Third year: EXTC Engineering SEM VI

[Computer Communication Network]

Experiment

Name : __________________________________________________________

Experiment : __________________________________________________________

Title of Experiment : __________________________________________________________

W.I.E.E.C.T
Experiment/Assignment

Concept 02

Execution/Performance 04

Viva 04

Total 10

Date of Submission: __________________

Signature of faculty: __________________

Sr.No Course Outcome

ECCL602.1 Design a small or medium sized computer network including media types, end
devices, and interconnecting devices that meets a customer‘s specific needs.
ECCL602.2 Perform configurations on routers and Ethernet switches. Simulate computer
networks and analyze the simulation results.
ECCL602.3 Demonstrate knowledge of programming for network communications.

ECCL602.4 Troubleshoot connectivity problems in a host occurring at multiple layers of the OSI
model.
 Experiment 2

Aim : Use basic networking commands in Linux/Windows (ping , tracert , nslookup , netstat ,
ARP , RARP , Ip , ifconfig ,ipconfig ,dig , route )

Theory :

ifconfig

• ifconfig stands for Interface Configuration.

• This command is same as ipconfig, and is used to view all the current TCP/IP network
configurations values of the computer. 

• The ifconfig command displays only the enabled configurations of networking devices
that are currently connected to the system.

• It displays information like the IP address, subnet mask, and default gateway for all
adapters. It is to be noticed that ifconfig can only assign a static IP address to a
networking device connected to the system.

• ifconfig command is used to configure the kernel-resident network interfaces.

• It is used at the boot time to set up the interfaces as necessary.

• It is usually used when needed during debugging or when you need system tuning.

• This command is used to assign the IP address and netmask to an interface or to enable or
disable a given interface.

• The ifconfig command is mainly used in a Unix-like operating system.

Options

• ifconfig [interface name]: This command gives information about the network

configuration of the specified interface only.

• ifconfig –a|-s |-v: This command gives the network configuration information about all
the connected interfaces.

-a Display information for all network interfaces, even if they are up ot down.

-s Display a short list in a format identical to the command “netstat -i".

-v Verbose mode; display additional information for certain error conditions.

Information given consists of :

 • eth0 is the first Ethernet interface. (Additional Ethernet interfaces would be
named eth1, eth2, etc.) This type of interface is usually a NIC connected to the network
by a category 5 cable.

• lo is the loopback interface. This is a special network interface that the system uses to
communicate with itself.

• wlan0 is the name of the first wireless network interface on the system. Additional

wireless interfaces would be named wlan1, wlan2, etc.

ipconfig

• Displays all current TCP/IP network configuration values and refreshes Dynamic Host
Configuration Protocol (DHCP) and Domain Name System (DNS) settings.

• This command is most useful on computers that are configured to obtain an IP address
automatically.
 • This enables users to determine which TCP/IP configuration values have been configured
by DHCP, Automatic Private IP Addressing (APIPA), or an alternate configuration.

Syntax : ipconfig [/all] [/renew [Adapter]] [/release [Adapter]] [/flushdns] [/displaydns]

[/registerdns] [/showclassid Adapter] [/setclassid Adapter [ClassID]]

Examples :

ipconfig To display the basic TCP/IP configuration

for all adapters

ipconfig /all To display the full TCP/IP configuration for all

adapters

ipconfig /renew "Local Area Connection" To renew a DHCP-assigned IP address

configuration for only the Local Area
Connection adapter

ipconfig /flushdns To flush the DNS resolver cache when

troubleshooting DNS name resolution problems

ipconfig /showclassid Local To display the DHCP class ID for all adapters
with names that start with Local

ipconfig /setclassid "Local Area Connection" To set the DHCP class ID for the Local Area
TEST Connection adapter to TEST

Differences between ifconfig and ipconfig

• Stands for: ipconfig stands for Internet Protocol Configuration, while ifconfig stands for
Interface Configuration.

