Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I'm have configured GRE tunnels between centos machines and corresponding routing tables on individual centos machines as shown in the image:
Im able to
Ping from Router-1 to gre1 tunnels other end:
worker]# ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=1.43 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=0.472 ms
64 bytes from 10.0.0.2: icmp_seq=3 ttl=64 time=0.291 ms
64 bytes from 10.0.0.2: icmp_seq=4 ttl=64 time=0.319 ms
The traffic reaches Transit Router over the GRE tunnel(this is verified by tcpdump proto gre)
Ping from Router-2 to gre2 tunnels other end:
worker]# ping 11.0.0.2
PING 11.0.0.2 (11.0.0.2) 56(84) bytes of data.
64 bytes from 11.0.0.2: icmp_seq=1 ttl=64 time=1.10 ms
64 bytes from 11.0.0.2: icmp_seq=2 ttl=64 time=0.392 ms
64 bytes from 11.0.0.2: icmp_seq=3 ttl=64 time=0.369 ms
64 bytes from 11.0.0.2: icmp_seq=4 ttl=64 time=0.258 ms
This traffic too flows on tunnel
and on the transit router I'm able to ping the private address of both Router-1 and Router-2 after adding the routing entry:
Transit Router:
[root#vmc-centos conf]# ping 10.2.32.1
PING 10.2.32.1 (10.2.32.1) 56(84) bytes of data.
64 bytes from 10.2.32.1: icmp_seq=1 ttl=64 time=0.589 ms
64 bytes from 10.2.32.1: icmp_seq=2 ttl=64 time=0.380 ms
64 bytes from 10.2.32.1: icmp_seq=3 ttl=64 time=0.383 ms
Router-1:
worker]# tcpdump -i any proto gre -n
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
04:54:36.684864 IP 10.206.83.3 > 10.206.90.103: GREv0, length 88: IP 10.0.0.2 > 10.2.32.1: ICMP echo request, id 20445, seq 34, length 64
04:54:36.684951 IP 10.206.90.103 > 10.206.83.3: GREv0, length 88: IP 10.2.32.1 > 10.0.0.2: ICMP echo reply, id 20445, seq 34, length 64
04:54:37.684776 IP 10.206.83.3 > 10.206.90.103: GREv0, length 88: IP 10.0.0.2 > 10.2.32.1: ICMP echo request, id 20445, seq 35, length 64
Transit Router:
[root#vmc-centos conf]# ping 10.4.32.1
PING 10.4.32.1 (10.4.32.1) 56(84) bytes of data.
64 bytes from 10.4.32.1: icmp_seq=1 ttl=64 time=0.553 ms
64 bytes from 10.4.32.1: icmp_seq=2 ttl=64 time=0.325 ms
64 bytes from 10.4.32.1: icmp_seq=3 ttl=64 time=0.354 ms
Router-2:
worker]# sudo tcpdump -i any proto gre -n
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
04:56:57.549823 IP 10.206.83.3 > 10.206.86.199: GREv0, length 88: IP 11.0.0.2 > 10.4.32.1: ICMP echo request, id 20690, seq 24, length 64
04:56:57.549896 IP 10.206.86.199 > 10.206.83.3: GREv0, length 88: IP 10.4.32.1 > 11.0.0.2: ICMP echo reply, id 20690, seq 24, length 64
But now when I try to reach the private network of Router-2(10.4.32.1) from Router-1, the packets reach till Transit Router but are not being forwarded from there to Router-2:
Router-1:
worker]# ping 10.4.32.1
PING 10.4.32.1 (10.4.32.1) 56(84) bytes of data.
Transit Router:
[root#vmc-centos conf]# tcpdump -i any proto gre -n
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
04:59:06.382024 IP 10.206.90.103 > 10.206.83.3: GREv0, length 88: IP 10.0.0.1 > 10.4.32.1: ICMP echo request, id 36131, seq 40, length 64
04:59:07.382007 IP 10.206.90.103 > 10.206.83.3: GREv0, length 88: IP 10.0.0.1 > 10.4.32.1: ICMP echo request, id 36131, seq 41, length 64
Router-2:
[root#wdc-10-206-86-199 worker]# sudo tcpdump -i any proto gre -n
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
Route forwarding is enabled on all the machines:
[root#vmc-centos conf]# sudo sysctl -p
net.ipv4.ip_forward = 1
iptables on transit router:
[root#vmc-centos ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT gre -- anywhere anywhere
ACCEPT gre -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT gre -- anywhere anywhere
Chain DOCKER (1 references)
target prot opt source destination
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-ISOLATION-STAGE-2 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Note: I have tried this before and the packets were reaching the other private network. Now Im trying on another setup, theres some config I'm missing.
