1. Ping Command
Ping is a frequently used utility primarily used to determine network connectivity. This is useful for determining whether the network is correctly connected and the status of the network connection. In simple terms, ping is a testing program; if the ping runs correctly, it generally rules out faults in the network access layer, network card, modem input/output lines, cables, and routers, thereby narrowing down the problem scope.
Ping can display the time taken for requests to be sent and responses to be returned in milliseconds. A short response time indicates that the data packet does not have to pass through too many routers or networks, suggesting a faster connection. Ping can also display the TTL (Time To Live) value, which can help estimate how many routers the data packet has passed through.
1. Command Format
ping hostname
ping domain
ping IP address
As shown in the figure, use the ping command to check the connectivity to the computer with the IP address 210.43.16.17; this example shows a successful connection. A total of four test data packets were sent, and all four packets were correctly received.
2. Basic Applications of Ping Command
Generally, users can use a series of ping commands to locate where the problem lies or to check the status of the network. Below is a typical detection sequence and the corresponding possible faults:
① ping 127.0.0.1
If the test is successful, it indicates that the network card, TCP/IP protocol installation, IP address, and subnet mask settings are normal. If the test fails, it indicates there is a problem with the TCP/IP installation or settings.
② ping local IP address
If the test fails, it indicates there is a problem with local configuration or installation, and network devices and communication media should be tested, checked, and troubleshot.
③ ping other IPs in the local area network
If the test is successful, it indicates that the network card and carrier in the local network are functioning correctly. However, if zero responses are received, it indicates that the subnet mask is incorrect, or the network card configuration is wrong, or there is a problem with the cabling system.
④ ping gateway IP
If this command responds correctly, it indicates that the gateway router in the local area network is operational and can respond.
⑤ ping remote IP
If a correct response is received, it indicates successful use of the default gateway. For dial-up users, it indicates successful access to the Internet (but does not rule out problems with the ISP’s DNS).
⑥ ping localhost
Localhost is the system’s reserved name for the network; it is an alias for 127.0.0.1, and each computer should be able to resolve that name to that address. Otherwise, it indicates a problem in the host file (/Windows/hosts).
⑦ ping www.yahoo.com (a well-known website domain)
When executing the Ping command on this domain, the computer must first translate the domain name into an IP address, usually through the DNS server. If there is a fault here, it indicates that the local DNS server’s IP address configuration is incorrect, or the DNS server being accessed is faulty.
If all the ping commands listed above can run normally, then the computer’s local and remote communication is generally fine. However, the success of these commands does not mean that all your network configurations are problem-free; for example, certain subnet mask errors may not be detectable by these methods.
3. Common Parameters of Ping Command
ping IP -t: Continuously executes the ping command to the IP address until interrupted by the user with Ctrl C.
ping IP -l 2000: Specifies a specific data length (2000 bytes in this case) for the ping command instead of the default 32 bytes.
ping IP -n 20: Executes the ping command a specific number of times (20 in this case).
2. Ipconfig Command
The ipconfig utility can be used to display the current TCP/IP configuration settings. This information is generally used to verify whether manually configured TCP/IP settings are correct.Additionally, if the computer and the local area network use Dynamic Host Configuration Protocol (DHCP), using the ipconfig command can determine whether your computer has successfully leased an IP address, and if it has, you can find out what address it currently has, including IP address, subnet mask, and default gateway network configuration information.
Below are the most commonly used options:
1. ipconfig
When using the ipconfig command without any parameter options, it displays the IP address, subnet mask, and default gateway values for each configured interface.
2. ipconfig/all
When using the all option, ipconfig can display additional information it has configured for DNS and WINS servers, and can show the physical address (MAC) built into the local network card. If the IP address is leased from a DHCP server, ipconfig will show the IP address allocated by the DHCP server and the expected expiration date of the leased address. The image shows the result window of running the ipconfig /all command.
3. ipconfig/release and ipconfig/renew
These two additional options can only be used on computers that lease IP addresses from DHCP servers. If you enter ipconfig /release, all leased IP addresses for the interfaces will be returned to the DHCP server. If the user enters ipconfig /renew, the local computer will attempt to contact the DHCP server and lease an IP address. In most cases, the network card will be reassigned the same IP address as before.
