Using pathping to identify data transfer problems

Network performance and reliability greatly depend on flawless data transfer using TCP/IP protocols. You can find out whether data transfer is occurring flawlessly both inside and outside the company network using a fairly simple tool. Pathping is one of the most useful network diagnostic tools out there, second only to the better-known command-line utility ipconfig. System administrators and home users appreciate the flexibility and efficiency of this CMD command, especially when dealing with complex network environments.

Black Friday Deals

Our best deals of the year. Offers end after Cyber Monday.

Don't miss out!

Web hosting
Website builder
WordPress

What is pathping?

Pathping is an easy-to-use diagnostic tool that builds on its predecessors tracert and ping and is described as being an evolution of them with even more extensive capabilities. This command-line utility has been available to users since Windows 2000 and can be used to obtain information about data traffic and to check the availability of specific hosts in a network. Pathping analyses are often an important step in initiating concrete actions aimed at network optimization and troubleshooting. For network analysis, the command-line utility uses the Internet Control Message Protocol (ICMP).

How does pathping work and what is it used for?

The term “network latency” is often used when talking about online data traffic. This refers to the amount of time it takes for a data packet to travel from the sender to the receiver. A long delay is especially critical when it comes to data-hungry applications.

A slow connection can, for example, significantly impact a person’s gaming experience in an online game or lead to image stuttering and dropouts when streaming videos. Video conferences and VoIP calls are also greatly impacted by high network latency. Likewise, if data traffic is too slow, this can negatively affect the process of retrieving a website. For example, when using online stores, the shopping experience can be hampered by wait times. Another potential network problem is data packet loss. This can have a noticeable impact on the efficiency and speed at which information is exchanged over local, national, and international networks. Pathping can help with this as well.

Pathping is great for detecting network problems such as cabling issues, data packet loss and speed degradation. During network analysis, this diagnostic tool sends a specific number of test packets to individual intermediate stations (called hops) over a defined period of time. Each hop on the way to the addressee (e.g. a website) receives a total of 100 ICMP echo packets. The addressed intermediate station (e.g. a router) then returns the data packets via Internet Protocol.

After evaluating these pings, pathping generates statistics showing the intermediate stations and the path followed by a data packet. The round-trip times (RTT) for a data packet from source to destination are also recorded. Data loss, operational problems and transfer problems are thus quickly identified. This makes it possible to locate overloaded or malfunctioning routers and computers that are obstructing and slowing down data traffic.

Fact

Hops are the intermediate stops or stations that a data packet passes through in a network or on the Internet when traveling from the source to the destination. When a data packet reaches the next section of the path, it literally hops one step further. Routers usually handle these important interfaces in local networks and on the Internet. The term “hop” is thus often used as a synonym for routers and gateways in the network. Data packets are sent between them until they reach the addressee. The number of hops is recorded in the header of a data packet. If the number exceeds a critical value (i.e. the hop count), the data packet is discarded.

How is pathping used?

The command-line utility pathping can be used via the Windows command-line terminal (cmd.exe.). You can access the terminal through the Run dialog box:

  1. Use the keyboard shortcut “Windows key + R”.
  2. Enter “cmd” into the input field of the Run dialog box.
  3. Click OK.

Like all command-line utilities, pathping is used with a text-based syntax. When writing the command syntax, you need to use the following template:

pathping [/n] [/h <maximumhops>] [/g <hostlist>] [/p <Period>] [/q <numqueries>] [/w <timeout>] [/i <IPaddress>] [/4 <IPv4>] [/6 <IPv6>][<targetname>]

Since pathping also performs calculations and sometimes traces more complex routes with numerous intermediate stations, it may take longer to perform the network analysis to display the final results. The options listed in the syntax are therefore mainly for managing the command more precisely. For example, pathping will perform some routing routines based on preset defaults if the user does not specify any. If these defaults are reduced, such as shorter timeouts, the analyses of more complex network routes in particular can be sped up. This would require the following syntax to be used in the code:

pathping /w 600

Instead of using the default wait time of 3,000 milliseconds, this code will shorten the time per intermediate station to 600 ms. You can also limit the number of hops that pathping should include in the analysis. You must enter a number after the option “/h”. If you include three hops, the code will look like this:

pathping /h 3

Limiting the analysis to the first few hops can be useful if you have already found the problem in your own local infrastructure and just want to check a revised router configuration and the transfer to the next station (e.g. to the Internet provider).

