Top 10 Network Troubleshooting Tools for IT Pros

Updated on November 17, 2022

Like a good plumber or electrician, every network administrator needs a good set of tools in their toolbox to get the job done right. Whether you’re the new guy in the office or a seasoned veteran, these tools will serve to help you investigate and troubleshoot countless issues as they arise on your network. Though new tools always surface as the years go on, many of these have been around for a long time and with very good reason. So, without further ado, here are our top 10 network troubleshooting tools.

10. Ping

9. Traceroute / Tracert

8. Ipconfig / Ifconfig

7. Nslookup

6. Whois

5. Netstat

4. PuTTY / Tera Term

3. Subnet and IP calculator 

2. Speed test

1. IP Scanner

Ping is likely the number one utility that every tech pro will use on a daily basis. It helps us to determine two things: latency and packet loss. Because ICMP is typically the lowest priority packet in the pecking order, it doesn’t tell us what the problem is. Instead, it tells us that there is a problem that needs to be addressed. Usually, if there is either packet loss or latency (or both) this can indicate bandwidth saturation over a link or even a bad network cable or port on a switch. Regardless, this will almost always be your first go-to utility when you begin your troubleshooting process. Figure 1 shows ping running in Windows 10.

This is probably second in the top three utilities you’ll use on a daily basis. Traceroute is invaluable for telling us what network devices are between one point and another, and gives us some data on what those devices are doing. Some of the extra data it provides are latency values (min, average and max) and host names of the devices, if they’re configured to have them.

This also helps us to figure out where these “hops” are, as ISPs typically include some sort of nomenclature to determine which state or country they’re in. On a private network, this may be less obvious. Traceroute can also help to diagnose routing issues, especially when we have more than one network connection to the outside world. Figure 2 shows a tracert in Windows 10.

Rounding out the last three are Ipconfig (Windows) and Ifconfig (Linux / Unix). When we need to know the IP address(es) of the host that we’re working on, these are the utilities to use. Not only will it provide IPv4 information, but it will also provide IPv6 addresses, MAC addresses, DNS servers, default gateways and data with regard to how much traffic is flowing over the interface along with errors and dropped packets. Figure 3 shows the Ipconfig command in Windows 10.

This is a great utility for two things: locating the IP addresses associated with a domain name and checking to see that DNS (Domain Name System) resolution is working for our host. When we enter www.google.com into our web browser, the computer invisibly queries the DNS server to find the IP address attached to that host name.

Nslookup has the ability to not only query our configured DNS server, but also to query any other DNS server we wish. This can help us test remote DNS servers for our clients or even for our own ISP. Figure 4 shows a Windows 10 Nslookup.

This one is an oldy, but a goody. Sometimes we want to know who owns a domain name or a range of public IP space. Whois allows us to do this with ease. Whois will give us details about who has registered a particular domain name and often includes contact details for the registrar. Finding out who owns a range of IP space can help us determine where odd traffic on our network is coming from.

Windows 11 does not have Whois installed by default, but it’s downloadable from its website. Many other free websites also offer this service. Figure 5 shows a Web based Whois.

Ever wonder which ports on your hosts are open and listening? Enter netstat. This utility is especially helpful on servers or hosts that run their own firewalls—like SQL Server or Apache. Each uses different network ports to communicate. For instance, if we want to run a web server, but for some reason IIS isn’t “listening” for communications on port 80, it won’t serve up its web pages to anyone.

Netstat also tells us who else is connected to our host and on what ports. This can be especially helpful if we suspect that our security has been compromised. We may not see anything in the task manager, but netstat can help us root out a culprit by showing us if there are any strange ports active and communicating. Figure 6 shows a Windows 10 netstat.

The need for a remote console cannot be overstated, especially when dealing with Linux or Unix-like systems. A remote console (or terminal) is a must-have for “headless” systems that don’t have a desktop environment. The console is a powerful tool in the right hands and in the Linux/*nix world. It’s absolutely essential for server tasks.

It’s also one of the best ways to get into a network with connectivity problems. It takes almost no bandwidth to make a connection and terminal software is very forgiving when it comes to packet loss. Figure 7 shows a PuTTY session and Figure 8 shows a Tera Term session.

Sometimes we just don’t want to be bothered with doing a whole bunch of binary number crunching. There are a multitude of downloadable and free web-based IP and subnet calculators available should we wish to use them. This can be a quick solution when we’re in a hurry and haven’t memorized the proper subnet for a /30 IP range. Figure 9 shows an example of one such calculator.

A web-based calculator can be found at Sub-net calculator.

A downloadable calculator can be found at Solarwinds.

If you stream a lot of Netflix at home, you’ll be familiar with the little spinning circle that lets you know that the video is buffering. Oftentimes, this is due to a lack of bandwidth when your roommate is also streaming the latest DOTA match on Twitch. Websites like Speedtest.net help us to determine how much bandwidth we have in and out of our Network. Figure 10 shows an instance of Speedtest.

Having an IP scanner is priceless in a network environment, especially when we don’t have login credentials to the router. Being able to scan an entire subnet enables us to find IP addresses of devices that might otherwise elude us. There are many devices on a network that don’t have a quick interface to tell us what their addresses are such as printers and scanners.

This can also help us to find devices that have mistakenly been configured with incorrect or duplicate IPs. An excellent IP scanner is shown in Figure 11.

I have been using all of these tools for many years. The interfaces have changed on some, but others (such as command prompt tools) are exactly the same. There are many switches that come with each tool. For instance, the /t in a ping command does a continuous ping instead of the four pings it would normally do. With Linux, ping will continue without the /t. Understanding the use and value of switches will help you become the fastest and most valued troubleshooter in your office.