• Introduction: ipconfig can be used in a console application that displays all the network
configurations of the currently connected network devices and can modify their DHCP
and DNS settings. Ifconfig is a system administrator utility that is used to configure,
control, and query the TCP/IP network configurations of the system.

• Supported OS: The ipconfig command is supported by the Microsoft Windows

operating system, React OS, and Apple Mac OS. Some of the latest versions of the Linux
 OS also supports ipconfig. The ifconfig command is supported by Unix-based operating
systems.

• Functionality: The ipconfig command displays all the currently connected network

interfaces whether they are active or not. On the other hand, the ifconfig command
displays only the enabled network interfaces that are connected to the system.

• Displaying all Interfaces configuration: The ‘ipconfig/all’ command is used to display

all the network configurations of the system in Microsoft Windows OS, while the
‘ifconfig -a’ command is used for the same in a Unix-based OS.

ip

• ip command in Linux is present in the net-tools which is used for performing several
network administration tasks.

• ip stands for Internet Protocol.

• This command is used to show or manipulate routing, devices, and tunnels.

• It is similar to ifconfig command but it is much more powerful with more functions and
facilities attached to it. ifconfig is one of the deprecated commands in the net-tools of
Linux that has not been maintained for many years.

• ip command is used to perform several tasks like assigning an address to a network

interface or configuring network interface parameters.

• It can perform several other tasks like configuring and modifying the default and static
routing, setting up tunnel over IP, listing IP addresses and property information,
modifying the status of the interface, assigning, deleting and setting up IP addresses and
routes.

• On Linux operating systems, the ip command edits and displays the configuration

of network interfaces, routing, and tunnels. On many Linux systems, it replaces the
deprecated ifconfig command.

Syntax: ip [ OPTIONS ] OBJECT { COMMAND | help }

where OBJECT may be:

{ link | addr | addrlabel | route | rule | neigh | ntable | tunnel |tuntap maddr | mroute | mrule |
monitor | xfrm | netns | l2tp | tcp_metrics }

and OPTIONS may be:
{ -V[ersion] | -s[tatistics] | -r[esolve] | -f[amily]

{ inet | inet6 | ipx | dnet | link } | -o[neline] }

and the Command

• Specifies the action to perform on the object. The set of possible actions depends on the
object type. As a rule, it is possible to add, delete and show (or list) objects, but some
objects do not allow all of these operations or have some additional commands.
The help command is available for all objects. It prints out a list of available commands
and argument syntax conventions.

nslookup

• nslookup (Name Server lookup) is a UNIX shell command to query Internet domain
name servers.

• nslookup  is a useful command for getting information from DNS server.

• It is a network administration tool for querying the Domain Name System (DNS) to
obtain domain name or IP address mapping or any other specific DNS record.

• It is also used to troubleshoot DNS related problems.

Nameserver: These are the servers that the internet uses to find out more about the domain.
Usually they are an ISP's computer.
Ping

•  PING (Packet Internet Groper) command is used to check the network connectivity
between host and server/host .

• This command takes as input the IP address or the URL and sends a data packet to the
specified address with the message “PING” and get a response from the server/host this
time is recorded which is called latency.

• Fast ping low latency means faster connection.

• Ping uses ICMP(Internet Control Message Protocol) to send an ICMP echo message to

the specified host if that host is available then it sends ICMP reply message.

• Ping is generally measured in millisecond every modern operating system has this ping
pre-installed. 

• Verifies IP-level connectivity to another TCP/IP computer by sending Internet Control

Message Protocol (ICMP) Echo Request messages. The receipt of corresponding Echo
Reply messages are displayed, along with round-trip times.

• Ping is the primary TCP/IP command used to troubleshoot connectivity, reachability, and
name resolution.

• You can use ping to test both the computer name and the IP address of the computer.

• If pinging the IP address is successful, but pinging the computer name is not, you might
have a name resolution problem.

