Troubleshooting TCPIP Networking | MicrosoftВ® WindowsВ® Command-Line Administrators Pocket Consultant

< Day Day Up >

Troubleshooting TCP/IP Networking

Problems with TCP/IP networking can be difficult to track down, which is why there are so many tools to help you try to determine what’s happening. As you start to troubleshoot, make sure you have a clear understanding of the concepts and procedures discussed in the “Supporting TCP/IP Networking” section of this chapter. The tools and techniques discussed there will help you uncover and diagnose some of the most complex TCP/IP networking problems. In addition to that discussion, you can use the discussion in this section to troubleshoot connectivity and configuration issues.

Viewing Diagnostic Information

Many TCP/IP networking problems relate to incorrect configuration of networking components and you’ll find that the Netsh Diag context is really good at helping you discover what’s going on. Start by viewing summary configuration information by typing netsh diag show all. Listing 15-2 shows the summary configuration information for CorpSvr02.

Note

Don’t overlook how useful Netsh can be to remotely troubleshoot problems. With Netsh, you don’t need to sit at the user’s computer or logon remotely using Remote Desktop. You simply start netsh with the –R parameter to provide the name of the remote computer you want to work with and then go about diagnosing the problem at hand.

Listing 15-2: Netsh Diag Show All Output

Default Outlook Express Mail (pop3.cpandl.com / mail.cpandl.com)
 
Default Outlook Express News (Not Configured)
 
Internet Explorer Web Proxy (Internet Explorer is not using the proxy)
 
Loopback (127.0.0.1)
 
Computer System (CORPSVR02)
 
Operating System (Microsoft(R) Windows(R) Server 2003, Standard Edition)
 
Version (5.2.3790)
 
Modems
 
Network Adapters
    1. [00000001]  Intel(R) PRO/100 VE Network Connection
    2. [00000002]  1394 Net Adapter
    3. [00000003]  RAS Async Adapter
    4. [00000004]  WAN Miniport (L2TP)
    5. [00000005]  WAN Miniport (PPTP)
    6. [00000006]  WAN Miniport (PPPOE)
    7. [00000007]  Direct Parallel
    8. [00000008]  WAN Miniport (IP)
Network Clients
    1. Microsoft Terminal Services
    2. Microsoft Windows Network
    3. Web Client Network

You can also obtain detailed configuration information by typing netsh diag show all /v. However, this typically gives you too much information, so it is better to examine one potential problem area at a time. Typically, you’ll next want to examine the network adapter configuration on the computer. Type netsh diag show adapter to view summary details for the network adapters configured on the computer. The output should confirm what adapters are available, such as

Network Adapters
    1. [00000001]  Intel(R) PRO/100 VE Network Connection
    2. [00000002]  1394 Net Adapter
    3. [00000003]  RAS Async Adapter
    4. [00000004]  WAN Miniport (L2TP)
    5. [00000005]  WAN Miniport (PPTP)
    6. [00000006]  WAN Miniport (PPPOE)
    7. [00000007]  Direct Parallel
    8. [00000008]  WAN Miniport (IP)

Here, the computer is configured with

An Intel Ethernet 100-megabits-per-second (Mbps) network card
An IEEE 1394 (FireWire) adapter
An RAS asynchronous adapter, meaning RAS is installed on the computer
IPSec port for Layer Two Tunneling Protocol (L2TP)
IPSec port for Point-to-Point Tunneling Protocol
IPSec port for Point-to-Point Protocol over Ethernet
Parallel printer port
Internet Protocol (IP) port

Next, you’ll probably want to get detailed information on the configuration of these adapters by adding the /V parameter. Typically, you’ll want to limit this to a specific adapter by following the command text with the index number of the adapter to review, or a full or partial name of the adapter. Consider the following examples:

Display the detailed configuration information for the network adapter with an index of 1:

netsh diag show adapter 1 /v

Display the detailed configuration information for the network adapter whose name starts with the keyword Intel:

netsh diag show adapter intel* /v

Listing 15-3 shows an example detailed output for a network adapter. As you can see, the verbose adapter output shows the configuration of default gateways, dynamic IP addressing from DHCP, DNS, IP addressing and WINS.

