: icmp_seq=0 ttl=249 time=53.1 ms
64 bytes from 204.71.177.35: icmp_seq=1 ttl=249 time=39.4 ms
64 bytes from 204.71.177.35: icmp_seq=2 ttl=249 time=40.9 ms
64 bytes from 204.71.177.35: icmp_seq=3 ttl=249 time=62.1 ms
64 bytes from 204.71.177.35: icmp_seq=4 ttl=249 time=44.6 ms
--- yahoo.com ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 39.4/48.0/62.1 ms

If the host that you're trying to Ping isn't accessible right now, the program's output will look something like this:

PING test.sonic.net (208.201.233.203): 56 data bytes
--- test.sonic.net ping statistics ---
20 packets transmitted, 0 packets received, 100% packet loss

-.-.- Traceroute -.-.-

Traceroute takes Ping one step further. It not only tells you if your packets are getting from here to there, but what path they are taking along the way. The data that your computer exudes is sent to a router at your Internet access provider, which moves that data along to the next closest router. That router does the same thing, looking for the best path to get your data to its final destination. Depending on its source and destination, your Internet traffic might be routed through three or ten or twenty (or even more) machines during is trip. Under normal conditions, even routes with many stopovers are completed in milliseconds.

To use Traceroute, you simply give it the name or IP address of an Internet host. The program will then display the route from your computer to that host. It can be rather interesting to find out exactly what path your bits take when you visit a web page, send e-mail, and so on. In addition to the route, Traceroute typically tells you how long it takes for your data to reach each point along the trip.

Internet routers always try to use the best path to get your traffic from here to there. "Best" doesn't necessarily mean "short" -- it means "fast". Play with Traceroute enough and you'll discover times when your traffic seems to go well out of its way. For example, while doing a Traceroute from my home in Northern California to the local college ten miles away, I find that the packets take a circuitous route through San Francisco -- some 300 miles south of here. The Internet routers, in their wisdom, deemed that to be the fastest path. There may have been shorter trips available, but over slower Internet links. Or, there may have been no shorter, direct link at any speed. But the data got there quickly, that's what is important.

Here's what the output from a typical Traceroute program looks like. It provides a lot of information and takes a moment to decipher, but we can see that there are 10 router hops between my computer and yahoo.com. For each step, Traceroute tells the hop number, the name of the router at that hop, and information on the time it took the packet to get that far. (The version of Traceroute that I used sends each packet three times and shows the travel time for each one.)

traceroute to yahoo.com (204.71.177.35), 30 hops max, 40 byte packets
 1  gw (208.25.115.1)  2.316 ms  2.261 ms  2.571 ms
 2  gw-core1-19-nethelp.northcoast.com (208.25.113.194)  53.786 ms  30.875 ms  24.574 ms
 3  sl-gw1-sj-1-3.sprintlink.net (144.228.110.17)  33.111 ms  43.916 ms  42.733ms
 4  sl-bb11-sj-0-2-155M.sprintlink.net (144.232.3.33)  36.161 ms  38.458 ms  31.246 ms
 5  sl-bb11-stk-1-0-155M.sprintlink.net (144.232.8.81)  44.277 ms  43.34 ms  33.467 ms
 6  sl-bb21-stk-0-3.sprintlink.net (144.232.4.82)  34.444 ms  38.868 ms  43.916ms
 7  isi-border2-hssi4-0--T3.sprintlink.net (144.228.147.10)  35.501 ms  47.61 ms  36.922 ms
 8  fe0-0.cr2.SNV.globalcenter.net (206.251.5.1)  43.896 ms  55.943 ms  40.168 ms
 9  pos6-0.cr1.NUQ.globalcenter.net (206.251.0.29)  40.416 ms  44.788 ms  39.625 ms
10  yahoo.com (204.71.177.35)  39.232 ms  38.444 ms  42.341 ms

It's clear that there is a good path between my computer and Yahoo right now. On the other hand, if there isn't a path between two points, Traceroute will tell you. In this example, there's no path to the remote host test.sonic.net:

traceroute to test.sonic.net (208.201.233.203), 30 hops max, 40 byte packets
 1  gw (208.25.115.1)  2.324 ms  2.26 ms  2.575 ms
 2  gw-core1-19-nethelp.northcoast.com (208.25.113.194)  23.734 ms  26.482 ms  21.049 ms
 3  sl-gw1-sj-1-3.sprintlink.net (144.228.110.17)  49.997 ms  32.15 ms  49.968 ms
 4  sl-bb11-sj-0-2-155M.sprintlink.net (144.232.3.33)  52.983 ms  32.111 ms  48.6 ms
 5  sl-bb11-stk-1-0-155M.sprintlink.net (144.232.8.81)  32.982 ms  59.06 ms  49.927 ms
 6  sl-bb2-stk-0-0-0-155M.sprintlink.net (144.232.4.70)  63.269 ms  36.062 ms  45.825 ms
 7  sl-gw9-stk-0-0.sprintlink.net (144.228.40.15)  39.905 ms  43.33 ms  50.78 ms
 8  sl-sonoma-2-0.sprintlink.net (144.228.145.98)  58.54 ms  82.217 ms  44.866 ms
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *

The asterisks indicate a failed attempt to reach the next step in the route. (A technical detail that will keep purists from complaining: the asterisks can also indicate that a router simply didn't report back even though it indeed received and forwarded a packet. But several lines of asterisks in a row indicate that an essential router or host isn't online.) I can see that my packets made it only part of the way towards their destination -- they made it as far as a Sprintlink router in Sonoma. Either the computer I'm trying to access is down, or one of the routers along the way is.

If those asterisks start appearing in the first two or three lines of the trace, it likely means that your Internet connection is down altogether. This could be a problem with your computer or your Internet access provider.

Sometimes your Net connection is up, but things seem to be moving at an agonizingly slow rate. Other times, you may find that you can access some web sites, but other sites aren't available. These problems can be caused by outages at major Internet hubs. Visit the Internet Traffic Report (http://www.internettrafficreport.com) to find out how the Internet as a whole is faring today. This site will tell you if the Net is generally congested and what countries currently have access problems.

-.-.- The Software -.-.-

If you use Windows 95, you already have Ping and Traceroute -- they're in your WINDOWS directory, the file names are PING and TRACERT. These are basic command-line tools but they do the job nicely. If you'd like to use a more advanced diagnostic tool, there are some excellent shareware choices. Two good programs are NetScanTools ($25 shareware, available from http://www.nwpsw.com/nstdl.html) and NetMedic ($49.95 shareware, http://www.vitalsigns.com/product/index.html).

Mac users who feel the need to Ping and Traceroute can choose MacTCP Watcher ($10 shareware, available from http://www.stairways.com/mtcpw/mtcpw.html) or IPNetMoniter ($20 shareware, http://www.sustworks.com/product_ipnm.html).

=*=*= SITES MENTIONED IN THIS ISSUE =*=*=

NetScanTools (Windows): http://www.nwpsw.com/nstdl.html

NetMedic (Windows): http://www.vitalsigns.com/product/index.html

MacTCP Watcher (Mac): http://www.stairways.com/mtcpw/mtcpw.html

IPNetMoniter (Mac): http://www.sustworks.com/product_ipnm.html

Internet Traffic Report: http://www.internettrafficreport.com


Articles by Kevin Savetz