6/12/2012 10:36:00 am
Sarkari Job
Network Command-line utilities
This section covers:
When you troubleshoot a TCP/IP networking problem, begin by
checking the TCP/IP configuration on the computer that is experiencing the
problem. You can use the ipconfig command to get host computer
configuration information, including the IP address, subnet mask, and default
gateway.
Note
· For
Windows 95 and Windows 98 clients, use the winipcfg command
instead of ipconfig.
When you use the ipconfig command with the /all
option, a detailed configuration report is produced for all interfaces,
including any configured serial ports. With ipconfig /all, you can
redirect command output to a file and paste the output into other documents.
You can also use this output to confirm the TCP/IP configuration of each
computer on the network or to further investigate of TCP/IP network problems.
For example, if a computer is configured with an IP address that
is a duplicate of an existing IP address, the subnet mask appears as 0.0.0.0.
The following example shows the output of the ipconfig /all
command on a computer that is configured to use the DHCP server for automatic
TCP/IP configuration, and WINS and DNS servers for name resolution.
Windows 2000 IP Configuration
Node
Type . . . . . . . . . : Hybrid
IP
Routing Enabled. . . . . : No
WINS
Proxy Enabled. . . . . : No
Ethernet adapter Local Area Connection:
Host
Name . . . . . . . . . : host.grape-info.com
DNS
Servers . . . . . . . . : 10.1.0.200
Description . . . . . . . . : 3Com 3C90x Ethernet Adapter
Physical Address. . . . . . : 00-60-08-3E-46-07
DHCP
Enabled. . . . . . . . : Yes
Autoconfiguration Enabled . : Yes
IP
Address. . . . . . . . . : 192.168.0.112
Subnet
Mask . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . : 192.168.0.2
DHCP
Server . . . . . . . . : 192.168.0.1
Primary WINS Server . . . . : 192.168.0.1
Secondary WINS Server . . . : 192.168.0.3
Lease
Obtained. . . . . . . : Wednesday, September 02, 1998 10:32:13 AM
Lease
Expires . . . . . . . : Friday, September 18, 1998 10:32:13 AM
If no problems appear in the TCP/IP configuration, the next step
is testing the ability to connect to other host computers on the TCP/IP
network.
When you troubleshoot a TCP/IP networking problem, begin by
checking the TCP/IP configuration on the computer that is experiencing the
problem. If the computer is DHCP-enabled and is using a DHCP server to obtain
configuration, you can initiate a refresh of the lease by using the ipconfig
/renew command.
When you use ipconfig /renew, all network adapters on the
computer that uses DHCP (except those that are manually configured) try to
contact a DHCP server and renew their existing configuration or obtain a new
configuration.
You can also use the ipconfig command with the /release
option to immediately release the current DHCP configuration for a host.
Note
· For
Windows 95 and Windows 98 DHCP-enabled clients, use the release
and renew options of the winipcfg command instead of ipconfig
/release and ipconfig /renew to perform manual release or renewal of
the IP configuration lease for a client.
You can also use the ipconfig command to:
· Display
or reset the DNS cache.
· Refresh
registered DNS names.
· Display
the DHCP class IDs for an adapter.
· Set
the DHCP class IDs for an adapter.
The ping command helps to verify IP-level connectivity.
When troubleshooting, you can use ping to send an ICMP echo request to a
target host name or IP address. Use ping whenever you need to verify
that a host computer can connect to the TCP/IP network and network resources.
You can also use ping to isolate network hardware problems and
incompatible configurations.
It is usually best to verify that a route exists between the local
computer and a network host by first using the ping command and the IP
address of the network host to which you want to connect. Try pinging the IP
address of the target host to see if it responds, as follows:
ping IP_address
You should perform the following steps when using ping:
1. Ping
the loopback address to verify that TCP/IP is installed and configured
correctly on the local computer.
ping
127.0.0.1
2. Ping
the IP address of the local computer to verify that it was added to the network
correctly.
ping IP_address_of_local_host
3. Ping
the IP address of the default gateway to verify that the default gateway is
functioning and that you can communicate with a local host on the local
network.
ping IP_address_of_default_gateway
4. Ping
the IP address of a remote host to verify that you can communicate through a
router.
ping IP_address_of_remote_host
The ping command uses Windows Sockets–style name resolution
to resolve a computer name to an IP address, so if pinging by address succeeds,
but pinging by name fails, then the problem lies in address or name resolution,
not network connectivity.
If you cannot use ping successfully at any point, confirm
that:
· The
computer was restarted after TCP/IP was installed and configured.
· The
IP address of the local computer is valid and appears correctly on the General
tab of the Internet Protocol (TCP/IP) Properties dialog box.
· IP
routing is enabled and the link between routers is operational.
You can use different options with the ping command to
specify the size of packets to use, how many packets to send, whether to record
the route used, what Time-to-Live (TTL) value to use, and whether to set the
"don't fragment" flag. You can type ping –? to see these
options.
The following example illustrates how to send two pings, each
1,450 bytes in size, to IP address 192.168.0.1:
C:\>ping -n 2 -l 1450 192.168.0.1
Pinging 192.168.0.1 with 1450 bytes of data:
Reply from 192.168.0.1: bytes=1450 time<10ms TTL=32
Reply from 192.168.0.1: bytes=1450 time<10ms
TTL=32
Ping statistics for 192.168.0.1:
Packets:
Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate roundtrip times in milli-seconds:
Minimum =
0ms, Maximum = 10ms, Average = 2ms
By default, ping waits 1,000 ms (1 second) for
each response to be returned before displaying the "Request Timed
Out" message. If the remote system being pinged is across a high-delay
link, such as a satellite link, responses may take longer to be returned. You
can use the –w (wait) option to specify a longer time-out.
The Address Resolution Protocol (ARP) allows a host to find the
media access control address of a host on the same physical network, given the
IP address of the host. To make ARP efficient, each computer caches IP–to–media
access control address mappings to eliminate repetitive ARP broadcast requests.
You can use the arp command to view and modify the ARP
table entries on the local computer. The arp command is useful for
viewing the ARP cache and resolving address resolution problems.
NetBIOS over TCP/IP (NetBT) resolves NetBIOS names to IP
addresses. TCP/IP provides many options for NetBIOS name resolution, including
local cache lookup, WINS server query, broadcast, DNS server query, and Lmhosts
and Hosts file lookup.
Nbtstat is a useful tool for troubleshooting NetBIOS name
resolution problems. You can use the nbtstat command to remove or
correct preloaded entries:
· nbtstat
–n displays the names that were registered locally on the system by
programs such as the server and redirector.
· nbtstat
–c shows the NetBIOS name cache, which contains name-to-address
mappings for other computers.
· nbtstat
–R purges the name cache and reloads it from the Lmhosts file.
· nbtstat
–RR releases NetBIOS names registered with a WINS server and then
renews their registration.
· nbtstat
–a name performs a NetBIOS adapter status command against the
computer specified by name. The adapter status command returns the local
NetBIOS name table for that computer plus the media access control address of
the adapter.
· nbtstat
–S lists the current NetBIOS sessions and their status, including
statistics, as shown in the following example:
·
NetBIOS connection table
·
·
Local name State In/out
Remote Host Input Output
·
------------------------------------------------------------------
·
CORP1 <00> Connected Out
CORPSUP1<20> 6MB 5MB
·
CORP1 <00> Connected Out
CORPPRINT<20> 108KB 116KB
·
CORP1 <00> Connected Out
CORPSRC1<20> 299KB 19KB
·
CORP1 <00> Connected Out
CORPEMAIL1<20> 324KB 19KB
CORP1 <03> Listening
You can use the netstat command to display protocol
statistics and current TCP/IP connections. The netstat –a command
displays all connections, and netstat –r displays the route table
plus active connections. The netstat –e command displays Ethernet
statistics, and netstat –s displays per-protocol statistics. If you
use netstat –n, addresses and port numbers are not converted to
names. The following shows sample output for netstat:
C:\>netstat -e
Interface Statistics
Received Sent
Bytes 3995837940 47224622
Unicast packets 120099 131015
Non-unicast packets 7579544 3823
Discards 0 0
Errors 0 0
Unknown protocols 363054211
C:\>netstat -a
Active Connections
Proto Local
Address Foreign Address State
TCP myhost:1572 192.168.0.2:nbsession ESTABLISHED
TCP myhost:1589 192.168.0.2:nbsession ESTABLISHED
TCP myhost:1606 192.168.0.10:nbsession ESTABLISHED
TCP myhost:1632 192.168.0.11:nbsession ESTABLISHED
TCP myhost:1659 192.168.0.12:nbsession ESTABLISHED
TCP myhost:1714 192.168.0.13:nbsession ESTABLISHED
TCP myhost:1719 192.168.0.14:nbsession ESTABLISHED
TCP myhost:1241 192.168.0.15:nbsession ESTABLISHED
UDP myhost:1025 *:*
UDP myhost:snmp *:*
UDP myhost:nbname *:*
UDP myhost:nbdatagram *:*
UDP myhost:nbname *:*
UDP myhost:nbdatagram *:*
C:\>netstat -s
IP Statistics
Packets
Received = 5378528
Received
Header Errors = 738854
Received
Address Errors = 23150
Datagrams
Forwarded = 0
Unknown
Protocols Received = 0
Received
Packets Discarded = 0
Received
Packets Delivered = 4616524
Output
Requests = 132702
Routing
Discards = 157
Discarded
Output Packets = 0
Output Packet
No Route = 0
Reassembly
Required = 0
Reassembly
Successful = 0
Reassembly
Failures = 0
Datagrams
Successfully Fragmented = 0
Datagrams
Failing Fragmentation = 0
Fragments
Created = 0
ICMP Statistics
Received Sent
Messages 693 4
Errors 0 0
Destination
Unreachable 685 0
Time
Exceeded 0 0
Parameter Problems 0
0
Source
Quenches 0 0
Redirects 0 0
Echoes 4 0
Echo
Replies 0 4
Timestamps 0 0
Timestamp
Replies 0 0
Address
Masks 0 0
Address Mask
Replies 0 0
TCP Statistics
Active
Opens = 597
Passive
Opens = 135
Failed
Connection Attempts = 107
Reset
Connections = 91
Current
Connections = 8
Segments
Received = 106770
Segments
Sent = 118431
Segments
Retransmitted = 461
UDP Statistics
Datagrams
Received = 4157136
No Ports = 351928
Receive
Errors = 2
Datagrams
Sent = 13809
Tracert (Trace Route) is a route-tracing utility that is used to
determine the path that an IP datagram takes to reach a destination. The tracert
command uses the IP Time-to-Live (TTL) field and ICMP error messages to
determine the route from one host to another through a network.
The Tracert diagnostic utility determines the route taken to a
destination by sending Internet Control Message Protocol (ICMP) echo packets
with varying IP Time-to-Live (TTL) values to the destination. Each router along
the path is required to decrement the TTL on a packet by at least 1 before
forwarding it. When the TTL on a packet reaches 0, the router should send
an "ICMP Time Exceeded" message back to the source computer.
Tracert determines the route by sending the first echo packet with
a TTL of 1 and incrementing the TTL by 1 on each subsequent
transmission until the target responds or the maximum TTL is reached. The route
is determined by examining the "ICMP Time Exceeded" messages sent
back by intermediate routers. Some routers silently drop packets with expired
TTLs and are invisible to the Tracert utility.
The tracert command prints out an ordered list of the
near-side interface of the routers in the path that returned the "ICMP
Time Exceeded" message. If the –d option is used, the Tracert
utility does not perform a DNS lookup on each IP address.
In the following example, the packet must travel through routers
(192.168.0.2, 202.144.158.206, 202.144.159.195 and 202.144.129.2) to get to
host 202.144.128.22. The default gateway of the host is 192.168.0.2 and the IP
address of the router on the 192.168.0.0 network is 192.168.0.2.
C:\>tracert 202.144.128.22
Tracing route to 202.144.128.22 over a maximum of 30
hops:
1 6 ms
2 ms 2 ms 192.168.0.2
2 4 ms
3 ms 4 ms 202.144.158.206
3 78 ms
78 ms 78 ms 202.144.159.195
4 78 ms
78 ms 78 ms 202.144.129.2
5 227 ms
163 ms 83 ms 202.144.128.220
Trace complete.
You can use the tracert command to determine where a packet
stopped on the network. In the following example, the default gateway has
determined that there is not a valid path for the host on 192.168.10.99. There
is probably a router configuration problem or the 192.168.10.0 network does not
exist (a bad IP address).
C:\>tracert www.grape-info.com
Tracing route to www.grape-info.com
[202.144.128.220]
over a maximum of 30 hops:
1 6 ms
2 ms 2 ms 192.168.0.2
2 4 ms
3 ms 4 ms gw.grape-info.com [202.144.158.206]
3 tpu-gw1.grape-info.com [202.144.159.195]
reports: Destination net unreachable.
Trace complete.
The Tracert utility is useful for troubleshooting large networks
where several paths can be taken to arrive at the same point.