Listing 15-3: Netsh Diag Show Adapter Verbose Output

Network Adapters
    1. [00000001] Intel(R) PRO/100 VE Network Connection
       ArpAlwaysSourceRoute = (empty)
       ArpUseEtherSNAP = (empty)
       Caption = [00000001] Intel(R) PRO/100 VE Network Connection
       DatabasePath = %SystemRoot%\System32\drivers\etc
       DeadGWDetectEnabled = (empty)
       DefaultIPGateway = 192.168.1.1 Same Subnet
                          192.168.1.2 Same Subnet
       DefaultTOS = (empty)
       DefaultTTL = (empty)
       Description = Intel(R) PRO/100 VE Network Connection
       DHCPEnabled = FALSE
       DHCPLeaseExpires = (empty)
       DHCPLeaseObtained = (empty)
       DHCPServer = (empty)
       DNSDomain = (empty)
       DNSDomainSuffixSearchOrder = (empty)
       DNSEnabledForWINSResolution = FALSE
       DNSHostName = corpsvr02
       DNSServerSearchOrder = 192.168.1.50
                              192.168.1.67
       DomainDNSRegistrationEnabled = FALSE
       ForwardBufferMemory = (empty)
       FullDNSRegistrationEnabled = TRUE
       GatewayCostMetric =1
                          2
       IGMPLevel = (empty)
       Index = 1
       InterfaceIndex = 65539
       IPAddress = 192.168.1.50
                   192.168.2.12
       IPConnectionMetric = 20
       IPEnabled = TRUE
       IPFilterSecurityEnabled = FALSE
       IPPortSecurityEnabled = (empty)
       IPSecPermitIPProtocols = 0
       IPSecPermitTCPPorts = 0
       IPSecPermitUDPPorts = 0
       IPSubnet = 255.255.255.0
                  255.255.255.0
       IPUseZeroBroadcast = (empty)
       IPXAddress = (empty)
       IPXEnabled = FALSE
       IPXFrameType = (empty)
       IPXMediaType = (empty)
       IPXNetworkNumber = (empty)
       IPXVirtualNetNumber = (empty)
       KeepAliveInterval = (empty)
       KeepAliveTime = (empty)
       MACAddress = 00:E0:B8:53:05:F1
       MTU = (empty)
       NumForwardPackets = (empty)
       PMTUBHDetectEnabled = (empty)
       PMTUDiscoveryEnabled = (empty)
       ServiceName = E100B
       SettingID = {A908BB00-F027-4E25-8EE8-47FD6E7DA507}
       TcpipNetbiosOptions = 0
       TcpMaxConnectRetransmissions = (empty)
       TcpMaxDataRetransmissions = (empty)
       TcpNumConnections = (empty)
       TcpUseRFC1122UrgentPointer = (empty)
       TcpWindowSize = (empty)
       WINSEnableLMHostsLookup = TRUE
       WINSHostLookupFile = (empty)
       WINSPrimaryServer = 192.168.1.102
       WINSScopeID = (empty)
       WINSSecondaryServer = 192.168.1.108

Diagnosing Mail, News, Proxy Client Problems

In Listing 15-2, the first line of output shows that the default e-mail program is Outlook Express and it is configured to use pop3.cpandl.com to receive mail and mail.cpandl.com to send mail:

Default Outlook Express Mail (pop3.cpandl.com / mail.cpandl.com)

You can display this information by itself by typing netsh diag show mail. If you suspect a problem with the e-mail configuration you would want to look at the detailed configuration information by typing netsh diag show mail /v. The output would look similar to the following:

Default Outlook Express Mail (pop3.cpandl.com / mail.cpandl.com)
     InBoundMailPort = 110
     InBoundMailServer = pop3.cpandl.com
     InBoundMailType = POP3
     OutBoundMailPort = 25
     OutBoundMailServer = mail.cpandl.com
     OutBoundMailType = SMTP

Here, inbound mail is configured to use POP3 on port 110 and pop3.cpandl.com as the inbound mail server. Outbound mail is configured to use SMTP on port 25 and mail.cpandl.com as the outbound mail server. If any of this information were incorrect, you would want to reconfigure mail.

In Listing 15-2, after providing the default mail information, the configuration of the default Usenet news client and Internet Explorer web proxy are displayed. If these clients aren’t configured, the output shows this, as is the case in many organizations. For an organization that uses these clients, you can type netsh diag show news /v or netsh diag show ieproxy /v to get detailed configuration information, which should help identify any configuration issues.

Diagnosing General Computer Configuration Issues

The Netsh Diag context provides three commands for diagnosing general computer configuration issues:

Netsh diag show computer Shows general computer configuration information
Netsh diag show os Shows general operating system configuration information
Netsh diag show version Shows the version number of the operating system, such as Version (5.1.2600) where 5.1 is the version number and 2600 is the build number.

The summary information for these commands shows only the computer name, operating system edition, and operating system version. The detailed output is much more useful in diagnosing problems. The detailed computer information, obtained by typing netsh diag show computer /v, is shown as Listing 15-4.

