I have a question about Extended Ping

If I perform extended ping from the default Gateway(Router1) of PC1 and ping another connected Router(Router2) using PC1's IP as the source IP for the ping.

How does the default Router1 of PC1 know the ping was sucessful if Router2 will use PC1's IP as the destination address while it sends the ping echo reply ?

Does the default router of PC1 assume the ping was sucessful when it receives a ping with Router2's IP as the source and PC1's IP as the destination?

And if that's the case what if PC1's ethernet cable is faulty and can not communicate with the default gateway router1, yet extended ping was a sucess?

I ask because I was reading the chapter that covers extended ping in odom's book and it doesn't explain how router1 knows the ping was sucessful.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

bbarrick

Using the Extended ping and Extended traceroute Commands - Cisco Systems

methodical

That doesn't explain how the router that's being used to run extended ping knows the echo reply sent to the host was successful. It only confirms the routing from the gateway router to the echo request destination and back to the gateway router of the source host was successful.

bbarrick

You can't use PC1 as a source. Has to be a routers ip. That's what the link says.

methodical

bbarrick wrote: »

You can't use PC1 as a source. Has to be a routers ip. That's what the link says.

Actually you can it is one of the features of extended ping here is a quote from the Official Cert Guide to the ICND2.

"A more thorough alternative is to use the extended ping command to act like you issued a ping from the computer on a subnet, without having to call a user and ask to enter a ping command for you on the PC"

I am just trying to figure out how the router accomplishes this task and knows the ping to the source it is acting as would work if the ping was actually sent from the Host using ping.

bbarrick

It's a privilege mode command on the router, I don't see anything that directly states you can use the PCs ip as a source. Cisco says any interface on the router. That quote is rather vague.

theodoxa

methodical wrote: »

I am just trying to figure out how the router accomplishes this task and knows the ping to the source it is acting as would work if the ping was actually sent from the Host using ping.

My guess would be that since the router sent the ping, it would know that any pings coming back with the correct Addresses are responses to its ping and intercepts them. Just don't use an IP Address that won't result in the reply coming back through that same router.

methodical

theodoxa wrote: »

My guess would be that since the router sent the ping, it would know that any pings coming back with the correct Addresses are responses to its ping and intercepts them. Just don't use an IP Address that won't result in the reply coming back through that same router.

Yea that was the only way I could think of it working as well.

bbarrick

I'd just read about extended ping a couple days ago in the CCENT book. After testing it, and going back and reading about how ping works it appears that using ping from the router sends the signal and knows that it should get a response, no response takes about 2 seconds and it counts it as a lost packet. Testing it, if you disconnect the link and choose a source address on the disconnected link it comes back with all failures. So, even though your using the source of the host, you are actually just getting a response to the subnet that that particular host is connected to on that router. I don't think there is any interaction at all between the ping command and the host that you use as a source.

iamme4eva

When studying, practical work is just as important as theory work. If you read something in a book and you don't understand it, chuck three routers together in GNS3 or packet tracer and try it.

The link provided by bbarrick is very useful for extended pings. It says on the page:

If an extended ping command is used, the source IP address can be changed to any IP address on the router.

To further prove that, if you fire up a lab and try it, if you issue an extended ping with a source address of one of your PC's, you will get the message:

% Invalid source address- IP address not on any of our up interfaces

(That message is copied and pasted...I just did it).

An extended ping must be from an active, up interface on that router. They are not designed to emulate hosts, or check hosts connectivity; rather they are used to ensure connectivity to that subnet. What an extended ping is good for is ensuring that the destination has a route to the subnet that your host is in.

bbarrick

You are right, last night I tested it with the source IP of a server that was directly connected to the router. It did send the ping, but I'm assuming that it was only because it was directly connected. After reading your post I used a host that was separated by a switch and it would kick back every time I tried using it as a source IP in the extended ping command.

iamme4eva

I'm very surprised that it worked with the server either. It *should* only work with an up interface.

Were you trying this on real kit / GNS / PT?

Whether there is a switch or not, the host is still considered directly connected.

I'm intrigued now.

bbarrick

Yea, it was in packet tracer.

Well, I say that then I went back into that same lab and I couldn't replicate what I said it did. I was extremely tired last night, apparently a bit delusional as well.

iamme4eva

Maybe it was one of those packet tracer "features"