Vital Network Support Command

Tracert: Determines the path taken to a destination by sending Internet Control Message Protocol (ICMP) Echo Request messages to the destination with incrementally increasing Time to Live (TTL) field values. The path displayed is the list of near-side router interfaces of the routers in the path between a source host and a destination. The near-side interface is the interface of the router that is closest to the sending host in the path. Used without parameters, tracert displays help.

This diagnostic tool determines the path taken to a destination by sending ICMP Echo Request messages with varying Time to Live (TTL) values to the destination. Each router along the path is required to decrement the TTL in an IP packet by at least 1 before forwarding it. Effectively, the TTL is a maximum link counter. When the TTL on a packet reaches 0, the router is expected to return an ICMP Time Exceeded message to the source computer. Tracert determines the path by sending the first Echo Request message with a TTL of 1 and incrementing the TTL by 1 on each subsequent transmission until the target responds or the maximum number of hops is reached. The maximum number of hops is 30 by default and can be specified using the -h parameter. The path is determined by examining the ICMP Time Exceeded messages returned by intermediate routers and the Echo Reply message returned by the destination. However, some routers do not return Time Exceeded messages for packets with expired TTL values and are invisible to the tracert command. In this case, a row of asterisks (*) is displayed for that hop.

Examples:

To trace the path to the host named corp7.microsoft.com, type:

 

  • tracert corp7.microsoft.com

 

To trace the path to the host named corp7.microsoft.com and prevent the resolution of each IP address to its name, type:

 

  • tracert -d corp7.microsoft.com

 

To trace the path to the host named corp7.microsoft.com and use the loose source route 10.12.0.1-10.29.3.1-10.1.44.1, type:

 

  • tracert -j 10.12.0.1 10.29.3.1 10.1.44.1 corp7.microsoft.com

 

Ping

Verifies IP-level connectivity to another TCP/IP computer by sending Internet Control Message Protocol (ICMP) Echo Request messages. The receipt of corresponding Echo Reply messages are displayed, along with round-trip times. Ping is the primary TCP/IP command used to troubleshoot connectivity, reachability, and name resolution. Used without parameters, ping displays help.

You can use ping to test both the computer name and the IP address of the computer. If pinging the IP address is successful, but pinging the computer name is not, you might have a name resolution problem. In this case, ensure that the computer name you are specifying can be resolved through the local Hosts file, by using Domain Name System (DNS) queries, or through NetBIOS name resolution techniques.

To test a TCP/IP configuration by using the ping command:

1. To quickly obtain the TCP/IP configuration of a computer, open Command Prompt, and then type ipconfig. From the display of the ipconfig command, ensure that the network adapter for the TCP/IP configuration you are testing is not in a Media disconnected state.

2. At the command prompt, ping the loopback address by typing ping 127.0.0.1

3. Ping the IP address of the computer.

4. Ping the IP address of the default gateway. If the ping command fails, verify that the default gateway IP address is correct and that the gateway (router) is operational.

5. Ping the IP address of a remote host (a host that is on a different subnet). If the ping command fails, verify that the remote host IP address is correct, that the remote host is operational, and that all of the gateways (routers) between this computer and the remote host are operational.

6. Ping the IP address of the DNS server. If the ping command fails, verify that the DNS server IP address is correct, that the DNS server is operational, and that all of the gateways (routers) between this computer and the DNS server are operational.

arp

Displays and modifies entries in the Address Resolution Protocol (ARP) cache, which contains one or more tables that are used to store IP addresses and their resolved Ethernet or Token Ring physical addresses. There is a separate table for each Ethernet or Token Ring network adapter installed on your computer.

Examples:

To display the ARP cache tables for all interfaces, type:

 

  • arp -a

 

To display the ARP cache table for the interface that is assigned the IP address 10.0.0.99, type:

 

  • arp -a -N 10.0.0.99

 

To add a static ARP cache entry that resolves the IP address 10.0.0.80 to the physical address 00-AA-00-4F-2A-9C, type:

 

  • arp -s 10.0.0.80 00-AA-00-4F-2A-9C

 

netstat

Displays active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP, and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols). Used without parameters, netstat displays active TCP connections.

