Troubleshooting Network
UNIT - 5
1
� Syllabus: Unit - 5
Troubleshooting Network
Trouble Shooting Networks: Command-Line interface Tools, Using Network Utilities: ping,
traceroute, tracert, ipconfig, arp, nslookup, netstat, nbtstat, Hardware trouble shooting tools,
system monitoring tools.
How Internet connection works
2
�3
� 1. IPCONFIG
IPCONFIG
On Windows, ipconfig (Internet Protocol configuration) is among the most common networking
tools that allow you to query and show current TCP/IP (Transmission Control Protocol/Internet
Protocol) network configuration. The command also includes options to perform different
actions, such as refreshing Dynamic Host Configuration Protocol (DHCP) and Domain Name
System (DNS) settings.
Display network configuration
To get started with ipconfig on Windows, use these steps:
1. Open Start.
2. Search for Command Prompt, right-click the top result, and select the Run as
administrator option.
3. Type the following command to view a summary of the TCP/IP network configuration
and press Enter: ipconfig
4. Type the following command to view the complete TCP/IP network configuration and
press Enter: ipconfig /all
4
�Once you complete the steps, you will have an overview of the PC's entire TCP/IP configuration.
Refresh network settings
To release and renew the network configuration with Command Prompt, use these steps:
1. Open Start.
2. Search for Command Prompt, right-click the top result, and select the Run as
administrator option.
5
� 3. Type the following command to remove the current network configuration and
press Enter: ipconfig /release
4. Type the following command to reconfigure the network configuration and
press Enter: ipconfig /renew
After you complete the steps, the first command will clear the current configuration, and the
second command will fetch new settings from the DHCP server to resolve connectivity issues.
If the dynamically assigned settings have not expired in the server, it is common to see the same
IP address reconfigured on the device.
Refresh DNS settings
To flush and rebuild the current DNS cache entries on Windows 10, use these steps:
1. Open Start.
2. Search for Command Prompt, right-click the top result, and select the Run as
administrator option.
3. Type the following command to clear the DNS system cache on the device and
press Enter: ipconfig /flushdns
6
�Once you complete the steps, the entries stored in the DNS cache of Windows 10 will be deleted
and refreshed. Usually, this command will come in handy when you cannot connect to another
computer or website using the host or domain name due to outdated information in the local
cache.
PING
Ping is another essential networking tool because it allows you to send ICMP (Internet Control
Message Protocol) echo request messages to test the IP connectivity with other devices,
whether it is another computer in the network or internet service.
Test device connectivity
To test the network connectivity with the ping command on Windows 10, use these steps:
1. Open Start.
2. Search for Command Prompt, right-click the top result, and select the Run as
administrator option.
3. Type the following command to send ICMP echo requests to test connectivity and
press Enter: ping IP-OR-DOMAIN
In the command, replace IP-OR-DOMAIN with the actual IP address or domain name of the
computer or service you want to test. For example, this command tests the communication
between the local device and router: ping 10.1.4.1
4. Type the following command to test the local computer networking stack and
press Enter: ping 127.0.0.1 or ping loopback
7
�Once you complete the steps, receiving four successful echo replies from the destination means
the device can talk with the remote host. If the request times out, there is a problem between
the host and the remote device.
If you are dealing with connectivity problems, start pinning the local computer to ensure the
network stack is working. Then test the router's connection to ensure the issue is not in the local
network. Then try to ping a website to find out whether there is a problem with the internet
connection or the remote host.
You should also know that the ping command will always time out if the remote device or service
blocks the ICMP protocol.
Diagnose packet loss activity
The ping command includes many options that you can access with the "ping /?" command, and
one of these options is the ability to set the time you want to run the tool, which can come in
handy to examine packets lost when you are troubleshooting connectivity problems.
To run the ping command for a specific period, use these steps:
1. Open Start.
2. Search for Command Prompt, right-click the top result, and select the Run as
administrator option.