Listing 15-4: Verbose Computer Configuration Output

Computer System (CORPSVR02)
    AdminPasswordStatus = 3
    AutomaticResetBootOption = TRUE
    AutomaticResetCapability = TRUE
    BootOptionOnLimit = (empty)
    BootOptionOnWatchDog = (empty)
    BootROMSupported = TRUE
    BootupState = Normal boot
    Caption = CORPSVR02
    ChassisBootupState = 3
    CreationClassName = Win32_ComputerSystem
    CurrentTimeZone = 480
    DaylightInEffect = FALSE
    Description = AT/AT COMPATIBLE
    DNSHostName = corpsvr02
    Domain = cpandl.com
    DomainRole = 5
    EnableDaylightSavingsTime = TRUE
    FrontPanelResetStatus = 3
    InfraredSupported = FALSE
    InitialLoadInfo = (empty)
    InstallDate = (empty)
    KeyboardPasswordStatus = 3
    LastLoadInfo = (empty)
    Manufacturer = Gateway
    Model = Gateway 800EA2
    Name = CORPSVR02
    NameFormat = (empty)
    NetworkServerModeEnabled = TRUE
    NumberOfProcessors = 1
    OEMStringArray = SMBIOS 2.3
    Customer Reference Platform
    PartOfDomain = TRUE
    PauseAfterReset = -1
    PowerManagementCapabilities = (empty)
    PowerManagementSupported = (empty)
    PowerOnPasswordStatus = 3
    PowerState = 0
    PowerSupplyState = 3
    PrimaryOwnerContact = (empty)
    PrimaryOwnerName = wrs
    ResetCapability = 1
    ResetCount = -1
    ResetLimit = -1
    Roles =   LM_Workstation
              LM_Server
              Primary_Domain_Controller
              Timesource
              Print
              DialIn
              NT
              Master_Browser
              DFS
    Status = OK
    SupportContactDescription = (empty)
    SystemStartupDelay = 30
    SystemStartupOptions = "Windows Server 2003, Standard" /fastdetect
                           "Microsoft Windows XP Home Edition" /fastdetect
    SystemStartupSetting = 0
    SystemType = X86-based PC
    ThermalState = 3
    TotalPhysicalMemory = 535805952
    UserName = CPANDL\administrator
    WakeUpType = 6
    Workgroup = (empty)

A summary of the computer configuration entries and their meaning is provided in Table 15-3.

Table 15-3: Computer Configuration Entries and Their Meaning
Property	Description
AdminPasswordStatus	Status of the Administrator password. Values are: 1 = Disabled, 2 = Enabled, 3 = Not Implemented, 4 = Unknown.
AutomaticResetBootOption	Indicates whether the automatic reset boot option is enabled.
AutomaticResetCapability	Indicates whether the automatic reset is enabled.
BootOptionOnLimit	System action to be taken when the ResetLimit value is reached. Values are: 1 = Reserved, 2 = Operating system, 3 = System utilities, 4 = Do not reboot.
BootOptionOnWatchDog	Reboot action to be taken after the time on the watchdog timer has elapsed. Values are: 1 = Reserved, 2 = Operating system, 3 = System utilities, 4 = Do not reboot.
BootROMSupported	Indicates whether a boot ROM is supported.
BootupState	Indicates how the system was started. Values are: “Normal boot”, “Fail-safe boot”, and “Fail-safe with network boot”.
Caption	System name.
ChassisBootupState	Bootup state of the system chassis. Values are: 1 = Other, 2 = Unknown, 3 = Safe, 4 = Warning, 5 = Critical, 6 = Non-recoverable.
CreationClassName	Name of class from which object is derived.
CurrentTimeZone	Number of minutes the computer is offset from Coordinated Universal Time.
DaylightInEffect	Indicates whether daylight savings mode is on.
Description	Description of the computer.
DNSHostName	Name of the server according to DNS.
Domain	Name of the domain to which the computer belongs.
DomainRole	Domain role of the computer. Values are: 0 = Standalone Workstation, 1 = Member Workstation, 2 = Standalone Server, 3 = Member Server, 4 = Backup Domain Controller, 5 = Primary Domain Controller.
EnableDaylightSavingsTime	Indicates whether Daylight Savings Time is enabled. If TRUE, the system changes to an hour ahead or behind when DST starts or ends. If FALSE, the system does not change to an hour ahead or behind when DST starts or ends.
FrontPanelResetStatus	Hardware security settings for the reset button on the computer. Values are: 0 = Disabled, 1 = Enabled, 2 = Not Implemented, 3 = Unknown.
InfraredSupported	Indicates whether an infrared (IR) port exists on the computer system.
InitialLoadInfo	Data needed to find either the initial load device (its key) or the boot service to request the operating system to start up.
InstallDate	When the computer was installed.
KeyboardPasswordStatus	Indicates the keyboard password status. Values are: 0 = Disabled, 1 = Enabled, 2 = Not Implemented, 3 = Unknown.
LastLoadInfo	Array entry of the InitialLoadInfo property, that holds the data corresponding to booting the currently loaded operating system.
Manufacturer	Computer manufacturer name.
Model	Product name given by the manufacturer.
Name	The computer name.
NameFormat	Identifies how the computer system name is generated.
NetworkServerModeEnabled	Indicates whether Network Server Mode is enabled.
NumberOfProcessors	Number of enabled processors on the computer.
OEMStringArray	List of descriptive strings set by the OEM.
PartOfDomain	Indicates whether the computer is part of a domain. If TRUE, the computer is a member of a domain. If FALSE, the computer is a member of a workgroup.
PauseAfterReset	Time delay in milliseconds before a reboot is initiated after a system power cycle or reset.
PowerManagementCapabilities	Power management capabilities of a logical device. Values are: 0 = Unknown, 1 = Not Supported, 2 = Disabled, 3 = Enabled, 4 = Power Saving Modes Entered Automatically, 5 = Power State Settable, 6 = Power Cycling Supported, 7 = Timed Power On Supported.
PowerManagementSupported	Indicates whether the device’s power can be managed.
PowerOnPasswordStatus	Power on password status. Values are: 0 = Disabled, 1 = Enabled, 2 = Not Implemented, 3 = Unknown.
PowerState	Indicates the current power state of the computer. Values are: 0 = Unknown, 1 = Full Power, 2 = Power Save – Low Power Mode, 3 = Power Save – Standby, 4 = Power Save – Unknown, 5 = Power Cycle, 6 = Power Off, 7 = Power Save – Warning.
PowerSupplyState	State of the enclosure’s power supply when last booted. Values are: 1 = Other, 2 = Unknown, 3 = Safe, 4 = Warning, 5 = Critical, 6 = Non-recoverable.
PrimaryOwnerContact	Contact information for the computer’s owner.
PrimaryOwnerName	Name of the system owner.
ResetCapability	Value indicates whether a computer can be reset using the power and reset buttons (or other hardware means). Values are: 1 = Other, 2 = Unknown, 3 = Disabled, 4 = Enabled, 5 = Nonrecoverable.
ResetCount	Number of automatic resets since the last intentional reset. A value of -1 indicates that the count is unknown.
ResetLimit	Number of consecutive times a system reset will be attempted. A value of -1 indicates that the limit is unknown.
Roles	System roles.
Status	Current status of the computer. Values are: “OK”, “Error”, “Degraded”, “Unknown”, “Pred Fail”, “Starting”, “Stopping”, “Service”.
SupportContactDescription	List of the support contact information for the computer.
SystemStartupDelay	The startup delay in seconds.
SystemStartupOptions	List of the startup options for the computer.
SystemStartupSetting	Index of the default start profile.
SystemType	System architecture type, such as “X86-based PC” or “64-bit Intel PC”.
ThermalState	Thermal state of the system chassis when last booted. Values are: 1 = Other, 2 = Unknown, 3 = Safe, 4 = Warning, 5 = Critical, 6 = Non-recoverable.
TotalPhysicalMemory	Total byte size of physical memory.
UserName	Name of the currently logged-on user.
WakeUpType	Event that caused the system to power up. Values are: 0 = Reserved, 1 = Other, 2 = Unknown, 3 = APM Timer, 4 = Modem Ring, 5 = LAN Remote, 6 = Power Switch, 7 = PCI PME#, 8 = AC Power Restored.
Workgroup	When a computer is a member of a workgroup, the workgroup name is listed here.

