There is a truck full of information that you can derive from a ping test. But detailing all the variations would require an entire book. So in this article we want to drill right down to one really useful statistic that is often overlooked - the Time to Live field. In the example below a Windows PC has just �pingged' � i.e. sent an ICMP echo request to another host with the IP address 192.168.23.1. We can see from the output that the host 192.168.23.1 has replied and that the time taken between the original request and the receipt of the reply is also recorded for each request. C:\WINDOWS>ping 192.168.23.1 Pinging 192.168.23.1with 32 bytes of data: Reply from 192.168.23.1: bytes=32 time=10ms TTL=250 Reply from 192.168.23.1: bytes=32 time=17ms TTL=250 Reply from 192.168.23.1: bytes=32 time=10ms TTL=250 Reply from 192.168.23.1: bytes=32 time=61ms TTL=250 Ping statistics for 192.168.23.1 Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 10ms, Maximum = 61ms, Average = 24ms To the right hand side of the output (the line beginning with Reply from�) we can see a TTL= variable. This is the Time to Live field that we will discuss in this article. Firstly, the TTL is in place in order to prevent the packet from bouncing indefinitely if a routing loop is encountered. A routing loop occurs when two routers have the same destination pointing towards each other, so the packet is forwarded back and forth between the routers who essentially disagree on the direction of the destination. Because the ping packet, more correctly known as an ICMP packet, decrements the TTL field every time that it crosses a router, the number of times the packet can be bounced back and forth is limited. google_ad_client = "pub-2311940475806896"; /* 300x250, created 1/6/11 */ google_ad_slot = "0098904308"; google_ad_width = 300; google_ad_height = 250; This prevents the packet from getting stuck in an endless loop. In fact, Windows limits this to 255 bounces by default. That is the reason for the TTLs' existence. But the information it provides can also assist in interpreting the other information presented in the output. Since we now know that the formula 255 - TTL indicates the number of hops taken to reach the destination we can use this information, together with knowledge of the network and the rest of the output to help to draw an accurate picture of the ping packet's journey. Say, for example, that the TTL differed between packets as seen below. Reply from 192.168.23.1: bytes=32 time=10ms TTL=253 Reply from 192.168.23.1: bytes=32 time=27ms TTL=250 Reply from 192.168.23.1: bytes=32 time=10ms TTL=253 The varying TTL variables above indicate that packets are taking different paths to the destination. In this case packets 1 and 3 had a TTL of 253 suggesting that the packets traversed 2 routers on their way to the destination while packet 2 traversed 5 routers. A significant variance in delay can also help to highlight that one of the paths is experiencing impairment. Another example of how this field is useful is the fast identification of inefficient routing. If a high number of hops is encountered when the destination is reasonably close to the source then this can be an indication of inefficient routing. An important gotcha with the TTL field, however, is that it does not decrement as it traverses an MPLS cloud or other layer 2 switched technologies such as frame relay. This field is not touched when Layer 2 switching technologies carry the packet within a cloud because the packet is not being routed through that section of the network, it is being switched. In summary, as a field on its own - TTL performs the important function of loop prevention. But used in perspective to the other information provided by the ping output the time to live adds another level of detail to icmp output that can help to shed light on variable delay results.
access point vs router
Niciun comentariu:
Trimiteți un comentariu