Common network commands
Tips for using ping commands
The Ping Command running on Windows sends four ICMP (inter-network control packet protocol) Send requests, each of which is 32 bytes of data. If everything is normal, we should be able to get four send responses. Ping can display the time between sending a return request and returning a return response in milliseconds. If the response time is short, the datagram does not have to pass through too many routers or network connections. Ping can also display the TTL value. We can use the TTL value To estimate how many routers the data packet has passed: the start value of the TTL at the source location (that is, a 2th percentile value that is slightly greater than the returned TTL)-the TTL value returned. For example, if the returned TTL value is 119, the initial TTL value of the outbound data packet from the source address is 128, and the source point to the target location must pass 9 vro network segments (128-119 ); if the returned TTL value is 246, the start value of TTL is 256, and the source and target locations must pass through nine vro network segments.
· Ping 127.0.0.1
The Ping Command is sent to the IP address software of the local computer, which never exits. If this is not done, it indicates that the installation or running of TCP/IP has some basic problems.
· Ping the local IP Address
This command is sent to the IP address configured by our computer. Our computer should always respond to this Ping command. If it does not exist, it indicates that there is a problem with the local configuration or installation. When this problem occurs, the LAN user must disconnect the network cable and then resend the command. If this command is correct after the network cable is disconnected, it indicates that the same IP address may be configured on the other computer.
· Ping other IP addresses in the LAN
This command should leave our computer, go through the nic and network cable to other computers, and then return. If you receive a response, the NIC and carrier in the local network are running correctly. However, if you receive 0 replies, it indicates the subnet mask (code that separates the network part of the IP address from the host part during subnet division) incorrect or the NIC configuration is incorrect or the cable system is faulty.
1. Typical order of network faults detected by Ping
· Ping the gateway IP Address
If the command is correct, it indicates that the Gateway Router in the LAN is running and can respond.
· Ping a remote IP Address
If you receive four responses, the default gateway is successfully used. A dial-up Internet user can successfully access the Internet (but it is not ruled out that the ISP's DNS may be faulty ).
· Ping localhost
Localhost is a reserved network name for the system. It is an alias of 127.0.0.1. Every computer that is too computer can convert the name to this address. If this is not done, the host file (/Windows/host) is faulty.
· Ping www.xxx.com (for example, www.yesky.com)
Ping www.xxx.com for this domain name. If the DNS server fails, the IP address of the DNS server is incorrectly configured or the DNS server is faulty (for dial-up Internet users, some ISPs do not need to set DNS servers ). By the way, we can also use this command to convert domain names to IP addresses.
If all the Ping commands listed above can run properly, we can basically rest assured that the local and remote communication functions of our computers can be implemented. However, the success of these commands does not mean that all our network configurations are normal. For example, some subnet mask errors may not be detected using these methods.
2. Ping Command Parameters
· Ping-t
Ping the host continuously until you press Control-C.
This function has no special skills, but it can be used with other parameters, which will be mentioned below.
· Ping-
Resolve the NetBios Name of the computer.
· Ping-n
Number of Echo data packets sent by count.
By default, only four data packets are sent. You can use this command to define the number of sent packets, which is helpful for measuring the network speed.
· Ping-l
Defines the echo packet size.
By default, the size of the packets sent by windows ping is 32 BYT. You can also define the size of the packets by yourself. However, there is a size limit, that is, up to BYT can be sent, some may ask why the limit is BYT, because Windows systems have a security vulnerability (or other systems) when a packet sent to the other party is greater than or equal to 65532, the other party is likely to block the server. To solve this security vulnerability, Microsoft restricts the ping packet size. Although Microsoft has already implemented this restriction, this parameter, coupled with other parameters, is still very harmful. For example, we can use the-t parameter to implement an aggressive command.
· Ping-f
Send the "Do Not segment" flag in the data packet.
Generally, the packets you send will be sent to the other party through the route segment. After this parameter is added, the route will not be processed in segments.
· Ping-I
Specifies the time when the TTL value stays in the target system.
This parameter also helps you check the network operation.
· Ping-v
Set the "service type" field to the value specified by tos.
· Ping-r
Record the routes of outgoing and returned data packets in the "Record Route" field.
In general, the packets you send arrive at each other through routes. But what routes have you received? With this parameter, you can set the number of routes you want to detect, but it is limited to 9, that is, you can only track 9 routes.
