Built into Windows 2000, Pathping helps identify the source of slow connection problems between network hosts.
Microsoft’s Pathfinder
Built into Windows 2000, Pathping helps identify the source of slow connection problems between network hosts.
- By Chip Andrews
- 06/01/2001
We’ve all been there. You’re connecting to
a really slow server, and you’re wondering: Why is this
one machine moving like molasses? Don’t you wish you had
a way to diagnose the exact problem?
Why not just fire up Tracert (Traceroute,
used to see the path a packet takes from your computer
to a destination) or Ping (Packet Internet Groper, used
to test connectivity and link speed between your computer
and a destination) and see where the weak spots are? Well,
the problem here is that these two tools don’t give you
the complete picture. With Tracert, all you get is end-to-end
ping times along each router. Ping tells you only the
round-trip time for the test packet. Thankfully, though,
Microsoft has provided a more powerful solution, Pathping,
which is built into Windows 2000. In a nutshell, Pathping
is an advanced diagnostic utility that helps identify
the source of slow connection problems between hosts.
When Pathping performs a scan, the first
part of the output is similar to Tracert in that it simply
shows the path from your IP address to the destination.
But with Pathping, after showing this path, a scanning
time estimate is displayed while the utility sends large
numbers of packets to the various routers along the path.
After a delay, Pathping shows the detailed test results
gleaned by statistically analyzing the returned packets.
Let’s look at a sample of output and see what’s going
on:
Pathping Scan:
c:\>pathping -n test
Tracing route to test [7.54.1.196]
over a maximum of 30 hops:
0 172.16.87.35
1 172.16.87.218
2 192.68.52.1
3 192.68.80.1
Computing statistics for 100 seconds...
Source to Here This
Node/Link
Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
0 172.16.87.35 0/
100 = 0% |
1 41ms 0/ 100 = 0% 0/ 100 = 0% 172.16.87.218 13/
100 = 13% |
2 22ms 16/ 100 = 16% 3/ 100 = 3% 192.68.52.1 0/
100 = 0% |
3 24ms 0/ 100 = 16% 0/ 100 = 0% 192.68.80.1
Trace complete.
In this scan, the routers are represented
by lines ending with an address and the paths between
hops (a packet moving from router to router) are represented
by the vertical bars ( | ). As shown, there’s 13 percent
packet loss on the link between hops 1 and 2, as evidenced
by the vertical bar signifying the link and not the endpoint
of the connections between the two routers. Also, take
note of hop 2 and observe that a router is dropping 3
percent of the direct requests. Yet, it seems to be forwarding
packets without problem, as evidenced by the normal link
below it. The column to watch, then, is “This Node/Link,”
as it tells you the loss at that particular location.
In this case, it appears that the router CPU at hop 2
is overloaded and is dropping packets directed at it.
For those who are QoS (Quality-of-Service)
savvy, Pathping features some useful scanning options,
including checking for Layer-2 priority tags (used to
identify routers that don’t have Layer-2 priority configured
properly) and RSVP-aware routers (Resource Reservation
Protocol, allowing a host computer to reserve a certain
amount of bandwidth for a data stream). Testing routers
for this kind of functionality may help you diagnose issues
by providing as much information as possible about router
capabilities.
|
Looking to avoid that “network-servers-are-slower-than-molasses”
feeling? Pathping can help. (Click image to view larger
version.) |
To speed up the first portion of a Pathping
analysis, I recommend turning off name resolution using
the –n switch. Now, get out there and use Pathping to
analyze your link problems! I’d be interested in hearing
some stories about how this utility saved the day.
About the Author
Chip Andrews, MCSE+I, MCDBA is a software security architect at (Clarus Corp.). Chip maintains the (sqlsecurity.com) Web site and speaks at security conferences on SQL Server security issues.