Troubleshooting Internet Problems with Windows TCP/IP UtilitiesIf you think you are connected to your ISP but still can't communicate, you can use some of the command-line tools provided with Windows XP to trace TCP/IP problems. (TCP/IP is the network language or protocol used by the Internet; see Chapter 15 for an introduction to networking and protocols.) To run the command-line utilities, open a Command Prompt box with Start, More Programs, Accessories, Command Prompt. Then type in the commands as I'll describe them below. If you're not familiar with command-line utilities you can launch Windows Help (Start, Help and Support), and search for the command names, such as "ping" and "tracert." You can also open a Command Prompt window and type the command name followed by /?, as in Ping /? Now, let's go through some of the Windows XP TCP/IP diagnostic and command-line utilities. NOTE If you're a UNIX devotee, you'll find these utilities very familiar, if not identical, to their UNIX counterparts. If you're new to TCP/IP networking or debugging, you might find these utilities a little unfriendly. (Welcome to the world of networking!) ipconfigIpconfig is one of the most useful command-line utilities available with Windows XP, because it displays the current IP address information for each of your computer's network adapters and active dial-up connections. On networks that assign addresses automatically, ipconfig provides the only way to find out what your computer's IP address is, should you ever need to know it. After opening a command prompt window, typing the command ipconfig returns the following information (of course the IP, subnet, and gateway information ipconfig provides will be different for your computer, and you might see a dial-up connection listed rather than a LAN adapter): Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : mycompany.com IP Address. . . . . . . . . . . . : 202.201.200.166 Subnet Mask . . . . . . . . . . . : 255.255.255.224 Default Gateway . . . . . . . . . : 202.201.200.190 If you type the command Ipconfig /all Windows displays additional information about your DNS settings, including
Ipconfig displays most of the information in the Network and Dial-Up Connection Properties dialog box, but it shows their real-world values. This makes it an invaluable "first stop" when troubleshooting any network problem. If you determine that an Internet connection problem lies in your equipment somewhere (because you cannot access any Internet destinations), typing ipconfig /all will tell you whether your network setup is correct. You'll want this information at hand before calling your ISP for assistance. pingIf you try to browse the Internet or share files with other computers on your LAN and get no response, it could be because the other computer isn't getting your data or isn't responding. After ipconfig, ping is the most useful tool to determine where your Internet connection or your network has stopped working. TIP You can type ping x.x.x.x, replacing x.x.x.x with the default gateway address or the address of any other operational computer on the Internet or on your network, if you have one, and in an instant know whether your dial-up or high-speed modem, computer, network hardware, and cabling are operating properly. If echoes come back, the physical part of your network is functioning properly. If they don't, you can use tracert and other tools explained later in this chapter to see why. Here's how it works:
Therefore, ping tests the low-level communication between two computers. If ping works, you know that your network wiring, TCP/IP software, and any routers in between you and the other computer are working. Ping takes several options that can customize the type and amount of output it reports back to you. There are three especially useful variations of these options, the first two of which are C:\> ping hostname and C:\> ping nnn.nnn.nnn.nnn These variations transmit four packets to the host or IP address you specify and tell you whether they return. This command returns the following information: C:\> ping www.mycompany.com Pinging sumatra.mycompany.com [202.222.132.163] with 32 bytes of data: Reply from 202.222.132.163: bytes=32 time<10ms TTL=32 Reply from 202.222.132.163: bytes=32 time<10ms TTL=32 Reply from 202.222.132.163: bytes=32 time<10ms TTL=32 Reply from 202.222.132.163: bytes=32 time<10ms TTL=32 In this example, the fact that the packets returned tells us that the computer can communicate with www.mycompany.com. It also tells us that everything in between is working as well. NOTE It's not uncommon for one packet of the four to be lost; when the Internet gets congested, sometimes ping packets are discarded as unimportant. If any come back, the intervening networks are working. Another useful variation is to add the -t option. This makes ping run endlessly, once per second, until you press Ctrl+C. This is especially helpful if you're looking at indicator lights on your network hub, changing cables, and so on. The endless testing lets you just watch the screen to see whether any changes you make cause a difference. Ping is a great quick test of connectivity to any location. If the ping test fails, use TRacert or pathping to tell you where the problem is. Ping is a good quick tool to use to discover whether an Internet site is alive. (However, some large companies have made their servers not respond to ping tests at all. ping www.microsoft.com doesn't work, ever, even with a good Internet connection. Guess Microsoft got tired of being the first site everyone thought of to test their Internet connections.) TRacerttracert is similar to ping: It sends packets to a remote host and sees whether packets return. However, tracert adds a wrinkle: It checks the connectivity to each individual router in the path between you and the remote host. (Routers are the devices that connect one network to another. The Internet itself is the conglomeration of a few million networks all connected by routers). If your computer and Internet connection are working but you still can't reach some or all Internet sites, tracert can help you find out where the blockage is. In TRacert's output, the address it tests first is your local network's gateway (if you connect to the Internet via a high-speed connection or a LAN) or the modem-answering equipment at your ISP's office (if you're using a dial-up connection). If this first address responds, you know your modem, LAN, or broadband connection is working. If the connection stops after two or three routers, the problem is in your ISP's network. If the problem occurs farther out, there may be an