Got the answer here:
https://serverfault.com/questions/1010565/packets-not-getting-forwarded-on-centos7-between-gre-tunnels
The Docker daemon seems to be running on the forwarding machine. By default to isolate containers on different bridges and the host machine, Docker will install a default DROP policy on the forwarding chain in iptables. There is a setting in Docker daemon to not do this. Set iptables to false in /etc/docker/daemon.json. See Docker and iptables.
If you change default policy to ACCEPT, that will work.
iptables --policy FORWARD ACCEPT
BUT, when you (or a package upgrade of docker, or a reboot) restarts the Docker daemon the default policy will again change to DROP, if you didn't change the setting of the docker daemon.
Related
I have two namespaces srv1 and srv2, interconnected via a softswitch (p4 bmv2) with veth pairs. The softswitch does just simple forwarding. The veth interfaces inside the namespaces have IP addresses assigned to them (respectively 192.168.1.1 and 192.168.1.2). I could ping between the two namespaces using those IP addresses:
sudo ip netns exec srv1 ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=1.03 ms
64 bytes from 192.168.1.2: icmp_seq=2 ttl=64 time=1.04 ms
but when I try netcat I dont receive messages on the server side:
client:
sudo ip netns exec srv1 netcat 192.168.1.2 80 -u
hello!
server:
sudo ip netns exec srv2 netcat -l 80 -u
The interface receives the packets with proper format.I verified with tcpdump on on both namespaces and I saw the packets being sent and received properly:
client:
sudo ip netns exec srv1 tcpdump -XXvv -i srv1p
[sudo] password for simo:
tcpdump: listening on srv1p, link-type EN10MB (Ethernet), capture size 262144 bytes
^C06:09:41.088601 IP (tos 0x0, ttl 64, id 14169, offset 0, flags [DF], proto UDP (17), length 35)
192.168.1.1.55080 > 192.168.1.2.http: [bad udp cksum 0x8374 -> 0x5710!] UDP, length 7
0x0000: 00aa bbcc dd02 00aa bbcc dd01 0800 4500 ..............E.
0x0010: 0023 3759 4000 4011 801d c0a8 0101 c0a8 .#7Y#.#.........
0x0020: 0102 d728 0050 000f 8374 6865 6c6c 6f21 ...(.P...thello!
0x0030: 0a .
1 packet captured
1 packet received by filter
0 packets dropped by kernel
server:
sudo ip netns exec srv2 tcpdump -XXvv -i srv2p
tcpdump: listening on srv2p, link-type EN10MB (Ethernet), capture size 262144 bytes
^C06:09:41.089232 IP (tos 0x0, ttl 64, id 14169, offset 0, flags [DF], proto UDP (17), length 35)
192.168.1.1.55080 > 192.168.1.2.http: [bad udp cksum 0x8374 -> 0x5710!] UDP, length 7
0x0000: 00aa bbcc dd02 00aa bbcc dd01 0800 4500 ..............E.
0x0010: 0023 3759 4000 4011 801d c0a8 0101 c0a8 .#7Y#.#.........
0x0020: 0102 d728 0050 000f 8374 6865 6c6c 6f21 ...(.P...thello!
0x0030: 0a .
1 packet captured
1 packet received by filter
0 packets dropped by kernel
I added on srv2 iptable rules to ACCEPT udp packets on port 80 and to LOG:
sudo ip netns exec srv2 iptables -t filter -A INPUT -p udp --dport 80 -j ACCEPT
sudo ip netns exec srv2 iptables -I INPUT -p udp --dport 80 -j LOG --log-prefix " IPTABLES " --log-level=debug
I could see the stats increasing on the entry and the packets being logged on /var/log/kern.log, but the message never reachets the netcats listening socker.
sudo ip netns exec srv2 iptables -L -n -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1 33 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:80 LOG flags 0 level 7 prefix " IPTABLES "
4 133 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:80
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
kernel logs:
kernel: [581970.306032] IPTABLES IN=srv2p OUT= MAC=00:aa:bb:cc:dd:02:00:aa:bb:cc:dd:01:08:00 SRC=192.168.1.1 DST=192.168.1.2 LEN=33 TOS=0x00 PREC=0x00 TTL=64 ID=51034 DF PROTO=UDP SPT=48784 DPT=80 LEN=13
When I replace the softswitch with a bridge the netcat works. I thought maybe the softswitch corrputs the packets but the tcpdump shows the right format. The UDP checksum is not correct but it is generated like that from the source server, and it is the same thing when using the linux bridge anyways but it works in that case. Is ther a way to know the reason those packets do not reach the netcat server ?
