Compartilhar via


TCP/IP Tools and Settings

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

TCP/IP Tools and Settings

In this section

TCP/IP Tools

Microsoft Windows Server 2003 and Microsoft Windows XP Professional support many TCP/IP diagnostic and remote networking tools that help manage and troubleshoot your network. Windows Server 2003 adds new IPv6 tools and updates several standard IPv4 tools to include IPv6 functionality.

TCP/IP Tools

The following sections “TCP/IP Diagnostic Tools” and “TCP/IP Remote Networking Tools” describe the diagnostic and remote networking tools associated with TCP/IP.

Other Tools

In addition to the Microsoft TCP/IP tools described in this document, Windows Server 2003 supports the tools shown in the following table. The Ipsec6 and Ttcp tools are new IPv6 tools.

Other TCP/IP-Related Tools

Tool Description

Ipsec6

You can use Ipsec6 to experiment with managing Internet Protocol security (IPSec) in an IPv6 test environment by configuring IPSec policies and security associations.

Ttcp

You can use this tool to troubleshoot TCP and UDP traffic. You can find the Ttcp tool in the Valueadd\Msft\Net\Tools folder of the Windows Server 2003 CD-ROM.

Event Viewer

Tracks errors and events recorded in Application, Security, and System logs.

Network Monitor

Captures and displays network traffic. The full version, which can capture all frames sent on a network segment, is part of the Microsoft Systems Management Server (SMS) product. A limited version, which can capture frames that are sent to or from the network adapter of the computer on which Network Monitor is installed, is included with Windows Server 2003.

Registry Editor

The registry editor Regedit.exe allows viewing and editing of registry parameters.

Simple Network Management Protocol (SNMP) service

Provides statistical information about network devices to SNMP management systems, such as HP OpenView, IBM NetView, or Sun Net Manager.

System Monitor

Analyzes TCP/IP network performance. System Monitor is a component of in the Performance Logs and Alerts snap-in.

TCP/IP Diagnostic Tools

TCP/IP supports several diagnostic tools in Windows Server 2003 that include new support for IPv6:

  • Netstat

  • Pathping

  • Ping

  • Tracert

In addition, Windows Server 2003 introduces the Netsh commands for both IPv6 and for Ipv6 6to4. You can use the first set of tools to query and configure IPv6 interfaces, addresses, caches, and routes. You can use the second set of commands to query or configure the 6to4 service on either a 6to4 host or a 6to4 router.

The following table lists TCP/IP diagnostic tools that you can use to identify and resolve TCP/IP networking problems.

TCP/IP Diagnostic Tools

Tool Description

Arp

View and manage the Address Resolution Protocol (ARP) cache on the interfaces of the local computer.

Hostname

Display the name of the computer.

Ipconfig

Display current TCP/IP network configuration values, update or release Dynamic Host Configuration Protocol (DHCP) allocated leases, and display, register, or flush Domain Name System (DNS) names.

Nbtstat

Check the state of current NetBIOS over TCP/IP (NetBT) connections, view and update the NetBIOS name cache, and determine the names registered with Windows Internet Name Service (WINS).

Netdiag

Check the state of a network client to help isolate TCP/IP-related connectivity problems, including verifying that DNS is available and functioning correctly.

Netsh

Provides thirteen sets of commands (called contexts) for performing a wide range of network configuration tasks. Windows Server 2003 adds a new context for managing IPv6 to the netsh command set.

Netstat

Display statistics for current TCP/IP connections. Windows Server 2003 adds IPv6 parameters to the netstat command.

Nslookup

Check records, domain host aliases, domain host services, and operating system information by querying DNS servers.

Pathping

Trace a path to a remote system and report packet losses at each router along the way. Windows Server 2003 adds IPv6 parameters to the pathping command.

Ping

Send Internet Control Message Protocol (ICMP) Echo messages to verify IP connectivity. Windows Server 2003 adds IPv6 parameters to the ping command.

Route

Display the IP routing table, and add, edit, or delete IPv4 routes. Route for Windows Server 2003 also displays IPv6 routes.

Tracert

Trace a path to a destination. Windows Server 2003 adds IPv6 parameters to the tracert command.

All of the tools in the previous table, except Netdiag, are installed with the Windows Server 2003 operating system. Netdiag is one of the support tools delivered with the second Windows Server 2003 operating system CD, which you install separately from the operating system itself.

