Continuing with our look at the Windows Server TCP/IP debugging tools we turn our attention to the Ipconfig, Arp and Netstat tools.
Ipconfig
The Ipconfig tool shows all the TCP/IP configuration values, this is of particular use on systems running DHCP. It is used to refresh the DHCP settings and determine the TCP/IP configuration values which are assigned by DHCP. If the Ipconfig tool is used with no parameters, it will show the IP addresses, subnet masks, and also the gateways for all adapters on a system. The adapters can be either physical network adapters or else logical adapters like dialup connections.
Some parameters for Ipconfig are as below:
- /all : Shows all the TCP/IP configuration values.
- /displaydns : Shows the contents of the DNS client resolver cache.
- /flushdns : Resets and also flushes all the contents of the DNS client resolver cache. This also includes entries which have been made dynamically.
- /registerdns : Specifies the manual dynamic registration for DNS names and the IP addresses that are configured on a system. This can be especially useful when troubleshooting DNS name registrations or any dynamic update issues between the DNS server and client.
- /release[Adapter] : This sends a DHCP release message to a DHCP server to disregard the DHCP-configured settings for adapters, this only available for DHCPenabled clients. If there is no adapter is specified, the IP address configuration is released for all the adapters.
- /renew[Adapter] : Renews the DHCP configuration for all the adapters (if no adapter has been specified) and also for a specific adapter if an Adapter parameter has been included. This is only available for clients which are DHCP-enabled.
- /setclassid Adapter [classID] : Configures the DHCP class ID for a certain adapter, this can configure the DHCP class ID for all the adapters by including a wildcard (*) character in place of the Adapter.
- /showclassid Adapter : Shows the DHCP class ID for a certain adapter.
- /allcompartments : Shows info about all the compartments.
- /allocmpartments /all : Shows detailed info on all compartments.
Ipconfig shows the assigned configuration for the system such as default gateway, local IP address, DNS servers, subnet mask etc. When debugging network problems, you may use the Ipconfig tool to confirm that the correct TCP/IP settings are set for a system so that a server will properly communicate on the network.
Arp
The Arp (Address Resolution Protocol) tool is enables the display and alteration of the Arp table on a local system, which matches physical MAC addresses of system to the corresponding IP addresses. The Arp tool increases the speed of connection by eliminating the requirement to match MAC addresses with IP addresses for subsequent connections.
The most important parameters for the Arp tool are as below:
- -a[InetAddr] [-N IfaceAddr] : Shows the Arp table for all the adapters on a system. You should use Arp –a with the InetAddr (IP address) parameter to show what the ARP cache entry is on an IP address.
- -dInetAddr [IfaceAddr] : This deletes an entry with a certain IP address (ie InetAddr). You can use the IfaceAddr parameter (IP address which is assigned to the interface) to delete an entry in a table for a specified interface. The wildcard character can be used instead of InetAddr to delete all entries.
- -sInetAddr EtherAddr [IfaceAddr] : This adds a static entry to the ARP cache which resolves the IP address (ie InetAddr) to the physical address (EtherAddr). Add a static ARP cache entry to the table for a specific interface by using the IP address assigned to the interface (ie IfaceAddr).
Netstat
The Netstat (Network Statistics) tool can be used to monitor connections to a remote host, displaying protocol stats for active connections, and monitoring IP addresses or the domain names of hosts with established connections.
The main parameters for Netstat are as below:
- -a : Shows all the connections and the listening ports by hostname.
- -b : Shows the executable involved in creation of all the connections.
- -e : Shows the Ethernet packets and bytes to and from the host.
- -n : Shows the address and port numbers by does not resolve the address to the hostname.
- -o : Shows TCP connections and also includes the relevant process ID (PID). This can be used in with –a, -n, and –p. This is unavailable in Windows versions prior to 2008 R2.
- -p protocol : Shows the statistics based on protocol specified. The protocols which can be specified are TCP, UDP, TCPv6 and UDPv6. This can be used with the –s parameter to show TCP, UDP, ICMP, IP, TCPv6, UDPv6, ICMPv6, or IPv6.
- -s : Shows the statistics on a an individual protocol basis. This can be used with an –p parameter to define a set of protocols.
- -t : Shows the current connection offload state.
- -r : Shows the route table, the information shown includes the network destination, gateway, netmask, interface, and metric (ie number of hops).
- [Parameter] Interval : Shows the info at every specified interval, the interval is in seconds. Hit Ctrl+C to stop the intervals.