Smokeping is an amazing and underrated resource as a network health metric and diagnostics tool.
If you have a network monitoring or asset system you can export IP addresses from, you should use a small glue script to automatically build a smokeping configuration. I've got one for our LAN and one for the WAN at each of our sites so I can track down issues at either level.
The LAN connection charts are a great daily sanity check, and the WAN connections (I have every-to-every for each site so any and all inter-site issues can be seen) can help keep your ISP honest with the service they're delivering.
miniBill 25 days ago [-]
mtr is also pretty great!
linsomniac 28 days ago [-]
Wooo, Windows support! Availability of network diagnostics tools in Windows has been problematic, particularly for very infrequent use. There are some good looking ones for purchase, but it's hard to purchase when we don't usually need it.
For a while, largely related I think to just not having enough bandwidth at our office, but also partly because our coax on the Xfinity cablemodem was sketchy, we were not infrequently having issues, and the majority of my coworkers are on Windows. ping and tracert aren't very good tools for finding out what is going on with intermitant networking issues, especially when it might also be people's home wifi from WFH. There were times I just wished they could run mtr.
Over the last year or so I've been seeing more Windows tools available, which has been great!
VectorLock 28 days ago [-]
WinMTR is a thing, but you have to install it, ofcourse.
linsomniac 27 days ago [-]
Thanks, WinMTR seems like exactly the sort of thing I was looking for back then, not sure why it didn't come up in our searches at the time.
out-of-ideas 25 days ago [-]
i still do like HLSW's TraceRoute if it can even be found online anymore; sometimes i just wanna see a monitor-wide graph of all the traceroutes in line-form. i, however, do not miss the glaringly bright day-star-theme at its core
alpn 28 days ago [-]
Another interesting tool in this space is trippy, which ‘combines the functionality of traceroute and ping’
As other comments say, It’s a bit of a crowded market…
linsomniac 28 days ago [-]
mtr is my go-to, great tool!
markhan-nping 28 days ago [-]
Wow ~, in all honesty, Nping needs to do more
arjie 28 days ago [-]
What I like doing is using ttyplot and then it supports many commands and you can even specify an extraction param to plot on so then it's very Unix philosophy.
There’s also qping, tping and rping, but they are not implementing ping functionality, but are tools for checking the status of specific remote services.
_blk 28 days ago [-]
Nice overview.
I see there's space for some more networking tools since there's plenty of letters to go. Is there a hash table to pick the next letter?
toomuchtodo 28 days ago [-]
Is there an awesome-{}-tools list of these somewhere by chance?
Also, the 'apple.com' IP address in the screenshot (221.194.154.187) belongs to a Chinese company.
The developer seems to be located in China. You are seeing the Great Firewall in action:
> The GFW does not have a unique technique of censorship. One of its strengths is to combine several techniques. One of them is the generation, by the network itself (and not by a lying resolver), of bogus DNS responses. You ask for a censored name and as a result you get an answer giving an IP address that has nothing to do with the question asked. [...] But if you ask him about a censored name, then the network generates a false answer. Even if the input is the same, the response varies from a request to another: [...]. The IP address 157.240.17.14 belongs to Facebook (normally scratch.mit.edu is at Fastly), a prime example of the lies generated by the GFW.
Why? It's just that Apple has CDNs in China. Yes, as long as you do all the bureaucracy nonsense and comply to censorship you can do that.
e6858.e19.s.tl88.net resolves to 221.194.154.187. tl88.net is the domain for a CDN vendor mainly operating in China.
And it does serve www.apple.com content with actual www.apple.com TLS cert.
raphman 27 days ago [-]
Thanks for the explanation about the CDN for apple.com.
However, the parent's observation seems to be consistent with the Great Firewall, no?
rfoo 27 days ago [-]
Oops, sorry, yes you are right. For some reason I didn't see GP's comment at all and ignored the fact that you were replying to it /facepalm
markhan-nping 28 days ago [-]
thanks ~
markhan-nping 28 days ago [-]
Hello, I'm the developer of Nping, I'm glad you're interested in Nping, forgive me for using translation software to write this content, usually a domain name itself will be resolved to more than one ip address, Nping uses the output of the system command Ping
1f60c 28 days ago [-]
Oh gosh, I'm so sorry. My comment wasn't meant as criticism of you or Nping; I had just never seen a DNS server intentionally return obviously incorrect results before.
markhan-nping 28 days ago [-]
This may be a misunderstanding, it's the first time I've encountered this problem and it's helped me to learn more, thanks
zakki 28 days ago [-]
A Domain name resolved to many IP addresses is true. But Google's domain name resolved to Facebook's IP? That is very odd.
markhan-nping 28 days ago [-]
When I switch to vpn I get the right results, maybe GFW is causing the problem
aboardRat4 28 days ago [-]
That's normal for most websites blocked in China.
