how to trace which request creates ping spike?
I have a ping spike problem and according to some topics, I write on Terminal:
ping 8.8.8.8 -i 0.1
And I see some spikes on this screen like this:
64 bytes from 8.8.8.8: icmp_seq=5283 ttl=52 time=18.724 ms
64 bytes from 8.8.8.8: icmp_seq=5284 ttl=52 time=120.788 ms
64 bytes from 8.8.8.8: icmp_seq=5285 ttl=52 time=43.184 ms
64 bytes from 8.8.8.8: icmp_seq=5286 ttl=52 time=48.199 ms
64 bytes from 8.8.8.8: icmp_seq=5287 ttl=52 time=25.121 ms
My question is, how can I trace icmp_seq=5284? How can I know which request does that?
Solution 1:
If you wanted to capture the exact packet trace - here is how Apple recommends it.
- https://developer.apple.com/documentation/network/recording_a_packet_trace
The steps vary based on OS and if you are on Wireless or Ethernet. All this will show is more detail on what ping reported, but you’ll have actual traffic to then hand to your router manufacturer / ISP if you go to the mat on this one. You probably want to profile some traffic more prioritized than an ICMP echo packet, though.
Or do a ICMP ping to your router if you think the problem / congestion is on your side where you have the chance to control. Once the traffic leaves your premises - good luck getting control of it without paying for a lot of service and becoming a network engineer. It’s possible, but lots of cost and time.
Solution 2:
There's a couple of problems here...
how can I trace icmp_seq=5284
That's not how it works. That seq or sequence number is just a two byte field (16 bits) that's used the match the packet that you sent out with the reply. Your request doesn't create a spike. However, technically, it's already been traced - that packet went out, was replied to and the time it took to return was x milliseconds.
I have ping spike problem and according to some topics, I write on terminal:
ping 8.8.8.8 -i 0.1
The problem here is that your pinging a public (in this case Google's) DNS server. For me, there's 11 separate hops between my personal network and that DNS server; there's probably a similar amount for you. The point is, anything on any of those points can contribute to a latency and a ping spike.
If you're trying to gauge your bandwidth from your ISP, you need something like http://speedtest.net (there's a CLI version available). If you looking to check the speed transfer between two different services across ISPs, then you need iperf3.
Finally, pinging Google is an excellent way to check to see if your Internet is up. It's not a good site to check for latency and/or bandwidth throughput. These are heavily taxed servers subject to varying traffic at any point during the day.