As you can see, the detailed configuration information tells you a great deal about the computer’s configuration. The same is true for the operating system details, which can be obtained by typing netsh diag show os /v. Listing 15-5 provides an example.

Listing 15-5: Verbose Operating System Configuration Output

Operating System (Microsoft(R) Windows(R) Server 2003, Standard Edition)
    BootDevice = \Device\HarddiskVolume1
    BuildNumber = 3790
    BuildType = Uniprocessor Free
    Caption = Microsoft(R) Windows(R) Server 2003, Standard Edition
    CodeSet = 1252
    CountryCode = 1
    CreationClassName = Win32_OperatingSystem
    CSCreationClassName = Win32_ComputerSystem
    CSDVersion = (empty)
    CSName = CORPSVR02
    CurrentTimeZone = -480
    Debug = FALSE
    Description = (empty)
    Distributed = FALSE
    EncryptionLevel = 168
    ForegroundApplicationBoost = 2
    FreePhysicalMemory = 357176
    FreeSpaceInPagingFiles = 1114384
    FreeVirtualMemory = 1471560
    InstallDate = 3:53:12 PM 11/21/2004
    LargeSystemCache = 1
    LastBootUpTime = 10:37:11 AM 11/19/2005
    LocalDateTime = 10:42:00 AM 11/19/2005
    Locale = 0409
    Manufacturer = Microsoft Corporation
    MaxNumberOfProcesses = -1
    MaxProcessMemorySize = 2097024
    Name = Microsoft Windows Server 2003 Standard Edition|C:\WINDOWS|\
     Device\Harddisk0\Partition1
    NumberOfLicensedUsers = 500
    NumberOfProcesses = 33
    NumberOfUsers = 2
    Organization = wrs
    OSLanguage = 1033
    OSProductSuite = 272
    OSType = 18
    OtherTypeDescription = (empty)
    PAEEnabled = FALSE
    PlusProductID = (empty)
    PlusVersionNumber = (empty)
    Primary = TRUE
    ProductType = 2
    QuantumLength = 0
    QuantumType = 0
    RegisteredUser = wrs
    SerialNumber = 38383-022-1234343-43434
    ServicePackMajorVersion = 0
    ServicePackMinorVersion = 0
    SizeStoredInPagingFiles = 1280320
    Status = OK 
    SuiteMask = 272
    SystemDevice = \Device\HarddiskVolume1
    SystemDirectory = C:\WINDOWS\system32
    SystemDrive = C:
    TotalSwapSpaceSize = (empty)
    TotalVirtualMemorySize = 1803568
    TotalVisibleMemorySize = 523248
    Version = 5.2.3790
    WindowsDirectory = C:\WINDOWS

A summary of the operating system entries and their meanings is provided in Table 15-4.

