Most used Networking Commands
The aim of the following exercise is to get acquainted with the basic network control, diagnostics and management tools coming with MS Windows 2000. The description and some examples of these tools are placed below.
Your task is to test action of the commands (especially: ipconfig, ping, pathping, netstat, tracert, nslookup and arp).
1. IPconfig
Displays all current TCP/IP network configuration values and refreshes Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings. Used without parameters, ipconfig displays the IP address, subnet mask, and default gateway for all adapters.
Usage/syntax:
ipconfig [/? | /all | /release [adapter] | /renew [adapter] | /flushdns | /registerdns | /displaydns | /showclassid adapter | /setclassid adapter [Adapter [ClassID]] ]
adapter Full name or name pattern with wildcards ‘*’ and ‘?’;
* representing arbitrary character string, ? representing single character.
Parameters:
/all Displays the full TCP/IP configuration for all adapters. Without this parameter, ipconfig displays only the IP address, subnet mask, and default gateway values for each adapter. Adapters can represent physical interfaces, such as installed network adapters, or logical interfaces, such as dial-up connections.
/renew [Adapter] Renews DHCP configuration for all adapters (if an adapter is not specified) or for a specific adapter if the Adapter parameter is included. This parameter is available only on computers with adapters that are configured to obtain an IP address automatically. To specify an adapter name, type the adapter name that appears when you use ipconfig without parameters.
/release [Adapter] Sends a DHCPRELEASE message to the DHCP server to release the current DHCP configuration and discard the IP address configuration for either all adapters (if an adapter is not specified) or for a specific adapter if the Adapter parameter is included. This parameter disables TCP/IP for adapters configured to obtain an IP address automatically. To specify an adapter name, type the adapter name that appears when you use ipconfig without parameters.
/flushdns Flushes and resets the contents of the DNS client resolver cache. During DNS troubleshooting, you can use this procedure to discard negative cache entries from the cache, as well as any other entries that have been added dynamically.
/displaydns Displays the contents of the DNS client resolver cache, which includes both entries preloaded from the local Hosts file and any recently obtained resource records for name queries resolved by the computer. The DNS Client service uses this information to resolve frequently queried names quickly, before querying its configured DNS servers.
/registerdns Initiates manual dynamic registration for the DNS names and IP addresses that are configured at a computer. You can use this parameter to troubleshoot a failed DNS name registration or resolve a dynamic update problem between a client and the DNS server without rebooting the client computer. The DNS settings in the advanced properties of the TCP/IP protocol determine which names are registered in DNS.
/showclassid Adapter Displays the DHCP class ID for a specified adapter. To see the DHCP class ID for all adapters, use the asterisk (*) wildcard character in place of Adapter. This parameter is available only on computers with adapters that are configured to obtain an IP address automatically.
/setclassid Adapter [ClassID] Configures the DHCP class ID for a specified adapter. To set the DHCP class ID for all adapters, use the asterisk (*) wildcard character in place of Adapter. This parameter is available only on computers with adapters that are configured to obtain an IP address automatically. If a DHCP class ID is not specified, the current class ID is removed.
/? Displays help at the command prompt.
As default, only IP address, subnet mask and gateway are displayed for each adapter connected with TCP/IP.
This command is most useful on computers that are configured to obtain an IP address automatically. This enables users to determine which TCP/IP configuration values have been configured by DHCP, Automatic Private IP Addressing (APIPA), or an alternate configuration.
If the Adapter name contains any spaces, use quotation marks around the adapter name (that is, “Adapter Name”).
If no adapter is specified for /release i /renew, the command releases or renews all IP leases for all the network adapters connected with TCP/IP.
If no class identifier is specified for /setclassid parameter, the existing class identifier is removed.
Examples:
> ipconfig Displays general information
> ipconfig /all Displays detailed information
> ipconfig /renew Renews all adapters
> ipconfig /renew EL* Renews all adapters with names starting with EL….
> ipconfig /release *ELINK?21* releases all matching adapters, eg. ELINK-21, mycardELELINKi21.
2. Ping
Verifies IP-level connectivity to another TCP/IP computer by sending Internet Control Message Protocol (ICMP) Echo Request messages. The receipt of corresponding Echo Reply messages are displayed, along with round-trip times. Ping is the primary TCP/IP command used to troubleshoot connectivity, reachability, and name resolution. Used without parameters, ping displays help.
Usage/syntax:
ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r count] [-s count] [[-j host_list] | [-k host_list]] [-w timeout] target_name
Parameters:
-t Specifies that ping continue sending Echo Request messages to the destination until interrupted. To interrupt and display statistics, press CTRL-BREAK. To interrupt and quit ping, press CTRL-C.
