Hack52.Troubleshoot Network Connections with netsh, netstat, and ipconfig


Hack 52. Troubleshoot Network Connections with netsh, netstat, and ipconfig

Here are a few more command-line tools for tracking down problems with your network connection.

In addition to well-known command-line network utilities such as ping, tracert, and pathping [Hack #51], three additional all-purpose utilities can help you troubleshoot network connections: netsh, netstat, and ipconfig.

5.5.1. Use netsh to Troubleshoot Network and Internet Connections

netsh is a wide-ranging command-line diagnostic tool that has an exceedingly large number of commands available. (For a complete list of available commands, use Windows XP Help and Support and search for netsh.) Here you'll learn the most interesting.

Perhaps the most useful of the netsh commands are the netsh diag commands. Use them to find out information about your PC's network setup, such as finding the IP address of its mail server, newsgroup server, DNS server, and similar resources.

There are two ways to use netsh: directly from the command line with all its switches, or first getting to the netsh console by typing netsh at the command line and then typing the command from the netsh> prompt that appears. For example, you could type netsh diag show adapter at the command line, which lists every network adapter on your PC, or you could get to the netsh> prompt and type diag show adapter.

Use the netsh command to connect to the resources and then get information about them. For example, to find out the IP address of your DNS servers, type netsh diag show dns; to find out the IP address of your mail server, type netsh diag connect mail.

Table 5-5 lists the most useful of the netsh diag commands. Precede each of them with netsh diag. Note that they each have many switches associated with them. For more details, use Windows XP Help and Support and search for netsh.

Table 5-5. Useful netsh diag commands

Command

What it does

connect ieproxy

Establishes a connection to Internet Explorer's proxy server, if one exists

connect mail

Establishes a connection to the default Outlook Express mail server

connect news

Establishes a connection to the default Outlook Express newsgroup server

ping adapter

Establishes a connection with the named adapter

ping dhcp

Establishes a connection with a DHCP server

show adapter

Lists all the adapters on the PC

show all

Lists all the network objects defined for the local PC, such as adapters, network clients, servers, modems, and other objects

show dhcp

Lists all the DHCP servers for the specified adapter

show dns

Lists all the DNS servers for the specified adapter

show gateway

Lists all the gateways for the specified adapter


5.5.2. Use netstat to Get Information About Open Network Connections

If you want to get a snapshot of all incoming and outgoing network connections, use the netstat command. At a command prompt, type netstat. It lists all connections, including the protocol being used, the local and Internet addresses, and the current state of the connection, like this:

Active Connections Proto  Local Address       Foreign Address        State TCP    PrestonGralla:1031  localhost:2929         ESTABLISHED TCP    PrestonGralla:2887  192.168.1.103:netbios-ssn  TIME_WAIT TCP    PrestonGralla:2899  www.oreillynet.com:http  ESTABLISHED TCP    PrestonGralla:2900  www.oreillynet.com:http  ESTABLISHED TCP    PrestonGralla:2932  mail.attbi.com:pop3    ESTABLISHED TCP    PrestonGralla:2936  vmms2.verisignmail.com:pop3  ESTABLISHED

It will help you know whether connections are live, the network or Internet device to which they're connected, and which local resource is making the connection. It's best suited for when you're troubleshooting network problems and want to find out whether certain ports are open, why certain computers on the network are having connection problems, and similar issues. You can use command-line switches with netstat. For example, display open ports and open connections with this syntax: netstat -a. Table 5-6 lists netstat switches.

Table 5-6. Useful netstat switches

Switch

What it does

-a

Displays all open connections and ports.

-e

Displays Ethernet statistics about packets transmitted and received. Can be combined with the -s switch.

-n

Displays the addresses and ports in numeric, IP address form.

-o

Displays the process identifier (PID) that owns each connection.

-p proto

Displays the connections used by the protocol, which can be IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6.

-r

Displays the network's routing table.

-s

Displays statistics for each protocol. It lists all statistics for all protocols, but you can list only those for a specified protocol if you combine it with the -p switch.

interval value

Runs netstat repeatedly, pausing value seconds between each new display. To stop the display, press Ctrl-C.