Table 15-4: Operating System Configuration Entries and Their Meanings
Property	Description
BootDevice	Disk drive from which the Win32 operating system boots.
BuildNumber	Build number of the operating system.
BuildType	Type of build used for the operating system, such as “retail build” or “checked build”.
Caption	Operating system name.
CodeSet	Code page value used by the operating system.
CountryCode	Country code used by the operating system.
CreationClassName	Name of class from which the object is derived.
CSCreationClassName	Name of class from which computer system object is derived.
CSDVersion	Indicates the latest Service Pack installed on the computer. Value is NULL if no Service Pack is installed.
CSName	Name of the computer system associated with this object class.
CurrentTimeZone	Number of minutes the operating system is offset from Greenwich Mean Time. The value is positive, negative, or zero.
Debug	Indicates whether the operating system is a checked (debug) build. If TRUE, the debugging version of User.exe is installed.
Description	Description of the Windows operating system.
Distributed	Indicates whether the operating system is distributed across multiple computer system nodes. If so, these nodes should be grouped as a cluster.
EncryptionLevel	The level of encryption for secure transactions as 40-bit, 128-bit, or n-bit.
ForegroundApplicationBoost	Sets the priority of the foreground application. On Windows NT 4 and Windows 2000, application boost is implemented by giving an application more processor time. Values are: 0 = None, 1 = Minimum, 2 = Maximum (Default).
FreePhysicalMemory	Physical memory in kilobytes currently unused and available.
FreeSpaceInPagingFiles	Amount of free space in kilobytes in the operating system’s paging files. Swapping occurs when the free space fills up.
FreeVirtualMemory	Virtual memory in kilobytes unused and available.
InstallDate	When the operating system was installed.
LargeSystemCache	Indicates whether memory usage is optimized for program or the system cache. Values are: 0 = memory usage is optimized for programs, 1 = memory usage is optimized for the system cache.
LastBootUpTime	When the operating system was last booted.
LocalDateTime	Local date and time on the computer.
Locale	Language identifier used by the operating system.
Manufacturer	Operating system manufacturer. For Win32 systems, this value will be “Microsoft Corporation”.
MaxNumberOfProcesses	Maximum number of process contexts the operating system can support. If there is no fixed maximum, the value is 0.
MaxProcessMemorySize	Maximum memory in kilobytes that can be allocated to a process. A value of zero indicates that there is no maximum.
Name	Name of the operating system instance.
NumberOfLicensedUsers	Number of user licenses for the operating system. A value of 0 = unlimited, a value of –1 = unknown.
NumberOfProcesses	Current number of process contexts on the system.
NumberOfUsers	Current number of user sessions.
Organization	Company name set for the registered user of the operating system.
OSLanguage	Language version of the operating system installed.
OSProductSuite	Operating system product suites installed. Values are: 1 = Small Business, 2 = Enterprise, 4 = BackOffice, 8 = Communication Server, 16 = Terminal Server, 32 = Small Business (Restricted), 64 = Embedded NT, and 128 = Data Center.
OSType	Type of operating system. Values include: 1 = Other, 18 = Windows NT or later.
OtherTypeDescription	Sets additional description; used when OSType = 1.
PlusProductID	Product number for Windows Plus! (if installed).
PlusVersionNumber	Version number of Windows Plus! (if installed).
Primary	Indicates whether this is the primary operating system.
ProductType	The operating system product type. Values are: 1 = workstation, 2 = domain controller, 3 = server.
QuantumLength	Number of clock ticks per unit of processor execution. Values are: 1 = Unknown, 2 = One tick, 3 = Two ticks.
QuantumType	Length type for units of processor execution. Values are: 1 = Unknown, 2 = Fixed, 3 = Variable. With variable length, foreground and background applications can have different values. With fixed length, the foreground and background values are the same.
RegisteredUser	Name set for the registered user of the operating system.
SerialNumber	Operating system product serial number.
ServicePackMajorVersion	Major version number of the service pack installed on the computer. If no service pack has been installed, the value is zero or NULL.
ServicePackMinorVersion	Minor version number of the service pack installed on the computer. If no service pack has been installed, the value is zero or NULL.
SizeStoredInPagingFiles	Total number of kilobytes that can be stored in the operating system’s paging files. A value of zero indicates that there are no paging files.
Status	Current status of the object. Values include: “OK”, “Error”, “Unknown”, “Degraded”, “Pred Fail”, “Starting”, “Stopping”, and “Service”.
SuiteMask	Bit flags that identify the product suites available on the system. Values include: 1 = Small Business, 2 = Enterprise, 4 = Back Office, 8 = Communications, 16 = Terminal, 32 = Small Business Restricted, 64 = Embedded NT, 128 = Data Center.
SystemDevice	Physical disk partition on which the operating system is installed.
SystemDirectory	System directory of the operating system.
SystemDrive	The physical disk partition on which the operating system is installed.
TotalSwapSpaceSize	Total swap space in kilobytes. This value may be unspecified (NULL) if swap space is not distinguished from page files.
TotalVirtualMemorySize	Virtual memory size in kilobytes.
TotalVisibleMemorySize	Total amount of physical memory in kilobytes that is available to the operating system.
Version	Version number of the operating system.
WindowsDirectory	Windows directory of the operating system.