They usually resolve to either other blocked websites to trigger a "dangerous website phishing" warning from the browser, or the ISP's own website pretending to be a captive portal.
markhan-nping 28 days ago [-]
How about using the system's own ping command? Nping essentially calls the system's Ping command
28 days ago [-]
alam2000 27 days ago [-]
[dead]
wolrah 28 days ago [-]
Neat, reminds me a lot of noping which is a long-time favorite of mine (and its non-graphical counterpart oping): https://noping.cc/
One thing I've always wanted in a ping tool but never found is something that can log anomalous results, so for example one could leave it running in a screen/tmux session and come back a day or two later to not just see that there had been some instances of high latency or packet loss but also see when it happened and for now long per burst.
With all the existing tools I'm aware of I can come back to a long-running ping after a day or two and see that there were 170 pings that got lost but have no idea if that was individual intermittent drops or one continuous event like a cable modem rebooting in the middle of the night.
A couple of times I've attempted to do it myself but the nature of ICMP means it ends up requiring lower level programming than I'm comfortable with.
natdempk 28 days ago [-]
Random question, but how consistent should you expect to get pings to be over consumer internet to something like google? Single-digit ms variance? Few ms? 10's of ms? Always kind of curious for trying to optimize my network setup at home.
Before a bunch of people read this and become confused why their jitter didn't go to 0 "nothing you can do with your home network will ever make your jitter less than when you plug just your PC/Laptop directly into the ISP connection, let it get the public address, and only run a ping from it". Also things you do at home, such as use wireless, will often add a ms or two of occasional jitter even when you use a 6 GHz channel with extremely low contention and interference.
Bufferbloat is good thing to fix in general though and highlights why one should worry less about "how do single ICMP packets behave" and more about "how does actual loaded traffic of the protocol type I'm using behave in real usage". The results are often staggeringly different.
29athrowaway 28 days ago [-]
The new generation has to rediscover gnuplot and ministat.
MrLeap 27 days ago [-]
This has made me wonder if there's a tracert that attempts to geolocate the hops and put them on a map. That would be an interesting tool.
ValtteriL 28 days ago [-]
There is also nping that comes with nmap
markhan-nping 28 days ago [-]
I named it because of the pun in Chinese at the time, so maybe in the future I'll consider using a binary like pping.
pimlottc 27 days ago [-]
> Nping mean NB Ping
What does NB Ping mean?
31 days ago [-]
withinboredom 28 days ago [-]
It'd be nice to provide install instructions for non-mac users as well.
markhan-nping 28 days ago [-]
thanks ~. I have compiled corresponding binaries for common operating system versions, which may not cover all operating systems.
Shorel 28 days ago [-]
Rename it to table ping.
markhan-nping 28 days ago [-]
thanks ~ I named it because of the pun in Chinese at the time, so maybe in the future I'll consider using a binary like pping.
ramon156 28 days ago [-]
tping !
markhan-nping 28 days ago [-]
That's a nice name, but I'll have to sacrifice my Chinese pun.
AlisaWang 28 days ago [-]
It's really an interesting idea; I'll try it.
juliangmp 28 days ago [-]
This looks great, definitely gonna check it out
markhan-nping 28 days ago [-]
thanks ~
vzaliva 28 days ago [-]
I could not find how to install it on Linux.
arrty88 30 days ago [-]
Very cool. I’ll be using this going forward
markhan-nping 30 days ago [-]
thanks ~
cooloo 28 days ago [-]
What's the difference from gping?
markhan-nping 28 days ago [-]
Partitioned and tabular views are supported, gping is slightly less noticeable when there are a lot of domains, and of course Nping has a lot of iterative optimization to do.
zengargoyle 28 days ago [-]
Reminds me of the old SmokePing.
goodpoint 28 days ago [-]
Should have used GPL...
zaptheimpaler 28 days ago [-]
absolute cinema!