3. Type the following command to continue pinging until stopped and press Enter: ping IP-
OR-DOMAIN -t
In the command, replace IP-OR-DOMAIN with the actual IP address or domain name of the
computer or service you want to test. For example, this command tests the communication
between the local device and router: ping 10.1.4.1 -t
8
� Use the "Control + C" keyboard shortcut to stop the ping.
After you complete the steps, you will be able to see the successful and lost requests that can give
you a clue on how to continue troubleshooting and resolving the connectivity problem.
Administrators usually use the ping command in a local network to find out when a service goes
down quickly. Also, the tool can be used as a quick way to know when the server is up and running
again when restarting a server remotely.
Tracert 3. TRACERT
Windows 10 also includes tracert (Trace Route), a diagnostic tool to determine the network
path to a destination using a series of ICMP echo requests. However, unlike the ping
command, each request includes a TTL (Time to Live) value that increases by one each time,
allowing to display of a list of the route the requests have taken and their duration.
To trace the route to a destination with Command Prompt on Windows 10, use these steps:
1. Open Start.
2. Search for Command Prompt, right-click the top result, and select the Run as
administrator option.
3. Type the following command to understand the path taken to the destination and
press Enter: tracert IP-OR-DOMAIN
In the command, replace IP-OR-DOMAIN with the actual IP address or domain name for the
destination you want to troubleshoot. For example, this command allows you to view the path
the packets are taking to reach Google.com: tracert google.com
9
�4. Type the following command to adjust the hop counts to the destination and
press Enter: tracert -h HOP-COUNT IP-OR-DOMAIN
In the command, replace IP-OR-DOMAIN with the actual IP address or domain name for the
destination you want to troubleshoot and HOP-COUNT for the number of hops you want to
trace. For example, this command puts the limit of 5 hops (nodes) to the destination:
tracert -h 5 google.com
Once you complete the steps, you will know if the destination is reachable or if there is a
networking problem along the way.
10
�Similar to the ping tool, tracert includes several options, which you can view with the "tracert
/?" command.
NSLOOKUP NSLOOKUP
The nslookup (Name Server Lookup) tool can show valuable details to troubleshoot and resolve
DNS-related issues. The tool includes an interactive and non-interactive modes. However, you
will be using the non-interactive mode more often than not, which means you will type the full
command to obtain the necessary information.
You can use this command to display the default DNS name and address of the local device and
determine the domain name of an IP address or the name servers for a specific node.
To get started with nslookup on Windows 10, use these steps:
1. Open Start.
2. Search for Command Prompt, right-click the top result, and select the Run as
administrator option.
3. Type the following command to look up the local DNS name and address and
press Enter: nslookup
4. Confirm the current DNS information.
5. Type the following command to exit the interactive mode and press Enter: exit
6. Type the following command to determine the name and address of a specific server
and press Enter: nslookup IP-ADDRESS
In the command, replace the IP-ADDRESS with the address of the remote device. For example,
this command looks up the IP address 172.217.165.142 address: nslookup 172.217.165.142
11
� 7. Type the following command to determine the address of a specific server and
press Enter: nslookup DOMAIN-NAME
In the command, replace the DOMAIN-NAME with the address of the remote device. For
example, this command looks up the IP address Google.com address: nslookup google.com
After you complete the steps, depending on the command, you will know whether the device has
a DNS resolver and the IP address or domain and vice versa of the remote host.
NETSTAT5. NETSTAT
The netstat (Network Statistics) tool displays statistics for all network connections. It allows
you to understand open and connected ports to monitor and troubleshoot networking problems
for Windows 10 and apps.
When using the netstat tool, you can list active network connections and listening ports. You
can view network adapter and protocol statistics. You can even display the current routing table
and much more.
To get started with netstat, use these steps:
1. Open Start.
2. Search for Command Prompt, right-click the top result, and select the Run as
administrator option.