Diagnosing IP, DNS, WINS Configuration Issues

The Netsh Diag context provides commands for viewing the IP, DNS, and WINS configuration on a computer. These commands, with example output, are as follows:

Netsh diag show ip Shows the IP addresses used by network adapters on the computer. An example of the output follows:
```
IP Address
    1. [00000001] Intel(R) PRO/100 VE Network Connection
       IPAddress = 192.168.1.50
    2. [00000002] Intel(R) PRO/100 VE Network Connection
       IPAddress = 192.168.2.108
```
Each network adapter is listed in order. As this computer has two network adapters, there are two entries. Any network adapter that is disabled or otherwise unavailable won’t be listed.
Netsh diag show gateway Shows the Internet gateways defined for network adapters on the computer. An example of the output follows:
```
Default Gateways
    1. [00000001] Intel(R) PRO/100 VE Network Connection
       DefaultIPGateway = 192.168.1.1 Same Subnet
                          192.168.1.2 Same Subnet
    2. [00000002] Intel(R) PRO/100 VE Network Connection
       DefaultIPGateway = 192.168.2.1 Same Subnet 
```
Each gateway is listed on a per-adapter basis in the order it is used. If a computer has multiple network adapters, there should be an entry for each network adapter that is configured and used. There is a notation telling you that a gateway used is on the same subnet as the IP addresses used by the adapter. However, there is no notation for an incorrectly configured gateway (that is, one that isn’t on the same subnet). In this case, there may be no default gateway entry for the adapter or, as is the case when there are multiple gateways configured for an adapter, the bad gateway may simply be omitted from the listing. If you suspect this is the case, compare the output of typing netsh diag show gateway to the output produced by typing netsh interface ip show config. Although the bad gateway address entry won’t be shown in the netsg diag show gateway output, it will appear in the netsh interface ip show config output.

Netsh diag show dns Shows the DNS servers defined for network adapters on the computer. An example of the output follows:

DNS Servers
    1. [00000001] Intel(R) PRO/100 VE Network Connection
       DNSServerSearchOrder = 192.168.1.50
                              192.168.1.67
    2. [00000002] Intel(R) PRO/100 VE Network Connection
       DNSServerSearchOrder = 192.168.2.10
                              192.168.2.20

Each DNS server configured is shown in the search order used. Confirm that the correct IP addresses are used and that the search order is correct.

Netsh diag show wins Shows the WINS servers defined for network adapters on the computer. An example of the output follows:

WINS Servers
    1. [00000001] Intel(R) PRO/100 VE Network Connection
       WINSPrimaryServer = 192.168.1.102
       WINSSecondaryServer = 192.168.1.108
    2. [00000002] Intel(R) PRO/100 VE Network Connection
       WINSPrimaryServer = 192.168.2.205
       WINSSecondaryServer = 192.168.2.227

Each WINS server configured is shown in the search order used. Confirm that the correct IP addresses are used and that the search order is correct.

Note

Although these commands accept a /V parameter, this doesn’t provide any additional information.

Making TCP/IP Connections for Troubleshooting

The Netsh Diag context provides commands you can use to make TCP/IP connections for troubleshooting. There are specific commands for attempting to establish and then verify TCP/IP connections for mail, Usenet news, and Internet Explorer proxies as well as a general command to connect to a TCP host on a specified port.

To check mail connectivity using the default mail client, type netsh diag connect mail. If there’s a connectivity problem, the output will confirm this. In this example, the computer is unable to connect to the inbound and outbound mail servers:

Default Outlook Express Mail (pop3.cpandl.com / mail.cpandl.com)
    InBoundMailPort = 110
    InBoundMailServer = pop3.cpandl.com
    Unable to connect to pop3.cpandl.com port 110
    OutBoundMailPort = 25
    OutBoundMailServer = mail.cpandl.com
    Unable to connect to mail.cpandl.com port 25

Here, the computer might not have connectivity to the network or the e-mail configuration may be incorrect.