thenthenthen 28 days ago [-]
牛逼!
markhan-nping 28 days ago [-]
谢谢大佬
aboardRat4 28 days ago [-]
nping软件已经存在,就是跟nmap一起走的软件。
建议重新命名一下。
markhan-nping 28 days ago [-]
Thanks ~ I named it that way because of the pun in Chinese at the time, and didn't think it would have some heat at the time, so I'll take your offer seriously
TCPPing: https://netbeez.net/blog/tcping/
vmPing: <https://netbeez.net/blog/how-to-use-vmping/>
DNSPing: <https://netbeez.net/blog/dnsping-linux/>
PathPing: <https://netbeez.net/blog/path-analysis-pathping-windows/>
fping: <https://netbeez.net/blog/linux-how-to-use-fping/>
gping: <https://netbeez.net/blog/linux-how-to-use-gping/>
prettyping: <https://netbeez.net/blog/linux-how-to-use-prettyping/>
nping: <https://netbeez.net/blog/how-to-use-nping/>
https://www.google.com/search?client=firefox-b-e&q=smokeping...
If you have a network monitoring or asset system you can export IP addresses from, you should use a small glue script to automatically build a smokeping configuration. I've got one for our LAN and one for the WAN at each of our sites so I can track down issues at either level.
The LAN connection charts are a great daily sanity check, and the WAN connections (I have every-to-every for each site so any and all inter-site issues can be seen) can help keep your ISP honest with the service they're delivering.
For a while, largely related I think to just not having enough bandwidth at our office, but also partly because our coax on the Xfinity cablemodem was sketchy, we were not infrequently having issues, and the majority of my coworkers are on Windows. ping and tracert aren't very good tools for finding out what is going on with intermitant networking issues, especially when it might also be people's home wifi from WFH. There were times I just wished they could run mtr.
Over the last year or so I've been seeing more Windows tools available, which has been great!
https://github.com/fujiapple852/trippy
https://github.com/tenox7/ttyplot
https://nmap.org/nping/
• 2ping <https://www.finnie.org/software/2ping/>
• fping <https://www.fping.org/>
• hping <http://www.hping.org/>
• nping <https://nmap.org/>
• oping <https://noping.cc/documentation/oping/>
There’s also qping, tping and rping, but they are not implementing ping functionality, but are tools for checking the status of specific remote services.
• smokeping <https://smokeping.org/>
https://ipinfo.io/31.13.94.37
The developer seems to be located in China. You are seeing the Great Firewall in action:
> The GFW does not have a unique technique of censorship. One of its strengths is to combine several techniques. One of them is the generation, by the network itself (and not by a lying resolver), of bogus DNS responses. You ask for a censored name and as a result you get an answer giving an IP address that has nothing to do with the question asked. [...] But if you ask him about a censored name, then the network generates a false answer. Even if the input is the same, the response varies from a request to another: [...]. The IP address 157.240.17.14 belongs to Facebook (normally scratch.mit.edu is at Fastly), a prime example of the lies generated by the GFW.
https://ipregistry.co/blog/chinese-national-firewall
Why? It's just that Apple has CDNs in China. Yes, as long as you do all the bureaucracy nonsense and comply to censorship you can do that.
e6858.e19.s.tl88.net resolves to 221.194.154.187. tl88.net is the domain for a CDN vendor mainly operating in China.
And it does serve www.apple.com content with actual www.apple.com TLS cert.
They usually resolve to either other blocked websites to trigger a "dangerous website phishing" warning from the browser, or the ISP's own website pretending to be a captive portal.
One thing I've always wanted in a ping tool but never found is something that can log anomalous results, so for example one could leave it running in a screen/tmux session and come back a day or two later to not just see that there had been some instances of high latency or packet loss but also see when it happened and for now long per burst.
With all the existing tools I'm aware of I can come back to a long-running ping after a day or two and see that there were 170 pings that got lost but have no idea if that was individual intermittent drops or one continuous event like a cable modem rebooting in the middle of the night.
A couple of times I've attempted to do it myself but the nature of ICMP means it ends up requiring lower level programming than I'm comfortable with.
Bufferbloat is good thing to fix in general though and highlights why one should worry less about "how do single ICMP packets behave" and more about "how does actual loaded traffic of the protocol type I'm using behave in real usage". The results are often staggeringly different.
What does NB Ping mean?