So, you have probably heard that there are a variety of reasons why you shouldn’t use ICMP to test your service is operating normally. Mainly because of the way that ICMP is handled by routers. If you really want a representative view of the way that TCP packets, such as HTTP and HTTPS are performing in terms of packet loss (that is to say packets which do not arrive at their destination) , then hping is your friend.
You might be pinging a cloud-server that is not replying. You might think it’s down. But what if the firewall is simply dropping ICMP echo requests coming in on that port? Indeed.
# hping -S -p 80 google.com HPING google.com (eth0 188.8.131.52): S set, 40 headers + 0 data bytes len=46 ip=184.108.40.206 ttl=46 id=23970 sport=80 flags=SA seq=0 win=42780 rtt=13.8 ms len=46 ip=220.127.116.11 ttl=47 id=37443 sport=80 flags=SA seq=1 win=42780 rtt=12.6 ms len=46 ip=18.104.22.168 ttl=47 id=43654 sport=80 flags=SA seq=2 win=42780 rtt=12.0 ms len=46 ip=22.214.171.124 ttl=47 id=37877 sport=80 flags=SA seq=3 win=42780 rtt=11.4 ms len=46 ip=126.96.36.199 ttl=47 id=62433 sport=80 flags=SA seq=4 win=42780 rtt=13.3 ms ^C --- google.com hping statistic --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max = 11.4/12.6/13.8 ms
In this case I tested with google.com. I’m actually surprised that more people don’t use hping, because, hping is awesome. It also makes quite a decent port scanner, were it not for the fact that the machine I tried to test that feature with buffer overflowed 😉 It’s a nice way to test a firewalled box, but more than that, it’s a more reliable test in my opinion.