To check news connectivity using the default news client, type netsh diag connect news. As with e-mail, if there’s a news server connectivity problem, the output will confirm this. If no news client is configured, the output will state this, such as

Default Outlook Express News (Not Configured)

To check Internet Explorer proxy connectivity using the default Web proxy, type netsh diag connect ieproxy. The output will report the connection status, such as

Internet Explorer Proxy (cpandlproxy)
    IEProxyPort = 80
    IEProxy = cpandlproxy
    Server appears to be running on port(s) [80]

Here, Netsh was able to make a connection to the Web proxy. The proxy server, cpandlproxy, was running on port 80, which is the standard port used by Web servers.

You can also make connections to any IP host using a designated TCP port. The syntax for doing this is

netsh diag connect iphost HostName PortNumber

where HostName specifies the IP address, computer name, or fully qualified domain name of the host to which you want to connect and PortNumber specifies the TCP port through which you want to connect. Some of the common TCP ports and their related protocols are summarized in Table 15-5.

Table 15-5: Common TCP Protocols and Ports
Protocol	Port
FTP	21
Telnet	23
SMTP	25
Time Server	37
Nameserver	42
DNS	53
HTTP	80
Kerberos	88
POP3	110
NNTP	119
IMAP	143
HTTPS	443
Microsoft Directory Services	445
WINS	1512
PPTP	1723

To see how you can connect to specific hosts, consider the following examples:

Connect to 192.168.1.100 on Port 37:

netsh diag connect iphost 192.168.1.100 37

Connect to corpdc07 on Port 445:

netsh diag connect iphost corpdc07 445

Connect to services.cpandl.com on Port 443:

netsh diag connect iphost services.cpandl.com 443

Attempting to Verify Connectivity

Using the Netsh diag context, you can also attempt to verify connectivity to various remote hosts. The most basic of these commands test connectivity to a specific type of server. For instance, you can type netsh diag ping mail, netsh diag ping news, and netsh diag ping ieproxy to check mail, news, and IE Proxy server connectivity respectively. Consider the following example:

netsh diag ping mail

Here, you test connectivity using the default mail client. Output such as the following shows a connectivity or configuration problem:

Default Outlook Express Mail (pop3.cpandl.com / mail.cpandl.com)
    InBoundMailServer = pop3.cpandl.com
    Ping request could not find host pop3.cpandl.com. Please check the 
name and try again.
 
    OutBoundMailServer = mail.cpandl.com
    Ping request could not find host mail.cpandl.com. Please check the 
name and try again.

Other commands used to verify connectivity are a bit more complex. These commands include the following:

Netsh diag ping iphost Verifies connectivity with a remote host according to IP address, computer name, or fully qualified domain name. For example, if you wanted to test connectivity between the computer you are working with and 192.168.1.100, you would type
```
netsh diag ping iphost 192.168.1.100
```
Netsh diag ping adapter Verifies the TCP/IP configuration of network adapters. Typically, you’ll want to limit this to a specific adapter by following the command text with the index number of the adapter to review or a full or partial name of the adapter. For example, if you want to test the configuration of the network adapter with an index of 1, you could type
```
netsh diag ping adapter 1
```
Netsh diag ping dhcp Verifies the DHCP server settings of network adapters. You can limit this to a specific adapter by following the command text with the index number of the adapter to review or a full or partial name of the adapter. For example, if you want to test the DHCP configuration of the network adapter whose name starts with 3com, you could type
```
netsh diag ping dhcp 3com*
```
Netsh diag ping dns Verifies the DNS server settings of network adapters. You can limit this to a specific adapter by following the command text with the index number of the adapter to review or a full or partial name of the adapter. For example, if you want to test the DNS configuration of the network adapter whose name starts with Intel, you could type
```
netsh diag ping dns Intel*
```
Netsh diag ping gateway Verifies the default gateways settings of network adapters. You can limit this to a specific adapter by following the command text with the index number of the adapter to review or a full or partial name of the adapter. For example, if you want to test the default gateway configuration of the network adapter whose name starts with 3com, you could type
```
netsh diag ping gateway 3com*
```
Netsh diag ping ip Verifies that the IP addresses assigned to network adapters are valid. You can limit this to a specific adapter by following the command text with the index number of the adapter to review or a full or partial name of the adapter, such as
```
netsh diag ping ip Intel* 
```
Netsh diag ping wins Verifies the WINS server settings of network adapters. You can limit this to a specific adapter by following the command text with the index number of the adapter to review or a full or partial name of the adapter. For example, if you want to test the WINS configuration of the network adapter with an index of 2, you could type
```
netsh diag ping wins 2
```

The most useful command here is netsh diag ping adapter. It tests the full TCP/IP configuration of adapters, which includes the IP, DHCP, DNS, WINS, and default gateway settings. Listing 15-6 shows a sample output from this command.