3. Type the following command to show all active TCP connections and
press Enter: netstat
12
�4. (Optional) Type the following command to display active connections showing numeric
IP address and port number instead of trying to determine the names and press Enter: netstat
-n
5. (Optional) Type the following command to refresh the information at a specific interval
and press Enter: netstat -n INTERVAL
In the command, make sure to replace INTERVAL for the number (in seconds) you want to
redisplay the information. This example refreshes the command in question every five
seconds: netstat -n 5
• Quick note: When using the interval parameter, you can terminate the command using
the "Ctrl + C" keyboard shortcut in the console.
• Proto: Displays the connection protocol, including TCP or UDP.
• Local Address: Displays the device's IP address followed by a semicolon with a port
number of the connection. The double-semicolon inside brackets indicates the local IPv6
address. The "0.0.0.0" address also refers to the local address.
• Foreign Address: Shows the remote computer's IP (or FQDN) address with the port
number after the semicolon port name (for instance, https, http, microsoft-ds, wsd).
• State: Shows whether the connection is active (established), if the port has been closed
(time_wait) and if the program has not closed the port (close_wait). Other statuses
available include closed, fin_wait_1, fin_wait_2, last_ack, listen, syn_received, syn_send,
and timed_wait.
13
� ARP6. ARP
Windows 10 maintains an arp (Address Resolution Protocol) table, which stores IP to Media
Access Control (MAC) entries that the system has resolved. The arp tool lets you view the entire
table, modify the entries, and use it to determine a remote computer's MAC address.
Usually, you do not need to worry about MAC addresses, but there are scenarios when this
information may come in handy. For example, when troubleshooting network problems at
the data link layer (switching) or when restricting access or filtering content through the network
for specific devices.
To get started with arp on Windows 10, use these steps:
1. Open Start.
2. Search for Command Prompt, right-click the top result, and select the Run as
administrator option.
3. Type the following command to view the current arp table cache on Windows 10 and
press Enter: arp -a
4. Type the following command to determine the MAC address of a remote device and
press Enter: arp -a IP
In the command, make sure to replace IP with the address of the destination. For example, this
command reveals the physical address of the 10.1.4.120 destination: arp -a 10.1.4.120
5. Confirm the MAC (physical) address for the remote device.
After you complete the steps, you will be able to view the entire arp table and MAC address of
a specific IP address.
14
�If you want to know all the available options, use the "arp /?" command to list the available
options with their corresponding descriptions.
HARDWARE TROUBLE SHOOTING TOOLS:
1. Cable Testers and Certifiers: These dedicated hardware devices can be connected to the
end of a cable or both ends. They provide diagnostic functions to check cable integrity
and identify issues.
2. Crimpers: Crimpers are used to insert wires into proper connectors at the end of a
cable. They ensure secure connections and are commonly used for network cables and
telephone lines.
3. Butt Set: A butt set, also known as a lineman’s handset, helps technicians test telephone
lines. It allows them to listen to and troubleshoot voice communication issues.
4. Toner Probe: A toner probe helps locate specific cables within a bundle or network. It
emits a tone that can be detected at the other end of the cable, making cable tracing
easier.
15
�5. Punch-Down Tool: Used in networking and telecommunication, a punch-down tool helps
terminate wires into connectors or patch panels. It ensures proper connections and
minimizes signal loss.
6. Protocol Analyzers: These tools capture and analyze network traffic to diagnose
communication issues. They help identify faulty protocols, packet loss, and other
network-related problems.
7. Loopback Plug: A loopback plug is a self-testing tool that allows you to test ports,
connectors, and interfaces by creating a loopback circuit. It helps verify if a port is
functioning correctly.
8. TDR/OTDR (Time-Domain Reflectometer/Optical Time-Domain Reflectometer): These
tools are used for diagnosing issues in cables, especially in fiber optics. They measure
cable length, detect faults, and locate breaks or impedance mismatches.
16
