--source-ip (Source IP Address)
Sets the source IP address. This option lets you specify a custom IP
address to be used as source IP address in sent packets. This
allows spoofing the sender of the packets.
<addr> can be an IPv4 address or a hostname.
--dest-ip (Destination IP Address)
Adds a target to Nping's target list.
This option is provided for consistency but its use is deprecated
in favor of plain target specifications. See
the section called “Target Specification”.
--tos (Type of Service)
Sets the IP TOS field. The TOS field is used to carry information
to provide quality of service features. It is normally used to
support a technique called Differentiated Services. See
<tos> must be a number
in the range [0–255].
Sets the IPv4 Identification field. The Identification field is a
16-bit value that is common to all fragments belonging to a particular
message. The value is used by the receiver to reassemble the
original message from the fragments received.
must be a number in the range [0–65535].
--df (Don't Fragment)
Sets the Don't Fragment bit in sent packets. When an
IP datagram has its DF flag set, intermediate devices are not
allowed to fragment it so if it needs to travel across a network
with a MTU smaller that datagram length the datagram will have
to be dropped. Normally an ICMP Destination Unreachable message
is generated and sent back to the sender.
--md (More Fragments)
Sets the More Fragments bit in sent packets. The MF
flag is set to indicate the receiver that the current datagram is
a fragment of some larger datagram. When set to zero it indicates
that the current datagram is either the last fragment in the set
or that it is the only fragment.
--ttl (Time To Live)
Sets the IPv4 Time-To-Live (TTL) field in sent packets to the given
value. The TTL field specifies how long the datagram is allowed
to exist on the network. It was originally intended to represent
a number of seconds but it actually represents the number of
hops a packet can traverse before being dropped. The TTL tries to
avoid a situation in which undeliverable datagrams keep being
forwarded from one router to another endlessly.
<hops> must be a number in the range [0–255].
--badsum-ip (Invalid IP checksum)
Asks Nping to use an invalid IP checksum for packets sent to
target hosts. Note that some systems (like most Linux kernels),
may fix the checksum before placing the packet on the wire, so
even if Nping shows the incorrect checksum in its output, the
packets may be transparently corrected by the kernel.
<S|R [route]|L [route]|T|U ...>
--ip-options (IP Options)
The IP protocol offers several options which may be placed in
packet headers. Unlike the ubiquitous TCP options, IP options are
rarely seen due to practicality and security concerns. In fact,
many Internet routers block the most dangerous options such as
source routing. Yet options can still be useful in some cases for
determining and manipulating the network route to target machines.
For example, you may be able to use the record route option to
determine a path to a target even when more traditional
traceroute-style approaches fail. Or if your packets are being
dropped by a certain firewall, you may be able to specify a
different route with the strict or loose source routing options.
The most powerful way to specify IP options is to simply pass in hexadecimal data
as the argument to
--ip-options. Precede each hex byte value
\x. You may repeat certain characters by
following them with an asterisk and then the number of times you
wish them to repeat. For example,
\x01\x07\x04\x00*4 is the same as
Note that if you specify a number of bytes that is not a multiple
of four, an incorrect IP header length will be set in the IP
packet. The reason for this is that the IP header length field
can only express multiples of four. In those cases, the length is
computed by dividing the header length by 4 and rounding down.
affect the way the header that follows the IP header is
interpreted, showing bogus information in Nping or in the output
of any sniffer. Although this kind of situation might be useful
for some stack stress tests, users would normally want to
specify explicit padding, so the correct header length is set.
Nping also offers a shortcut mechanism for specifying options.
Simply pass the letter
U to request record-route,
record-timestamp, or both options together, respectively. Loose
or strict source routing may be specified with an L or S followed
by a space and then a space-separated list of IP addresses.
For more information and examples of using IP options with Nping,
see the mailing list post at
--mtu (Maximum Transmission Unit)
This option sets a fictional MTU in Nping so IP datagrams larger than
<size> are fragmented before transmission.
<size> must be specified in bytes and
corresponds to the number of octets that can be carried on a
single link-layer frame.