TCP/IP TroubleshootingWindows XP Professional and Windows Server 2003 offer several native programs that an administrator can use to troubleshoot TCP/IP issues. Some are full-fledged tools in their own right, such as FTP, but they can help in determining what might be affecting a TCP/IP network. Many of these TCP/IP troubleshooting tools are discussed in the sections that follow. The PING CommandThe PING command can be used to test network connectivity from a local system by sending an ICMP message to a remote host or gateway. On external networks such as the Internet, the use of PING might be somewhat limited, depending on how routers and firewalls are configured; many do not allow ICMP traffic. If the remote host receives the message, it responds with a reply message. PING notes the IP address, the number of bytes in the message, how long it took to reply (in milliseconds “], and the length of Time to Live (TTL) in seconds and shows any packet loss in terms of percentages, as shown here: D:\>ping 192.168.1.225 Pinging 192.168.1.225 with 32 bytes of data: Reply from 192.168.1.225: bytes=32 time<10ms TTL=128 Reply from 192.168.1.225: bytes=32 time<10ms TTL=128 Reply from 192.168.1.225: bytes=32 time<10ms TTL=128 Reply from 192.168.1.225: bytes=32 time<10ms TTL=128 Ping statistics for 192.168.1.225: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milliseconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r count] [-s count] [[-j host-list] [-k host-list]] [-w timeout] target_name The following list describes the switches available for use with PING :
The ARP CommandThe ARP command displays and modifies the IP-to-physical address translation tables used by Address Resolution Protocol (ARP), as shown here: ARP -s inet_addr eth_addr [if_addr] ARP -d inet_addr [if_addr] ARP -a [inet_addr] [-N if_addr] The following list describes the switches available for use with ARP :
For example, the following code adds a static entry: > arp -s 157.55.85.212 00-aa-00-62-c6-09 .... The following displays the ARP table: > arp -a The IPCONFIG CommandIPCONFIG is a command-line tool for getting basic IP configuration information, including the IP address, subnet mask, and default gateway. The IPCONFIG /all switch produces a detailed configuration report for all interfaces on a system, including any configured remote access adapters, as shown here: ipconfig [/? /all /renew [adapter] /release [adapter] /flushdns /displaydns /registerdns /showclassid adapter /setclassid adapter [classid] ] The following list describes the switches available for use with IPCONFIG :
The default is to display only the IP address, subnet mask, and default gateway for each adapter bound to TCP/IP. For /release and /renew , if no adapter name is specified, the IP address leases for all adapters bound to TCP/IP are released or renewed. The NBTSTAT CommandNetBT Statistics ( Nbtstat.exe ) is a command-line tool that can be used to view and troubleshoot network NetBIOS over TCP/IP (NetBT) name resolution. It displays protocol statistics and current TCP/IP connections that are using NetBT. NetBT resolves NetBIOS names to IP addresses by using several options for NetBIOS name resolution, including local cache lookup, WINS server query, broadcast, LMHOSTS and HOSTS file lookup, and DNS server query. It also displays protocol statistics and current TCP/IP connections using NetBT. NBTSTAT [ [-a RemoteName] [-A IP address] [-c] [-n] [-r] [-R] [-RR] [-s] [-S] [ interval ] ] The following list describes the switches available for use with NBTSTAT :
The NETSTAT CommandNETSTAT ( Netstat.exe ) is a command-line tool that displays TCP/IP statistics and active connections to and from the local system. It can also display all connections and listening ports and has an option to display the number of bytes sent and received and any network packets dropped (if applicable). NETSTAT [-a] [-e] [-n] [-o] [-s] [-p protocol ] [-r] [ interval ] The following list describes the switches available for use with NETSTAT :
The ROUTE CommandThe ROUTE command-line tool displays the current IP routing table for the local system, and it can be used to add or delete IP routes and to add persistent routes. [View full width]
The following list describes the switches available for use with ROUTE :
The following list describes the commands available for use with ROUTE :
