Perhaps no command line utility is more familiar to users than PING. On a TCP/IP network, the PING utility allows you to determine whether another system is reachable, while at the same time providing basic diagnostic information such as whether any packets are being lost en route. When troubleshooting a network connection, PING is almost always the first tool that any users will unleash to gather basic information. When issued with the –t command, PING will continuously send requests to a host until manually stopped with the CTRL+C command.
Category: TCP/IP Basics
Checking TCP/IP Network Settings with IPCONFIG
If you’re connected to a TCP/IP network, the IPCONFIG utility is one that you need to be familiar with. Most users are familiar with the tool from using it to renew an IP address allocated by a DHCP server via the /renew switch. However, IPCONFIG provides a wealth of useful information about your system’s TCP/IP settings, especially when the /all switch is issued. This command will display information about the state of your connection, whether DHCP is being used, the IP address, subnet mask, and default gateway configured on your system, and more.
Finding System MAC Addresses with the ARP Command
If your computer has an Ethernet or Wi-Fi network adapter card installed and is connected to a TCP/IP network, the Address Resolution Protocol is used to map IP addresses of systems you are communicating with on the local network to their network card’s physical MAC address. The ARP command allows you to view the MAC addresses of systems with which your system is communicating, such as your local router interface. This information can be useful when troubleshooting connection problems, or when a duplicate IP address is configured on your network.
To view the contents of the ARP cache on your system, issue the ARP –a command. If your ARP cache contains no entries, ping another computer on your network, and issue the command again.
Getting Familiar with TCP/IP Port Numbers
Certainly you don’t need to know anything about port numbers if you never plan to allow external users to access your network, or if you don’t plan to control the types of Internet services that your internal users can use. However, if you do plan to make use of either feature, you’ll need to know something about port numbers.
Different types of applications use different port numbers to communicate. Port numbers come in two flavors, namely TCP and UDP. Transmission Control Protocol (TCP) is a reliable protocol used by some applications (such as Web, FTP, and Email servers), while User Datagram Protocol (UDP) is a faster (but unreliable) protocol used by services like DNS. You don’t get to choose which is used – the specifications for different services define which protocol is used which individual applications.
A total of 65536 TCP/UDP port numbers exist. Certainly no one could remember all of them, but some of them are much more common than others. For example, the list below outlines some of the port numbers used by common services:
HTTP (Web servers) – TCP 80
FTP (FTP servers) – TCP 21
SMTP (Email servers) – TCP 25
POP3 (Email servers) – TCP 110
DNS (Name resolution) – UDP 53
This is far from a comprehensive list, but gives you the idea. So, if you plan on having your own internal FTP server that should be accessible from the Internet, port forwarding would need to be enabled on your router for TCP ports 20 and 21. If you’re using ICF, a definition for FTP already exists which you can simply check off to accomplish the same task. For a complete and very comprehensive list of port numbers, see http://www.iana.org/assignments/port-numbers.
Windows XP Network Diagnostic Tools
If you’ve ever tried your hand at configuring a home network, chances as good that you’ve run into communications problems at some point. All Windows versions include a variety of network diagnostic tools, although you’ll find more in Windows XP than Windows 98. Regardless of your operating system version, the two basic tools that you’ll want to be familiar with include both the ipconfig and ping command line utilities.
The basic purpose of ipconfig is to allow you to view basic TCP/IP information about your system including its IP address, subnet mask, and default gateway. Conveniently, this tool will also let you know if your network cable is unplugged. Typing ipconfig at the prompt provides basic information, but typing ipconfig /all provides variety of additional data, including how your system acquired its address, for example statically or dynamically. If your system has what appears to be an address starting with 169.254, this likely means that a DHCP server wasn’t available – to try to acquire an address again, type ipconfig /renew and press Enter.
In the world of networking, ping is the most basic diagnostic utility to test communications. If you cannot connect to a system, try to ping its IP address using the format ping 192.168.0.1. You can also use the name of the server, for example ping www.pcanswers.co.uk. If you’re trying to fix your own system and want to ping continuously for testing purposes, use the –t option, for example ping –t 192.168.0.1. Finally, if you want to try to obtain the name of the computer for which you already know the IP address, type ping –a 192.168.0.1, and the name of the system will usually be returned.
