This is probably more for my own benefit, but while some network stuff recently I thought it would be an idea to write down some useful stuff I’ve been using to trace network issues.
First off there’s PING, that common networking common, it’s often used to determine if a destination is alive and responding. While it generally won’t get past firewalls it’s still quite useful, especially on internal networks. But did you know with the simple addition of the -a option you can resolve the destination IP address? Well it can and that can be quite useful…
Without -a option:
C:\Documents and Settings>ping 209.131.36.158
Pinging 209.131.36.158 with 32 bytes of data:
Reply from 209.131.36.158: bytes=32 time=180ms TTL=53
Reply from 209.131.36.158: bytes=32 time=180ms TTL=53
Reply from 209.131.36.158: bytes=32 time=179ms TTL=53
Reply from 209.131.36.158: bytes=32 time=184ms TTL=53
Ping statistics for 209.131.36.158:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 179ms, Maximum = 184ms, Average = 180ms
With -a option:
C:\Documents and Settings\Halesy>ping -a 209.131.36.158
Pinging f1.www.vip.sp1.yahoo.com [209.131.36.158] with 32 bytes of data:
Reply from 209.131.36.158: bytes=32 time=180ms TTL=53
Reply from 209.131.36.158: bytes=32 time=184ms TTL=53
Reply from 209.131.36.158: bytes=32 time=183ms TTL=53
Reply from 209.131.36.158: bytes=32 time=179ms TTL=53
Ping statistics for 209.131.36.158:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 179ms, Maximum = 184ms, Average = 181ms
Using the ping -t option will also setup a continuous ping, that can be handy as well when troubleshooting. But note, just because it doesn’t respond to ping doesn’t mean it’s not there, there could be a firewall in the way, or it’s just setup not to respond to ping. And yes, I know that tracert also resolves the IP address for you but sometimes this is more useful.
On the subject of tracert, how about this one for networking dudes. Update the hosts file on your computer with all IP address/device names that you know off. It’s likely that not all of your devices are registered in DNS so when you do a tracert you only see the IP address, by adding the device name in your hosts file though, you get to see the name as well as the IP address. I don’t know about you but with >100 devices in my network I don’t remember all the IPs of my devices (IP addresses mangled as usual)…
C:\Documents and Settings>tracert 19.15.12.12
Tracing route to fred.server.network.net [190.15.12.12]
over a maximum of 30 hops:
1 23 ms 24 ms 43 ms fred1.router.network.net [19.15.12.13]
2 24 ms 28 ms 26 ms fred2.network [19.15.12.49]
3 28 ms 23 ms 35 ms fred3.network [172.2.12.65]
4 199 ms 174 ms 143 ms fred4.network [172.2.12.21]
5 161 ms 191 ms 144 ms fred5.network [172.2.12.94]
6 161 ms 157 ms 180 ms fred6.fw [172.4.5.7]
7 168 ms 138 ms 148 ms fred7.server.network.net [19.15.25.80]
Trace complete.
And finally, I might make a bit more use of the PATHPING command. While it functions pretty much like tracert and PING, it also provides stats on the responses from your devices along the network, this could help in finding of problems on your network:
C:\Documents and Settings>pathping 19.15.12.12
Tracing route to wattelux001.server.thus.net [19.15.12.12]
over a maximum of 30 hops:
0 mydevice.ad.network.net [172.2.1.19]
1 fred1.router.network.net [19.15.12.13]
2 fred2.network [194.159.27.49]
3 fred3.network [172.5.19.5]
4 fred4.network [172.5.19.2]
5 fred5.network [172.5.19.9]
6 fred6.fw [172.24.5.7]
7 fred7.server.network.net [19.15.12.13]
Computing statistics for 175 seconds…
Source to Here This Node/Link
Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
0 mydevice.ad.network.net [172.2.1.19]
0/ 100 = 0% |
1 27ms 0/ 100 = 0% 0/ 100 = 0% fred1.router.network.net [19.15.12.13]
0/ 100 = 0% |
2 26ms 0/ 100 = 0% 0/ 100 = 0% fred2.network [19.15.2.49]
0/ 100 = 0% |
3 28ms 0/ 100 = 0% 0/ 100 = 0% fred3.network [172.5.19.5]
0/ 100 = 0% |
4 160ms 0/ 100 = 0% 0/ 100 = 0% fred4.network [172.5.19.2]
0/ 100 = 0% |
5 164ms 0/ 100 = 0% 0/ 100 = 0% fred5.network [172.5.19.9]
0/ 100 = 0% |
6 — 100/ 100 =100% 100/ 100 =100% fred6.fw [172.24.5.7]
0/ 100 = 0% |
7 160ms 0/ 100 = 0% 0/ 100 = 0% fred7.server.network.net [19.15.12.13]
Trace complete.
Now in this case I know that hop #6 is a firewall anyway, but the results show that it is not responding to PING, no surprise there. So this might prove useful in future, although it does sometime take a while to compute the required stats.
For more info on all these commands try Microsoft Technet.