-a Specifies that reverse name resolution is performed on the destination IP address. If this is successful, ping displays the corresponding host name.
-n Count Specifies the number of Echo Request messages sent. The default is 4.
-l Size Specifies the length, in bytes, of the Data field in the Echo Request messages sent. The default is 32. The maximum size is 65,527.
-f Specifies that Echo Request messages are sent with the Don’t Fragment flag in the IP header set to 1. The Echo Request message cannot be fragmented by routers in the path to the destination. This parameter is useful for troubleshooting path Maximum Transmission Unit (PMTU) problems.
-i TTL Specifies the value of the TTL field in the IP header for Echo Request messages sent. The default is the default TTL value for the host. For Windows XP hosts, this is typically 128. The maximum TTL is 255.
-v TOS Specifies the value of the Type of Service (TOS) field in the IP header for Echo Request messages sent. The default is 0. TOS is specified as a decimal value from 0 to 255.
-r Count Specifies that the Record Route option in the IP header is used to record the path taken by the Echo Request message and corresponding Echo Reply message. Each hop in the path uses an entry in the Record Route option. If possible, specify a Count that is equal to or greater than the number of hops between the source and destination. The Count must be a minimum of 1 and a maximum of 9.
-s Count Specifies that the Internet Timestamp option in the IP header is used to record the time of arrival for the Echo Request message and corresponding Echo Reply message for each hop. The Count must be a minimum of 1 and a maximum of 4.
-j HostList Specifies that the Echo Request messages use the Loose Source Route option in the IP header with the set of intermediate destinations specified in HostList. With loose source routing, successive intermediate destinations can be separated by one or multiple routers. The maximum number of addresses or names in the host list is 9. The host list is a series of IP addresses (in dotted decimal notation) separated by spaces.
-k HostList Specifies that the Echo Request messages use the Strict Source Route option in the IP header with the set of intermediate destinations specified in HostList. With strict source routing, the next intermediate destination must be directly reachable (it must be a neighbor on an interface of the router). The maximum number of addresses or names in the host list is 9. The host list is a series of IP addresses (in dotted decimal notation) separated by spaces.
-w Timeout Specifies the amount of time, in milliseconds, to wait for the Echo Reply message that corresponds to a given Echo Request message to be received. If the Echo Reply message is not received within the time-out, the “Request timed out” error message is displayed. The default time-out is 4000 (4 seconds).
TargetName Specifies the destination, which is identified either by IP address or host name.
/? Displays help at the command prompt.
3. Hostname
Displays the host name portion of the full computer name of the computer.
4. Nbtstat
Displays NetBIOS over TCP/IP (NetBT) protocol statistics, NetBIOS name tables for both the local computer and remote computers, and the NetBIOS name cache. Nbtstat allows a refresh of the NetBIOS name cache and the names registered with Windows Internet Name Service (WINS). Used without parameters, nbtstat displays help.
Usage/syntax:
nbtstat [-a RemoteName] [-A IPAddress] [-c] [-n] [-r] [-R] [-RR] [-s] [-S] [Interval]
Parameters:
-a RemoteName Displays the NetBIOS name table of a remote computer, where RemoteName is the NetBIOS computer name of the remote computer. The NetBIOS name table is the list of NetBIOS names that corresponds to NetBIOS applications running on that computer.
-A IPAddress Displays the NetBIOS name table of a remote computer, specified by the IP address (in dotted decimal notation) of the remote computer.
-c Displays the contents of the NetBIOS name cache, the table of NetBIOS names and their resolved IP addresses.
-n Displays the NetBIOS name table of the local computer. The status of Registered indicates that the name is registered either by broadcast or with a WINS server.
-r Displays NetBIOS name resolution statistics. On a Windows XP computer that is configured to use WINS, this parameter returns the number of names that have been resolved and registered using broadcast and WINS.
-R Purges the contents of the NetBIOS name cache and then reloads the #PRE-tagged entries from the Lmhosts file.
-RR Releases and then refreshes NetBIOS names for the local computer that is registered with WINS servers.
-s Displays NetBIOS client and server sessions, attempting to convert the destination IP address to a name.
-S Displays NetBIOS client and server sessions, listing the remote computers by destination IP address only.
Interval Redisplays selected statistics, pausing the number of seconds specified in Interval between each display. Press CTRL+C to stop redisplaying statistics. If this parameter is omitted, nbtstat prints the current configuration information only once.
/? Displays help at the command prompt.
Nbtstat command line parameters are case-sensitive.
5. Pathping
Traces the route to target system and reports packet losses on each router in the route.
