Windows XP/Vista/7 have a whole array of helpful command line tools for configuring
and testing Internet and LAN connections. On this page is a discussion of some
of the networking tools that can be useful to an average PC user.
There are dozens of networking tools available for Windows XP/Vista/7 (For example,
see this command-line
reference.) Most of these are specialized and are mainly of interest
to professionals who are maintaining a large network. Many, however,
are relevant to the Internet and some of these can be helpful to the
average PC user. The tools of interest to the discussion here are a few
of of the TCP/IP utilities. (Go here for
a complete list.) TCP/IP refers
to the set of protocols that are used for Internet connections and on
most networks. Discussing TCP/IP is beyond the scope of this page but
more details are available on a separate page and
in the references in the sidebar. Fortunately, it is not necessary to
understand the gory details of TCP/IP in order to make practical use
of the tools considered here.
All of the tools are run by opening a Command window and entering the appropriate
command. Go to Start-Run or Start search and enter "cmd" to open a Command window.
Windows IP Configuration Tool (ipconfig)
The Windows IP Configuration tool (ipconfig
) is the command-line equivalent
of the accessory "Winipcfg" that was present in Windows 9X/Me. It is used
to display the TCP/IP network configuration values. To open it, enter "
in the command prompt. If you are connected directly to the Internet, you
will obtain your IP address. (For a discussion of what an IP is, go
.) The figure
below shows the result for a broadband connection where the IP is assigned
automatically. Here the IP is your computer's temporary address on the
If you are on a local area network using a router, the information is different.
You do not obtain the IP corresponding to the network's address on
the Internet. (To obtain the IP that the Internet sees, go to a source
such as DSL Reports Whois.) The IP given is the local address on the network.
This information can be helpful in diagnosing network problems. Also listed
is the "gateway" or
router address on the local network. The figure below illustrates the
Switches for IPConfig
There are also a variety of switches for ipconfig that add functions. These
are invoked by entering "
To obtain a list of switches, enter "
/?" or "
-?". These are shown in the figure
below. The switches of most interest to everyday use are "release" and "renew".
Note that IP addresses are typically assigned or "leased" for a
period of time, often a day or more. It sometimes happens that IP addresses
are no longer valid or are in conflict. Problems can often be solved by
first releasing the IP address and then renewing it. Sometimes cable or
DSL modems that seem to be disabled can be restored this way. If you travel
and use broadband connections elsewhere, you will often find this procedure
of releasing and renewing the IP address to be necessary.
For a detailed output of network parameters, you can use the command
/all". Unless you are experienced with networks, however, this
may be more than you want to know.
The switches "
displaydns" are are also sometimes useful in everyday
use and they are discussed on another
page at a sister site.
Ping is an old Unix tool that has been around for a long time but
many PC users are unfamiliar with the Windows version. Ping sends
out a packet to a designated internet host or network computer and measures
its response time. The target computer will return (hopefully) a signal.
It is a way of determining the quality of your connection to another site.
You will also receive an IP address that corresponds to the user-friendly
type of URL (see this page for further discussion of
IPs and URLs). To use ping, open a command window
ping <hostname>. For
example to ping Dell, enter:
ping dell.com Please note the use
of a hostname, not a complete URL. The prefix "http://" is never
used. Many sites also do not require "www" . By convention, 32 byte
packets will be transmitted four times. You will receive a screen output
that looks like:
The screen tells me that the IP for dell.com is 188.8.131.52 (For
the moment, at least. This can change.) It also tells me that the average
round trip time for a packet was 69 milliseconds, which means I have a
good connection to dell.com. Long reply times of several hundred
milliseconds are indicative of a slow connection. Note that some major
sites such as microsoft.com do
not like being pinged and block pings. In that case you will get a "Request
timed out" message.
In addition to being used on the Internet, Ping is often used to test connections
on local networks. More details can be found in this Microsoft
Tracert (traceroute) is another old tool borrowed from Unix.
The actual path between two computers on the Internet is not a straight
line but consists of numerous segments or "hops" from
one intermediate computer to another. Tracert shows each step of
the path taken. It
can be interesting to see just how convoluted it is. The times for each
hop and the IP addresses for each intermediate computer are displayed.
up to 30 hops. It is convenient for finding if there is one particular
segment that is causing a slow or bad connection. A typical command might
be "tracert dell.com".
This command combines functions of Ping and Tracert.
Pathping will first list the number of hops required to reach the
address you are testing and then send multiple pings to each router
between you and the destination. After that, it
computes results based on the packets returned from each router. Because
pathping displays the degree of packet loss at any given router or
link, you can determine which routers or subnets might be having network
problems. Note that the whole process may consume 5-10 minutes because
many pings are being sent. There
are switches to modify the process and these can be seen by entering "pathping
/?" in the command prompt.
Netstat displays the active TCP connections and ports on which
the computer is listening, Ethernet
statistics, the IP routing table, statistics for the IP, ICMP, TCP, and
UDP protocols. It comes with a number of switches for displaying
a variety of properties of the network and TCP connections. (One
tricky point: the switches must be prefixed with a minus, not a slash.) More detail is at this page. One possible use for Netstat is to
determine if spyware or Trojans have established connections that you do
not know about. The command "netstat -a" will display all your connections.
The command "netstat -b" will show the executable files involved in creating a connection. A figure showing all the switches and syntax is given below.
This command helps diagnose the Domain Name System (DNS) infrastructure and
comes with a number of sub-commands. These are mainly for systems
administrators. The primary interest for average PC users is its use to
find the computer name corresponding to a numeric IP. For example, if you
want to know who is "184.108.40.206" , enter "nslookup 220.127.116.11"
and you will find that it is (or was anyway) a Yahoo computer. My firewall
keeps a log of the IPs involved in the attempts to probe my computer and
I sometimes look a few up to see who they are. (There are also Whois search
sites available on the Web as mentioned in the Ipconfig section.)
The network services shell is a large suite of many tools. I discuss it in
some depth on another page .
Back to top