Top 7 TCP/IP Utilities Every Networking Pro Should Know
- select the contributor at the end of the page -
The top 7 tools that I will talk about today include: Ping, Tracert, ARP, Netstat, Nbtstat, NSLookup, and IPconfig. These tools will help you to check the status of your network and allow you to troubleshoot and test connectivity to remote hosts.
You use these utilities in Dos and you get there by clicking on Start, going to Run and typing cmd.
Here are the top 7 TCP/IP utilities and their functions.
The PING utility tests connectivity between two hosts. PING uses a special protocol called the Internet Control Message Protocol (ICMP) to determine whether the remote machine (website, server, etc.) can receive the test packet and reply.
Also a great way to verify whether you have TCP/IP installed and your Network Card is working.
We'll start by Pinging the loopback address (127.0.0.1) to verify that TCP/IP is installed and configured correctly on the local computer.
Type: PING 127.0.0.1
This tells me that TCP/IP is working as well as my Network Card.
To test out connectivity to a website all you have to do is type: ping espn.com
The results should tell you if the connection was successful or if you had any lost packets.
Packet loss describes a condition in which data packets appear to be transmitted correctly at one end of a connection, but never arrive at the other. Why? Well, there are a few possibilities.
The network connection might be poor and packets get damaged in transit or the packet was dropped at a router because of internet congestion. Some Internet Web servers may be configured to disregard ping requests for security purposes.
Note the IP address of espn.com -- 220.127.116.11. You can also ping this address and get the same result.
However, Ping is not just used to test websites. It can also test connectivity to various servers: DNS, DHCP, your Print server, etc. As you get more into networking you'll realize just how handy the Ping utility can be.
Tracert is very similar to Ping, except that Tracert identifies pathways taken along each hop, rather than the time it takes for each packet to return (ping).
If I have trouble connecting to a remote host I will use Tracert to see where that connection fails. Any information sent from a source computer must travel through many computers / servers / routers (they're all the same thing, essentially) before it reaches a destination.
It may not be your computer but something that is down along the way. It can also tell you if communication is slow because a link has gone down between you and the destination.
If you know there are normally 4 routers but Tracert returns 8 responses, you know your packets are taking an indirect route due to a link being down.
The ARP utility helps diagnose problems associated with the Address Resolution Protocol (ARP).
TCP/IP hosts use ARP to determine the physical (MAC) address that corresponds with a specific IP address. Type arp with the – a option to display IP addresses that have been resolved to MAC addresses recently.
Netstat (Network Statistics) displays network connections (both incoming and outgoing), routing tables, and a number of network interface statistics.
It is an important part of the Network + exam but it's a helpful tool in finding problems and determining the amount of traffic on the network as a performance measurement.
Netstat –s provides statistics about incoming and outgoing traffic.
Nbtstat (NetBios over TCP/IP) enables you to check information about NetBios names.
It helps us view the NetBios name cache (nbtstat -c) which shows the NetBios names and the corresponding IP address that has been resolved (nbtstat -r) by a particular host as well as the names that have been registered by the local system (nbtstat –n).
NSLookup provides a command-line utility for diagnosing DNS problems. In its most basic usage, NSLookup returns the IP address with the matching host name.
Not part of the TCP/IP utilities but it is useful to show current TCP/IP settings.
The IPConfig command line utility will show detailed information about the network you are connected to. It also helps with reconfiguration of your IP address through release and renew.
Let's say you want to know what you're IP address is -- ipconfig is what you type in the command prompt.
ipconfig will give a quick view of you IP address, your subnet mask and default gateway.
ipconfig /all will give you more detailed information.
Through ipconfig /all we can find DNS severs, if we have DHCP enabled, MAC Address, along with other helpful information. All good things to know if we have trouble getting connected to the internet.
Other IPConfig tools that are helpful include ipconfig /release and ipconfig /renew. But before I get into this let's discuss how we actually get an IP Address.
There are two ways to obtain an IP address. One way is to have a static IP address which we manually assign. The second one is to have a dynamic IP address obtained through a DHCP server.
If you were to right click on Network Connects, go to Properties, right click on Local Area Connection, scroll down to Internet Protocol (TCP/IP), and select Properties -- you'll see two options:
- Obtain an IP address automatically
- Use the following IP address
Unless you know your static IP address you'll want to stick to the option for automatically obtaining the IP address. If you have it set to automatic your computer will be issued an IP through a DHCP server.
And just in case you're wondering, Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers (i.e., a scope) configured for a given network.
In laymen's terms: I have a cable modem at home and I have that modem connected to a wireless router that issues out IP address to anyone that connects to that router. That is DHCP that is issuing out IP addresses.
Your company probably has a server dedicated to this. Understanding this is definitely important for any networking exam.
Let's look at what happens when we release our IP address.
I've just lost internet connection and my IP address is 0.0.0.0. If I type ipconfig /renew this option re-establishes TCP/IP connections on all network adapters and I can resume my internet surfing.
Note: ipconfig /release renew won't work if you manually assigned your IP addresses.
That's about as far as these utilities go. Again not only are they important for any Network exam, they are essential tools used in the field for troubleshooting and diagnosing network problems.
Hopefully they will serve you well.