Arp.exe: Arp

Category

The Arp command-line tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Arp command-line tool to display and modify entries in the local Address Resolution Protocol (ARP) cache. The ARP cache, which is a memory-resident list, contains one or more tables that store IP addresses and the corresponding Ethernet, Token Ring, or wireless LAN physical addresses that have been resolved from other computers on the same subnet. Typically, a physical address is the Media Access Control (MAC) address. A separate table exists for each network adapter installed on the computer.

Hostname.exe: Hostname

Category

The Hostname command-line tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Hostname command-line tool to display the host name of the computer on which you run the command.

Hostname does not display the fully qualified domain name (FQDN) of the computer. You can find the computer name and its FQDN through Control Panel on the computer.

Ipconfig.exe: Ipconfig

Category

The IPconfig command-line tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Ipconfig command-line tool to display the current configuration of the installed IP stack on a networked computer and to refresh DCHP and DNS settings. The Ipconfig command is often one of the first commands you use to check the status of the connection when you experience communication problems on a TCP/IP network. Ipconfig is most useful for managing computers that obtain an IP address automatically, such as by using DHCP or through alternate configuration.

When used without a parameter, Ipconfig displays the IPv4 address, subnet mask, and default gateway for all adapters on a computer. If the computer has the IPv6 protocol installed, Ipconfig also displays the IPv6 address information.

Nbstat.exe: Nbtstat

Category

The Nbtstat command-line tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Nbtstat command-line tool to troubleshoot NetBIOS name-resolution problems.

When a network is functioning correctly, NetBIOS over TCP/IP (NetBT) resolves NetBIOS names to IP addresses. NetBT uses several options for NetBIOS name resolution, including local NetBIOS name cache lookup, WINS server query, broadcast, and LMHOSTS lookup. After NetBT methods are exhausted, Windows TCP/IP converts the NetBIOS name to a host name and attempts host name resolution, including checking the local host name, checking the DNS client resolver cache, and querying DNS servers.

Use Nbtstat to display a variety of information, including:

NetBT protocol statistics.

NetBIOS name tables for both the local computer and for remote computers. The NetBIOS name table is the list of NetBIOS names that corresponds to NetBIOS applications running on that computer.

NetBIOS name cache. The NetBIOS name cache is the table that contains NetBIOS name-to-IP address mappings.

Also use Nbtstat to refresh the NetBIOS name cache and the names registered with WINS.

Netdiag.exe: Netdiag

Category

Netdiag is a command-line tool delivered with the support tools on the second Windows Server 2003 operating system CD, which you install separately from the operating system itself.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Netdiag command-line tool, which is one of the support tools delivered with the second Windows Server 2003 operating system CD, to help isolate TCP/IP-related connectivity problems. After you install the Support Tools, Netdiag.exe appears in the Program Files\Support Tools folder on the drive on which the Support Tools are installed.

Netdiag provides tests that report information about a computer and its network configuration, which can help diagnose network problems. Use the Netdiag logging parameter (-l) to capture and store output from Netdiag tests. One use of Netdiag logging is to add the output of Netdiag tests to your network’s baseline documentation and to create updated test logs each time important changes to a computer’s configuration are made.

In addition to troubleshooting TCP/IP issues, you can also use Netdiag to examine a computer’s Internetwork Packet Exchange (IPX) and NetWare configurations.

Note

  • The IPX protocol is supported only on the 32-bit platforms in Windows Server 2003.

Despite the name similarity and some overlap in function, the Netdiag command-line tool that you install from the Windows Server 2003 operating system CD as part of the set of Support Tools is not the same as the following two versions of a different network diagnostic tool:

Network Diagnostics, which you access under Help and Support Center Tools in Help and Support Center for Windows Server 2003.

Netsh diagnostic (diag)commands, which you access by typing netsh -c diag at a command prompt.

Network Diagnostics and the Netshdiag commands use the same Dynamic Link Library (DLL) and run the same set of tests. However, Netsh lets you test user-defined destinations, whereas Network Diagnostics does not.

Although there is some overlap between these tools and the Netdiag support tool described here, for the most part Netdiag provides a different set of tests.

Netsh.exe: Netsh

Category

The Netsh command-line tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Netsh command-line tool to locally or remotely display or modify the configuration of services or protocols on computers running Windows. In addition, the Netsh command-line interface is scriptable, which lets you perform batch configurations or administration from a centralized location.

The Netsh commands, which were first introduced in Windows 2000, help you manage a standard TCP/IP network, that is, an IPv4 network. For organizations that have begun to explore IPv6 by introducing IPv6 into their network, Windows Server 2003 and Windows XP add a new set of Netsh commands for IPv6.

