How does ping work

This tutorial explains how ping works with a detailed explanation with wireshark.

A system on the network, which is is pinged from the computer with IP address The screenshot is shown below. Wireshark is run in the background to capture and understand the communication.

PING uses ICMP protocol. ICMP is a network layer protocol. The ICMP protocol header is appended to the IP headers in the IP packet. Inside the ICMP protocol, there is a ICMP type and ICMP code value. This can be observed in wireshark. Basic ping is used to test network connectivity. Ping can also be used for advanced network analysis and troubleshooting techniques for which different TYPE and CODE Values are used.

In this case, ping is used for testing if the system is up or down the type value 8 and code value of 0 is used. This can be observed in the wireshark capture.

When the system it responds with a ping reply. Inside the ping reply, it can be observed that the Type and Code value changes to 0 & 0 respectively indicating that it is a ping reply packet. The wireshark capture is shown below.

Ping does not use any transport layer protocol like TCP or UDP simply because it does not need to carry any data in it. Inside the wireshark capture, a data field can also be observed. This is just dummy data which the operation system inserts and does not have any real significance.