3. Arp Command (Address Resolution Protocol)
ARP is an important protocol in the TCP/IP protocol suite, used to determine the physical address of the network card corresponding to an IP address.
By using the arp command, you can view the current contents of the ARP cache on the local computer or another computer. Additionally, the arp command can be used to manually set static pairs of physical addresses/IP addresses, which can help reduce the amount of information on the network.
By default, items in the ARP cache are dynamic; ARP automatically adds an item whenever data is sent to a specified location and the current item does not exist in the cache.
Common Command Options:
① arp –a:Used to view all items in the cache.
② arp -a IP:If there are multiple network cards, using arp -a followed by the interface’s IP address will display only the ARP cache items related to that interface.
③ arp -s IP physical_address:Manually inputs a static item into the ARP cache. This item will remain valid during the computer’s boot process, or the manually configured physical address will automatically update this item when errors occur.
④ arp -d IP:Using this command allows you to manually delete a static item.
4. Traceroute Command
Mastering the use of the traceroute command to measure routing conditions is used to display the path that packets take to reach the destination host.
The basic usage of the traceroute command is to type “tracert host_name” or “tracert ip_address” at the command prompt, where tracert is the name of traceroute in the Windows operating system.
Output has 5 columns
The first column describes the value of the nth hop along the path, i.e., the router number along that path;
The second column is the first round-trip delay;
The third column is the second round-trip delay;
The fourth column is the third round-trip delay;
The fifth column is the name of the router and its input port’s IP address.
If the source receives fewer than three packets from any given router (due to packet loss in the network), traceroute places an asterisk after that router’s number and reports fewer than three round-trip times to that router.
Additionally, the tracert command can also be used to view the steps taken or the route taken when connecting to a network site; if there is a network failure, this command can help identify where the problem occurred.
Thoughts:
(1) Try the “ping www.sina.com.cn” operation several times and compare the IP addresses obtained for Sina’s website. If the IP addresses obtained from two pings are different, consider the reasons (such as considering load balancing). Then, for these different IP addresses, execute the “tracert ip_address” command and observe if there are any differences in the output results.
(2) For a site in a large network, perform a traceroute test and record the test results. Observe whether there is a case where the nth hop’s delay is less than the n-1 hop’s delay. Try to analyze the reasons for this (hint: consider the contribution of each component of the delay to the total delay).
(3) At different times of the day, use the traceroute program to test the route from a fixed host to a remote fixed IP address multiple times. Try to analyze and compare the measurement data to observe whether the route has changed? If there are changes, how frequent are they?
5. Route Command
Most hosts typically reside on a network segment connected to only one router. Since there is only one router, there is no need to choose which router to send packets to the remote computer; the IP address of that router can serve as the default gateway for all computers on that segment.
However, when there are two or more routers on the network, users may not want to rely solely on the default gateway. In fact, they may want certain remote IP addresses to be routed through a specific router while others are routed through another router. In this case, users need corresponding routing information, which is stored in the routing table, and each host and router has its own unique routing table. Most routers use specialized routing protocols to exchange and dynamically update routing tables between routers. However, in some cases, it is necessary to manually add items to the routing tables on routers and hosts. The route command is used to display, manually add, and modify routing table entries. This command can use the following options:
1. route print
This command is used to display the current entries in the routing table; the output results on a single router segment are shown in the figure.
2. route add
Using this command, you can add routing entries to the routing table.
For example, if you want to set a route to the destination network 209.99.32.33, which passes through five router segments, the first router on the local network has an IP of 202.96.123.5 and a subnet mask of 255.255.255.224, then the user should enter the following command:
route add 209.99.32.33 mask 255.255.255.224 202.96.123.5 metric 5
3. route change
This command can be used to modify the data transmission route; however, the user cannot use this command to change the destination of the data.The following example changes the previous route to use a path that includes three segments:
route add 209.99.32.33 mask 255.255.255.224 202.96.123.250 metric 3
4. route delete
Using this command allows you to delete a route from the routing table.For example:route delete 209.99.32.33
6. Nslookup Command
The nslookup command is used to query the IP address of any machine and its corresponding domain name. It usually requires a domain name server to provide the domain name. If the user has set up a domain name server, they can use this command to view the IP addresses corresponding to different hosts.