5.5.3. Use ipconfig to Troubleshoot TCP/IP

One of the most powerful tools for analyzing and troubleshooting TCP/IP problems is the ipconfig command-line utility. It provides information about each of your adapters, including the assigned IP address, subnet mask, default gateway, MAC address, DNS servers, whether DHCP is enabled, and a variety of other data. To see basic information about your adapters, type ipconfig at a command prompt, and you'll see information like this:

Windows IP Configuration Ethernet adapter Local Area Connection:         Connection-specific DNS Suffix  . : ne1.client2.attbi.com         IP Address. . . . . . . . . . . . : 192.168.1.100         Subnet Mask . . . . . . . . . . . : 255.255.255.0         Default Gateway . . . . . . . . . : 192.168.1.1 PPP adapter {6A724E76-AB59-4ABC-BBF5-41CA4410EB8D}:         Connection-specific DNS Suffix  . :         IP Address. . . . . . . . . . . . : 172.165.155.106         Subnet Mask . . . . . . . . . . . : 255.255.255.255         Default Gateway . . . . . . . . . :

As you can see, ipconfig provides basic information about your IP address, subnet mask, default gateway, and a connection-specific DNS suffix, if any. However, you can get much more detailed information by using the /all switch, like this: ipconfig /all. For most troubleshooting purposes, use the /all switch. You get a much more comprehensive listing, as shown here:

Windows IP Configuration         Host Name . . . . . . . . . . . . : PrestonGralla         Primary Dns Suffix  . . . . . . . :         Node Type . . . . . . . . . . . . : Hybrid         IP Routing Enabled. . . . . . . . : No         WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection:         Connection-specific DNS Suffix  . : ne1.client2.attbi.com         Description . . . . . . . . . . . : CNet PRO200WL PCI Fast Ethernet   Adapter         Physical Address. . . . . . . . . : 00-08-A1-00-9F-32         Dhcp Enabled. . . . . . . . . . . : Yes         Autoconfiguration Enabled . . . . : Yes         IP Address. . . . . . . . . . . . : 192.168.1.100         Subnet Mask . . . . . . . . . . . : 255.255.255.0         Default Gateway . . . . . . . . . : 192.168.1.1         DHCP Server . . . . . . . . . . . : 192.168.1.1         DNS Servers . . . . . . . . . . . : 204.127.202.19                                             216.148.227.79         Lease Obtained. . . . . . . . . . : Saturday, December 28, 2002     8:53:40 AM         Lease Expires . . . . . . . . . . : Sunday, December 29, 2002 8:53:40 AM       PPP adapter {6A724E76-AB59-4ABC-BBF5-41CA4410EB8D}:         Connection-specific DNS Suffix  . :         Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface         Physical Address. . . . . . . . . : 00-53-45-00-00-00         Dhcp Enabled. . . . . . . . . . . : No         IP Address. . . . . . . . . . . . : 172.165.155.106         Subnet Mask . . . . . . . . . . . : 255.255.255.255         Default Gateway . . . . . . . . . :         DNS Servers . . . . . . . . . . . : 64.12.104.134         NetBIOS over Tcpip. . . . . . . . : Disabled

You can also use ipconfig to release and renew IP addresses, and to perform other troubleshooting functions as well. For example, to renew an adapter's IP address, use this command:

ipconfig /renew "adapter name"

where adapter name is the name of the adapter whose IP address you want to renew. Make sure to put quotes around the adapter name and use spaces if there is more than one word in the adapter name. Table 5-7 lists other switches you can use with ipconfig.

Table 5-7. Command-line switches for ipconfig

Switch

What it does

/all

Displays complete TCP/IP configuration information

/displaydns

Displays information from the DNS resolver cache [Hack #49]

/flushdns

Clears the DNS resolver cache [Hack #49]

/registerdns

Refreshes all DHCP leases and reregisters DNS names

/release "adapter"

Releases the IP address for the specified adapter

/renew "adapter"

Renews the IP address for the specified adapter

/setclassid "adapter" newclassid

Resets the DHCP Class ID for the specified adapter

/showclassid "adapter"

Displays the DHCP Class ID for the specified adapter


5.5.4. See Also

  • [Hack #51]



    Windows XP Hacks
    Windows XP Hacks, Second Edition
    ISBN: 0596009186
    EAN: 2147483647
    Year: 2003
    Pages: 191

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net