Network troubleshoot CMD commands � � � � � � � Ping Tracert/traceroute Nslookup ARP Pathping Netstat telnet � Ping - Packet Internet Groper, commonly abbreviated as PING, is a diagnostic tool that tests connectivity between two nodes or devices across a network. � Its work on ICMP (internet control mang. Protocol) � Ping is used diagnostically to ensure that a host computer the user is trying to reach is actually operating. Ping works by sending an Internet Control Message Protocol (ICMP) Echo Request to a specified interface on the network and waiting for a reply. Ping can be used for troubleshooting to test connectivity and determine response time. Ping � � � � � TTL - Time to live (TTL) refers to the amount of time or “hops” that a packet is set to exist inside a network before being discarded by a router. TTL is a part of ipv4 header Its works on Layer 3. if layer 2 has STP for loop avoidance Just like that L3 has TTL � TTL (Time to Live) is a setting for each DNS record that specifies how long a resolver is supposed to cache (or remember) the DNS query before the query expires and a new one needs to be done � in today's age, packets arrive at most of their destinations after no more than 10-15 hops. And this is because this is the way the world network is built. Most Internet Service Providers have many of the other ISPs' networks in their routing tables and packets mostly get sent through the shortest or fastest route to their destination. This is achieved thanks to external routing protocols like BGP (Border Gateway Protocol). � The TTL field is set by the sender of the datagram, and reduced by every router on the route to its destination. � � � � TTL expired in transit It basically tells you the packet didn't get to the destination after maximum the hop count has reached Used tracert command to troubleshoot Do a traceroute and see whether the packets are looping around somewhere or it indeed cross the maximum # of hops? � � � � Destination host unreachable this message indicates one of two problems: either the local system has no route to the desired destination, or a remote router reports that it has no route to the destination. If the message is simply "Destination Host Unreachable," then there is no route from the local system, and the packets to be sent were never put on the wire. If the message is "Reply From < IP address >: Destination Host Unreachable," then the routing problem occurred at a remote router, whose address is indicated by the "< IP address >" field. � � Request timed out This message indicates that no Echo Reply messages were received within the default time of 1 second. This can be due to many different causes; the most common include network congestion, failure of the ARP request, packet filtering, routing error, or a silent discard. � � � � � Data padding in ping The amount of data per packet sent Default size is 32 byte How to ping diff size of load ? Ping 8.8.8.8 –l 512 -t � � Packet round trip time Round-trip time (RTT) is the duration in milliseconds (ms) it takes for a network request to go from a starting point to a destination and back again to the starting point. RTT is an important metric in determining the health of a connection on a local network or the larger Internet, and is commonly utilized by network administrators to diagnose the speed and reliability of network connections. � Ping options – � Ping example � � � Tracert/traceroute In computing, traceroute and tracert are computer network diagnostic commands for displaying the route and measuring transit delays of packets across an Internet Protocol network Traceroute route uses UDP � Tracert options � Tracert examples � � Nslookup nslookup is a simple but very practical command-line tool, which is principally used to find the IP address that corresponds to a host, or the domain name that corresponds to an IP address (a process called “Reverse DNS Lookup”) � � Netstat netstat (network statistics) is a command line tool for monitoring network connections both incoming and outgoing as well as viewing routing tables, interface statistics etc. netstat is available on all Unix-like Operating Systems and also available on Windows OS as well � Netstat option � Netstat example � � pathping Pathping is a TCP/IP based utility (command-line tool) that provides useful information about network latency and network loss at intermediate hops between a source address and a destination address. It does this by sending echo requests via ICMP and analyzing the results (its just like tracert) � Pathping option � � � � � � � ARP – ARP Command is a TCP/IP utility and Microsoft Windows command for viewing and modifying the local Address Resolution Protocol (ARP) cache, which contains recently resolved MAC addresses of Internet Protocol (IP) hosts on the network. Process begins with caches being empty Host 2 knows that it wants to send a packet to Host 1 (eg Default GW) Host 2 has to send a broadcast ARP message (destination FF:FF:FF:FF:FF:FF) requesting an answer for 192.168.1.1. Host 1 responds with its MAC address Host 1 and 2 both insert this received information into their ARP caches for future use � ARP command � ARP options � telnet Thank you