[Home] [Resume] [Work Responsibilities] [Search Page] [IT Menu]
The use of TCP/IP commands, PING, IPCONFIG and others
The following utilities are provided with Microsoft TCP/IP for troubleshooting TCP/IP problems:
Troubleshooting
Utility
Function
Verifies configurations and tests connectivity
Displays the current TCP/IP configuration
Displays the site name or address depending on which you want
to resolve
Returns the local computers TCP/IP host name
Displays a list of NetBIOS computer names that have been
resolved to IP addresses
Displays the TCP/IP protocol session information
Displays or modifies the local routing table
Displays the path a packet takes to a destination host
Tip:To find out the dot address (such as 205.245.172.72) for a given domain name, Windows users can go to their MS DOS prompt screen and enter: ping xxx.yyy where xxx is the second-level domain name like "whatis" and yyy is the top-level domain name like "com").
Ping is a basic Internet program that lets you verify that a particular Internet address exists and can accept requests. The verb ping means the act of using the ping utility or command. Ping is used diagnostically to ensure that a host computer you are trying to reach is actually operating. If, for example, a user can't ping a host, then the user will be unable to use the File Transfer Protocol (FTP) to send files to that host. Ping can also be used with a host that is operating to see how long it takes to get a response back. Using ping, you can learn the number form of the IP address from the symbolic domain name (see "Tip").
Loosely, ping means "to get the attention of" or "to check for the presence of" another party online. Ping operates by sending a packet to a designated address and waiting for a response. The computer acronym was contrived to match the submariners' term for the sound of a returned sonar pulse.
C:\>ping raaust
Pinging raaust.syd.ime.reuters.com [196.1.118.1] with 32 bytes of data:
Reply from 196.1.118.1: bytes=32 time<10ms TTL=254
Reply from 196.1.118.1: bytes=32 time<10ms TTL=254
Reply from 196.1.118.1: bytes=32 time<10ms TTL=254
Reply from 196.1.118.1: bytes=32 time<10ms TTL=254
This diagnostic command displays all current TCP/IP network configuration values on the current computer. It displays the IP address, subnet mask, and default gateway values for each network card. This command is of particular use on systems running DHCP, allowing users to determine which TCP/IP configuration values have been configured by DHCP.
C:\>ipconfig
Windows NT IP Configuration
Ethernet adapter E100B1:
IP Address. . . . . . . . . : 196.1.101.145
Subnet Mask . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . : 196.1.101.254
This command prints the name of the current computer (host). This command is available only if the TCP/IP protocol has been installed.
C:\>hostname
calls1
Manipulates network routing tables. This command is available only if the TCP/IP protocol has been installed.
C:\>route print
Active Routes:
Network Address Netmask Gateway Address Interface Metric
0.0.0.0 0.0.0.0 196.1.101.254 196.1.101.145 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
196.1.101.0 255.255.255.0 196.1.101.145 196.1.101.145 1
196.1.101.145 255.255.255.255 127.0.0.1 127.0.0.1 1
196.1.101.255 255.255.255.255 196.1.101.145 196.1.101.145 1
224.0.0.0 224.0.0.0 196.1.101.145 196.1.101.145 1
255.255.255.255 255.255.255.255 196.1.101.145 196.1.101.145 1
Tracert is a utility that records the route through the Internet between your computer and a specified destination computer. It also calculates and displays the amount of time each hop took. Tracert is a handy tool both for understanding where problems are in the Internet network and for getting a detailed sense of the Internet itself. Another utility, ping, is often used prior to using tracert to see whether a host is present on the network.
C:\>TRACERT 165.21.48.229
Tracing route to signet2 [165.21.48.229]
over a maximum of 30 hops:
1 <10 ms 10 ms <10 ms 202.139.3.193
2 10 ms 20 ms 20 ms mce1-14-24.sb2.optus.net.au [202.139.0.209]
3 10 ms 20 ms 20 ms atm5-0-0-13.ia4.optus.net.au [192.65.89.213]
4 30 ms 20 ms 40 ms atmsr-1-10.ap1.optus.net.au [202.139.7.57]
5 131 ms 140 ms 130 ms 203.116.10.98
6 140 ms 140 ms 131 ms 203.116.255.2
7 130 ms 140 ms 131 ms 203.116.255.9
8 221 ms 170 ms 180 ms 203.116.1.217
9 251 ms 150 ms 140 ms 165.21.49.169
10 130 ms 131 ms 140 ms signet2 [165.21.48.229]
Trace complete.