Usage/syntax:
pathping [-n] [-h max_hops] [-g host_list] [-p period] [-q query_count] [-w timeout] [-t] [-R] [-r] target_name
Parameters:
-n Don’t resolve addresses to hostnames
-h max_hops Max number of hops to search
-g host_list Loose source route along host-list
-p period Wait between pings (milliseconds)
-q query_count Number of queries per hop
-w timeout Wait timeout for each reply (milliseconds)
-T Test each hop with Layer-2 priority tags
-R Test if each hop is RSVP aware
6. Route
Displays IP routing table and enables adding and deleting IP routes.
Usage/syntax:
route [-f] [-p] [command [target] [MASK subnet_mask] [gateway] [METRIC metric] [IF interface]
-f Clears the routing tables of all gateway records. If used with another command, cleaning is performed before the command.
-p If used with ADD command, the route remains persistent during consecutive system restarts. Default routes are not preserved during system restart. This switch is ignored for other commands having effect on persistent routes.
command one of the following:
PRINT Prints the route
ADD Adds the route
DELETE Deletes the route
CHANGE Modifies existing route
target Denotes target host name.
MASK Implies, that the next parameter stands for subnet mask (if not specified, default value 255.255.255.255 is taken).
gateway Denotes gateway.
interface Interface number for a particular route.
METRIC Specifies the metric, i.e. the cost of reaching the target.
All symbolic host names used as the target are searched from the network database file, NETWORKS. Gateway symbolic names are searched from the host database file, HOSTS.
For PRINT/DELETE commands the gateway may be specified with “*” wildcard; gateway parameter can be omitted as well.
If target’ contains * or ?, it is regarded as a pattern and all matching routes are printed.
Remarks:
Using an invalid combination of a destination and subnet mask (netmask) value displays a “Route: bad gateway address netmask” error message. This error message appears when the destination contains one or more bits set to 1 in bit locations where the corresponding subnet mask bit is set to 0. To test this condition, express the destination and subnet mask using binary notation. The subnet mask in binary notation consists of a series of 1 bits, representing the network address portion of the destination, and a series of 0 bits, representing the host address portion of the destination. Check to determine whether there are bits in the destination that are set to 1 for the portion of the destination that is the host address (as defined by the subnet mask).
Examples:
route PRINT
route ADD 157.0.0.0 MASK 255.0.0.0 157.55.80.1 METRIC 3 IF 2
target^ ^mask ^gateway metric^ ^interface
If no interface (IF) is specified, an attempt of finding the best interface for the gatewsy is performed.
route PRINT
route PRINT 157*
route DELETE 157.0.0.0
route PRINT
7. Tracert
Determines the path taken to a destination by sending Internet Control Message Protocol (ICMP) Echo Request messages to the destination with incrementally increasing Time to Live (TTL) field values. The path displayed is the list of near-side router interfaces of the routers in the path between a source host and a destination. The near-side interface is the interface of the router that is closest to the sending host in the path. Used without parameters, tracert displays help.
Usage/syntax:
tracert [-d] [-h max_hop] [-j host_list] [-w timeout] target
Parameters:
d Prevents tracert from attempting to resolve the IP addresses of intermediate routers to their names. This can speed up the display of tracert results.
-h max_hop Specifies the maximum number of hops in the path to search for the target (destination). The default is 30 hops.
-j host_list Specifies that Echo Request messages use the Loose Source Route option in the IP header with the set of intermediate destinations specified in host_list. With loose source routing, successive intermediate destinations can be separated by one or multiple routers. The maximum number of addresses or names in the host list is 9. The HostList is a series of IP addresses (in dotted decimal notation) separated by spaces.
-w timeout Specifies the amount of time in milliseconds to wait for the ICMP Time Exceeded or Echo Reply message corresponding to a given Echo Request message to be received. If not received within the time-out, an asterisk (*) is displayed. The default time-out is 4000 (4 seconds).
target Specifies the destination, identified either by IP address or host name.
-? Displays help at the command prompt.
8. Net
Provides a list of network commands and topics for which you can get help, or provides information about a specific command. Used without parameters, net help displays a list of commands and topics for which you can get help
Usage/syntax:
net [ ACCOUNTS | COMPUTER | CONFIG | CONTINUE | FILE | GROUP | HELP | HELPMSG | LOCALGROUP | NAME | PAUSE | PRINT | SEND | SESSION |SHARE | START | STATISTICS | STOP | TIME | USE | USER | VIEW ]
Examples:
net help command
net view \hostname
net view \hostnameresource_name
net send host message send “message” to host „host“
9. Netstat
Display current TCP/IP network connections and protocol statistics.
