Learning Resources
 

Testing a network connection


When you want to troubleshoot a TCP/IP networking problem, first check the TCP/IP configuration of the computer that is experiencing the problem.
 

To View the TCP/IP Configuration by Using the Ipconfig.exe Tool

  1. Click Start, click Run, type cmd, and then press ENTER.
  2. At the command prompt, type ipconfig, and then press ENTER. This command displays your computer's DNS suffix, IP address, subnet mask, and default gateway.
  3. If you need more information and want to display a detailed configuration report, type ipconfig /all at the command prompt, and then press ENTER.
  4. Confirm that your computer has the appropriate settings for DNS and WINS servers, an available IP address, the proper subnet mask, the proper default gateway, and the correct host name.

To Display Connection Information by Using the Nbtstat.exe Tool

NetBIOS over TCP/IP (NetBT) resolves NetBIOS names to IP addresses. TCP/IP provides many options for NetBIOS name resolution, including local cache lookup, WINS server query, broadcast, DNS server query, and LMHOSTS and HOSTS lookup.

Nbtstat.exe is a useful tool for troubleshooting NetBIOS name resolution problems. You can use the nbtstat.exe command to remove or correct preloaded entries. To use the nbtstat.exe command:

  • To list the NetBIOS table of the local computer, type nbtstat -n at the command prompt, and then press ENTER. This command displays the names that were registered locally on the computer by programs such as the server and redirector.
  • To list the contents of the NetBIOS name cache, type nbtstat -c at the command prompt, and then press ENTER. This command shows the NetBIOS name cache, which contains name-to-address mappings for other computers.
  • To purge the name cache and reload it from the LMHOSTS file, type nbtstat -R at the command prompt, and then press ENTER.
  • To perform a NetBIOS adapter status command against the computer that you specify by name, type nbtstat -a NetBIOS computer name at the command prompt, and then press ENTER. The adapter status command returns the local NetBIOS name table for that computer and the MAC address of the network adapter.
  • To display a list of client and server connections, type nbtstat -s at the command prompt, and then press ENTER. This command lists the current NetBIOS sessions and their status, including statistics, as shown in the following example:
   NetBIOS Connection Table 

   Local Name     State      In/Out  Remote Host   Input  Output 
   ------------------------------------------------------------------ 
   DAVEMAC1 <00>  Connected  Out     CNSSUP1<20>   6MB    5MB 
   DAVEMAC1 <00>  Connected  Out     CNSPRINT<20>  108KB  116KB 
   DAVEMAC1 <00>  Connected  Out     CNSSRC1<20>   299KB  19KB 
   DAVEMAC1 <00>  Connected  Out     STH2NT<20>    324KB  19KB 
   DAVEMAC1 <03>  Listening 
					

Testing Connections to Remote Servers

If you are unable to contact to a remote server, there are two common tools that you can use. Use the ping command to verify that a host computer can connect to the TCP/IP network and network resources. Use the tracert command to examine the route taken to a destination.



To Test Connections by Using Ping.exe

You can use the ping command as a troubleshooting tool to sequentially test connectivity to various network resources. To ping a network host directly:

  1. Click Start, click Run, type cmd, and then press ENTER.
  2. Type ping IP address of the remote network host (for example, ping 192.168.1.104) or ping host name (for example, ping www.microsoft.com), and then press ENTER.
  3. Check for a reply that may look like this:
    Reply from 192.168.1.104: bytes=32 time=40ms TTL=61
    If this message displays, the server is available on the network. If you are unable to contact the resource, you can troubleshoot the connection by using the ping command to test connectivity to various network resources:
    1. Ping the loopback address (by using the ping 127.0.0.1 command) to verify that TCP/IP is installed and working correctly on the local computer.
    2. Ping the IP address of the local computer to verify that it was added to the network correctly.
    3. Ping the IP address of the default gateway to verify that the gateway is functional and it is possible to connect to a local host on the local network. You can obtain the IP address of the local default gateway by using the ipconfig command.
    4. Ping the IP address of another remote host to verify that you can communicate through a router.

To Test Connections by Using Tracert.exe

Tracert.exe is a route-tracing utility that you can use to determine the network path to a destination. To determine the path that a packet takes on the network and where that path may be ending:

  1. Click Start, click Run, type cmd, and then press ENTER.
  2. At the command prompt, type tracert IP address of the remote network host, and then press ENTER.
  3. Examine the results to determine the length of time that the packet took to reach each network segment and the point at which the connection may stop working.

To Test Connections by Using the NET VIEW Command

  1. Click Start, click Run, type cmd, and then press ENTER.
  2. At the command prompt, type net view \\computer name, and then press ENTER. A list of the file and print shares of a computer that is running Windows 2000 is generated by establishing a temporary NetBIOS connection. If there are no file or print shares available on the specified computer, you receive a "There are no entries in the list." message. If the command does not work, type net view \\IP address of the remote computer, and then press ENTER. If the command works, but a net view attempt to the computer name does not work, the computer name may be resolving to the wrong address. If the command does not work and generates a "System error has occurred" error message, verify that you typed the correct name of the remote computer, that the computer is operational (and is running the File and Printer Sharing for Microsoft Networks service), and that all of the gateways (routers) between the local computer and the remote host are operational by using the ping command.