The tracert command supports several options, as shown in
the following table.
tracert [–d] [–h maximum_hops] [–j host-list]
[–w timeout] target_name
Option
|
Description
|
–d
|
Specifies that IP addresses are not resolved to host names.
|
–h maximum_hops
|
Specifies the number of hops to allow in tracing a route to the
host named in target_name.
|
–j host-list
|
Specifies the list of router interfaces in the path taken by the
Tracert utility packets.
|
–w timeout
|
Waits the number of milliseconds specified by timeout for
each reply.
|
target_name
|
Name or IP address of the target host.
|
The pathping command is a route tracing tool that combines
features of the ping and tracert commands with additional
information that neither of those tools provides. The pathping command
sends packets to each router on the way to a final destination over a period of
time, and then computes results based on the packets returned from each hop.
Since the command shows the degree of packet loss at any given router or link,
it is easy to determine which routers or links might be causing network
problems. A number of options are available, as shown in the following table.
Option
|
Name
|
Function
|
–n
|
Hostnames
|
Does not resolve addresses to host names.
|
–h
|
Maximum hops
|
Maximum number of hops to search for target.
|
–g
|
Host-list
|
Loose source route along host list.
|
–p
|
Period
|
Number of milliseconds to wait between pings.
|
–q
|
Num_queries
|
Number of queries per hop.
|
–w
|
Time-out
|
Waits this many milliseconds for each reply.
|
-T
|
Layer 2 tag
|
Attaches a layer-2 priority tag (for example, for IEEE 802.1p)
to the packets and sends it to each of the network devices in the path. This
helps in identifying the network devices that do not have layer-2 priority
configured properly. The -T switch is used to test for Quality of Service
(QoS) connectivity.
|
-R
|
RSVP test
|
Checks to determine whether each router in the path supports the
Resource Reservation Protocol (RSVP), which allows the host computer to
reserve a certain amount of bandwidth for a data stream. The -R switch is
used to test for Quality of Service (QoS) connectivity.
|
The default number of hops is 30, and the default wait time
before a time-out is 3 seconds. The default period is
250 milliseconds, and the default number of queries to each router along
the path is 100.
The following is a typical pathping report. The compiled
statistics that follow the hop list indicate packet loss at each individual
router.
D:\>pathping www.grape-info.com
Tracing route to www.grape-info.com
[202.144.128.220]
over a maximum of 30 hops:
0 hoge.grape-info.com [192.168.0.24]
1 192.168.0.2
2 gw-dit.grape-info.com [202.144.158.206]
3 tpu-gw1.grape-info.com [202.144.159.195]
4 e0-0.tpu-br2.grape-info.com [202.144.129.2]
5 w3ext.grape-info.com [202.144.128.220]
Computing statistics for 125 seconds...
Source to Here This Node/Link
Hop RTT
Lost/Sent = Pct Lost/Sent = Pct Address
0 hoge.grape-info.com [192.168.0.24]
0/ 100 = 0% |
1 3ms 0/ 100 =
0% 0/ 100 = 0%
192.168.0.2
0/ 100 = 0% |
2 4ms 0/ 100 =
0% 0/ 100 = 0%
gw-dit.grape-info.com [202.144.158.206]
13/ 100 = 13% |
3 140ms 0/
100 = 0% 1/ 100 =
1% tpu-gw1.grape-info.com
[202.144.159.195]
0/ 100 = 0% |
4 126ms 0/
100 = 0% 3/ 100 =
3% e0-0.tpu-br2.grape-info.com
[202.144.129.2]
0/ 100 = 0% |
5 155ms 0/
100 = 0% 0/ 100 =
0% aw3ext.grape-info.com [202.144.128.220]
Trace complete.
When pathping is run, you first see the results for the
route as it is tested for problems. This is the same path that is shown by the tracert
command. The pathping command then displays a busy message for the next
125 seconds (this time varies by the hop count). During this time, pathping
gathers information from all the routers previously listed and from the links
between them. At the end of this period, it displays the test results.
The two rightmost columns—This Node/Link Lost/Sent=Pct and Address—contain
the most useful information. The link between gw-dit.grape-info.com
(hop 2), and tpu-gw1.grape-info.com (hop 3) is dropping
13 percent of the packets. All other links are working normally. The
routers at hops 3 and 4 also drop packets addressed to them (as shown
in the This Node/Link column), but this loss does not affect their
forwarding path.
The loss rates displayed for the links (marked as a | in
the rightmost column) indicate losses of packets being forwarded along the
path. This loss indicates link congestion. The loss rates displayed for routers
(indicated by their IP addresses in the rightmost column) indicate that those
routers' CPUs might be overloaded. These congested routers might also be a
factor in end-to-end problems, especially if packets are forwarded .
Posted in: NETWORKING
0 comments:
Post a Comment