Windows Networking Utilities
Once TCP/IP is installed and configured on the computers on your network, a variety of helpful and interesting diagnostic and troubleshooting utilities become available to you. Most of these utilities are meant to be run from the command line, so make sure that you have that command prompt icon nice and handy on your desktop. The list below outlines some of the common utilities that you’ll want to be familiar with, along with their primary functions, and examples of how they are used.
PING – The most basic and essential of the TCP/IP utilities, the PING command is used to test basic connectivity on a TCP/IP network. When you ping another host on your network, the machine from which the command is used sends out an “echo request” message, and then determines success by whether it receives back an “echo reply”. When echo reply messages are received, it means that the two computers are capable of communicating via TCP/IP. PING is the first utility that should always be used when attempting to troubleshoot a connectivity issue on a TCP/IP network. The ping command can be used with IP addresses or FQDNs. For example, to ping the PC Answers web server, you would type ping www.pcanwers.co.uk, press Enter. If you receive 4 echo reply messages, you’re likely up and running correctly.
IPCONFIG – The IPCONFIG command represents the easiest way to gather TCP/IP configuration information for your computer from the command line. Instead of accessing your network properties through the Windows interface, simply type ipconfig at the command prompt and press Enter. You will be provided with information on the IP address, subnet mask, and default gateway values configured on your PC. For more comprehensive information (including the IP addresses of DNS servers), type ipconfig /all and press Enter. If you’re running Windows 2000 or XP, try using the ipconfig /displaydns command to view the FQDNs that your system has resolved to IP addresses.
TRACERT – One exceptionally interesting TCP/IP command used to troubleshoot network connectivity issues is TRACERT. The purpose of the TRACERT command is to trace the route that a packet takes between a source and destination host. For example, when you cannot ping a host, it does not necessarily mean that the host is unavailable. Instead, it might mean that a problem exists somewhere on the path between the two hosts. When the TRACERT command is issued with an IP address or FQDN, it will report back with information on the entire path taken (namely the routers crossed) in trying to reach the destination network. For example, try typing tracert www.yahoo.com and press Enter. This command will display all of the routers crossed between your PC and the Yahoo web server, as shown above – probably more than you would have thought!
NETSTAT – The NETSTAT command is useful when attempting to determine the status of connections between your computer and other computers on your network or the Internet. From the command line, type netstat and press Enter. The results will show you both the systems that this computer is connected to, along with the status of the connections.
Traceroute.bmp: Use the TRACERT utility to determine the path that a packet takes between a course and destination host.
Understanding and Configuring DNS Settings
Assuming that you do plan to use your home network to share an Internet connection, one addition piece of information that you’ll need to supply as part of the TCP/IP configuration of computers is the IP address of one or more DNS servers. DNS is the domain name system, which is responsible for translating fully qualified domain names (FQDNs) into IP addresses on the public Internet. For example, when you attempt to access the PC Answers website, you would typically submit the FQDN www.pcanswers.co.uk in the address bar of your web browser. While this name is easier to remember than the IP address of the PC Answers website, TCP/IP ultimately requires the IP address of the site in order to make communication possible. The “resolution” of FQDNs to IP addresses on the public Internet is the primary responsibility of DNS servers.
The IP address that you would enter in the DNS server address section of your TCP/IP properties typically belongs to a DNS server of your ISP. This information is usually provided by the ISP when sign up for their service. This is not to say that it is impossible to host your own DNS server on your network, because it is indeed possible. However, most home network users really have no need for an internal DNS server, a topic that we’ll explore further in future articles in this series.
One thing that you’ll notice with the configuration of DNS settings is that Windows versions allow you to configure the IP addresses of both a “preferred” and “alternate” DNS server (the terms used differ between Windows versions). The main reason for this is redundancy. If your computer attempts to contact one DNS server to resolve a name to an IP address and the server is unavailable, the second DNS server will be sent the queries. One DNS server IP address is usually sufficient, but if this server becomes unavailable, you would no longer be able to resolve names correctly, so configuring both is a good idea. Unless, of course, you want to try to remember the IP address associated with every website you ever visit – certainly not a simple task.
Understanding the Purpose of the Default Gateway
When configuring TCP/IP settings on your home network, only an IP address and subnet mask are explicitly required. However, if you want your computers to be able to communicate with outside networks (like the Internet), you will also need to configure a default gateway IP address. The default gateway is the IP address to which packets destined for outside networks are sent by default. To be clearer, the default gateway is the IP address of a router connected to the local network. For home users, this would be the internal IP address of your hardware router, or of the computer configured as a NAT server (such as a Windows XP system running ICS). Just remember that if you need to communicate with an outside network like the Internet, you will need to configure a default gateway IP address as well.
Understanding the Purpose of Subnet Masks
Subnet masks are easily one of the most confusing elements in the configuration of TCP/IP, although they need not be. In large, complex networks, subnet masks like 255.255.255.0 are used to segment IP addresses from one large network into many smaller ones. For example, a large corporate might be assigned a range of IP addresses by their ISP, and then want to internally divide their network into a number of smaller networks to improve overall performance. At the end of the day, subnet masks are used to help a host determine which portion of an IP address represents the network, and which part represents the host. While the class of an IP address does this, many companies create custom subnet masks that divide their networks beyond typical class boundaries. Based on the combination of an IP address and subnet mask, a host can determine whether a destination host is one the same network, or a different one.
The good news is that for a home network, you really don’t need to put much thought into the subnet mask to be used. Windows will automatically populate the subnet mask field in your TCP/IP configuration after you specify the IP address to be used. Effectively, the value generated is known as the “default” subnet mask based on the class of address you input. So, is you used the Class A IP address 10.1.1.1 for a host, the subnet mask 255.0.0.0 would be allocated automatically. In this case, the “255” means that the first octet of the IP address identifies the network, and the last three octets identify a host. Similarly, entering a Class C IP address of 192.168.1.1 would result in Windows automatically entering the subnet mask 255.255.255.0, in which case the first three octets of the IP address identify the network, and the last represents a host.
For best results, make sure that your PCs are configured with IP addresses in the same network range (such as all starting with 192.168.1), and then let Windows specify the subnet mask automatically. If incorrect subnet masks values are configured, computers on the same network may not be able to communicate.
Private IP Addresses
In the same way that you can’t just randomly choose the numbers to use for an IP address, you also need to be careful with the addresses you ultimately use. IP addresses used on the public Internet are assigned to companies from organizations like RIPE (the European IP address registry), or from an ISP. Although using a range assigned to a company might work on your home network, it can also impact your ability to connect to certain Internet resources. It’s for that reason that “private” IP addresses exist.
Private IP addresses were designated as a solution to the public Internet quickly running out of available addresses. As the Internet has grown, the number of available unique IP addresses has quickly dwindled. In order to satisfy the need for more IP addresses, certain ranges were designated as private, or available for anyone (including home or business networks) to use. These addresses are not valid on the public Internet, so they do not impact TCP/IP communication outside of a network. For example, you could be using the same private IP addresses on your network as your neighbor is, and the whole Internet would still function in peace and harmony.
This begs the question – if private IP addresses aren’t valid on the Internet, how can the computers on your home network access Internet resources? The answer is found in something called Network Address Translation (NAT). When a computer using a private IP address wants to access the Internet, that private address must be “translated” to a public address that is valid on the Internet. On your home network, one system (such as a dedicated router or one of your PCs) will still need at least one public address that will be shared amongst your internal computers. On systems like Windows 98 or XP, this functionality is provided by a service known as Internet Connection Sharing, or ICS. More on ICS and other NAT techniques will follow later in the series.
For now, the most important thing for you to remember is that you should always use private IP addresses on your internal network. These are first and foremost more secure, and will help you to avoid problems later. The private IP address ranges available to anyone who wants to use them are:
10.0.0.1 to 10.255.255.254
172.16.0.1 to 172.31.255.254
192.168.0.1 to 192.168.255.254
In general, most home users tend to stick with addresses that start with 192.168, and you should as well to keep things simple. For example, if you start all of your IP addresses with 192.168.1.X, you can support up to 254 IP addresses on your home network, which should be more than you would ever need.