Tools for understanding and troubleshooting TCP – IP

Mark Oney · #1 (**permalink**) 08-10-2009, 11:41 PM

Tools for understanding and troubleshooting TCP – IP

TCP – IP has tools built in, as a rule, in any operating system. They are utility programs, but are referred to as protocols.

These include:

ping
arp
ipconfig
tracert ( traceroute in Linux )

These protocols are run from the command prompt in Windows. One way to get to a command prompt:

Windows logo
Run
cmd.exe

You can find out more about these protocols by appending /? to the name

ping:

ping /? returns this:

ping sends a request for a response to a network device. If the device is configured to respond, ping tells you how long it took to make the round trip.
This is the result of a ping to the IP address of google:

You can also ping URLs:

If you can ping an IP but not the associated URL, you have a DNS problem.

If you want to ping non stop until the device responds, add a -t between ping and the IP address:

ping -t 74.125.95.99

To pause this continuous ping: CTRL-Break
To terminate this continuous ping: CTRL-C

arp:

ARP – Address Resolution Protocol – keeps a table of IP addresses assigned to MAC addresses on your network. ARP does not work across routers.

Arp /? returns:

The one to use is arp -a

If you know a device is on line but it does not show up, ping it. This will put the device in the arp table

A breakdown of the results:

Interface 192.168.1.26 is the wired ethernet card in my laptop. It sees:

192.168.1.16; the wireless router
192.168.1.25; the desktop PC
192.168.1.255; the network broadcast address

and some IPs that will be used in the future when TCP – IP gets upgraded.

Interface 192.168.1.254 is the wireless card in my laptop. It sees:

192.168.1.16; the wireless router
192.168.1.17; another wireless device
192.168.1.25; the desktop PC
192.168.1.255; the network broadcast address

and some IPs that will be used in the future when TCP – IP gets upgraded.

ipconfig:

ipconfig is a tool for determining the IP configuration of your own computer.

The three commands you will use the most

ipconfig /all; tells you the configuration status of your computer
ipconfig /release; releases all values assigned by DHCP
ipconfig /renew; requests fresh configuration info from DHCP.

ipconfig /?:

ipconfig /all, truncated to fit:

There is too much here to break it all down. Certain highlights:

IP routing enabled: No; I do not have Internet sharing set up

DHCP is enabled on the wireless card, DHCP is off on the wired card. If I perform an ipconfig /release and an ipconfig /renew, I may get a different wireless IP, but the static IP on the wired card will remain the same.

tracert:

tracert /?

A tracert to googles IP:

There is much to learn here:

There are 14 hops from My router to google

first hop; 192.168.1.16: my router

second hop; FTW, 192.168.2.1: my wireless bridge.
the third hop is configured to conceal information about itself. That is my ISP.

I have a DSL connection through qwest.

Hop 6, 205.171.151.61, has a similar IP to the DNS server at the top of the page. If you tracert to a known IP when the internet is down, you typically see the ISPs IP ( 67.42.200.219 ), or another similar IP, but you don't see the DNS IP ( 205.171.XXX.XXX ). This indicates that the local ISP is OK, the connection to Albuquerque is good, and DNS is down.

tracert to a web site when your network is working well. Do a screen capture. When things stop working, do another tracert and compare to the known good trace. Learn the various hops in the early part of the journey, the end that's under your control. Learn the hops in your ISPs system.

netsh:

This is a Windows Vista protocol.

netsh/?

The variant that interests us is:

netsh wlan show networks mode=bssid

This command shows APs in operation, and in range. Too long to screen capture all of it:

Freeware Utilities

All of these operating system utilities share certain problems:

You can't edit. If you type

piing 173.234.65.211

you get to do it all over again, because it wont work with the extra i.
The white on black display is not user friendly
The results are not displayed in a user friendly fashion

There are solutions to these problems. Programmers have generated programs that perform these functions in a kinder, gentler way.

Selected freeware network utilities for Windows:

Sam Spade 1.14

type an IP or URL in the box at the top left. Once. Just once. If you want to ping or traceroute again a little later, just select it from the drop down box.

Compare this traceroute to google through Sam Spade with the one above:

Note that it picked up the IP of my WISP, missing in tracert.

Does ping, tracert, other worthwhile network things.

Netscan:

does what arp should do, and better:

It sorted by IP addresses because I asked it to. It shows me public directories. Some of these devices are configured via internal web pages. Right click on the IP address, you get a pop-up box that takes you to the configuration page.

Vistumbler

For Vista and windows 7. Does what netsh does, and more. Interfaces with a GPS. Plots its findings in Google Earth.

The Dude

Hey, I just find them, I don't name them. Does what Netscan does, and draws network layouts: