ARP
ARP is an important TCP/IP protocol used to determine the physical IP address of the NIC. The practical arp command allows us to view the current content in the ARP cache of a local computer or another computer. In addition, you can manually enter static Nic physical/IP address pairs using arp commands. We may use this method for common hosts such as the default gateway and local server, this helps reduce the amount of information on the network.
According to the default settings, items in the ARP high-speed cache are dynamic. ARP automatically adds a project whenever a datagram from a specified location is sent and the current project does not exist in the cache. Once the cached items are input, they begin to become invalid. For example, in a Windows NT/2000 network, if you do not enter a project for further use, the physical/IP address pair will expire within 2 to 10 minutes. Therefore, if there are few or no items in the ARP cache at all, do not be surprised. You can add them by using the ping command of another computer or router. Therefore, when you need to use the arp command to view the content in the cache, you 'd better ping this computer first (not the ping Command sent from the local machine ).
Common ARP Command Options:
· Arp-a or arp-g
View all items in the cache. The results of the-a and-g parameters are the same. For many years,-g has been the option used on UNIX platforms to display all items in the ARP cache, windows uses arp-a (-a can be regarded as all, that is, all), but it can also accept more traditional-g options.
· Arp-a IP
If we have multiple NICs, we can use the IP address of the arp-A interface to display only the ARP cache items related to this interface.
· Physical arp-s IP Address
We can manually enter a static project into the ARP cache. The project remains valid during the computer boot process, or when an error occurs, the manually configured physical address automatically updates the project.
· Arp-d IP
Use this command to manually delete a static project.
For example, at the command prompt, type Arp-a. If we use the Ping command to test and verify the connectivity from this computer to the host whose IP address is 10.0.0.99, the ARP cache displays the following items:
Interface: 10.0.0.1 on interface 0x1
Internet Address Physical Address Type
10.0.0.99 00-e0-98-00-7c-dc dynamic
In this example, the cache item indicates that the remote host located in 10.0.0.99 is resolved to the Media Access Control Address of 00-e0-98-00-7c-dc, which is allocated in the NIC hardware of the remote computer. The Media Access Control Address is the address used by the computer to communicate with the remote TCP/IP host on the network.
Now we can use the ipconfig and ping commands to view our network configurations and determine if they are correct. We can use netstat to view the connections established between others and us and find out the IP addresses hidden by ICQ users, you can use arp to view the MAC address of the NIC.
Tracert
If there is a network connectivity problem, you can use the tracert command to check the path of the destination IP address and record the result. The tracert command displays a group of IP Routers used to transmit data packets from the computer to the target location, and the time required for each hop. If the data packet cannot be transmitted to the target, the tracert command displays the last vro that successfully forwarded the data packet. When a datagram is transmitted from our computer through multiple gateways to the destination, the Tracert command can be used to track the route (PATH) used by the datagram ). The path tracked by this utility is a path from the source computer to the destination. It cannot be guaranteed or considered that the datagram always follows this path. If our configuration uses DNS, we often get the name of the city, address, and common communication company from the response. Tracert is a slow command (If the destination address is too long), we need to give it about 15 seconds for each vro.
Tracert is easy to use. You only need to follow tracert with an IP address or URL. Tracert will convert the domain name accordingly.
Tracert:
Tracert IP address [-d] This command returns the list of routers that have arrived at the IP address. By using the-d option, the vro path is displayed faster, because tracert does not try to parse the name of the vro in the path.
Tracert is generally used to detect the location of a fault. We can use tracert IP to locate a problem,
Although we still haven't determined what the problem is, it has already told us where the problem is located, so we can confidently tell someone else where something went wrong.
Route
Most hosts usually reside in the CIDR block that is connected to only one vro. Because there is only one vro, no vro is used to publish the data to a remote computer. the IP address of the vro can be input as the default gateway of all computers in the CIDR block.
However, when two or more vrouters exist on the network, we do not necessarily want to rely on the default gateway. In fact, we may want to transfer some of our remote IP addresses through a specific vro, while other remote IP addresses are transmitted through another vro.
In this case, we need the corresponding routing information, which is stored in the routing table. Each host and each router has its own unique route table. Most routers use dedicated routing protocols to exchange and dynamically update route tables between routers. However, in some cases, you must manually add the project to the router and Host Routing tables. Route is used to display, manually add, and modify Route table items.
General options:
· Route print
This command is used to display the current project in the route table and the output on the network segment of a single router. Because the network adapter is configured with an IP address, all these items are automatically added.
· Route add
Use this command to add a mail route entry to the route table. For example, if you want to set a route to the destination network of 209.98.32.33, the route must go through five vro CIDR blocks. First, you must go through a vro on the local network with the IP address 202.96.123.5, if the subnet mask is too many then we should enter the following command:
Route add 209.98.32.33 mask merge limit 202.96.123.5 metric 5
· Route change
We can use this command to modify the data transmission route. However, we cannot use this command to change the data destination. In the following example, you can change the data route to another vro, which uses a straight path containing three CIDR blocks:
Route add 209.98.32.33 mask merge limit 202.96.123.250 metric 3
· Route delete
Use this command to delete a route entry from the route table. Example: route delete 209.98.32.33
NBTStat
Use the nbtstat command to release and refresh the NetBIOS name. The NBTStat (NetBIOS statistics on TCP/IP) utility is used to provide statistics about NetBIOS. With NetBIOS, we can view the NetBIOS name table on a local computer or remote computer.
Common options:
· Nbtstat-n
The local name and service program are displayed.
· Nbtstat-c
This command is used to display the content cached by NetBIOS name. The NetBIOS name cache is used to store the NetBIOS Name and IP address pairs of other computers that recently communicate with this computer.
· Nbtstat-r
This command is used to clear and reload the NetBIOS name cache.
· Nbtstat-a IP(Used to display the MAC address of any IP address)
The physical address and name list of the other computer are displayed through the IP address. The displayed content is the same as that of the other computer running nbtstat-n.
· Nbtstat-s IP
Displays the NetBIOS connection table of another computer that uses its IP address.
For example, at the command prompt, enter: nbtstat-RR release and refresh progress in the form of command line output. This information indicates whether all the local NetBIOS names currently registered in the WINS of the computer have been released and renewed using the WINS server.