Internet outage somewhere else in the country. Here's an example that shows the route between my network and the fictitious Web server www.fictitious.net. Typing C:\> tracert www.fictitious.net returns the following: Tracing route to www.fictitious.com [204.179.107.3] over a maximum of 30 hops: 1 <10 ms <10 ms <10 ms 190.mycompany.com [202.201.200.190] 2 <10 ms <10 ms 10 ms 129.mycompany.com [202.201.200.129] 3 20 ms 20 ms 20 ms w001.z216112073.sjc-ca.dsl.cnc.net [216.112.73.1] 4 10 ms 10 ms 10 ms 206.83.66.153 5 10 ms 10 ms 10 ms rt001f0801.sjc-ca.concentric.net [206.83.90.161] 6 10 ms 20 ms 20 ms us-ca-sjc-core2-f5-0.rtr.concentric.net [205.158.11.133] 7 10 ms 20 ms 10 ms us-ca-sjc-core1-g4-0-0.rtr.concentric.net [205.158.10.2] 8 10 ms 20 ms 20 ms us-ca-pa-core1-a9-0d1.rtr.concentric.net [205.158.11.14] 9 10 ms 20 ms 20 ms ATM2-0-0.br2.pao1.ALTER.NET [137.39.23.189] 10 10 ms 20 ms 20 ms 125.ATM3-0.XR1.PAO1.ALTER.NET [152.63.49.170] 11 10 ms 10 ms 20 ms 289.at-1-0-0.XR3.SCL1.ALTER.NET [152.63.49.98] 12 20 ms 20 ms 20 ms 295.ATM8-0-0.GW2.SCL1.ALTER.NET [152.63.48.113] 13 20 ms 20 ms 20 ms 2250-gw.customer.ALTER.NET [157.130.193.14] 14 41 ms 30 ms 20 ms www.fictitious.com [204.179.107.3] Trace complete. You can see that between my computer and this Web server, data passes through 13 intermediate routers, owned by two ISPs. TIP When your Internet connection is working, run TRacert to trace the path between your computer and a few Internet hosts. Print and save the listings. Someday when you're having Internet problems, you can use these listings as a baseline reference. It's very helpful to know whether packets are stopping in your LAN, in your ISP's network, or beyond when you pick up the phone to yell about it. I should point out a couple of tracert's oddities. First, notice in the example that on the command line I typed www.fictitious.net, but tracert printed www.fictitious.com. That's not unusual. Web servers sometimes have alternative names. tracert starts with a reverse name lookup to find the canonical (primary) name for a given IP address. There's another glitch you might run into. For security reasons, many organizations use firewall software or devices, which block tracert packets at the firewall between their LAN and the Internet. In these instances, tracert will never reach its intended destination even when regular communications are working correctly. Instead, you'll see an endless list that looks like this: 14 * * * Request timed out. 15 * * * Request timed out. 16 * * * Request timed out. This continues up to tracert's limit of 30 probes. Just press Ctrl+C to cancel the test if this happens. If tracert was able to reach routers outside your own LAN or PC, your equipment and Internet connection are fine and that's all you can hope for. pathpingPathping is relatively new to Windows's toolkit, having first appeared in Windows 2000. It provides the function of tracert and adds a more intensive network traffic test. Pathping performs the route-tracing function faster than TRacert because it sends only one test packet per hop, compared to tracert's three. Then, after determining the route, pathping does a punishing test of network traffic at each router by sending 100 ping packets to each router in the path between you and the host you're testing. It measures the number of lost packets and the average round trip time for each hop, and it displays the results in a table. The results tell you which routers along the way are experiencing congestion, because they will not be able to return every echo packet they're sent, and they may take some time to do it. Performing the pathping test can take quite a while. Fortunately, you can cancel the test by pressing Ctrl+C, or you can specify command-line options to shorten the test. A reasonably quick test of the path to a site, say www.quepublishing.com, can be performed using just 10 queries instead of the default 100, using this command: pathping -q 10 www.quepublishing.com You can type pathping /? to get a full description of the command line options. routeMost of us have at most one modem or one LAN adapter through which we make our Internet and other network connections, but Windows Networking components are sophisticated enough to handle multiple LAN and dial-up adapters in one computer. When multiple connections are made, Windows has to know which connections to use to speak with another remote computer. For the TCP/IP or Internet Protocol (IP) data, this information comes from the routing table. This table stores lists of IP addresses and subnets (blocks of IP addresses) as well as indicates which adapter (or interface) Windows used to reach each of them. Now, this is getting into some hardcore networking that only a few readers will be interested in; please don't think that you'll need to know about this tool (there will be no quiz next Friday). I'm discussing this only to get the details down for those few people who have a complex network setup and only need to know how to go to this information. You don't have to worry about routing unless one of the following scenarios is true:
If you have trouble reaching an Internet destination and fall into any of these three categories, type route at the command line. You'll be shown a table that looks something like this: =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x2 ...0e c3 24 1f 09 3f ...... NDIS 5.0 driver =========================================================================== =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 202.201.200.190 202.201.200.166 1 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 202.201.200.160 255.255.255.224 202.201.200.166 202.201.200.166 1 202.201.200.166 255.255.255.255 127.0.0.1 127.0.0.1 1 202.201.200.255 255.255.255.255 202.201.200.166 202.201.200.166 1 224.0.0.0 224.0.0.0 202.201.200.166 202.201.200.166 1 255.255.255.255 255.255.255.255 202.201.200.166 202.201.200.166 1 Default Gateway: 202.201.200.190 =========================================================================== Persistent Routes: None There's a lot of information here, but for our purposes, we can boil it down to this: The entry for network destination 0.0.0.0 is the effective gateway address for general Internet destinations. This can be different from your LAN's specified default gateway, especially while a dial-up or VPN connection is active. That, in turn, may mean that you can't get to the Internet. If you have multiple LAN adapters, the issues are more complicated. Contact your network administrator for assistance.
If the gateway address is incorrect after youve made a dial-up connection, see "Routing Issues," p. 712. |