 

Consolidated Network Troubleshooting Commands -

Examining your network with commands:

Ping

PING is used to check for a response from another computer on the network. It can tell you a great deal of information about the status of the network and the computers you are communicating with.

Ping returns different responses depending on the computer in question. The responses are similar depending on the options used.

Ping uses IP to request a response from the host. It does not use TCP

.It takes its name from a submarine sonar search - you send a short sound burst and listen for an echo - a ping - coming back.

In an IP network, `ping' sends a short data burst - a single packet - and listens for a single packet in reply. Since this tests the most basic function of an IP network (delivery of single packet), it's easy to see how you can learn a lot from some `pings'.

To stop ping, type control-c. This terminates the program and prints out a nice summary of the number of packets transmitted, the number received, and the percentage of packets lost, plus the minimum, average, and maximum round-trip times of the packets.

Sample ping session

PING localhost (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=255 time=2 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=255 time=2 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=255 time=2 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=255 time=2 ms
64 bytes from 127.0.0.1: icmp_seq=4 ttl=255 time=2 ms
64 bytes from 127.0.0.1: icmp_seq=5 ttl=255 time=2 ms
64 bytes from 127.0.0.1: icmp_seq=6 ttl=255 time=2 ms
64 bytes from 127.0.0.1: icmp_seq=7 ttl=255 time=2 ms
64 bytes from 127.0.0.1: icmp_seq=8 ttl=255 time=2 ms
64 bytes from 127.0.0.1: icmp_seq=9 ttl=255 time=2 ms

localhost ping statistics

10 packets transmitted, 10 packets received, 0% packet loss
round-trip min/avg/max = 2/2/2 ms
meikro$

The Time To Live (TTL) field can be interesting. The main purpose of this is so that a packet doesn't live forever on the network and will eventually die when it is deemed "lost." But for us, it provides additional information. We can use the TTL to determine approximately how many router hops the packet has gone through. In this case it's 255 minus N hops, where N is the TTL of the returning Echo Replies. If the TTL field varies in successive pings, it could indicate that the successive reply packets are going via different routes, which isn't a great thing.

The time field is an indication of the round-trip time to get a packet to the remote host. The reply is measured in milliseconds. In general, it's best if round-trip times are under 200 milliseconds. The time it takes a packet to reach its destination is called latency. If you see a large variance in the round-trip times (which is called "jitter"), you are going to see poor performance talking to the host

NSLOOKUP

NSLOOKUP is an application that facilitates looking up hostnames on the network. It can reveal the IP address of a host or, using the IP address, return the host name.

It is very important when troubleshooting problems on a network that you can verify the components of the networking process. Nslookup allows this by revealing details within the infrastructure.

NETSTAT

NETSTAT is used to look up the various active connections within a computer. It is helpful to understand what computers or networks you are connected to. This allows you to further investigate problems. One host may be responding well but another may be less responsive.

IPconfig

This is a Microsoft windows NT, 2000 command. It is very useful in determining what could be wrong with a network.

This command when used with the /all switch, reveal enormous amounts of troubleshooting information within the system.

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : cowder
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :
WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 12.90.108.123
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 12.90.108.125
DNS Servers . . . . . . . . . . . : 12.102.244.2
204.127.129.2

Traceroute

Traceroute on Unix and Linux (or tracert in the Microsoft world) attempts to trace the current network path to a destination. Here is an example of a traceroute run to www.berkeley.edu:

$ traceroute www.berkeley.edu

traceroute to amber.Berkeley.EDU (128.32.25.12), 30 hops max, 40 byte packets

1 sf1-e3.wired.net (206.221.193.1) 3.135 ms 3.021 ms 3.616 ms

2 sf0-e2s2.wired.net (205.227.206.33) 1.829 ms 3.886 ms 2.772 ms

3 paloalto-cr10.bbnplanet.net (131.119.26.105) 5.327 ms 4.597 ms 5.729 ms

4 paloalto-br1.bbnplanet.net (131.119.0.193) 4.842 ms 4.615 ms 3.425 ms

5 sl-sj-2.sprintlink.net (4.0.1.66) 7.488 ms 38.804 ms 7.708 ms

6 144.232.8.81 (144.232.8.81) 6.560 ms 6.631 ms 6.565 ms

7 144.232.4.97 (144.232.4.97) 7.638 ms 7.948 ms 8.129 ms

8 144.228.146.50 (144.228.146.50) 9.504 ms 12.684 ms 16.648 ms

9 f5-0.inr-666-eva.berkeley.edu (198.128.16.21) 9.762 ms 10.611 ms 10.403 ms

10 f0-0.inr-107-eva.Berkeley.EDU (128.32.2.1) 11.478 ms 10.868 ms 9.367 ms

11 f8-0.inr-100-eva.Berkeley.EDU (128.32.235.100) 10.738 ms 11.693 ms 12.520 ms