Reachability and Step-by-Step Path Tests
Testing reachability of a node from another node in a network is one of the most basic tests to perform during support tasks. Testing the path a packet takes (identifying the nodes it goes through) is another very useful technique for troubleshooting. These tests are often used during fact gathering or when testing for results of an action taken. Ping has traditionally been known as an IP layer testing application. Ping is now available for other protocols, such as IPX. Cisco IOS provides Ping for IP, IPX, AppleTalk, and a few other protocols such as DECNET, XNS, CLNS, and VINES. Trace is an IP-layer path discovery/testing tool. Prior to IOS 12.0, Cisco IOS furnished trace for IP protocol only; as of IOS 12.0, however, trace is also available for IPX.
ping Command (IP) (User and Privileged)
The ping command is supported at the user and privileged exec modes.When used at the user mode, a set of default parameters such as five echoes, 100 bytes each with two-second time-outs will be used (in non-verbose form). You may enter an IP address or a name with the ping command (if the name can be resolved to an IP address using the local HOSTS table or using a DNS server).
Ping sends ICMP echo (echo request) to the destination, and the destination node replies to the source with an ICMP echo-reply. If you receive five echo-replies to the five echoes (echo requests) submitted, it means that five 100-byte packets could travel to the destination and back, each within a two-second time interval. There is a distinct possibility that the first of the five echoes times out; the cause is usually attributed to the need for ARP, or, in case of a DDR connection, to the need to build a circuit.
Example 4-3 displays sample outputs of the ping command. If all of the five packets don't get to the destination and back, or at least not within the two-second time interval, you need to investigate further. In this situation, you should usually choose closer and closer targets; once you find one that you can communicate with, you can define the problem area and focus your troubleshooting efforts. When you encounter timeouts or administratively prohibited cases, you will have to discover (and deal with) the busy or the protected devices accordingly.
Example 4-3 User Mode ping (IP)
|
RouterA> ping routerB |
|
Type escape sequence to abort. |
|
Sending 5, 100-byte ICMP Echos to 10.3.2.1, timeout is 2 seconds: |
|
!!!!! |
|
Success rate is 100 percent, round-trip min/avg/max = 1/3/4 ms |
|
|
|
RouterA> ping 172.16.5.5 |
|
Type escape sequence to abort. |
|
Sending 5, 100-byte ICMP Echos to 172.16.5.5, timeout is 2 seconds: |
|
.U.U. |
|
Success rate is 0 percent (0/5) |
A fundamental point of the ping tool is that it tests the round-trip path to and from a target. I often notice that when ping fails, people focus all of their effort on trying to troubleshoot the local device (source), and they forget that a ping failure is often caused by the destination device not having a path for sending the echo reply back to the source. See Table 4-4 for short descriptions of the test characters used by the ping facility. To abort a ping session, type the escape sequence (Shift, Control, and the 6 key, all at once). Another useful command that you can use when troubleshooting connectivity issues is the debug ip icmp command.
Table 4-4 ping (IP) Response Characters
|
Character |
Description |
|
! |
Reply received |
|
. |
Time-out |
|
U |
Destination unreachable |
|
N |
Network unreachable |
|
P |
Protocol unreachable |
|
Q |
Source quench |
|
M |
Could not fragment |
|
? |
Unknown packet type |
You also have the option of using the extended ping in privileged exec mode. From the privileged mode, if you just enter the ping command, you will be prompted for the protocol (default is IP). After selecting IP, you are prompted for the target IP address, repeat count, datagram size, and timeout in seconds; finally, you are asked if you are interested in extended commands. Table 4-5 provides explanations for the parameters you are prompted for if you choose the extended commands option.
Table 4-5 ping (IP) Extended Commands
|
Field |
Explanation |
|
Source address: |
You may enter one of the router's local IP addresses or one of its interfaces. |
|
Type of service [0]: |
You may turn this bit to 1 to indicate Internet Service Quality selection. |
|
Set DF bit in IP header? [no]: |
If you answer yes, the Don't Fragment option will not allow this packet to be fragmented when it has to go through a segment with a smaller MTU and you will receive an error message from the device that wanted to fragment the packet. |
|
Data Pattern [0xABCD]: |
This prompt allows you to modify the 16-bit data pattern. All ones and all zeroes testing are commonly used to check sensitivity problems at the CSU/DSU or to detect cable problems such as crosstalk. |
|
Loose, Strict, Record, Timestamp, Verbose [none]: |
Even though it looks like this prompt is offering one (or none) of the options listed, if you select one, the prompt shows up again, in case you wanted to select more than one of the available options. If you select any option, Verbose is automatically selected also. Record is a very useful option because it displays the address(es) of the hops (up to nine) the packet goes through. Loose allows you to influence the path by specifying the address(es) of the hop(s) you want the packet to go through, perhaps as well as other hop(s). With the Strict option you specify the hop(s) that you want the packet to go through, but no other hop(s) are allowed to be visited as well. The difference between using the Record option of this command and using the traceroute command is quite interesting and worth discussing. The Record option of this command not only informs you of the hops that the echo request (of ping) went through to get to the destination, but it also informs you of the hops it visited on the return path. With the traceroute command you do not get information about the path that the echo reply takes. |
|
Sweep range of sizes [n]: |
Allows you to vary the size of the packets. |
ping Command (IPX and AppleTalk)
Cisco IOS makes ping available for a number of protocols including IPX and AppleTalk. Ping for IPX and AppleTalk is available in user and privileged mode. Example 4-4 shows the syntax and the sample outputs for IPX and AppleTalk user mode pings.
