To know the secret, we need to see what the working process of the Ping command is like.
Assuming that the IP address of Host A is 192.168.1.1 and the IP address of Host B is 192.168.1.2, both are in the same subnet, then what happens after you run "Ping 192.168.1.2" on Host A?
First, the Ping command will build a fixed format ICMP request packet, and then the ICMP protocol will hand this packet to the IP layer protocol together with the address "192.168.1.2" to the IP layer protocol (like ICMP, it is actually a set of processes running in the background). The IP layer protocol will use the address "192.168.1.2" as the destination address, the native IP address as the source address, and some other control information to build an IP packet, and find the physical address corresponding to the IP address 192.168.1.2 (also called the MAC address, friends who are familiar with network card configuration will be familiar with it. This is necessary for the data link layer protocol to build the data link layer transmission unit - frame) and hand it over to the data link layer. The latter constructs a data frame, the destination address is the physical address transmitted from the IP layer, and the source address is the physical address of the local machine. Some control information is also attached to it, and they are transmitted out according to the media access rules of Ethernet.
After receiving this data frame, host B first checks its destination address and compares it with the physical address of the machine. If it matches, it will be received; otherwise it will be discarded. After receiving, check the data frame, extract the IP packet from the frame, and hand it over to the IP layer protocol of the machine. Similarly, after the IP layer checks, the useful information is extracted and handed over to the ICMP protocol. After the latter process, an ICMP reply packet is immediately built and sent to the host A. The process is exactly the same as that of the host A sending the ICMP request packet to the host B.
From the working process of Ping, we can know that host A received a reply packet from host B, indicating that the departure and return paths between the two hosts are normal. In other words, it is normal whether from host A to host B or from host B to host A. So, what causes it to be able to ping in one direction?
1. Installed a personal firewall
In the machines that share the Internet, for security reasons, most of the hosts as servers have personal firewall software installed, while other machines as clients are generally not installed. Almost all personal firewall software does not allow other machines to ping natively by default. The general approach is to filter out the ICMP request packets from the outside, but it does not place any restrictions on the ICMP request packets from the local machine and the ICMP reply packets from the outside. In this way, if the network is normal when pinging other machines from the local machine, there will be no problem. But if you ping this machine from other machines, even if the network is normal, you will have an error of "timeout no response".
Most of the unidirectional ping phenomenon originates from this. The solution is also very simple. Just adjust the corresponding settings according to the different types of firewalls you use.
2. Set the IP address incorrectly
Under normal circumstances, a host should have one network card, one IP address, or multiple network cards, and multiple IP addresses (these addresses must be in different IP subnets). However, for computers used in public places, especially Internet cafes, there are many people and many "explorers". Once, two computers also had this kind of single-direction ping situation. After careful inspection, it was found that the TCP/IP settings of one of the computers' "dial-up network adapter" (equivalent to a soft network card) was set up with an IP address in the same subnet as the network card IP address. In this way, in the IP layer protocol, this host has two different interfaces in the same network segment. When pinging other machines from this host, there will be such a problem:
(1) The host does not know which network interface to send the data packet to, because two network interfaces are connected to the same network segment;
(2) The host does not know which address to use as the source address of the packet. Therefore, when Ping other machines from this host, the IP layer protocol will not be able to handle it. After the timeout, Ping will give an error message prompt of "timeout no response". However, when pinging this host from other hosts, the request packet comes from a specific network card. ICMP only needs to simply swap the destination and source addresses and change some flags. The ICMP answer packet can be sent smoothly, and other hosts can successfully ping the machine.
Article entry: csh Editor in charge: csh