🛠️

Essential Tools for Network Troubleshooting

Aug 9, 2024

Network Troubleshooting Tools and Commands

Ping Command

  • Purpose: Test reachability of devices on a network
  • Protocol Used: ICMP (Internet Control Message Protocol)
  • Key Features:
    • Shows round-trip time
    • Indicates if another device is responding
    • Default Windows ping: 4 pings
    • Displays data size and time to live (TTL)
  • Example: ping 9.9.9.9 to test connectivity to a DNS provider
  • Output Details: Number of pings sent/received, round-trip times (min, max, avg)
  • Usage: First tool to use in troubleshooting network issues

IP Configuration Commands

  • Windows: ipconfig
    • Shows DNS name, IP address, subnet mask, default gateway
    • ipconfig /all for detailed information
  • Linux: ifconfig or ip address (newer versions)

DNS Query Commands

  • nslookup: Available on Windows, Linux, etc.
    • Retrieves canonical names, IP addresses, cache timers
    • Example: nslookup www.professormesser.com
  • dig: More straightforward, not included with Windows by default
    • Example: dig www.professormesser.com

Traceroute Command

  • Purpose: Trace the route packets take from source to destination
  • Windows: tracert
  • Linux/MacOS: traceroute
  • How It Works: Uses TTL field in ICMP packets to map the route
  • Example: tracert 9.9.9.9
  • Details: Shows each hop and associated IP address or URL

ARP Command

  • Purpose: Resolve IP addresses to MAC addresses
  • Command: arp -a
  • Example: arp -a to view the ARP cache
  • Usage: Verify if a device is responding on the local network

Netstat Command

  • Purpose: Network statistics and active connections
  • Commands:
    • netstat -a: All connections
    • netstat -b: Executable involved in network connections (Windows)
    • netstat -n: Shows IP addresses instead of domain names
  • Example: netstat -n to see active connections

Hostname Command

  • Purpose: Display the name of the current host
  • Usage: Ensure commands are run on the correct system
  • Example: hostname

Route Print Command

  • Purpose: Display the routing table
  • Windows: route print
  • Linux/MacOS: netstat -r
  • Example: route print to view IPv4 routing table

Telnet Command

  • Purpose: Terminal access to remote devices (insecure, use SSH for secure access)
  • Common Port: TCP 23
  • Usage: Check if a port is open/responding
  • Example: telnet 10.1.10.222 5000

Tcpdump Command

  • Purpose: Capture and analyze network packets
  • Availability: Unix, Linux, MacOS, some Windows versions (WinDump)
  • Usage: Apply filters for real-time data, save in pcap format for analysis
  • Example: Basic tcpdump output shows timestamps, protocols, source, and destination

Nmap Command

  • Purpose: Network mapping and scanning
  • Capabilities:
    • Identify open ports
    • Determine operating systems
    • Perform service scans
  • Example: nmap -f 10.1.10.222 for a fast scan

Common Platform Commands

  • show interface: Display interface details (Cisco: show interfaces status)
  • show config: Show configuration (Cisco: show run for running configuration)
  • show route: Display routing table (Cisco: show ip route)
  • Usage: Commands are similar across different devices and manufacturers

Full transcript