This dianostic command displays protocol statistics and current TCP/IP connections using NBT (NetBIOS over TCP/IP). This command is available only if the TCP/IP protocol has been installed.
C:\>nbtstat /?
Displays protocol statistics and current TCP/IP connections using NBT
(NetBIOS over TCP/IP).
NBTSTAT [-a RemoteName] [-A IP address] [-c] [-n]
[-r] [-R] [-s] [-S] [interval] ]
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its
IP address.
-c (cache) Lists the remote name cache including the IP addresses
-n (names) Lists local NetBIOS names.
-r (resolved) Lists names resolved by broadcast and via WINS
-R (Reload) Purges and reloads the remote cache name table
-S (Sessions) Lists sessions table with the destination IP addresses
-s (sessions) Lists sessions table converting destination IP
addresses to host names via the hosts file.
RemoteName Remote host machine name.
IP address Dotted decimal representation of the IP address.
interval Redisplays selected statistics, pausing interval seconds
between each display. Press Ctrl+C to stop redisplaying
statistics.
C:\>nbtstat -n
Node IpAddress: [196.1.101.145] Scope Id: []
NetBIOS Local Name Table
Name Type Status
---------------------------------------------
CALLS1 <00> UNIQUE Registered
CALLS <00> GROUP Registered
CALLS1 <20> UNIQUE Registered
CALLS1 <03> UNIQUE Registered
CALLS <1E> GROUP Registered
CALLS <03> UNIQUE Registered
CALLS <1D> UNIQUE Registered
..__MSBROWSE__.<01> GROUP Registered
The Netstat utility provides statistics on the following network components.
Foreign Address
The IP address and port number of the remote computer to which the socket is connected. The name corresponding to the IP address is shown instead of the number if the HOSTS file contains an entry for the IP address. In cases where the port is not yet established, the port number is shown as an asterisk (*).
Local Address
The IP address of the local computer, as well as the port number the connection is using. The name corresponding to the IP address is shown instead of the number if the HOSTS file contains an entry for the IP address. In cases where the port is not yet established, the port number is shown as an asterisk (*).
Proto
The name of the protocol used by the connection.
(state)
Indicates the state of TCP connections only. The possible states are
CLOSED FIN_WAIT_1 SYN_RECEIVED
CLOSE_WAIT FIN_WAIT_2 SYN_SEND
ESTABLISHED LISTEN TIMED_WAIT
LAST_ACK
C:\>netstat -r
Route Table
Active Connections
Proto Local Address Foreign Address State
TCP calls1:1025 localhost:1026 ESTABLISHED
TCP calls1:1026 localhost:1025 ESTABLISHED
TCP calls1:1027 localhost:1029 ESTABLISHED
TCP calls1:1029 localhost:1027 ESTABLISHED
TCP calls1:nbsession CALLS3:2725 ESTABLISHED
TCP calls1:3014 raaust.syd.ime.reuters.com:8484 ESTABLISHED
TCP calls1:2770 clusterip2.syd.ime.reuters.com:2544 ESTABLISHED
TCP calls1:2775 raaust.syd.ime.reuters.com:6161 ESTABLISHED
TCP calls1:3038 sydsdm02.syd.ime.reuters.com:1352 ESTABLISHED
NSLOOKUP is used to query the Internet name server in order to obtain an address if you have a sitename, or a sitename if you have an address. To translate a name to an address, type NSLOOKUP sitename
You should get a report like this:
C:\>nslookup syddn2.syd.ime.reuters.com
Server: syddns1.syd.ime.reuters.com
Address: 196.1.101.250
Name: syddn2.syd.ime.reuters.com
Address: 196.1.101.250
To translate an address to a name type NSLOOKUP address and you should see something tike this
C:\>nslookup 196.1.101.250
Server: syddns1.syd.ime.reuters.com
Address: 196.1.101.250
Name: syddn2.syd.ime.reuters.com
Address: 196.1.101.250