Netstat provides statistics for the following:

 

  • Proto – The name of the protocol (TCP or UDP).
  • Local Address – The IP address of the local computer and the port number being used. The name of the local computer that corresponds to the IP address and the name of the port is shown unless the -n parameter is specified. If the port is not yet established, the port number is shown as an asterisk ().
  • Foreign Address – The IP address and port number of the remote computer to which the socket is connected. The names that corresponds to the IP address and the port are shown unless the -n parameter is specified. If the port is not yet established, the port number is shown as an asterisk ().

 

(state) Indicates the state of a TCP connection. The possible states are as follows:

 

  • CLOSE_WAIT
  • CLOSED
  • ESTABLISHED
  • FIN_WAIT_1
  • FIN_WAIT_2
  • LAST_ACK
  • LISTEN
  • SYN_RECEIVED
  • SYN_SEND
  • TIMED_WAIT

 

nbtstat

Displays NetBIOS over TCP/IP (NetBT) protocol statistics, NetBIOS name tables for both the local computer and remote computers, and the NetBIOS name cache. Nbtstat allows a refresh of the NetBIOS name cache and the names registered with Windows Internet Name Service (WINS). Used without parameters, nbtstat displays help.

ipconfig

Displays all current TCP/IP network configuration values and refreshes Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings. Used without parameters, ipconfig displays the IP address, subnet mask, and default gateway for all adapters.

 

  • This command is most useful on computers that are configured to obtain an IP address automatically. This enables users to determine which TCP/IP configuration values have been configured by DHCP, Automatic Private IP Addressing (APIPA), or an alternate configuration.
  • If the Adapter name contains any spaces, use quotation marks around the adapter name (that is, “Adapter Name”).
  • For adapter names, ipconfig supports the use of the asterisk () wildcard character to specify either adapters with names that begin with a specified string or adapters with names that contain a specified string.
  • For example, Local matches all adapters that start with the string Local and Con matches all adapters that contain the string Con.

 

Examples:

To display the basic TCP/IP configuration for all adapters, type:

 

  • ipconfig

 

To display the full TCP/IP configuration for all adapters, type:

 

  • ipconfig /all

 

To renew a DHCP-assigned IP address configuration for only the Local Area Connection adapter, type:

 

  • ipconfig /renew “Local Area Connection”

 

To flush the DNS resolver cache when troubleshooting DNS name resolution problems, type:

 

  • ipconfig /flushdns

 

To display the DHCP class ID for all adapters with names that start with Local, type:

 

  • ipconfig /showclassid Local

 

To set the DHCP class ID for the Local Area Connection adapter to TEST, type:

 

  • ipconfig /setclassid “Local Area Connection” TEST

 

winipcfg

This utility allows users or adminstrators to see the current IP address and other useful information about your network configuration.

You can reset one or more IP addresses. The Release or Renew buttons allow you to release or renew one IP address. If you want to release or renew all IP addresses click Release All or Renew All.

When one of these buttons is clicked, a new IP address is obtained from either the DHCP service or from the computer assigning itself an automatic private IP address.

To use the winipcfg utility:

1. Click Start, and then click Run and type winipcfg

2. Click More Info.

3. To see the addresses of the DNS servers the computer is configured to use, click the ellipsis (… ) button to the right of DNS Servers.

4. To see address information for your network adapter(s), select an adapter from the list in Ethernet Adapter Information.

nslookup

Nslookup (Name Server lookup) is a UNIX shell command to query Internet domain name servers.

Definitions

 

  • Nameserver: These are the servers that the internet uses to find out more about the domain. Usually they are an ISP’s computer.
  • Mailserver: Where email is sent to.
  • Webserver: The domains website.
  • FTPserver: FTP is file transfer protocol, this server is where files may be stored.
  • Hostname: The name of the host as given by the domain.
  • Real Hostname: This is hostname that you get by reverse resolving the IP address, may be different to the given hostname.
  • IP Address: Unique four numbered identifier that is obtained by resolving the hostname.