Where, Oh Where Did That Packet Go? (Unix Power Tools, 3rd Edition)

46.4. Where, Oh Where Did That Packet Go?

pingis a very simple tool and often the first used to diagnose a network problem. ping sends one or more ICMP (Section 46.1) Echo Request messages to a particular IP address. If there is a machine at that IP address listening for ICMP messages (and no firewall filtering out packets in the middle), ping gets back Echo Reply messages, thus telling you that basic IP communication is functional between the two machines. If you can't ping something close by and you know you don't have a firewall (Section 46.12) filtering out your packets, it's generally not worth trying anything more complex; start looking for interfaces down or routing problems (Section 46.3) or, possibly, unplugged cables or the like.

traceroute does what you might expect from the name: it traces the route between your machine and another machine, using ICMP messages, and shows you each step of the way. Sometimes, when you can't get to another machine that's far away, you can use traceroute to see what's going on.

mtr stands for Matt's traceroute and is a more sophisticated traceroute. Not only does it show you each hop along the way, but it also sends multiple messages and gives you an ongoing display of latency at each hop. I use mtr instead of traceroute pretty exclusively. It's available at http://www.bitwizard.nl/mtr/, or your Unix may have a binary package of it available.

For serious network debugging, take a look at tcpdump and ethereal. tcpdump can take apart packets as they go by and show you what's going on in excruciating detail, and ethereal provides a nice GUI on top of tcpdump.

-- DJPH