For administrative convenience, the Netsh commands are grouped into sets, called contexts. Each context provides commands appropriate for a specific area of networking functionality. A context is implemented through an associated Netsh helper, which is a dynamic link library (DLL) file that provides the capabilities for that context. Netsh directs the context command that you enter to the appropriate helper, and the helper then carries out the command. The Netsh helper DLLs interact with other operating system components, such as WINS or TCP/IP. For example, Winsmon.dll provides the set of commands for managing the WINS service, and Ifmon.dll provides the set of commands for managing IPv4 interfaces.

A context can contain one or more additional contexts, called a subcontext. For example, the IPv6 context contains the 6to4 subcontext, which provides a separate set of commands for managing the 6to4 service (which encapsulates IPv6 traffic with an IPv4 header before it is sent over an IPv4 network) on either a 6to4 host or a 6to4 router.

Netsh is extensible. Developers can create additional contexts to manage networking services in addition to the contexts provided by Windows.

Netstat.exe: Netstat

Category

The Netstat command-line tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Netstat command-line tool to display active TCP/IP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP, and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols).

Nslookup.exe: Nslookup

Category

The Nslookup command-line tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Nslookup command-line tool for querying and troubleshooting the DNS infrastructure. For example, Nslookup can provide host-name resolution.

Pathping.exe: Pathping

Category

The Pathping command-line tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use Pathping, a command-line tool that combines features of Ping and Tracert, to obtain additional information that neither of those tools provides. Specifically, you can use Pathping to identify the route to a remote host, then ping the remote host for a period of time to collect and report statistics. Pathping information includes information about the intermediate routers visited on the path, the Round-Trip Time (RTT) value, and link-loss information.

Ping.exe: Ping

Category

The Ping command-line tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Ping command-line tool as your primary tool for troubleshooting IP-level connectivity between two TCP/IP computers. Ping sends ICMP Echo or ICMPv6 Echo Request messages to perform network diagnostics and to test ability to reach a specific destination. Ping can use IPv4 or IPv6 addresses. If a name is specified, Ping uses the address that is resolved.

Ping lets you specify the size of packets to use (the default is 32 bytes), how many to send, whether to record the route used, what Time-To-Live (TTL) value to use, whether or not to set the Don’t Fragment flag, and so on.

Route.exe: Route

Category

The Route command-line tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Route command-line tool to view and modify the local IP routing table.

For two hosts to exchange IP datagrams, they must both have a route to each other, or they must use a default gateway that knows a route between the two. Typically, routers exchange information using a protocol such as Routing Information Protocol (RIP) or Open Shortest Path First (OSPF). The RIP Listening service is available for Microsoft Windows XP Professional, and full routing protocols are supported by Windows Server 2003 in the Routing and Remote Access service.

All symbolic names used for the specified network destination of the route are looked up in the network database file NETWORKS. The symbolic names for the gateway are looked up in the host name database file HOSTS. If the command is print or delete, the destination value can be a wildcard value specified by an asterisk ("*"). If the destination specified contains a * or ?, it is treated as a shell pattern and only matching destination routes are printed. The asterisk matches any string, and the question mark matches any one character. For example, 157.*.1, 157.*, 127.*, and *224* are all valid uses of the wildcard asterisk.

Using an invalid combination of a destination and netmask value generates a “The route addition failed: The specified mask parameter is invalid. (Destination & Mask) != Destination.” error. This sort of error message appears, for example, when a bitwise logical AND between the destination and mask does not equal the destination value.

Tracert.exe: Tracert

Category

The Tracert command-line tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Tracert command-line route-tracing tool to display the path between the sending host and a destination.

The path that Tracert displays is a list of near-side router interfaces of the routers in the path between the source host and destination. Tracert uses the IP Time-to-Live (TTL) field in Internet Control Message Protocol (ICMP) Echo Requests and ICMP Time Exceeded-TTL Exceeded in Transit messages to determine the path from a source to a destination through an IP internetwork.

Note that some routers silently drop packets with expired TTLs. These routers do not appear in the Tracert display.

Tracert works by incrementing the TTL value by one for each ICMP Echo Request it sends, and then waiting for an ICMP Time Exceeded-TTL Exceeded in Transit message. The TTL values of the Tracert packets start with an initial value of one; the TTL of each trace after the first is incremented by one. A packet sent out by Tracert travels one hop further on each successive trip.

Note

  • The UNIX version of Tracert performs the same function as the Windows version, except that the IP payload is a UDP packet addressed to a (presumably) unknown destination UDP port. Intermediate routers send back ICMP Time Expired-TTL Exceeded in Transit messages recording the route taken, and the final destination sends back an ICMP Destination Unreachable-Port Unreachable message.