Listing 15-6: Output from Netsh Diag Ping Adapter

Network Adapters
    1. [00000001] Intel(R) PRO/100 VE Network Connection
       DefaultIPGateway = 192.168.1.1 Same Subnet
           Pinging 192.168.1.1 with 32 bytes of data:
           Reply from 192.168.1.1: bytes=32 time<1ms TTL=0
           Reply from 192.168.1.1: bytes=32 time<1ms TTL=0
           Reply from 192.168.1.1: bytes=32 time<1ms TTL=0
           Reply from 192.168.1.1: bytes=32 time<1ms TTL=0
           Ping statistics for 192.168.1.1:
               Packets: Sent = 4, Received = 4, Lost = 0 (0% loss)
           Approximate round trip times in milliseconds:
               Minimum = 0ms, Maximum = 0ms, Average = 0ms
           Pinging 192.168.1.2 with 32 bytes of data:
           Request timed out.
           Request timed out.
           Request timed out.
           Request timed out.
           Ping statistics for 192.168.1.2:
               Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)
        DNSServerSearchOrder = 192.168.1.50
           Pinging 192.168.1.50 with 32 bytes of data:
           Reply from 192.168.1.50: bytes=32 time<1ms TTL=0
           Reply from 192.168.1.50: bytes=32 time<1ms TTL=0
           Reply from 192.168.1.50: bytes=32 time<1ms TTL=0
           Reply from 192.168.1.50: bytes=32 time<1ms TTL=0
           Ping statistics for 192.168.1.50:
               Packets: Sent = 4, Received = 4, Lost = 0 (0% loss)
           Approximate round trip times in milliseconds:
               Minimum = 0ms, Maximum = 0ms, Average = 0ms
               192.168.1.67
           Pinging 192.168.1.67 with 32 bytes of data:
           Request timed out.
           Request timed out.
           Request timed out.
           Request timed out.
           Ping statistics for 192.168.1.67:
               Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)
        IPAddress = 192.168.1.12
           Pinging 192.168.1.12 with 32 bytes of data:
           Reply from 192.168.1.12: bytes=32 time<1ms TTL=0
           Reply from 192.168.1.12: bytes=32 time<1ms TTL=0
           Reply from 192.168.1.12: bytes=32 time<1ms TTL=0
           Reply from 192.168.1.12: bytes=32 time<1ms TTL=0
           Ping statistics for 192.168.1.12:
               Packets: Sent = 4, Received = 4, Lost = 0 (0% loss)
           Approximate round trip times in milli-seconds:
               Minimum = 0ms, Maximum = 0ms, Average = 0ms
               192.168.2.12
           Pinging 192.168.2.12 with 32 bytes of data:
           Reply from 192.168.2.12: bytes=32 time<1ms TTL=0
           Reply from 192.168.2.12: bytes=32 time<1ms TTL=0
           Reply from 192.168.2.12: bytes=32 time<1ms TTL=0
           Reply from 192.168.2.12: bytes=32 time<1ms TTL=0
           Ping statistics for 192.168.2.12:
               Packets: Sent = 4, Received = 4, Lost = 0 (0% loss)
           Approximate round trip times in milliseconds:
               Minimum = 0ms, Maximum = 0ms, Average = 0ms
        WINSPrimaryServer = 192.168.1.102
           Pinging 192.168.1.102 with 32 bytes of data:
           Request timed out.
           Request timed out.
           Request timed out.
           Request timed out.
           Ping statistics for 192.168.1.102:
               Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)
        WINSSecondaryServer = 192.168.1.108
           Pinging 192.168.1.108 with 32 bytes of data:
           Request timed out.
           Request timed out.
           Request timed out.
           Request timed out.
           Ping statistics for 192.168.1.108:
               Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)

In examining this output, you can see there are myriad possible connectivity or configuration problems. Immediate questions to ask yourself and verify are as follows:

Is the computer connected to the network? Seeing this many errors, the first thing I would do is to verify that the computer is in fact connected to the network. If the computer can connect to one of its default gateways (and that gateway isn’t configured on the same IP address as one of the computer’s IP addresses), the computer is able to connect to the network. If the computer can’t connect to any of its gateways, its network cable may be disconnected or it may have a bad network adapter.
Does the computer have a bad network adapter? If the computer can’t connect to any of its gateways, it may have a bad network adapter. To check this, look for the entries for IPAddress. These entries show the results of the computer connecting to its own network adapters. If the connectivity tests for a particular IP address fail consistently or intermittently you probably have a bad network adapter.

Seeing problems connecting to DNS and WINS is also a concern. Problems connecting to a designated DHCP server would be similar. If the computer can connect to the default gateway but can’t get to a DNS, DHCP, or WINS server, the server may be down, the IP address in the configuration may be incorrect or another interconnection between the computer you are working with and the target server may be down.

Another useful Netsh Diag command is SHOW TEST. Type netsh diag show test /v and you’ll get a very complete connectivity test for the following:

Default mail client
Default news client
Default Internet Explorer proxy
Local loopback on 127.0.0.1
All modems configured and enabled
All network adapters configured and enabled

< Day Day Up >