Usage/syntax:
netstat [options] [-p protocol] [interval]
Parameters:
-a Display all connections and listening ports.
-e Display Ethernet statistics. (may be combined with -s)
-n Display addresses and port numbers in numerical form.
-r Display the routing table.
-p protocol Show only connections for the protocol specified; may be either: TCP or UDP. Windows 2K/XP also allow: TCPv6 or UDPv6. If used with the -s option then the following protocols may also be specified: IP, IPv6, ICMP,or ICMPv6.
-s Display per-protocol statistics. By default, statistics are shown for IP, ICMP, TCP and UDP. Windows 2K/XP will also display: IPv6, ICMPv6, TCPv6 and UDPv6. The -p option may be used to specify a subset of the default.
Interval Redisplay statistics, pausing interval seconds between each display. (default=once only) Press CTRL+C to stop.
10. Arp
Displays and modifies entries in the Address Resolution Protocol (ARP) cache, which contains one or more tables that are used to store IP addresses and their resolved Ethernet or Token Ring physical addresses. There is a separate table for each Ethernet or Token Ring network adapter installed on your computer. Used without parameters, arp displays help.
Usage/syntax:
arp [-a [InetAddr] [-N IfaceAddr]] [-g [InetAddr] [-N IfaceAddr]] [-d InetAddr [IfaceAddr]] [-s InetAddr EtherAddr [IfaceAddr]]
Parameters:
-a [InetAddr] [-N IfaceAddr] Displays current ARP cache tables for all interfaces. To display the ARP cache entry for a specific IP address, use arp -a with the InetAddr parameter, where InetAddr is an IP address. To display the ARP cache table for a specific interface, use the -N IfaceAddr parameter where IfaceAddr is the IP address assigned to the interface. The -N parameter is case-sensitive.
-g [InetAddr] [-N IfaceAddr] Identical to -a.
-d InetAddr [IfaceAddr] Deletes an entry with a specific IP address, where InetAddr is the IP address. To delete an entry in a table for a specific interface, use the IfaceAddr parameter where IfaceAddr is the IP address assigned to the interface. To delete all entries, use the asterisk (*) wildcard character in place of InetAddr.
-s InetAddr EtherAddr [IfaceAddr] Adds a static entry to the ARP cache that resolves the IP address InetAddr to the physical address EtherAddr. To add a static ARP cache entry to the table for a specific interface, use the IfaceAddr parameter where IfaceAddr is an IP address assigned to the interface.
/? Displays help at the command prompt.
Examples:
arp -s 157.55.85.212 00-aa-00-62-c6-09 Adds static record.
arp –a Displays arp table.
11. Nslookup
Lookup IP addresses on a NameServer.
Usage/syntax:
nslookup [-SubCommand …] [{ComputerToFind| [-Server]}]
Parameters:
-SubCommand Specifies one or more nslookup subcommands as a command-line option.
ComputerToFind Looks up information for ComputerToFind using the current default DNS name server, if no other server is specified. To look up a computer not in the current DNS domain, append a period to the name.
-Server Specifies to use this server as the DNS name server. If you omit -Server, the default DNS name server is used.
{help|?} Displays a short summary of nslookup subcommands.
Subcommands list:
host_name Prints information abort host/domain host_name usin default DNS
host_name1 host_name2 As above, host_name2 stands for DNS
help or ? Prints this subcommands list
set option Sets option “option”
all Prints information abort current host
[no]debug Prints debugger information
[no]d2 Prints detailed debugger information
[no]defname Appends domain name to each query
[no]recurse Asks for recursive query response
[no]serach Uses domain serach list
[no]vc Always uses virtual circuit
domain=domain_name Sets default domain name to „domain_name”
srchlist=N1[/N2/…/N6] Sets domain to “N1” and the search list to N1, N2, …
root=name sets the main server to “root”
retry=X Set retry number to X
timeout=X Set timeout to X
type=X Sets query type (eg. A, ANY, CNAME, MX, NS, PTR, SOA, SRV)
querytype=X Identical as above
class=X Sets query class (eg. IN (Internet), ANY)
[no]msxfr Uses fast MS zone transfer
ixfrver=X Sets current version used in IXFR transfer request
server name sets default server to “name” using current default server
lserver name sets default server to “name” using starting server
finger [user] Gets information about optional “user” of current default host
root Sets current default server as main server
ls [opt] domain [> file] Prints addresses in domain “domain” (optionally to file “file”)
-a Prints canonical names and aliases
-d Prints all records
-t type Prints all records of type “type” (eg. A, CNAME, MX, NS, PTR, etc.)
view file Sorts file „file” from ls command and prints it with pg
exit Exits the application
Reference