Example 4-4 User Mode ping (IPX and AppleTalk)
|
Router> ping ipx 1000.0000.0c02.f3b4 |
|
Type escape sequence to abort. |
|
Sending 5, 100-byte Novell Echoes to 1000.0000.0c02.f3b4, timeout is 2 seconds: |
|
|
|
Success rate is 0 percent (0/5) |
|
|
|
|
|
Router>ping appletalk 100.50 |
|
Type escape sequence to abort. |
|
Sending 5, 100-byte AppleTalk Echoes to 100.50, timeout is 2 seconds: |
|
!!!!! |
|
Success rate is 100 percent, round-trip min/avg/max = 3/3/7 ms |
Cisco introduced ping for IPX as of version 8.2 of the IOS. However, since this is a Cisco proprietary tool, non-Cisco devices such as Novell servers do not respond to it. If you want your Cisco router to generate Novell-compliant pings, you can do so using the global configuration command ipx ping-default novell. But what if you want to be able to ping (IPX) Cisco devices as well as non-Cisco (Novell-compliant) devices? If this is the case, you should not use the ipx ping-default novell command. If you use the privileged mode ping (IPX), one of the questions you will be prompted with is whether you want a Novell standard echo. Hence, with the privileged mode ping (IPX) you can ping Cisco devices and have the choice to generate a Novell standard ping. Table 4-6 lists the test characters displayed in IPX ping responses along with their associated descriptions.
Table 4-6 IPX ping Response Characters
|
Character |
Description |
|
! |
Reply received |
|
. |
Time-out |
|
U |
Destination unreachable |
|
C |
Congestion |
|
I |
Interrupt (user interrupted the test) |
|
? |
Unknown |
|
& |
Packet lifetime exceeded |
Ping for AppleTalk sends AEP (AppleTalk Echo Protocol) packets to the destination (another AppleTalk node) and waits for replies. The response characters of AppleTalk ping along with their associated descriptions are provided in Table 4-7.
Table 4-7 AppleTalk ping Response Characters
|
Character |
Description |
|
! |
Reply received |
|
. |
Time-out |
|
B |
Bad echo reply received |
|
C |
Echo with bad DDP checksum received |
|
E |
Error encountered during sending of the echo packet |
|
R |
No route available to send the echo packet |
traceroute Command (IP) (User and Privileged)
Use the traceroute command to find the path between IP devices. Trace, introduced with the release 10.0 of Cisco IOS, is currently available only for the IP protocol. The traceroute command can be executed from the user and the privileged exec modes, but from the privileged exec mode, you have the ability to use the extended trace, which is more flexible and informative.
NOTE
The command traceroute is commonly used in its short form, trace.
With the release 12.0 of Cisco IOS, traceroute is also available for IPX.
The traceroute application starts by sending probes (UDP) with TTL value of 1, and keeps on incrementing the TTL value and sending the probes until the destinationis reached. When the TTL value equals 1, the probe goes as far as the first hop (router), which responds with a time-exceeded message (ICMP TTL exceeded). Note that when a packet reaches a router its TTL is reduced by one. Next, the TTL is incremented to 2, and the probe reaches the second hop in the path to the destination, and so on, until the destination is reached. The destination node sends a port-unreachable message (ICMP port unreachable) back to the source because it cannot deliver the packet to an application (the default destination port of the probe is UDP port 33434). Cisco IOS generates three probes for each TTL value, and if a response is not received within a time interval (times out), it prints an asterisk (*) on its output. Trace terminates when the destination is reached, the maximum TTL is exceeded, or the user interrupts it with the escape sequence.
The basic traceroute command (available in the user and privileged exec modes) uses the IP address of the egress interface as its source IP address, uses three seconds for its timeout value, sends three probes for each TTL value, and has 30 for its maximum TTL value. On the other hand, the extended trace, available from the privileged exec mode only, allows you to modify its operational parameters. Furthermore, with the extended trace, similarly to extended ping, you can also specify the source address of your probes and, if needed, choose the Loose, Strict, Record, Timestamp, and Verbose options. Example 4-5 displays a screen capture that shows the behavior of the extended trace command.
It is worthwhile mentioning that Cisco documentation warns that you might get a lot of timeouts with traceroute. The explanation given indicates that some devices do not generate port unreachable messages, and some attempt to use the TTL value of the received probe for the response packet. Both of these cases may cause the originating device to experience a lot of timeouts (asterisks).
Example 4-5 Extended trace
|
Router> trace |
|
Protocol [IP]: |
|
Target IP address: A_BackR.ciscocit.com |
|
Source address: |
|
Numeric display [n]: |
|
Timeout in seconds [3]: |
|
Probe count [3]: |
|
Minimum Time to Live [1]: |
|
Maximum Time to Live [30]: |
|
Port number[33434]: |
|
Loose, Strict, Record, Timestamp, Verbose[none]: |
|
Type escape sequence to abort. |
|
Tracing the route to A_BackR.ciscocit.com (10.11.100.200) |
|
1 A_StubR.ciscocit.com (172.16.15.100) 70 msec 70 msec 79 msec |
|
2 A_BackR.ciscocit.com (10.11.100.200) 80 msec 84 msec 82 msec |