Description | This article describes a symptom that may appear when troubleshooting device connectivity where the ping time is seen to be 0.1 ms. |
Scope | FortiGate v6.4+. |
Solution |
Ping is an important tool used to troubleshoot device connectivity issues.
If a device is not responding or packets are not going to the end device, ping is used to check the connection to the device.
In a scenario where the device is not responding but the ping is working from FortiGate and the ping reply is around 0 -0.8 ms, it may be a symptom of ping packets not reaching the actual device.
The usual ping response time should be more than 1 ms. If the response time is around 0.1 ms, it would point to the fact the ping reply is not coming from the end device but the FortiGate itself.
Usually, this happens if there is an IP Pool or Virtual IP configured for that IP with ARP reply enabled.
An example of such a ping response is shown below:
Another way to check this is to run a sniffer with the IP and check:
If it shows 'root in' and 'root out', then it would confirm that the ping reply is coming from FortiGate itself.
The next step would be to check the IP Pool and Virtual IP/Virtual Server to see if there is anything matching the IP presenting the issue:
If an object is found, then disable the ‘arp reply’ setting on the object:
After that, the ping should go to the device. The same sniffer command can be run again to verify that. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.