Pathping is one of two network utilities I am aware of that produces network path-loss statistics. The other one is mtr which is available for both Windows and Linux. The two utilities are very similar, and here we’ll talk about pathping.
Pathping is developed and maintained by Microsoft, and it’s built into Windows. As the name implies, it’s a combination of tracepath (or traceroute) and ping. Both are based on ICMP packets. Pathping uses the icmp protocol, which is part of the internet protocol suite, for network diagnostics. You can run the pathping utility from the command prompt in Windows.
Tracerpath gives you the hop-by-hop information between two hosts. Ping gives you statistics when you send ICMP requests to a specific host. Pathping gives you the hop-by-hop information as well as statistics for each hop.
Introduction to Network Troubleshooting
Network troubleshooting is a vital skill for maintaining the performance and reliability of any IT infrastructure. When users experience slow connections, dropped packets, or intermittent outages, pinpointing the root cause can be challenging. This is where the pathping command becomes an invaluable tool.
As a command-line utility built into Windows, pathping combines the functionality of both ping and tracert, providing detailed information about network latency and network loss at each intermediate hop between a source address and a destination address.
By sending multiple echo request messages using the Internet Control Message Protocol (ICMP), pathping systematically tests each router along the path. This approach allows network administrators to gather comprehensive data about packet loss, link congestion, and delays at every step of the route.
The information about network latency and packet loss at each hop helps to quickly identify routers or network segments that may be causing network problems. Whether you’re troubleshooting a slow connection to a server or investigating intermittent packet loss, the pathping command offers a clear view of the network’s health from source to destination, making it easier to resolve issues and restore optimal performance.
Usage of the pathping command
Pathping is preinstalled on Windows. I think this is a significant difference with mtr, that you’d need to compile under Cygwin, which is kind of a hassle.
Here is the output of the help menu:
netbeez> pathping --help
--help is not a valid command option.
Usage: pathping [-g host-list] [-h maximum_hops] [-i address] [-n]
[-p period] [-q num_queries] [-w timeout]
[-4] [-6] target_name
Options:
-g host-list Loose source route along host-list.
-h maximum_hops Maximum number of hops to search for target.
-i address Use the specified source address.
-n Do not resolve addresses to hostnames.
-p period Wait period milliseconds between pings.
-q num_queries Number of queries per hop.
-w timeout Wait timeout milliseconds for each reply.
-4 Force using IPv4.
-6 Force using IPv6.
The options are pretty self explanatory.
Another significant different with mtr is that mtr is more feature rich if we judge from mtr’s available options:
netbeez> mtr.exe --help
Usage:
mtr [options] hostname
-F, --filename FILE read hostname(s) from a file
-4 use IPv4 only
-6 use IPv6 only
-u, --udp use UDP instead of ICMP echo
-T, --tcp use TCP instead of ICMP echo
-I, --interface NAME use named network interface
-a, --address ADDRESS bind the outgoing socket to ADDRESS
-f, --first-ttl NUMBER set what TTL to start
-m, --max-ttl NUMBER maximum number of hops
-U, --max-unknown NUMBER maximum unknown host
-P, --port PORT target port number for TCP, SCTP, or UDP
-L, --localport LOCALPORT source port number for UDP
-s, --psize PACKETSIZE set the packet size used for probing
-B, --bitpattern NUMBER set bit pattern to use in payload
-i, --interval SECONDS ICMP echo request interval
-G, --gracetime SECONDS number of seconds to wait for responses
-Q, --tos NUMBER type of service field in IP header
-e, --mpls display information from ICMP extensions
-Z, --timeout SECONDS seconds to keep probe sockets open
-r, --report output using report mode
-w, --report-wide output wide report
-c, --report-cycles COUNT set the number of pings sent
-j, --json output json
-x, --xml output xml
-C, --csv output comma separated values
-l, --raw output raw format
-p, --split split output
-t, --curses use curses terminal interface
--displaymode MODE select initial display mode
-n, --no-dns do not resolve host names
-b, --show-ips show IP numbers and host names
-o, --order FIELDS select output fields
-y, --ipinfo NUMBER select IP information in output
-z, --aslookup display AS number
-h, --help display this help and exit
-v, --version output version information and exit
A more rigorous comparison between the two might be a topic for another blog post…
Let’s look at an example of a pathping run:
netbeez> pathping google.com
Tracing route to google.com [142.250.191.46]
over a maximum of 30 hops:
0 host.docker.internal [172.31.0.222]
1 172.31.0.1
2 192.168.1.254
3 * 108-193-0-1.lightspeed.sntcca.sbcglobal.net [108.193.0.1]
4 71.148.135.196
5 cr2.sffca.ip.att.net [12.123.15.186]
6 sffca22crs.ip.att.net [12.122.3.70]
7 12.122.163.61
8 12.255.10.232
9 216.239.40.18
10 142.251.65.129
11 nuq04s42-in-f14.1e100.net [142.250.191.46]
Computing statistics for 275 seconds...
