Windows XP Hacks [Electronic resources] نسخه متنی

Hack 52 Troubleshooting Network Connections with ping, tracert, and pathping

When you need help tracking down network
connection problems, the command line is the place to go.

If you''re having
problems with your network and network connections and you need
troubleshooting help, forget XP''s GUI; it
doesn''t offer you enough help. To get to the root of
the problems, you''re going to have to get down and
dirty with command-line tools. ping and
tracert are familiar tools that you might have
used on occasion, but you might not know the depth of their power or
the switches available to use with them. And you probably
haven''t heard of pathping, a kind
of combination of the two commands.

5.12.1 Troubleshoot TCP/IP Problems with ping

The quickest, most commonly
used, and, frequently most helpful TCP/IP troubleshooting tool is the
command-line tool ping. Use
ping to find out whether the resource or server
you''re trying to connect to on your network or the
Internet is active, and to see if there are any problems with the
hops along the way to that resource or server.
ping sends
Internet Control Message Protocol (ICMP)
Echo Request messages to the destination you''re
checking on, receives responses in return, and reports to you
information about the
connection path between you and the destination and how quickly the
packets made their trip. For example, if you are having trouble
getting
email from a server, your first
step in troubleshooting should be to ping the server to see whether
the server is live, and to see how responsive it is. To use
ping, get to a command prompt and type:

ping target

where target is either a hostname or an IP
addressfor example, pop3.catalog.com,
zdnet.com, or
209.217.46.121. In response,
you''ll get information in this format:

Pinging zdnet.com [206.16.6.208] with 32 bytes of data:
Reply from 206.16.6.208: bytes=32 time=83ms TTL=242
Reply from 206.16.6.208: bytes=32 time=73ms TTL=242
Reply from 206.16.6.208: bytes=32 time=91ms TTL=242
Reply from 206.16.6.208: bytes=32 time=72ms TTL=242
Ping statistics for 206.16.6.208:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 72ms, Maximum = 91ms, Average = 79ms

If the host isn''t active, instead of getting this
report, you''ll get the message
"Request timed out."

If you enter a hostname, ping reports back with
its IP address and then gives details about its four attempts to
contact the host, a measurement of how long (in milliseconds) the
packet took to make the round trip between your PC and the host, the
Time To Live (TTL) information
about each packet, and a summary of its findings.

The TTL field can tell you how many hops the packets took to get from
your PC to its destination. TTL initially specified the amount of
time a packet could live, in seconds, before it expires, as a way to
make sure that packets didn''t simply bounce around
the Internet forever and create traffic jams. However, it has been
reinterpreted to mean the maximum number of hops that a packet will
be allowed to take before its destination. The default number is 255.
Each time a packet takes another hop, its TTL is reduced by one. The
TTL number that ping reports is the
packet''s final TTL when it reaches its destination.
To find out the number of hops a packet takes, subtract its initial
TTL (by default 255) from the TTL reported by ping. In our example,
the packets took 13 hops to get to their destination.

You can use ping with switches, like so:

ping -a -l 45 208.201.239.237

This command changes the packet size sent from its default size of 32
bytes to 45 bites, and resolves the IP address to a hostnamein
other words, it lists the IP address''s hostname.

ping has a wide variety of useful
switches that you can use for all kinds of troubleshooting. You use
the basic ping command to check whether an
Internet or network resource is live and to see if there are any
delays in reaching it. But, as Table 5-4 shows,
you can use ping and its switches for many other
purposes as wellfor example, to find out the

IP
address of a hostname and vice versa.

-a

-f

-i value

-l value

-n count

-r count

-s count

-t

-w value

5.12.2 Trace Your Network and Internet Data Path with tracert

Frequently,
you have a connection problem over
your network or the Internet not because your final destination is
down, but because there''s a problem with a router
somewhere between you and your final destination. For troubleshooting
those kinds of problems, use tracert. It displays
the path that data takes en route to the server or service that
you''re trying to reach, either on your network or
across the Internet. As with ping, it does this by
sending
ICMP Echo Request messages to the destination you''re
checking on. To use it, type tracert
destination at a command prompt, where
destination can be
either an IP address or a hostname. Following is a typical response
from a tracert command:

Tracing route to redir-zdnet.zdnet.com [206.16.6.208]
over a maximum of 30 hops:
1    9 ms  11 ms    10 ms  10.208.128.1
2    8 ms   8 ms     7 ms  bar02-p0-1.cmbrhe1.ma.attbb.net [24.128.8.53]
3    9 ms   *       32 ms  bar03-p7-0.wobnhe1.ma.attbb.net [24.147.0.193]
4    8 ms  14 ms     9 ms  12.125.39.213
5   12 ms  10 ms     9 ms  gbr2-p70.cb1ma.ip.att.net [12.123.40.102]
6   25 ms  26 ms    24 ms  gbr4-p80.cb1ma.ip.att.net [12.122.5.65]
7   36 ms  39 ms    64 ms  gbr4-p40.cgcil.ip.att.net [12.122.2.49]
8   33 ms  33 ms    48 ms  gbr3-p60.cgcil.ip.att.net [12.122.1.125]
9   72 ms  80 ms    78 ms  gbr3-p30.sffca.ip.att.net [12.122.2.150]
10   72 ms  77 ms    73 ms  idf26-gsr12-1-pos-6-0.rwc1.attens.net [12.122.255.222]
11   76 ms  78 ms    79 ms  mdf3-bi4k-2-eth-1-1.rwc1.attens.net [216.148.209.66]
12   73 ms  72 ms    74 ms  63.241.72.150
13   72 ms  74 ms    71 ms  redir-zdnet.zdnet.com [206.16.6.208]

If the destination can''t be reached, you will get
the message "Destination
unreachable."

As you can see, tracert shows the IP address and
hostname address of each hop, along with timing data for each hop. If
you''re having problems on your network, this can
help you locate the source of the problem; if a hop has a
particularly long delay, you know that''s the cause.

You can use several switches with tracert, like
this:

Tracert -d -h 45 zdnet.com

This command traces to
zdnet.com, displaying only the IP addresses of
each router and specifying a maximum number of 45 hops en route to
the destination. Table 5-5 shows the most useful
tracert switches.

-d

-h value

-w value

5.12.3 Troubleshoot Network Problems with pathping

The pathping command
works like a combination of
ping
and tracert.
Type pathping from the command line, like this:

pathping target

where target is either a hostname or an IP
addresspop3.catalog.com or
209.217.46.121, for example. You then get a
two-part report: first a list of every hop along the route to the
destination, and then statistics about each hop, including the number
of packets lost at each hop. It uses switchesfor example:

pathping -n -w 1000 oreilly.com

This command tells pathping not to resolve the IP
addresses of routers, and to wait one second (1,000 milliseconds) for
an Echo Replay message. Table 5-6 lists the most
important pathping switches.

-n

-h value

-w value

-p

-q value

5.12.4 See Also

[Hack #53]