Names used for the destination command are looked up in the NETWORKS file on the local system. Names used for the gateway command are looked up in the HOSTS file on the local system. If the command is PRINT or DELETE , the destination or gateway can be a wildcard ( * ), or the gateway entry can be left blank. Invalid MASK entries, such as (DEST & MASK) != DEST , generate an error. The HOSTNAME CommandHOSTNAME is a command-line tool for showing the local computer's hostname. It can be used for authentication purposes by the Remote Copy Protocol (RCP), Remote Shell (RSH), and Remote Execution (REXEC) tools. The TRACERT CommandTRACERT is sometimes used to verify that IP addressing has been correctly configured on a client. It basically shows the route taken to reach a remote system. tracert [-d] [-h maximum_hops ] [-j host-list] [-w timeout ] target_name Here is a list of available switches for the TRACERT command:
The PATHPING CommandLike TRACERT , PATHPING shows the route taken to reach a remote system, but PATHPING does so with more detail and offers more functionality. pathping [-g host-list ] [-h maximum_hops ] [-i address ] [-n] [-p period ] [-q num_queries ] [-w timeout ] [-P] [-R] [-T] [-4] [-6] target_name Here is a list of available switches for the PATHPING command:
The FTP CommandFTP is used to transfer files from system to system over TCP ports 20 and 21 (by default), but it can also help you diagnose problems on your TCP/IP network. By using Internet Explorer with FTP, users experience a Windows Explorer “type of GUI environment for the FTP file transfer by having features such as file and folder views, drag-and-drop, and copy-and-paste available. The command-line FTP allows for more functionality. FTP is considered a connected session that uses TCP. FTP commands are as follows : ! , delete , literal , prompt , send ? , debug , ls , put , status append , dir , mdelete , pwd , trace ascii , disconnect , mdir , quit , type , bell , get , mget , quote , user , binary , glob , mkdir , recv , verbose , bye , hash , mls , remotehelp , cd , help , mput , rename , close , lcd , open , and rmdir . Here is an example of the syntax: FTP [-v] [-d] [-i] [-n] [-g] [-s: filename ] [-a] [-w: windowsize ] [-A] [ host ] The following list explains the options you can use with the FTP command:
The TFTP CommandTrivial File Transfer Protocol allows for connectionless transfer of files to and from systems using UDP. Although TFTP is limited in functionality, there are still some command-line switches that can be used to tailor its performance: TFTP [-i] host [GET PUT] source [ destination ] Definitions for these switches are as follows:
The TELNET CommandTelnet is a command-line terminal emulation program that enables an administrator to perform commands on a remote computer from a command window on a local system. Here is an example of the syntax: telnet [-a] [-e char ] [-f filename ] [-l user ] [-t term ] [ host ] [ port ] Definitions for TELNET switches are as follows:
The RCP CommandRemote Copy Protocol (RCP) uses TCP to copy files to and from systems running the RCP service. It can be scripted in a batch file and does not require a password. The remote host must be running the Remote Shell Daemon (RSHD) service, and the user's username must be configured in the remote host's .rhosts file. Microsoft's implementation of TCP/IP includes the RCP client software but not RSHD services. RCP is one of the r- commands available on all Unix systems. RCP [-a -b] [-h] [-r] [ host ][. user :] source [ host ][. user :] path \ destination The following list explains the options you can use with the RCP command:
The RSH CommandRemote Shell (RSH) enables clients to run commands directly on remote hosts running the RSH service without having to log on to the remote host. Microsoft's implementation of TCP/IP includes the RSH client software but not the RSH service. If a user on a computer running in a Windows domain tries to use RSH to run a command on a remote Unix server running RSH, the domain controller is required by the RSH client to resolve the user's username. RSH is one of the Unix r-commands that is available on all Unix systems. The REXEC CommandRemote Execution (REXEC) runs commands on remote hosts running the REXEC service and authenticates the username on the remote host before executing the specified command. REXEC host [-l username ] [-n] command The following list defines options to use with the REXEC command:
|