windows networking

Basic Windows Networking ...

yeah, I know :) ... but I had to refurbish these things ...

You may need to run the cmd shell "as Administrator" even if you are logged in as one

Show Interface Configuration
ipconfig /all
or
netsh interface ip show config


Configure-Set a Static Interface
Set "static" IP
netsh interface ip set address name="Local Area Connection" source=static addr=10.21.241.51 mask=255.255.255.128  gateway=10.21.241.1 gwmetric=10
Set "static" DNS
netsh interface ip set dns "Local Area Connection" static 10.21.241.1 primary


Configure-Set an Interface to get IPv4 and DNS cache from a DHCP server
netsh interface ip set address name="Local Area Connection" source=dhcp
netsh interface ip set dns name="Local Area Connection" source=dhcp
Release IP set by the DHCP server
ipconfig /release
Renew-Ask again IPv4 from the DHCP server
ipconfig /renew


Routing

Print the interfaces list and the routing table(s)
route print


Print Routes with star *
eg default:
route print 0*
eg this:
route print 127*


Add a Route
route add 10.0.0.0 mask 255.0.0.0 10.21.241.68 metric 30 if 2
metric and if are set to default eg
route add 10.0.0.0 mask 255.0.0.0 10.21.241.68
would have the same effective result in most cases

Remove a Route
route delete 10.0.0.0


Add a Windows "Persistent" Route
route add 10.0.0.0 mask 255.0.0.0 10.21.241.68 -p
or
route add 10.0.0.0 mask 255.0.0.0 10.21.241.68 metric 30 if 2 -p
In persistent routes, when not explicitly set, the metric is set to 1
Persistent Routes are stored in the registry under the following key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip \Parameters\PersistentRoutes in windows XP PRO, 2003 , 2008 and windows 7


Delete a Windows "Persistent" Route
route delete 10.0.0.0 mask 255.0.0.0 10.21.241.68 -p
or delete the registry under the following key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip \Parameters\PersistentRoutes



Display the local DNS cache
ipconfig /displaydns


Empty-Clear the local DNS cache
ipconfig /flushdns


Export Network Settings to a script
netsh -c interface dump > network-setup-0.txt


Import Network Setting from a script
netsh -f network-setup-0.txt


ARP cache

Show ARP cache table(s)
arp -a


Delete an ARP cache entry
eg delete the IP-to-MAC entry for 10.21.241.67
arp -d 10.21.241.67


Manipulate the ARP cache
eg add-set a static MAC for an IP address in the LAN
arp -s 10.21.241.10 80-71-bc-ab-cd-ef


Netstat - Show Ethernet statistics
netstat -e


Netstat - Show active IP/TCP connections and the TCP | UDP ports in which the system listens for connections (-a) and the PID (-o) without resolving names(-n)
netstat -aon


Netstat - Show Statistics by Protocol
netstat -s


You may add an interval in seconds to netstat eg
netstat -aon 5
prints netstat -aon every 5 seconds

Traceroute - Tracert in Windows
 tracert www.awmn

Tracing route to srv1.awmn [10.19.143.13]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  router.01.01433-2.ipduh.awmn [10.21.241.67]
  2     1 ms    <1 ms    <1 ms  router.04.04711.ipduh.awmn [10.21.241.68]
  3     1 ms     1 ms     1 ms  gw-ipduh.gfan2.awmn [10.21.241.141]
  4     1 ms     1 ms     1 ms  mt1.gfan2.awmn [10.3.37.1]
  5     4 ms     5 ms     2 ms  gw-gfan2.f-dc2.awmn [10.3.37.92]
  6     3 ms     2 ms     3 ms  srv1.awmn [10.19.143.13]

Trace complete.


You may use the -d flag to not resolve IP names
tracert -d www.awmn


Ping
ping www.awmn

Pinging srv1.awmn [10.19.143.13] with 32 bytes of data:

Reply from 10.19.143.13: bytes=32 time=3ms TTL=60
Reply from 10.19.143.13: bytes=32 time=4ms TTL=60
Reply from 10.19.143.13: bytes=32 time=3ms TTL=60
Reply from 10.19.143.13: bytes=32 time=3ms TTL=60

Ping statistics for 10.19.143.13:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 3ms, Maximum = 4ms, Average = 3ms
By default the windows ping does three ICMP echo requests
To ping a host until stopped with CTRL-C you may use
ping 10.19.143.13 -t




NSLookup - DNS troubleshooting

Resolve a DNS name in your Default Caching DNS server
nslookup.exe ipduh.com
Server:         ipduh.ipduh.awmn
Address:        10.21.241.4#53

Non-authoritative answer:
Name:   ipduh.com
Address: 85.25.242.245



Resolve a DNS name in a user defined DNS Caching DNS server
C:\Windows\system32>nslookup
> server 8.8.8.8
Default Server:  [8.8.8.8]
Address:  8.8.8.8

> ipduh.com
Server:  [8.8.8.8]
Address:  8.8.8.8

Non-authoritative answer:
Name:    ipduh.com
Addresses:  2001:470:1f0a:2e2:da::
          85.25.242.245

>
Asking 8.8.8.8 to resolve ipduh.com



Links:
Technet Manage routes
Technet Using Netsh
Technet Netstat




http://alog.ipduh.com/2014/05/windows-networking.html