• Eg : ping www.google.com
 Syntax : ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r count] [-s count]
[-w timeout] [-R] [-S srcaddr] [-p] [-4] [-6] target [/?]

Most used

• -t :Using this option will ping the target until you force it to stop by using Ctrl+C.

• -a : This ping command option will resolve, if possible, the hostname of an IP

address target.

PING LOCALHOST

• ping 127.0.0.1 In the above example, we're pinging 127.0.0.1, also called the IPv4
localhost IP address or IPv4 loopback IP address, without options.

• Using the ping command with this address is an excellent way to test that Windows'
network features are working properly but it says nothing about your own
network hardware or your connection to any other computer or device.

TRACEROUTE

• traceroute command in Linux prints the route that a packet takes to reach the host.

• This command is useful when you want to know about the route and about all the hops
that a packet takes.

• Tracert Determines the path taken to a destination by sending Internet Control Message

Protocol (ICMP) Echo Request messages to the destination with incrementally increasing
Time to Live (TTL) field values.

• The path displayed is the list of near-side router interfaces of the routers in the path
between a source host and a destination. The near-side interface is the interface of the
 router that is closest to the sending host in the path. Used without parameters, tracert
displays help.

• This diagnostic tool determines the path taken to a destination by sending ICMP Echo
Request messages with varying Time to Live (TTL) values to the destination. Each router
along the path is required to decrement the TTL in an IP packet by at least 1 before
forwarding it.

• To trace the path to the host named www.google.co.in use following command

• tracert www.google.co.in

• To trace the path to the host named www.google.com and prevent the resolution of each
IP address to its name, type: tracert -d www.google.com

• To trace the path to the host named www.google.com and use the loose source route
10.12.0.1-10.29.3.1-10.1.44.1, type: tracert -j 10.12.0.1 10.29.3.1 10.1.44.1
www.google.com

Syntax :tracert [-d] [-h MaximumHops] [-j HostList] [-w Timeout] [TargetName]

letter function

-d Prevents tracert from attempting to resolve the IP addresses of intermediate routers to

their names. This can speed up the display of tracert results.

-h MaximumHops Specifies the maximum number of hops in the path to search for the
target (destination). The default is 30 hops.

-j HostList Specifies that Echo Request messages use the Loose Source Route option in
the IP header with the set of intermediate destinations specified in HostList.

-w Timeout Specifies the amount of time in milliseconds to wait for the ICMP Time
Exceeded or Echo Reply message corresponding to a given Echo Request message to
be received. If not received within the time-out, an asterisk (*) is displayed. The default
time-out is 4000 (4 seconds).
• Below image depicts how traceroute command is used to reach the Google(172.217.26.206)
host from the local machine and it also prints detail about all the hops that it visits in
between.

netstat

Netstat command displays various network related information such as network connections,
routing tables, interface statistics, masquerade connections, multicast memberships etc.,

masquerade connections :where one computer acts as an IP gateway for a network. an

attempt to gain unauthorized access to, or greater privilege to a system, by posing as an
authorized user

netstat provides statistics for the following:

• Proto - The name of the protocol (TCP or UDP).

 • Local Address - The IP address of the local computer and the port number being used.
The name of the local computer that corresponds to the IP address and the name of the
port is shown unless the -n parameter is specified. If the port is not yet established, the
port number is shown as an asterisk (*).

• Foreign Address - The IP address and port number of the remote computer to which the
socket is connected. The names that corresponds to the IP address and the port are shown
unless the -n parameter is specified. If the port is not yet established, the port number is
shown as an asterisk (*).

Syntax : netstat [-a] [-e] [-n] [-o] [-p Protocol] [-r] [-s] [Interval]

letters displays active TCP connections.

-a Displays all active TCP connections and the TCP and UDP ports on which the computer
is listening.
-e Displays Ethernet statistics, such as the number of bytes and packets sent and received.
This parameter can be combined with -s.