· Ping-s
Specifies the timestamp of the number of hops specified by count.
This parameter is similar to-r, but this parameter does not record the route through which the packet returns, and only a maximum of four records are recorded.
· Ping-j
Route data packets using the computer list specified by computer-list. The maximum number of consecutive computers that can be separated by the Intermediate Gateway (routing sparse source) IP addresses is 9.
· Ping-k
Route data packets using the computer list specified by computer-list. The maximum number of IP addresses allowed by consecutive computers to be separated by intermediate gateways (strictly source routes) is 9.
· Ping-w
Specify the timeout interval, in milliseconds.
3. Other Tips for ping command:
In general, you can ping the target host to obtain the TTL value returned by the target host, and roughly determine whether the system type of the target host is Windows or UNIX or Linux, in general, the TTL value returned by Windows systems is between and, while that returned by UNIX/Linux systems is between and, of course, the value of TTL can be modified in the host of the other party. For Windows systems, you can modify the following key values in the registry:
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ Tcpip \ Parameters]
"DefaultTTL" = dword: 000000ff
255---FF 128---80 64----40 32----20
Netstat command usage tips
Netstat is used to display statistics related to IP, TCP, UDP, and ICMP protocols. It is generally used to check the network connection of each port on the local machine.
If the data packets received by our computer sometimes lead to data deletion or failure errors, we do not need to be surprised that TCP/IP can allow these types of errors and automatically resend the data packets. However, if the cumulative number of errors accounts for a considerable percentage of the received IP data packets, or the number of errors increases rapidly, then we should use Netstat to check the cause.
1. Some common netstat options
· Netstat-s
This option displays statistical data for each protocol. If our applications (such as Web browsers) run slowly or cannot display data such as Web pages, we can use this option to view the displayed information. We need to carefully check the rows of statistics, find the keyword of the error, and then determine the problem.
· Netstat-e
This option is used to display statistics about Ethernet. It lists items including the total number of bytes, number of errors, number of delimiters, number of datagram, and number of broadcasts. These statistics include both the number of sent and received data packets. This option can be used to calculate some basic network traffic ).
· Netstat-r
This option displays information about the route table, similar to the information shown later when you use the route print command. In addition to valid routes, valid connections are also displayed.
· Netstat-
This option displays a list of all valid connection information, including the ESTABLISHED connections (ESTABLISHED) and those that listen to the LISTENING requests.
· Netstat-n
All established valid connections are displayed.
2. The use of Netstat
People who frequently access the Internet usually use ICQ. I wonder if we have been harassed by some annoying people. If we want to complain, we don't know how to get started? In fact, as long as we know the IP address of the other party, we can complain to its ISP. But how can I know the IP address of the other Party through ICQ? If the recipient chooses not to display the IP address when setting ICQ, we cannot see it in the Information bar. In fact, we only need to use Netstat to easily achieve this: when he is connected to us through ICQ or other tools (for example, we send him an ICQ message or a message ), enter netstat-n or netstat-a at the DOS command prompt to view the IP address or ISP domain name used by the other party to access the Internet, and even the Port used is completely exposed.
Tips for using the IPConfig command
The IPConfig utility and its equivalent graphic user interface-WinIPCfg in Windows 95/98 can be used to display the current TCP/IP configuration setting value. This information is generally used to check whether the manually configured TCP/IP settings are correct. However, if our computer and the lan use the Dynamic Host Configuration Protocol (DHCP), the information displayed by this program may be more practical. In this case, IPConfig allows us to see if our computer has successfully rented an IP address. If so, we can see what address it has allocated. Understanding the current IP address, subnet mask, and default gateway of a computer is actually necessary for testing and fault analysis.
1. The most common IPConfig options
· Ipconfig
When IPConfig is used without any Parameter options, it displays IP addresses, subnet masks, and default gateway values for each configured interface.
· Ipconfig/all
When the all option is used, IPConfig can display the DNS and WINS servers with additional information (such as IP addresses) configured and used ), and displays the physical address (MAC) built in the local Nic ). If the IP address is rented from the DHCP server, IPConfig displays the IP address of the DHCP server and the expected expiration date of the lease address.
