Introducing Ping Watcher
Every now and then I find myself troubleshooting an issue at a remote customer site where hosts have limited connectivity to the rest of the world. For example, sometimes they can reach other private networks over a VPN, but apparently can't reach anything on the public Internet. In this scenario, the game is to deduce whether traffic is being dropped inbound or outbound. Unfortunately, there's no easy way to verify whether traffic is being dropped outbound beyond a device under your control.
So, last week I put together a simple tool to watch for ICMP echo requests (pings) sent to this site and publish a live stream of incoming traffic. This tool is Ping Watcher. (Get it? It watches pings.)
Ping Watcher employs Ajax and a simple back-end tied to a tshark process running on the public interface of this server. Send a ping, tshark catches it and writes it to round-robin memory structure (achieved using redis, and it will appear in Ping Watcher within a few seconds. Now you can confirm that traffic is at least getting from point A to the Internet, if not from the Internet to point B.
Hopefully this proves helpful to people. Let me know of any potential bugs or improvements you'd like to see.
And thanks to tbic and caaakeeey in #django on Freenode for some much-appreciate programming pointers!
About the Author
Jeremy Stretch is a freelance networking engineer, instructor, and the maintainer of PacketLife.net. He currently lives in Fairfax, Virginia, on the edge of the Washington, DC metro area. Although primarily an R&S guy, he likes to get into everything, and runs a free network training lab out of his basement for fun. You can contact him by email or follow him on Twitter.
Comments
Welcome back, even if it ends up being sparse.
It seems when sending pings with a length greater than 1480 bytes, the "Identifier" and "Sequence" fields don't get populated. (Fragmentation)?
very cool. thanks stretch!
thanks I've already made a ping and it works!!!.
Hi Jeremy !
Yet another cool feature from you to the community, many thanks !
Found a little typo though : "...to the rest of the word" should be
like "... to the rest of the WORLD" , or am i wrong ?
Best regards ! Vincent Vlk
Strech
Welcome back, and thanks for the information!!!
Nice tool!
When can we see ipv6 version of it? :)
I thing it will be very popular soon :)
@Roman - IPv6 version. Good thought.
@stretch - It appears packetlife.net is not IPv6-enabled. Is your hosting provider rackspace supports it. Are they charging a premium for it?
Seriously love it...makes those exciting asymmetric routing problems much easier to troubleshoot.
Hi,
I was using vCider for my connectivity with cloud, can I use ping watcher with it?
Regards,
MBlip.
That is actually quite cool.
very good thanks stretch
Can you explain how I can get this to run on one of my servers?
Stretch
This tool is so useful, as is your site. Many thanks for your efforts! For the record, my football nickname is stretch (long legs) ;)
Happy networking.
Stretch, glad to see you back and there is not enough thanks to give.
Jeff