  • The UDP payload from the UNIX Tracert tool can cross routers and some firewalls, whereas the ICMP Echo Request messages might not, due to ICMP filtering. To avoid this problem in Windows Server 2003, turn off packet filtering and then try using Tracert again.

TCP/IP Remote Networking Tools

Microsoft TCP/IP includes several remote networking tools. The following table lists the tools included with Microsoft TCP/IP that you can use to communicate with remote computers.

TCP/IP Remote Tools

Tool Description

Finger

Displays information about a user or users on a specified remote computer (typically, a computer running UNIX) that is running the Finger service.

Ftp

Transfers files over the Internet to, and from, a computer running a File Transfer Protocol (FTP) server service, such as the FTP component of Microsoft Internet Information Services (IIS).

Rcp

Copies files between a computer running Windows Server 2003 and a computer running Rshd, the UNIX remote shell service.

Rexec

Runs commands on a remote computer (typically, a computer running UNIX).

Rsh

Runs commands on remote hosts using the Rsh service, the UNIX remote shell service.

Telnet

Starts terminal emulation with a remote host running a Telnet server service.

Tftp

Transfers files to and from a remote computer (typically, a computer running UNIX) that is running the Trivial File Transfer Protocol (TFTP) service.

Note

  • All passwords used by Windows networking services are encrypted. However, the Ftp, Rexec, and Telnet connectivity tools rely on plaintext password authentication by the remote computer. Plaintext passwords are not encrypted before being sent over the network. This enables another user equipped with a network capture tool such as Network Monitor on the same network to obtain a user’s remote account password. For this reason, choose different passwords from those used for computers running Windows Server 2003 or domains when connecting to non-Microsoft remote computers with the Ftp, Rexec, or Telnet tools. Note that the protocols themselves prohibit encryption; the use of plaintext passwords is not recommended by Microsoft.

Finger.exe: Finger

Category

The Finger connectivity tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Finger connectivity tool to display information about a user or users on a specified remote computer (typically, a host computer running UNIX) that is running the Finger service. Output varies based on how the remote host specifies Finger output format.

Ftp.exe: Ftp

Category

The Ftp connectivity tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

FTP is a protocol that defines how to transfer files from one computer to another over a TCP/IP network, such as the Internet or a company intranet. Use the Ftp connectivity tool to transfer files to and from a host running an FTP server service, such as the FTP component of Microsoft Internet Information Services (IIS). You can use Ftp interactively or in batch mode to process ASCII text files.

Note

  • The FTP service is a component of Microsoft Internet Information Services (IIS). However, when you install IIS on a server, FTP is not installed unless you explicitly specify that it be installed. If you install IIS without FTP, you can use Add or Remove Windows Components in Add or Remove Programs in Control Panel to install FTP later.

Typically, users use Ftp to download files from a location on the Internet or to upload files to a location on the Internet. Before a user can log on to an FTP server, the server administrator must grant the user permission to access the inetput\ftproot folder, which is created along with the Default FTP site by default when you install IIS FTP, or a folder for the use of a particular user or group under the ftproot folder. Alternatively, you can create a new FTP site, and you can use folders other than ftproot and its children for FTP files.

Similarly, users can upload a file from the local computer to an FTP server using the put command. However, for users to successfully use the put command, the administrator must grant them write permissions for the FTP folder to which the file will be uploaded.

Rcp.exe: Rcp

Category

The Rcp connectivity tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Rcp connectivity tool to copy files between a computer running Windows Server 2003 and a computer running Rshd, the UNIX remote shell server service or daemon. Rshd stands for Rsh daemon; daemon is the UNIX term for service. In addition to running Rsh, the remote computer must also support the Rcp tool.

Also use Rcp for third-party transfer to copy files between two computers running Rsh when the command is issued from computers running Windows Server 2003. The UNIX Rsh server service is not available on computers running Windows Server 2003, but the computer running Windows Server 2003 can participate as the computer from which the commands are issued.

Permitting Network Access

The .rhosts file typically permits network access on UNIX systems. The .rhosts file lists computer names and associated logon names that have access to remote computers. When you run Rcp, Rexec, or Rsh tools remotely with a correctly configured .rhosts file, you do not need to provide logon and password information for the remote computer. The .rhosts file must be in the user’s home directory on the remote computer.

