Uploaded by ag7959126

cmd commands

advertisement
Network troubleshoot CMD commands
�
�
�
�
�
�
�
Ping
Tracert/traceroute
Nslookup
ARP
Pathping
Netstat
telnet
�
Ping - Packet Internet Groper, commonly abbreviated as PING, is a diagnostic tool that tests
connectivity between two nodes or devices across a network.
�
Its work on ICMP (internet control mang. Protocol)
�
Ping is used diagnostically to ensure that a host computer the user is trying to reach is actually
operating. Ping works by sending an Internet Control Message Protocol (ICMP) Echo Request to a
specified interface on the network and waiting for a reply. Ping can be used for troubleshooting to
test connectivity and determine response time.
Ping
�
�
�
�
�
TTL - Time to live (TTL) refers to the amount of time or “hops” that a packet is set to exist inside a
network before being discarded by a router.
TTL is a part of ipv4 header
Its works on Layer 3.
if layer 2 has STP for loop avoidance
Just like that L3 has TTL
�
TTL (Time to Live) is a setting for each DNS record that specifies how long a resolver is supposed to
cache (or remember) the DNS query before the query expires and a new one needs to be done
�
in today's age, packets arrive at most of their destinations after no more than 10-15 hops. And this is
because this is the way the world network is built. Most Internet Service Providers have many of the
other ISPs' networks in their routing tables and packets mostly get sent through the shortest or
fastest route to their destination. This is achieved thanks to external routing protocols like BGP
(Border Gateway Protocol).
�
The TTL field is set by the sender of the datagram, and reduced by every router on the route
to its destination.
�
�
�
�
TTL expired in transit
It basically tells you the packet didn't get to the destination after maximum the hop count has
reached
Used tracert command to troubleshoot
Do a traceroute and see whether the packets are looping around somewhere or it indeed cross the
maximum # of hops?
�
�
�
�
Destination host unreachable
this message indicates one of two problems: either the local system has no route to the desired
destination, or a remote router reports that it has no route to the destination.
If the message is simply "Destination Host Unreachable," then there is no route from the local
system, and the packets to be sent were never put on the wire.
If the message is "Reply From < IP address >: Destination Host Unreachable," then the routing
problem occurred at a remote router, whose address is indicated by the "< IP address >" field.
�
�
Request timed out
This message indicates that no Echo Reply messages were received within the default time of 1
second. This can be due to many different causes; the most common include network congestion,
failure of the ARP request, packet filtering, routing error, or a silent discard.
�
�
�
�
�
Data padding in ping
The amount of data per packet sent
Default size is 32 byte
How to ping diff size of load ?
Ping 8.8.8.8 –l 512 -t
�
�
Packet round trip time
Round-trip time (RTT) is the duration in milliseconds (ms) it takes for a network request to go from a
starting point to a destination and back again to the starting point. RTT is an important metric in
determining the health of a connection on a local network or the larger Internet, and is commonly
utilized by network administrators to diagnose the speed and reliability of network connections.
�
Ping options –
�
Ping example
�
�
�
Tracert/traceroute
In computing, traceroute and tracert are computer network diagnostic commands for displaying the
route and measuring transit delays of packets across an Internet Protocol network
Traceroute route uses UDP
�
Tracert options
�
Tracert examples
�
�
Nslookup
nslookup is a simple but very practical command-line tool, which is principally used to find the IP
address that corresponds to a host, or the domain name that corresponds to an IP address (a process
called “Reverse DNS Lookup”)
�
�
Netstat
netstat (network statistics) is a command line tool for monitoring network connections both
incoming and outgoing as well as viewing routing tables, interface statistics etc. netstat is available
on all Unix-like Operating Systems and also available on Windows OS as well
�
Netstat option
�
Netstat example
�
�
pathping
Pathping is a TCP/IP based utility (command-line tool) that provides useful information about
network latency and network loss at intermediate hops between a source address and a destination
address. It does this by sending echo requests via ICMP and analyzing the results (its just like tracert)
�
Pathping option
�
�
�
�
�
�
�
ARP –
ARP Command is a TCP/IP utility and Microsoft Windows command for viewing and modifying the
local Address Resolution Protocol (ARP) cache, which contains recently resolved MAC addresses of
Internet Protocol (IP) hosts on the network.
Process begins with caches being empty
Host 2 knows that it wants to send a packet to Host 1 (eg Default GW)
Host 2 has to send a broadcast ARP message (destination FF:FF:FF:FF:FF:FF) requesting an answer for
192.168.1.1.
Host 1 responds with its MAC address
Host 1 and 2 both insert this received information into their ARP caches for future use
�
ARP command
�
ARP options
�
telnet
Thank you
Download