The purpose of ping is to measure the round-trip time (RTT) for messages sent from a source host to a destination host that are then echoed back to the source. It uses internet Control Message Protocol (ICMP), sending ICMP Echo Request packets to the destination host and waiting for an ICMP Echo Reply.

The first item reported is the size of the packet received. The default size is 56 bytes, but an ICMP ECHO_REQUEST packet contains an additional 8 bytes of an ICMP header followed by an arbitrary amount of data. Thus, the size reported is 64 bytes. Next is the destination IP address. By default, ping displays the IP address to which the hostname resolves rather than the hostname.

The icmp_seq field reveals the ordering of the ICMP packets. ping reports on each packet as it is received, and the packets are not necessarily received in the same order as they are sent, although when the networks are functioning properly, they usually are. TTL stands for time to live. The TTL field is reduced by one by every router en route to its destination. If the TTL field reaches zero before the packet arrives, then an ICMP error is sent back (ICMP Time Exceeded). As you may have guessed, the default start value used by ping in Linux is 64. Finally, the last field is the RTT of each packet, which is a good measure of the latency of a connection.

Once the results for each packet are reported, ping reports aggregate statistics for the ping session. The number of packets transmitted and received is reported, as well as the percentage of packet loss. On the final line, we see the minimum RTT, the average RTT, the maximum RTT, and the standard deviation.

One caveat that should be made concerning ping is that many firewalls block ICMP traffic, rendering the ping utility useless with hosts behind restrictive firewalls. In fact, pfSense blocks such traffic by default, so if you want to ping your hosts from the other side of the firewall, you will have to explicitly allow such traffic. Even so, you may have occasion to ping a network you don't control that blocks ICMP traffic. In such cases, you may be better off utilizing a utility that relies on TCP or UDP for sending packets, since such protocols are much less likely to be blocked by most firewalls. One such utility is tcpping, and it has a similar syntax to ping. If you are pinging to local hosts, you can use arping, which uses the Address Resolution Protocol (ARP) request method to resolve IP addresses.

This caveat aside, the ping utility is useful in a number of different troubleshooting scenarios:

• Ping can help us determine if there is network connectivity between two hosts.
• Ping can help us determine if there is an unacceptable rate of packet loss. We may have connectivity between two hosts, but if the packet loss rate is consistently high, network performance will undoubtedly suffer.
• Ping is a good tool for measuring latency between two hosts.

As an example of the last of these scenarios, you might consider pinging a well-known host (for example, google.com) and measuring the latency in a number of different scenarios: for example, on a broadband connection, on a DSL connection, on a mobile connection, through a VPN, and so on.

You may have noticed that when we invoked the ping command under Linux, we used one flag: the –c flag, which limits the number of packets sent. Without the –c flag, ping would have sent packets continuously until we pressed Ctrl + C at the console. This is just one of many flags and options available for ping. The following table covers some of the more commonly used ping options:

Be aware that this is not an exhaustive list of ping options; consult the ping man page for a complete listing of them.

If you are running ping from the Windows command prompt, the output is similar, with some exceptions:

• By default, ping sends four packets instead of sending packets. To send packets continuously, use the –t option. To send an arbitrary number of packets, use the –n count option.
• The default packet size is 32 bytes.
• The summary does not show the standard deviation.

Other than that, the behavior of ping under Windows is similar to its behavior under Linux, although it seems to have fewer command-line options. The preceding table lists some of the Windows ping flag equivalents.

You can also invoke ping from within the pfSense web GUI. To do so, navigate to Diagnostics | Ping. In the Hostname edit box, specify the hostname or IP address to ping. You can specify the protocol in the IP Protocol drop-down box (IPv4 or IPv6). In the Source Address drop-down box, you can set a source address for the ping. Finally, in the Maximum number of pings edit box, you can set the maximum number of pings (the default is 3). When you are done configuring the ping settings, click on the Ping button.