The .rhosts file specifies which remote computers or users can access a local account using the Rcp or Rsh commands (Rsh is described later in this chapter). For you to access the remote computer using Rcp, the .rhosts file (or a file called Hosts.equiv) must exist on the remote computer. Rcp transmits the local user name to the remote computer. The remote computer uses this name and the IP address (usually resolved to a computer name) of the requesting computer to determine whether to grant access. No provision exists for specifying a password to access an account using Rcp.

If the user is logged on to a Windows Server 2003 domain, the domain controller must be available to resolve the currently logged-on name because the logged-on name is not cached on the local computer. Because the user name is required as part of the Rcp protocol, the command fails if it cannot obtain the user name.

The .rhosts file is a text file in which each line is an entry. An entry consists of the local host name, the local user name, and any comments about the entry. Each entry is separated by a tab or space, and comments begin with the number sign (#).

For more information about the implementation of the .rhosts file on a remote computer, see the remote computer’s documentation.

Specifying Computers (Hosts)

Use Host.user to specify a user name other than the current user name. If you use Host.user with Source (which specifies which files to copy), the .rhosts file on the remote computer must contain an entry for user. For example:

Rcp host99.user7:file1 corp7.admin:file2

In this example, the .rhosts file on Corp7 must have an entry for User7 on Host99.

If you type a computer name as a fully qualified domain name (FQDN) containing periods, you must append a user name to the host name. This prevents the last element of the domain name from being interpreted as a user name. For example:

Rcp domain-name1.user:johns domain-name2.user:buddyg

Performing Remote Processing

Remote processing is performed by a command run from the user’s logon shell on most UNIX computers. The user’s .profile or .cshrc file is run before file names are parsed. You can specify that exported shell variables be used in remote file names by using one of the escape characters. The escape characters are the backslash (\), quotation mark ("), and apostrophe (’).

Copying Files

If you try to copy several files to a file rather than to a directory, only the last file is copied. Also, the rcp command cannot copy a file onto itself (Source and Path/Destination cannot be the same).

Rexec.exe: Rexec

Category

The Rexec connectivity tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Rexec connectivity tool to run commands on a remote computer that is running the Rexecd service, the UNIX remote execute service. Rexecd stands for Rexec daemon; daemon is the UNIX term for service. Before carrying out the specified command, Rexec authenticates the user name on the remote host by prompting for a password. Windows Server 2003 does not provide the Rexec service.

Rexec copies standard input to the remote command, standard output of the remote command to its standard output, and the standard error of the remote command to its standard error. Interrupt, Quit, and Terminate signals are propagated to the remote command. Rexec generally terminates when the remote command completes.

You cannot use Rexec to run most interactive commands. For example, you cannot use Rexec to run vi or emacs commands. Use Telnet to run interactive commands.

Rsh.exe: Rsh

Category

The Rsh connectivity tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Rsh connectivity tool to run commands on remote computers that are running the Rsh service, the UNIX remote shell service. For information about the .rhosts file used to enable this tool, see the description of the Rcp tool earlier in this section.

If the user is logged on to a Windows Server 2003 domain, the domain controller must be available to resolve the user name, because it is not cached on the local computer. Because the user name is required as part of the Rsh protocol, the command fails if the user name cannot be obtained.

Rsh copies standard input to the remote command, standard output of the remote command to its standard output, and the standard error of the remote command to its standard error. Rsh generally terminates when the remote command completes.

Telnet.exe: Telnet

Category

The Telnet connectivity tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

The Telnet connectivity tool starts terminal emulation with a remote host running a Telnet server service. The remote computer must also be using TCP/IP. Telnet provides DEC VT 100, DEC VT 52, or ANSI emulation, using the connection-based services of TCP.

To provide terminal emulation from a computer running Windows, the remote host must be running TCP/IP and a Telnet Server service. The Windows-based Telnet user must also have a user account on the remote Telnet Server.

Note

  • Windows Server 2003 and Microsoft Windows XP Professional provide the Telnet Client and Telnet Server components. These are built in, but you must use the Services snap-in to start the Telnet service before it can serve Telnet clients.

Tftp.exe: Tftp

Category

The Tftp connectivity tool is installed with the operating system.

Version compatibility

This tool is included with all versions of Windows that include TCP/IP.

Use the Tftp connectivity tool to transfer files over the Internet to and from a remote computer (typically, a computer running UNIX) that is running the Trivial File Transfer Protocol (TFTP) service. This tool is similar to Ftp, but it does not provide user authentication. However, the files you transfer using Tftp do require UNIX read and write permissions. You can use Tftp only for unidirectional transfer of files.