The program allows you to monitor hosts using the ICMP ping. The ICMP ping is the most widespread remote host availability check.
An ICMP (Internet Control Message Protocol) query is the easiest way to check if a host is reachable over a network. The ping command is well known to administrators of both Windows and UNIX networks. With its help, a host can send requests (ICMP Echo Request) via the ICMP protocol to the specified host and get the responses coming from it (ICMP Echo Reply). The time between sending a request and receiving a response (Round Trip Time, RTT) allows you to determine round-trip delays along the route and the rate of packet loss. In other words, the ping utility helps to determine the load on data transmission channels and intermediate network nodes.
A regular ICMP request is 64 bytes in size (excluding the IP header). The total size of such a packet cannot exceed 65535 bytes.
If the host does not respond to ICMP requests, this may mean the following:
- the host is down, or its operating system is not bootable or is hung.
- the host (or one of the intermediate routers) blocks the ICMP Echo Reply or ignores the ICMP Echo Request.
Based on this, ICMP requests do not always provide true information about the state of the host (up/down). Another disadvantage of this method of checking the health of a host is that the ICMP ping does not make it possible to assess the state of running services. For example, a mail server can respond to ICMP requests, but the email service will not work. But despite this, ping remains the fastest and most popular way to assess the availability of a remote host over the network. This is the basic mechanism for agentless monitoring of network nodes in many monitoring programs. And the ping command is one of the main diagnostic tools in TCP/IP networks. It is included in all modern operating systems.
How to Enable ICMP Ping?
However, there may be situations when ICMP is prohibited in the system (blocked by the firewall). To resolve them, follow these steps:
- Run a command line with administrator rights.
- Enter the command:
netsh advfirewall firewall add rule name="ICMP Allow“ protocol=icmpv4:8,any dir=in action=allow
Instead of the command line, you can start PowerShell and run the command there:
Set-NetFirewallRule -Name FPS-ICMP-ERQ-In -Enabled True -Profile Any -Action Allow
These commands create a firewall rule that allows incoming ICMP requests.
By default, all Linux distributions allow incoming ICMP requests as well. If they were disabled, then the commands executed as root will help to enable them again:
iptables -I INPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -I OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
ICMP ping monitoring
10-Strike Network Monitor (Pro) allows you to monitor the status of hosts using the ICMP protocol. When a new host is created in the program, an ICMP ping check is assigned to it by default. These checks are also generated for all found hosts during the network scan. In other words, when you are running the program for the first time after the installation and scanning the network, you get a ready-made monitoring base with your hosts that are already being pinged.
If you want to add a new ICMP ping check, then follow these steps in the program:
1. Select a host in the monitoring list. Click the menu item Checks -> Add check.
2. Select the ICMP ping availability type of the check.
3. Configure the ping parameters, or leave them by default:
- Number of packets. This is the number of ICMP ping packets that the program will send to the remote host in one check. You can set the number of packets to more than one to eliminate the possibility of false host state detection if one packet is lost. But, the more packets you send, the longer the host is checked.
- Response timeout (in milliseconds). This is the time during which the program waits for a response from the host. If no response is received within the specified time, the check will be considered as failed.
- Packet size. This is the size of the ICMP packet in bytes.
In the ICMP ping check, you can work through an agent (only in the Pro version). This allows you to check devices connected locally to a remote host. This function will be useful, for example, for monitoring DVRs connected to a computer.
4. At the next step of the wizard, you can configure additional ICMP ping check parameters...
Result depends on other checks
Use this setting to avoid false alerts. When configuring host checks over the Internet, specify that they depend on the router check (or some ISP host's check). Then, if the check of the remote host fails, the program will check the availability of the router or the Internet connection before raising an alert. If the router/Internet does not respond, then the alert will not be triggered and the remote host check will get the "failed by dependency" status. If the router responds, then the check of the remote host will be considered as failed, and you will be notified about it.
Protection from false alerting due to temporary problems
Several check attempts with an interval between them help to avoid false alerts due to temporary failures in communication channels. After the first unsuccessful check, the program performs another specified number of attempts. If they all fail, the program triggers an alert.
Check response time control
Control the response time of the ICMP ping and other checks. The check will be considered failed if its execution time exceeds the specified threshold, even if it eventually completes successfully.
5. At the last step, you can set the notification parameters in case the ICMP ping check fails (the host stops responding) or passes. For example, let's enable sending a message to Slack.
6. Click Finish. The check has been created and is already running. Its result is visible in the list of checks and on the chart displayed on the pane below.
Using the ICMP Ping Availability check, the program periodically sends packets to the remote host and waits for a response from it within the specified timeout. In some cases, in order to consider a remote host available, it is enough to receive such a response. But sometimes this is not enough. For example, in cellular communication, too high response time can signal a "crowded" channel. Therefore, knowing the statistics of the response time values, it is possible to analyze the operation of switches and other equipment, make a decision on its replacement, or repair in time.
An ICMP ping alone is not enough to objectively assess the state of a host. It is necessary to monitor the performance and check the status of various services using specific program checks (SNMP, WMI, SQL, FTP, SSH, and so on).
See also: TCP port monitoring, SNMP monitoring
Requirements: Windows XP/Vista/7/8.1/10/11, Server 2003/2008/2012/2016/2019/2022 supported.