I have a server. I want to make possible sending requests to this server from the internet (this works) and simultaneously block requests from the server to domains.
I want to type
ping google.com
on the server and see nothing.
Now I see
ping google.com
PING google.com (216.58.205.46) 56(84) bytes of data.
64 bytes from mil04s24-in-f46.1e100.net (216.58.205.46): icmp_seq=1 ttl=54 time=36.3 ms
64 bytes from mil04s24-in-f46.1e100.net (216.58.205.46): icmp_seq=2 ttl=54 time=63.7 ms
You can block any tcp / udp outgoing traffic using the iptables firewall rules.
For example, you can block any outgoing TCP traffic from port 5050 with below firewall rule -
iptables -A OUTPUT -p tcp --dport 4050 -j DROP
iptables save
Similarly to block ping request, you can block ICMP protocol for any outbound traffic.
I'm trying to programmatically construct and send IP packet through TUN device.
I've setup the TUN device and proper routes:
# ip tuntap add mode tun tun0
# ip link set tun0 up
# ip addr add 10.0.0.2/24 dev tun0
which results in:
$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 600 0 0 wlp3s0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
192.168.0.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp3s0
$ ifconfig tun0
tun0: flags=4241<UP,POINTOPOINT,NOARP,MULTICAST> mtu 1500
inet 10.0.0.2 netmask 255.255.255.0 destination 10.0.0.2
inet6 fe80::f834:5267:3a1:5d1d prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
IP forwarding is ON: # echo 1 > /proc/sys/net/ipv4/ip_forward
I've setup NAT for tun0 packets:
# iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o wlp3s0 -j MASQUERADE
# iptables -t nat -L -v
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- any wlp3s0 10.0.0.0/24 anywhere
Then I have python script to produce ICMP packets:
import os
from fcntl import ioctl
import struct
import time
import random
# pip install pypacker==4.0
from pypacker.layer3.ip import IP
from pypacker.layer3.icmp import ICMP
TUNSETIFF = 0x400454ca
IFF_TUN = 0x0001
IFF_NO_PI = 0x1000
ftun = os.open("/dev/net/tun", os.O_RDWR)
ioctl(ftun, TUNSETIFF, struct.pack("16sH", b"tun0", IFF_TUN | IFF_NO_PI))
req_nr = 1
req_id = random.randint(1, 65000)
while True:
icmp_req = IP(src_s="10.0.0.2", dst_s="8.8.8.8", p=1) +\
ICMP(type=8) +\
ICMP.Echo(id=req_id, seq=req_nr, body_bytes=b"povilas-test")
os.write(ftun, icmp_req.bin())
time.sleep(1)
req_nr += 1
I can see packets originating from tun0 interface:
# tshark -i tun0
1 0.000000000 10.0.0.2 → 8.8.8.8 ICMP 48 Echo (ping) request id=0xb673, seq=1/256, ttl=64
2 1.001695939 10.0.0.2 → 8.8.8.8 ICMP 48 Echo (ping) request id=0xb673, seq=2/512, ttl=64
3 2.003375319 10.0.0.2 → 8.8.8.8 ICMP 48 Echo (ping) request id=0xb673, seq=3/768, ttl=6
But wlp3s0 interface is silent, thus it seems that packets don't get NAT'ed and routed to wlp3s0 interface, which is my WLAN card.
Any ideas what I am missing?
I'm running Debian 9.