-n Displays active TCP connections, however, addresses and port numbers are expressed
numerically and no attempt is made to determine names.

-o Displays active TCP connections and includes the process ID (PID) for each connection.
This parameter can be combined with -a, -n, and -p.
-p Shows connections for the protocol specified by Protocol. In this case, the Protocol can
be tcp, udp, tcpv6, or udpv6. If this parameter is used with -s to display statistics by
protocol, Protocol can be tcp, udp, icmp, ip, tcpv6, udpv6, icmpv6, or ipv6.
-s Displays statistics by protocol. By default, statistics are shown for the TCP, UDP, ICMP,
and IP protocols.
-r Displays the contents of the IP routing table. This is equivalent to the route print
command.
Interval Redisplays the selected information every Interval seconds. Press CTRL+C to stop the
redisplay. If this parameter is omitted, netstat prints the selected information only once.
/? - Displays help at the command prompt.
Nbtstat
• Displays NetBIOS over TCP/IP (NetBT) protocol statistics.
• NetBIOS name tables for both the local computer and remote computers, and the
NetBIOS name cache. Nbtstat allows a refresh of the NetBIOS name cache and the
names registered with Windows Internet Name Service (WINS).
• Nbtstat command-line parameters are case-sensitive.
Syntax : nbtstat [-a RemoteName] [-A IPAddress] [-c] [-n] [-r] [-R] [-RR] [-s] [-S] [Interval]
Letter displays help.
-a Displays the NetBIOS name table of a remote computer.
-A Displays the NetBIOS name table of a remote computer, specified by the IP address of the
remote computer.
-c Displays the contents of the NetBIOS name cache, the table of NetBIOS names and their
resolved IP addresses.
-n Displays the NetBIOS name table of the local computer.
-r Displays NetBIOS name resolution statistics.
-R Purges the contents of the NetBIOS name cache and then reloads the #PRE-tagged entries
from the Lmhosts file.
-RR Releases and then refreshes NetBIOS names for the local computer that is registered with
WINS servers.
-s or -S s Displays NetBIOS client and server sessions, attempting to convert the destination IP
address to a name. S- listing the remote computers by destination IP address only.
/? - Displays help at the command prompt.

ARP
 • arp command manipulates the System’s ARP cache. It also allows a complete dump of
the ARP cache.
• ARP stands for Address Resolution Protocol.
• The primary function of this protocol is to resolve the IP address of a system to its mac
address, and hence it works between level 2(Data link layer) and level 3(Network layer).
Modes
• arp with no mode specifier or arp –a prints the current content of the table. It is possible
to limit the number of entries printed, by specifying a hardware address type, interface
name or host address.
• arp -d address deletes an ARP table entry. Root privilege is required to do this. The entry
is found by IP address. If a hostname is given, it will be resolved before looking up the
entry in the ARP table.
• arp -s address hw_addr Is used to set up a new table entry.

Dig
• dig command stands for Domain Information Groper.
• It is used for retrieving information about DNS name servers.
• It is basically used by network administrators.
• It is used for verifying and troubleshooting DNS problems and to perform DNS lookups.
• Dig command replaces older tools such as nslookup and the host.
rarp
• RARP provides the opposite service to ARP in that it is used when only the mac address
is known and the IP address is needed.
• RARP requests are most commonly sent by diskless clients and JumpStart clients during
bootup. A diskless client contains no local storage and knows only its own ethernet
address. 
route
• route command in Linux is used when you want to work with the IP/kernel routing table.
It is mainly used to set up static routes to specific hosts or networks via an interface. It is
used for showing or update the IP/kernel routing table.
To display the IP/kernel routing table.
$route
It displays the routing table entries.
To display routing table in full numeric form.
$route –n
To add a default gateway.
$sudo route add default gw 169.254.0.0

CONCLUSION: Hence, in this experiment, we have successfully studied some important

networking command and also implemented them in Linux