· Ipconfig/release and ipconfig/renew
These are two additional options that can only work on a computer that rents its IP address to the DHCP server. If we enter ipconfig/release, the lease IP addresses of all interfaces will be re-delivered to the DHCP server (return the IP address ). If we enter ipconfig/renew, the local computer will try to contact the DHCP server and lease an IP address. Note that in most cases, the NIC will be assigned the same IP address as previously assigned.
If we are using Windows 95/98, we should be more accustomed to using winipcfg instead of ipconfig, because it is a graphical user interface and the displayed information is the same as ipconfig, you can also publish and update Dynamic IP addresses.
Tracert usage skills
If there is a network connectivity problem, you can use the tracert command to check the path of the destination IP address and record the result. The tracert command displays a group of IP Routers used to transmit data packets from the computer to the target location, and the time required for each hop. If the data packet cannot be transmitted to the target, the tracert command displays the last vro that successfully forwarded the data packet. When a datagram is transmitted from our computer through multiple gateways to the destination, the Tracert command can be used to track the route (PATH) used by the datagram ). The path tracked by this utility is a path from the source computer to the destination. It cannot be guaranteed or considered that the datagram always follows this path. If our configuration uses DNS, we often get the name of the city, address, and common communication company from the response. Tracert is a slow command (If the destination address is too long), we need to give it about 15 seconds for each vro.
Tracert is easy to use. You only need to follow tracert with an IP address or URL. Tracert will convert the domain name accordingly.
Tracert:
Tracert IP address [-d] This command returns the list of routers that have arrived at the IP address. By using the-d option, the vro path is displayed faster, because tracert does not try to parse the name of the vro in the path.
Tracert is generally used to detect the location of a fault. We can use tracert IP to locate the fault. Although we still haven't determined what the problem is, it has already told us where the problem is located, we can also confidently tell someone else that something went wrong.
Route usage tips
Most hosts usually reside in the CIDR block that is connected to only one vro. Because there is only one vro, no vro is used to publish the data to a remote computer. the IP address of the vro can be input as the default gateway of all computers in the CIDR block.
However, when two or more vrouters exist on the network, we do not necessarily want to rely on the default gateway. In fact, we may want to transfer some of our remote IP addresses through a specific vro, while other remote IP addresses are transmitted through another vro.
In this case, we need the corresponding routing information, which is stored in the routing table. Each host and each router has its own unique route table. Most routers use dedicated routing protocols to exchange and dynamically update route tables between routers. However, in some cases, you must manually add the project to the router and Host Routing tables. Route is used to display, manually add, and modify Route table items.
General options:
· Route print
This command is used to display the current project in the route table and the output on the network segment of a single router. Because the network adapter is configured with an IP address, all these items are automatically added.
· Route add
Use this command to add a mail route entry to the route table. For example, if you want to set a route to the destination network of 209.98.32.33, the route must go through five vro CIDR blocks. First, you must go through a vro on the local network with the IP address 202.96.123.5, if the subnet mask is too large, run the following command: route add 209.98.32.33 mask 255.255.255.202.96.123.5 metric 5
· Route change
We can use this command to modify the data transmission route. However, we cannot use this command to change the data destination. In the following example, you can change the data route to another vro. It uses a straight route that contains three network segments: route add 209.98.32.33 mask route 255.255.202.96.123.250 metric 3
· Route delete
Use this command to delete a route entry from the route table. Example: route delete 209.98.32.33
NBTStat usage tips
Use the nbtstat command to release and refresh the NetBIOS name. The NBTStat (NetBIOS statistics on TCP/IP) utility is used to provide statistics about NetBIOS. With NetBIOS, we can view the NetBIOS name table on a local computer or remote computer.
Common options:
· Nbtstat-n
The local name and service program are displayed.
· Nbtstat-c
This command is used to display the content cached by NetBIOS name. The NetBIOS name cache is used to store the NetBIOS Name and IP address pairs of other computers that recently communicate with this computer.
· Nbtstat-r
This command is used to clear and reload the NetBIOS name cache.
· Nbtstat-a IP
The physical address and name list of the other computer are displayed through the IP address. The displayed content is the same as that of the other computer running nbtstat-n.
· Nbtstat-s IP
Displays the NetBIOS connection table of another computer that uses its IP address.
For example, at the command prompt, enter: nbtstat-RR release and refresh progress in the form of command line output. This information indicates whether all the local NetBIOS names currently registered in the WINS of the computer have been released and renewed using the WINS server.