1. Use the nslookup command on the local machine to view the machine’s IP and domain server address.
Directly type the command, and the system returns the server name (fully qualified domain name) and IP address of the local machine, entering a command line state with “>” as the prompt; type “?” to query detailed command parameters; to exit, type exit.
2. View the IP of www.haut.edu.cn
At the prompt, enter the IP address or domain name you want to query and press enter.
7. Nbtstat Command
Using the nbtstat command allows you to view some information about the network configuration on the computer. This command can also be used to find some private information on other computers. If you want to view the network information on your computer, you can run nbtstat -n to get your workgroup, computer name, and network card address, etc.; to view the status of other computers on the network, run nbtstat -a *.*.*.*, where *.*.*.* is replaced with the IP address to return some information from that host.
8. Netstat Command
Learn to use the netstat command to understand the current state of the network.
The netstat command can display active TCP connections, ports that the computer is listening on, Ethernet statistics, IP routing tables, IPv4 statistics (for IP, ICMP, TCP, and UDP protocols), and IPv6 statistics (for IPv6, ICMPv6, TCP, and UDP protocols). When used without parameters, netstat displays active TCP connections.
Below are some common options for netstat:
① netstat –a:-a option displays a list of all valid connection information, including established connections (ESTABLISHED) and those connections that are listening for connection requests (LISTENING).
② netstat –n:Lists IP addresses in dot-decimal format instead of symbolic host names and network names.
③ netstat -e:-e option displays statistics about Ethernet. It lists items including total bytes of data packets sent, number of errors, number deleted, number of packets, and number of broadcasts. These statistics include both the number of packets sent and received. Using this option can help count some basic network traffic.
④ netstat -r:-r option can display information about the routing table, similar to what is seen when using the route print command. In addition to showing valid routes, it also displays currently valid connections.
The image shows a routing table where: Network Destination indicates the destination network, 0.0.0.0 indicates an unknown network, which is automatically generated after setting the default gateway; 127.0.0.0 indicates the local network address used for testing; 224.0.0.0 indicates the multicast address; 255.255.255.255 indicates the limited broadcast address; Netmask indicates the network mask, Gateway indicates the gateway, Interface indicates the interface address, Metric indicates the number of hops in the route.
⑤ netstat -s:-s option can display statistics for each protocol separately. This allows you to see what connections currently exist on the network and detailed information about packet sending and receiving. If an application (like a web browser) is running slowly or cannot display web pages, this option can be used to check the displayed information. By carefully reviewing the statistics, you can find keywords that indicate errors and identify the problem.
9. Net Command
Understand the functions of Net services and learn to use Net service commands to resolve network issues.
At the command line, type net help command to obtain syntax help for net commands. For example, to get help information about the net accounts command, type “net help accounts”.
All net commands can use /y and /n command line options. For example, the net stop server command prompts the user to confirm stopping all dependent server services, while net stop server/y confirms stopping and shutting down server services.
The table below lists the basic NET commands and their functions:
The execution results of NET commands are often similar to those obtained from other Windows Server 2003 management tools. However, NET commands can provide all information in one place and can redirect results to a printer or a standard text file.
Many network commands used by services start with net; these net commands have some common attributes. To see a list of all available net commands, type net/? in the command prompt window.
Edited by: Zhao Xiao
Editor: Li Hui
Image source: Network Security and Information Technology
Proofread by: Gu Hong, Zhang Jian, Wang Yao, Feng Linshu
Previous Review
|
1 |
The Year of the Ox Only Has 354 Days! What Other Knowledge Points About the Year of the Ox? |
|
2 |
Beginning of the New Year, Everything is Renewed |
|
3 |
Spring Festival Dietary Tips |
Like, let me know you are reading
