close Welcome! Wikis are websites that everyone can build together. It's easy! Troubleshoot Network Connections with netsh, netstat, and ipconfig

Here are a few more command-line tools for tracking down problems with your network connection. In addition to well-known command-line network utilities such as ping, tracert, and pathping [Hack #51], three additional all-purpose utilities can help you troubleshoot network connections: netsh, netstat, and ipconfig. 5.5.1. Use netsh to Troubleshoot Network and Internet Connections netsh is a wide-ranging command-line diagnostic tool that has an exceedingly large number of commands available. (For a complete list of available commands, use Windows XP Help and Support and search for netsh.) Here you'll learn the most interesting. Perhaps the most useful of the netsh commands are the netsh diag commands. Use them to find out information about your PC's network setup, such as finding the IP address of its mail server, newsgroup server, DNS server, and similar resources. There are two ways to use netsh: directly from the command line with all its switches, or first getting to the netsh console by typing netsh at the command line and then typing the command from the netsh> prompt that appears. For example, you could type netsh diag show adapter at the command line, which lists every network adapter on your PC, or you could get to the netsh> prompt and type diag show adapter. Use the netsh command to connect to the resources and then get information about them. For example, to find out the IP address of your DNS servers, type netsh diag show dns; to find out the IP address of your mail server, type netsh diag connect mail. Table 5-5 lists the most useful of the netsh diag commands. Precede each of them with netsh diag. Note that they each have many switches associated with them. For more details, use Windows XP Help and Support and search for netsh. Table 5-5. Useful netsh diag commands Command What it does

connect ieproxy	Establishes a connection to Internet Explorer's proxy server, if one exists
connect mail	Establishes a connection to the default Outlook Express mail server
connect news	Establishes a connection to the default Outlook Express newsgroup server
ping adapter	Establishes a connection with the named adapter
ping dhcp	Establishes a connection with a DHCP server
show adapter	Lists all the adapters on the PC
show all	Lists all the network objects defined for the local PC, such as adapters, network clients, servers, modems, and other objects
show dhcp	Lists all the DHCP servers for the specified adapter
show dns	Lists all the DNS servers for the specified adapter
show gateway	Lists all the gateways for the specified adapter

5.5.2. Use netstat to Get Information About Open Network Connections If you want to get a snapshot of all incoming and outgoing network connections, use the netstat command. At a command prompt, type netstat. It lists all connections, including the protocol being used, the local and Internet addresses, and the current state of the connection, like this:Active Connections Proto Local Address Foreign Address State TCP PrestonGralla:1031 localhost:2929 ESTABLISHED TCP PrestonGralla:2887 192.168.1.103:netbios-ssn TIME_WAIT TCP PrestonGralla:2899 www.oreillynet.com:http ESTABLISHED TCP PrestonGralla:2900 www.oreillynet.com:http ESTABLISHED TCP PrestonGralla:2932 mail.attbi.com:pop3 ESTABLISHED TCP PrestonGralla:2936 vmms2.verisignmail.com:pop3 ESTABLISHED
It will help you know whether connections are live, the network or Internet device to which they're connected, and which local resource is making the connection. It's best suited for when you're troubleshooting network problems and want to find out whether certain ports are open, why certain computers on the network are having connection problems, and similar issues. You can use command-line switches with netstat. For example, display open ports and open connections with this syntax: netstat -a. Table 5-6 lists netstat switches. Table 5-6. Useful netstat switches Switch What it does

-a	Displays all open connections and ports.
-e	Displays Ethernet statistics about packets transmitted and received. Can be combined with the -s switch.
-n	Displays the addresses and ports in numeric, IP address form.
-o	Displays the process identifier (PID) that owns each connection.
-p proto	Displays the connections used by the protocol, which can be IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6.
-r	Displays the network's routing table.
-s	Displays statistics for each protocol. It lists all statistics for all protocols, but you can list only those for a specified protocol if you combine it with the -p switch.
interval value	Runs netstat repeatedly, pausing value seconds between each new display. To stop the display, press Ctrl-C.

5.5.3. Use ipconfig to Troubleshoot TCP/IP One of the most powerful tools for analyzing and troubleshooting TCP/IP problems is the ipconfig command-line utility. It provides information about each of your adapters, including the assigned IP address, subnet mask, default gateway, MAC address, DNS servers, whether DHCP is enabled, and a variety of other data. To see basic information about your adapters, type ipconfig at a command prompt, and you'll see information like this:Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : ne1.client2.attbi.com IP Address. . . . . . . . . . . . : 192.168.1.100 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 PPP adapter {6A724E76-AB59-4ABC-BBF5-41CA4410EB8D}: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 172.165.155.106 Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . :
As you can see, ipconfig provides basic information about your IP address, subnet mask, default gateway, and a connection-specific DNS suffix, if any. However, you can get much more detailed information by using the /all switch, like this: ipconfig /all. For most troubleshooting purposes, use the /all switch. You get a much more comprehensive listing, as shown here:Windows IP Configuration Host Name . . . . . . . . . . . . : PrestonGralla Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : ne1.client2.attbi.com Description . . . . . . . . . . . : CNet PRO200WL PCI Fast Ethernet Adapter Physical Address. . . . . . . . . : 00-08-A1-00-9F-32 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.1.100 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 204.127.202.19 216.148.227.79 Lease Obtained. . . . . . . . . . : Saturday, December 28, 2002 8:53:40 AM Lease Expires . . . . . . . . . . : Sunday, December 29, 2002 8:53:40 AM PPP adapter {6A724E76-AB59-4ABC-BBF5-41CA4410EB8D}: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface Physical Address. . . . . . . . . : 00-53-45-00-00-00 Dhcp Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 172.165.155.106 Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : 64.12.104.134 NetBIOS over Tcpip. . . . . . . . : Disabled
You can also use ipconfig to release and renew IP addresses, and to perform other troubleshooting functions as well. For example, to renew an adapter's IP address, use this command:ipconfig /renew "adapter name"
where adapter name is the name of the adapter whose IP address you want to renew. Make sure to put quotes around the adapter name and use spaces if there is more than one word in the adapter name. Table 5-7 lists other switches you can use with ipconfig. Table 5-7. Command-line switches for ipconfig Switch What it does

/all	Displays complete TCP/IP configuration information
/displaydns	Displays information from the DNS resolver cache [Hack #49]
/flushdns	Clears the DNS resolver cache [Hack #49]
/registerdns	Refreshes all DHCP leases and reregisters DNS names
/release "adapter"	Releases the IP address for the specified adapter
/renew "adapter"	Renews the IP address for the specified adapter
/setclassid "adapter" newclassid	Resets the DHCP Class ID for the specified adapter
/showclassid "adapter"	Displays the DHCP Class ID for the specified adapter