Source to Here This Node/Link
Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
0 host.docker.internal [172.31.0.222]
0/ 100 = 0% |
1 0ms 0/ 100 = 0% 0/ 100 = 0% 172.31.0.1
0/ 100 = 0% |
2 1ms 0/ 100 = 0% 0/ 100 = 0% 192.168.1.254
0/ 100 = 0% |
3 2ms 24/ 100 = 24% 24/ 100 = 24% 108-193-0-1.lightspeed.sntcca.sbcglobal.net [108.193.0.1]
0/ 100 = 0% |
4 2ms 24/ 100 = 24% 24/ 100 = 24% 71.148.135.196
0/ 100 = 0% |
5 --- 100/ 100 =100% 100/ 100 =100% cr2.sffca.ip.att.net [12.123.15.186]
0/ 100 = 0% |
6 --- 100/ 100 =100% 100/ 100 =100% sffca22crs.ip.att.net [12.122.3.70]
0/ 100 = 0% |
7 --- 100/ 100 =100% 100/ 100 =100% 12.122.163.61
0/ 100 = 0% |
8 --- 100/ 100 =100% 100/ 100 =100% 12.255.10.232
0/ 100 = 0% |
9 7ms 0/ 100 = 0% 0/ 100 = 0% 216.239.40.18
5/ 100 = 5% |
10 --- 100/ 100 =100% 95/ 100 = 95% 142.251.65.129
0/ 100 = 0% |
11 6ms 5/ 100 = 5% 0/ 100 = 0% nuq04s42-in-f14.1e100.net [142.250.191.46]
Trace complete.
Pathping first runs a tracepath to get the hop-by-hop IP information between my laptop and google.com. Then for each hop, it sends 100 packets with 250 milliseconds interval to calculate statistics. This amounts to 25 seconds per hop and a total of 275 seconds for 11 hops.
As you can see, it might take a while for pathping to finish its run, but all these parameters are configurable (-p for period and -q for number of queries per hop), as you can see from the options in the help menu. If you’re interested in alternative network latency tools, you might also want to learn how to use gping, which provides a graphical comparison of multiple hosts’ latency.
As you can see for each hop, you have statistics on latency and on how many packets were dropped out of the 100 that were sent. This can be very useful when troubleshooting performance issues, and can help identify specific hops along your route that might be causing the overall issue.
All in all, I think pathping is a very useful tool, it comes for free on Windows, and it’s on par with its Linux equivalent mtr.
Network Configuration and Optimization
A well-configured network is essential for smooth and efficient communication between devices. The pathping command is a powerful ally in both testing connectivity and fine-tuning network settings. By running pathping, administrators can determine the number of hops between a source and destination, as well as measure network latency and packet loss at each point along the route. This granular insight is crucial for identifying bottlenecks, misconfigured routers, or problematic links that could be impacting network performance.
In addition to highlighting issues with network latency and packet loss, pathping can help diagnose problems related to IP addresses, subnet masks, and default gateways. For example, if a device is unable to reach its destination, pathping can reveal whether the issue lies with a specific hop, a misconfigured IP address, or an incorrect default gateway. By using the pathping command to test connectivity and analyze the path between devices, network administrators can make informed decisions to optimize their network configuration, reduce latency, and ensure reliable packet delivery across the network.
Best Practices for Network Maintenance
Maintaining a healthy network requires regular monitoring and proactive troubleshooting. One of the best practices for network maintenance is to incorporate the pathping command into your routine checks. By periodically running pathping, administrators can monitor network latency and packet loss, quickly identifying any emerging issues before they escalate into major outages. This proactive approach helps to minimize downtime and maintain high levels of network reliability.
The pathping command is especially useful for applications that demand low latency and minimal packet loss, such as VoIP calls and video streaming. By testing connectivity and analyzing the path to critical servers or endpoints, administrators can ensure that the network meets the performance requirements for these services.
Regular use of pathping also aids in detecting intermittent issues that might not be apparent during normal operation, allowing for timely intervention and resolution. By making pathping a standard part of your network maintenance toolkit, you can keep your network running smoothly and provide a better experience for all users.