And turns out that packet forwarding was disabled - default policy for FORWARD chain is DROP:
# iptables -L -v
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
So I changed the policy:
# iptables -P FORWARD ACCEPT
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Also, I had to change the IP packet source address to something other than 10.0.0.2 which is the preferred source address for tun0 interface:
$ ip route
10.0.0.0/24 dev tun0 proto kernel scope link src 10.0.0.2
So I changed the packet source address to 10.0.0.4:
icmp_req = IP(src_s="10.0.0.4", dst_s="8.8.8.8", p=1) +\
ICMP(type=8) +\
ICMP.Echo(id=req_id, seq=req_nr, body_bytes=b"povilas-test")
Then kernel started forwarding packets coming from tun0 interface to the gateway interface:
# tshark -i wlp3s0
5 0.008428567 192.168.0.103 → 8.8.8.8 ICMP 62 Echo (ping) request id=0xb5c7, seq=9/2304, ttl=63
6 0.041114028 8.8.8.8 → 192.168.0.103 ICMP 62 Echo (ping) reply id=0xb5c7, seq=9/2304, ttl=48 (request in 5)
Also ping responses were sent back to tun0:
# tshark -i tun0
1 0.000000000 10.0.0.4 → 8.8.8.8 ICMP 48 Echo (ping) request id=0xb5c7, seq=113/28928, ttl=64
2 0.035470191 8.8.8.8 → 10.0.0.4 ICMP 48 Echo (ping) reply id=0xb5c7, seq=113/28928, ttl=47 (request in 1)
I am creating a new network namespace called OAM, along wit the veth interfaces to communicate between the new namespace and the default namespace:
$ sudo ip netns add OAM
$ sudo ip link add veth0 type veth peer name veth1
$ sudo ip link set veth1 netns OAM
$ ip netns exec OAM ip link set dev veth1 up
$ ip link set dev veth0 up
$ sudo ip netns exec OAM ip addr add dev veth1 192.168.0.1/24
$ sudo ip addr add dev veth0 192.168.0.2/24
Now I check the value of ip_default_ttl parameter from within the default namespace:
$ cat /proc/sys/net/ipv4/ip_default_ttl
64
It is set to 64. Next I check the same parameter in the newly created OAM namespace:
$ sudo ip netns exec OAM cat /proc/sys/net/ipv4/ip_default_ttl
cat: /proc/sys/net/ipv4/ip_default_ttl: No such file or directory
So, there isn't a copy of this parameter in the new network namespace.
If I try to test what is the value of TTL in both namespaces by using ping, I can see it's ttl=64:
Default namespace:
$ ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_req=1 ttl=64 time=0.072 ms
64 bytes from 192.168.0.1: icmp_req=2 ttl=64 time=0.060 ms
64 bytes from 192.168.0.1: icmp_req=3 ttl=64 time=0.053 ms
^C
--- 192.168.0.1 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3997ms
rtt min/avg/max/mdev = 0.036/0.051/0.072/0.016 ms
Newly created OAM namespace:
$ sudo ip netns exec OAM ping 192.168.0.2
PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.
64 bytes from 192.168.0.2: icmp_req=1 ttl=64 time=0.042 ms
64 bytes from 192.168.0.2: icmp_req=2 ttl=64 time=0.030 ms
64 bytes from 192.168.0.2: icmp_req=3 ttl=64 time=0.053 ms
^C
--- 192.168.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.030/0.041/0.053/0.012 ms
So it seems that even though the ip_default_ttl parameter is not present in the new OAM namespace, the value used is the same (ttl=64).
I confirm that by logging in as root into another terminal and changing the ip_default_ttl value from 64 to 32 like this:
$ echo 32 > /proc/sys/net/ipv4/ip_default_ttl
Now if I retest the pings to check TTL, I get the same value of ttl=32 in both default and OAM namespace:
$ ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_req=1 ttl=32 time=0.029 ms
64 bytes from 192.168.0.1: icmp_req=2 ttl=32 time=0.038 ms
64 bytes from 192.168.0.1: icmp_req=3 ttl=32 time=0.053 ms
^C
--- 192.168.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.029/0.040/0.053/0.009 ms
$ sudo ip netns exec OAM ping 192.168.0.2
PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.
64 bytes from 192.168.0.2: icmp_req=1 ttl=32 time=0.023 ms
64 bytes from 192.168.0.2: icmp_req=2 ttl=32 time=0.031 ms
64 bytes from 192.168.0.2: icmp_req=3 ttl=32 time=0.082 ms
^C
--- 192.168.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.023/0.045/0.082/0.026 ms
So, it seems that the kernel parameter ip_default_ttl defined in the default namespace is used globally across all the network namespaces.
