Tools for understanding and troubleshooting TCP – IP

Tools for understanding and troubleshooting TCP – IP

TCP – IP has tools built in, as a rule, in any operating system. They are utility programs, but are referred to as protocols.

These include:

• ping
• arp
• ipconfig
• tracert ( traceroute in Linux )

These protocols are run from the command prompt in Windows. One way to get to a command prompt:

Windows logo
Run
cmd.exe

You can find out more about these protocols by appending /? to the name

ping:

ping /? returns this:



ping sends a request for a response to a network device. If the device is configured to respond, ping tells you how long it took to make the round trip.
This is the result of a ping to the IP address of google:



You can also ping URLs:



If you can ping an IP but not the associated URL, you have a DNS problem.

If you want to ping non stop until the device responds, add a -t between ping and the IP address:

ping -t 74.125.95.99

• To pause this continuous ping: CTRL-Break
• To terminate this continuous ping: CTRL-C

arp:

ARP – Address Resolution Protocol – keeps a table of IP addresses assigned to MAC addresses.

Arp /? returns:



The one to use is arp -a



If you know a device is on line but it does not show up, ping it. This will put the device in the arp table

A breakdown of the results:

Interface 192.168.1.26 is the wired ethernet card in my laptop. It sees:

• 192.168.1.16; the wireless router
• 192.168.1.25; the desktop PC
• 192.168.1.255; the network broadcast address

and some IPs that will be used in the future when TCP – IP gets upgraded.

Interface 192.168.1.254 is the wireless card in my laptop. It sees:

• 192.168.1.16; the wireless router
• 192.168.1.17; another wireless device
• 192.168.1.25; the desktop PC
• 192.168.1.255; the network broadcast address

and some IPs that will be used in the future when TCP – IP gets upgraded.

ipconfig:

ipconfig is a tool for determining the IP configuration of your own computer.

The three commands you will use the most

• ipconfig /all; tells you the configuration status of your computer
• ipconfig /release; releases all values assigned by DHCP
• ipconfig /renew; requests fresh configuration info from DHCP.

ipconfig /?:



ipconfig /all, truncated to fit:



There is too much here to break it all down. Certain highlights:

IP routing enabled: No; I do not have Internet sharing set up

DHCP is enabled on the wireless card, DHCP is off on the wired card. If I perform an ipconfig /release and an ipconfig /renew, I may get a different wireless IP, but the static IP on the wired card will remain the same.

tracert:

tracert /?



A tracert to googles IP:



There is much to learn here:

There are 14 hops from My router to google

first hop; 192.168.1.16: my router

second hop; FTW, 192.168.2.1: my wireless bridge.
the third hop is configured to conceal information about itself. That is my ISP.

I have a DSL connection through qwest.

Hop 6, 205.171.151.61 has a similar IP to the DNS server at the top of the page. If you tracert to a known IP when the internet is down, you typically see 67.42.200.219 ( in NM, using qwest ), or another similar IP, but you don't see 205.171.XXX.XXX. This indicates that the local ISP is OK, the connection to Albuquerque is good, and DNS is down.

tracert to a web site when your network is working well. Do a screen capture. When things stop working, do another tracert and compare to the known good trace. Learn the various hops in the early part of the journey, the end thats under your control. Learn the hops in your ISPs system.

netsh:

This is a Windows Vista protocol.

netsh/?



The variant that interests us is:

netsh wlan show networks mode=bssid

This command shows APs in operation, and in range. Too long to screen capture all of it: