J.R. Sitman
asked on
pinging an IP address displays teo IP addresses and one is unreachable
I'm having trouble with software that I use that allows me to reboot all of our computers. So in testing I did a ping of the IP address and the first result shows an IP address I didn't ping and it is unreachable, the other 3 results are successful. See attachment. What would cause this and how do I fix it?
ping.png
ping.png
Hi,
Since Windows Vista, Microsoft has completely rebuilt the IP layer of Windows.
Now, when you try to ping an IP address that is not is the ARP cache, the ping command show your own IP address (the IP address of the computer from where you make the ping) followed by "destination unreachable".
If the target IP address is already in the ARP cache then the ping answer is different: if the target computer do not answer to the ping by is present in your ARP cache the ping result is "timeout".
So, I think that if the first result of your ping command says "unreachable" it's because the ARP resolution process had took more than one second and then the first ping try has failed.
Have a good day.
Since Windows Vista, Microsoft has completely rebuilt the IP layer of Windows.
Now, when you try to ping an IP address that is not is the ARP cache, the ping command show your own IP address (the IP address of the computer from where you make the ping) followed by "destination unreachable".
If the target IP address is already in the ARP cache then the ping answer is different: if the target computer do not answer to the ping by is present in your ARP cache the ping result is "timeout".
So, I think that if the first result of your ping command says "unreachable" it's because the ARP resolution process had took more than one second and then the first ping try has failed.
Have a good day.
ASKER
@PaciB, your explanation sounds correct. Can the ARP cache be manually edited?
Hi,
You can see the content of the ARP cache with "ARP -a" command.
You can add static entries in the arp cache with "ARP -s xxx.xxx.xxx.xxx nn-nn-nn-nn-nn-nn" command... but... there's something stupid with Windows about static arp entries: ARP static entries do not survive to reboot, I mean you'll loose arp static entries each time your server is rebooted.
I do not recommen to create arp static entries except some really specific cases (DMZ, NLB, ...) so your should think about that and look for another solution.
Anyway, if you don't have choice, to add static entries in the ARP cache you'll have to create a CMD script containing ARP commands and create a scheduled task that launch this CMD script each time the server starts.
Have a good day.
You can see the content of the ARP cache with "ARP -a" command.
You can add static entries in the arp cache with "ARP -s xxx.xxx.xxx.xxx nn-nn-nn-nn-nn-nn" command... but... there's something stupid with Windows about static arp entries: ARP static entries do not survive to reboot, I mean you'll loose arp static entries each time your server is rebooted.
I do not recommen to create arp static entries except some really specific cases (DMZ, NLB, ...) so your should think about that and look for another solution.
Anyway, if you don't have choice, to add static entries in the ARP cache you'll have to create a CMD script containing ARP commands and create a scheduled task that launch this CMD script each time the server starts.
Have a good day.
ASKER
I just did the ping on my other 2008 DC and all 4 results were correct. Any idea why I would get different results on the other 2008 DC?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Both DC's have 1 nic
Both on same subnet and not behind a router
not virtual
I can ping a few other computers and all 4 results are good
I also use Softperfect Network scanner to ping all the computers. The first time I start the ping it only finds our gateway 172.16.1.1 and the two DC's. The second time I run it it finds everything.
Thanks for continuing to help.
Both on same subnet and not behind a router
not virtual
I can ping a few other computers and all 4 results are good
I also use Softperfect Network scanner to ping all the computers. The first time I start the ping it only finds our gateway 172.16.1.1 and the two DC's. The second time I run it it finds everything.
Thanks for continuing to help.
ASKER
did you read my last post?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi,
Sorry for late answer... I'm on holiday.
Yes I think you found the problem.
Having 2 NICs activated on a server might lead to that typical symptoms.
If you have unused NICs on a computer you should disable them (unplug them is not enough) to exclude them from the network layers.
When a computer has 2 NICs on the same IP subnet it can't choose which one to use to reach a target IP. Then the computer on rely on the NIC order to reach the target: it will try to reach the target through the first NIC and will try through the other NIC only if it failed through the first NIC.
Except very specific case you should never have 2 NICs on the same subnet, and you should also disable any unused NIC (unplug the network wire is not enough).
Have a good day.
Sorry for late answer... I'm on holiday.
Yes I think you found the problem.
Having 2 NICs activated on a server might lead to that typical symptoms.
If you have unused NICs on a computer you should disable them (unplug them is not enough) to exclude them from the network layers.
When a computer has 2 NICs on the same IP subnet it can't choose which one to use to reach a target IP. Then the computer on rely on the NIC order to reach the target: it will try to reach the target through the first NIC and will try through the other NIC only if it failed through the first NIC.
Except very specific case you should never have 2 NICs on the same subnet, and you should also disable any unused NIC (unplug the network wire is not enough).
Have a good day.
ASKER
thanks for the follow up.
ASKER
your question about the two nics made me think, that's how I found the problem. thanks
1. The windows firewall in the destination computer can block the network communication that you are trying. You can open the firewall and allow ICMP request to be received and answered by the destination computer, if you want to turn off the remote computer you also need to open the firewall ports that are used by the tool that you are using
2. Network Routes. Check if your destination computer includes the correct Gateway and Static Routes in case that they are necessary in order to communicate with your computer
3. Middle devices. Depending on your network, between the destination computer and the source computer can exist devices with a firewall, routers with networking communication that can affect the traffic