Finally, my question is, what if I want to have different TTL values depending on different namespaces. Is there a way to achieve that ? Is there a way to somehow clone the ip_default_ttl kernel parameter (or other ones which don't get copied) from default to a newly created network namespace and have a separate value ?
Thanks for your answer in advance.
Different namespaces and thus containers, etc. operate within a single instance kernel, so parameters like ip_default_ttl are global.
You can however explicitly set hoplimit for routes:
# ip route change 192.168.50.0/24 dev xenbr0 hoplimit 32
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
Good afternoon,
I'm working on a three computers (under Linux Mint 14) LAN. They are connected to a switch and none of them have any firewall.
The problem is that each one of them is really slow to detect failures of one of their peers.
For example, I proceed to that test :
I ping from 192.168.0.2 to 192.168.0.3. After 10 seconds, I unplung 192.168.0.3 from the switch... the problem is that 192.168.0.2 takes 48 seconds to detect that !
Here you'll finds logs of that test
oneadmin#192.168.0.2 ~ $ ping -v -i 1 192.168.0.3
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
64 bytes from 192.168.0.3: icmp_req=1 ttl=64 time=0.233 ms
64 bytes from 192.168.0.3: icmp_req=2 ttl=64 time=0.236 ms
64 bytes from 192.168.0.3: icmp_req=3 ttl=64 time=0.220 ms
64 bytes from 192.168.0.3: icmp_req=4 ttl=64 time=0.229 ms
64 bytes from 192.168.0.3: icmp_req=5 ttl=64 time=0.233 ms
64 bytes from 192.168.0.3: icmp_req=6 ttl=64 time=0.210 ms
64 bytes from 192.168.0.3: icmp_req=7 ttl=64 time=0.271 ms
64 bytes from 192.168.0.3: icmp_req=8 ttl=64 time=0.273 ms
64 bytes from 192.168.0.3: icmp_req=9 ttl=64 time=0.291 ms
64 bytes from 192.168.0.3: icmp_req=10 ttl=64 time=0.201 ms
From 192.168.0.2 icmp_seq=58 Destination Host Unreachable
From 192.168.0.2 icmp_seq=59 Destination Host Unreachable
From 192.168.0.2 icmp_seq=60 Destination Host Unreachable
From 192.168.0.2 icmp_seq=61 Destination Host Unreachable
From 192.168.0.2 icmp_seq=62 Destination Host Unreachable
From 192.168.0.2 icmp_seq=63 Destination Host Unreachable
From 192.168.0.2 icmp_seq=64 Destination Host Unreachable
From 192.168.0.2 icmp_seq=65 Destination Host Unreachable
From 192.168.0.2 icmp_seq=66 Destination Host Unreachable
From 192.168.0.2 icmp_seq=67 Destination Host Unreachable
From 192.168.0.2 icmp_seq=68 Destination Host Unreachable
From 192.168.0.2 icmp_seq=69 Destination Host Unreachable
What shall I do to reduce that time?
Best regards,
Sonsolès
You can use -w to specify timeout
ping -c1 -w1 192.168.0.3
Options Details:
-c count
Stop after sending count ECHO_REQUEST packets. With deadline option, ping
waits for count ECHO_REPLY packets, until the timeout expires.
-w deadline
Specify a timeout, in seconds, before ping exits regardless of how many pack‐
ets have been sent or received. In this case ping does not stop after count
packet are sent, it waits either for deadline expire or until count probes
are answered or for some error notification from network.
I guess you can you -O
ping -O host.com
claudionei#TI-03 ~ $ ping -O 10.251.15.251
PING 10.251.15.251 (10.251.15.251) 56(84) bytes of data.
64 bytes from 10.251.15.251: icmp_seq=1 ttl=62 time=4.50 ms
no answer yet for icmp_seq=2
64 bytes from 10.251.15.251: icmp_seq=2 ttl=62 time=1950 ms
no answer yet for icmp_seq=3
64 bytes from 10.251.15.251: icmp_seq=3 ttl=62 time=1409 ms
64 bytes from 10.251.15.251: icmp_seq=4 ttl=62 time=576 ms
64 bytes from 10.251.15.251: icmp_seq=5 ttl=62 time=654 ms
64 bytes from 10.251.15.251: icmp_seq=6 ttl=62 time=4.41 ms
--- 10.251.15.251 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5001ms
rtt min/avg/max/mdev = 4.416/766.491/1950.291/710.053 ms, pipe 2