Back story
A section on a web application I have pings (using a background AJAX request) a list of IP addresses. Most of the time all of these adresses are up, sometimes one or two of them are down. One day I noticed that if all of them were down, nmap would take much longer to ping them all.
The odd part
Lets ping 19 addresses on my home network, none of which exist.
justin@latitude:~$ time nmap -sP 192.168.5.2-20 Starting Nmap 4.53 ( http://insecure.org ) at 2008-08-22 21:56 EDT Nmap done: 19 IP addresses (0 hosts up) scanned in 4.072 seconds real 0m4.081s user 0m0.068s sys 0m0.004s
Ok... now lets add the routers address, which is pingable.
justin@latitude:~$ time nmap -sP 192.168.5.1-19 Starting Nmap 4.53 ( http://insecure.org ) at 2008-08-22 21:58 EDT Host router (192.168.5.1) appears to be up. Nmap done: 19 IP addresses (1 host up) scanned in 2.258 seconds real 0m2.259s user 0m0.048s sys 0m0.008s
Notice anything odd?
I have experimented with the usual host timeout and max rtt time options, but I am not sure what the problem is. As soon as I get a chance I will look into the code. I am not sure if it is a BUG or just user error. A simple strace of the two commands show much different 'select' behaviour.