In the first part of the analysis, the pathping command essentially functions in the same way as its predecessor tracert and lists the individual intermediate stations numbered consecutively. By default, host names are displayed first and then their corresponding IP addresses (e.g. the router “fritz.box” with the IP address 192.168.178.1). For the “fritz.box” example, the first few hops of the route would look like this:

0  myPC.fritz.box [192.168.178.20]
1  fritz.box [192.168.178.1]
2  loopback1.0003.acln.06.ham.de.net.telefonica.de [192.168.178.1]
3  bundle-ether10.0001.dbrx.06.ham.de.net.telefonica.de [62.53.2.96]

Pathping then generates a table of statistics in the command-line terminal containing more detailed information (e.g. regarding data loss and time delays). Generating the overview usually requires a specific wait time.

In the example of an intermediate station with the IP address 212.227.120.13, a line from the pathping analysis might look like this (we have prepared the pathping statistics somewhat differently here to offer better clarity and comprehensibility):

You can then glean various information from this data. The hop example (IP address: 212.227.120.13) took an unusually long time for a ping response (300 ms). The evaluation “10/100 = 10%” shows that 10% of the data packets sent directly to this hop were lost. The value “8/100 = 8%” shows that eight packets that passed through the hop were discarded. The line below this information indicates that on the path to the next hop (IP address: 62.53.11.131), 13% of the data packets were discarded.

Packet loss and delays can indicate that the CPU or the local packet buffer memory for the corresponding router was overloaded at the time of the request. Problems that are core to the router could also have a negative effect. In this case, the router would then need to be better configured or replaced if it has a technical defect.

Note

If pathping fails, this may be due to the ICMP protocol being blocked by a server, router, or firewall.

Overview of pathping options

In addition to the previously mentioned examples, there are other parameters that can be added to pathping for network diagnostics. In the following table, you will find the most important options with explanations for each.

OPTION DESCRIPTION
/n No host name resolutionUsing the “/n” option causes the display to only use numeric IP addresses instead of DNS host names. While fully written out host names may be more practical for users, they also make the technical analysis performed during the pathping diagnostics more complicated and may cause it to take longer.
/h <maximumhops> Number of possible hops in a pathGives the maximum number of intermediate stations included in the route to the destination. (The default value is 30 hops, which usually refers to the number of routers used as intermediate stations).
/g <hostlist> Use the “Loose Source Route” option (based on the host list) Specifies that the ICMP echo request should use the “Loose Source Route” option. This instruction is in the IP header. Loose Source Routing is an IP option which can be used for address translation. The host list then specifies the specific intermediate stations for which this option should apply.
/p <period> Define the wait time between pingsThis parameter defines the wait time between pings or ICMP packets that are sent to each intermediate station (the default wait time between individual packets is 250 milliseconds).
/q <numqueries> Specify the number of echo request messages (ICMP echo requests)The number of ICMP echo requests that are sent to each intermediate station on the path (the default value is 100 requests).
/w <timeout> Wait time for responseDefines the wait time (in milliseconds) for the response to the ICMP echo requests. The default value is set to 3,000 milliseconds (= 3 seconds). Let’s say a host cannot be reached. By defining a shorter wait time (e.g. 600 ms) before the next attempt, this can speed up the pathping diagnostics.
<IPaddress> Use the specified source address There are multiple possible versions: IP address, Fully-Qualified Host Name (FQHN) or NetBIOS name
/4 <IPv4> Pathping should only use IPv4
/6 <IPv6> Pathping should only use IPv6
<targetname> Destination of the routing analysis The destination can be specified as an IP address or a host name.
/? Display pathping help