From owner-freebsd-hackers Mon Jan 8 09:05:07 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id JAA21199 for hackers-outgoing; Mon, 8 Jan 1996 09:05:07 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id JAA21191 for ; Mon, 8 Jan 1996 09:05:02 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id LAA05891; Mon, 8 Jan 1996 11:03:51 -0600 From: Joe Greco Message-Id: <199601081703.LAA05891@brasil.moneng.mei.com> Subject: Re: Using `ping' to diagnose network connections reasonable? To: jkh@time.cdrom.com (Jordan K. Hubbard) Date: Mon, 8 Jan 1996 11:03:51 -0600 (CST) Cc: hackers@freebsd.org In-Reply-To: <24751.821114877@time.cdrom.com> from "Jordan K. Hubbard" at Jan 8, 96 07:27:57 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-hackers@freebsd.org Precedence: bulk > I'd like to add some code to sysinstall which will attempt to > `diagnose' a link before accepting the configuration parameters, > catching a lot of adapter misconfiguration and incorrect data errors > that sysinstall misses now (to fail less gracefully later). My > question is whether or not `ping' is a reasonable way to measure > connectivity between your host and the gateway & dns machines. Is it > reasonable to assume that if a host supports forwarding or DNS > queries, it will also answer pings? What if you've got pings blocked > somehow but allow DNS traffic through? I wouldn't want to flag a host > as `unreachable' when in fact it would have worked fine for its > intended purpose! That would be worse than no error checking at all. Generally this is true. However it is not true in firewall scenarios, etc., which some people live with. For a DNS server, it might be better to try a reverse lookup of the specified server's address (i.e. the very first thing "nslookup" does) and I don't have any great ideas about the gateway case. The firewall gateways I configure would be really hard to detect using any generic method, beyond sending a packet and hoping for the best. By the way, PLEASE please make sure that any checks you add can be BYPASSED for those of us who occasionally work in "just functional enough" network environments (i.e. routing has not been propagated fully, etc., it should still be possible to make everything work simply by specifying IP's for the ftp server) ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgreco@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847