When you are on the internet or are working in an networked environment you may think you

have problems with your network connection. However it would be helpful if you could
diagnose whether there is a problem and what it is.
Fortunately there are some useful tools built in to all versions of Windows which can help
you, you just need to know what they are and how to use them. This page explains them and
gives you some example of the circumstances when it is a good idea to use them.
Most of the tools on this page are accessed from the DOS or Command prompt. While this
can look a little scary to a novice user, it can be quite powerful and allow you to manipulate
your system and see what is going on in a a way that isn't possible with nice looking GUI
(Graphic User Interface) tools. However if you are a novice to the Command Prompt, then
you should read our getting started guide.
Although you can run these tools from the "Run" box off the start menu, as soon as the
command has finished, the box will close which will stop you from seeing the results. Always
open a command box first and then enter the command there.
Presumptions
This page and the tools listed presume that you have checked that your network settings are
entered correctly - IP address and DNS settings. If you are unsure, you should speak to your
network administrator or internet service provider before continuing. These tools can help
you discover if the settings you have are working correctly, but need something to work from
originally.
It also presumes that you have checked your physical connections. Network cables should
have a light flashing indicating a connection. Connections to the Internet should have some
kind of indication that the connection is live.
Tools and Scenarios
Below is a list of tools that are discussed on this page, along with some scenarios that they
will be useful for. Simply find the scenario you are trying to resolve and try the tools that can
help you diagnose the problem.
Getting Help
When working with the tools you can get help by typing the command, then "/?" , e.g..
"ping /?" (minus the quotes).
Saving the Results
If you are running a command, or want to view the help then you can send the results to a file
for viewing elsewhere or to send to a friend, colleague or helpdesk for diagnosis. Simply
enter >c:\<filename>.txt after your command to send the results to a file instead of the screen.
To use ping as an example:

ping/?>c:\ping.txt
pingwww.dosprompt.info>c:\ping.txt
This sends the results of "ping /?" or the ping to amset.info to a text file in the root of your c:
drive called "ping.txt" which you can view with a text editor like notepad.

Scenario list
To help you choose the tool you need to diagnose your problem, this handy chart outlines
some of the potential problems and which tool will help you diagnose where the problem is.
ping/pathpin tracerout netsta net
g
e
t
shell

dns and dns

lookup

telne
t

Cannot connect
to a web site, but
ping/pathping trace route
can connect to
others

dns and dns lookup telnet

Cannot connect
to email, but can ping/pathping trace route
browse web sites

telnet

Suspect
malicious
application on
machine

netstat

IP networking
problems on my ping/pathping
local machine

netstat net shell

dns and dns lookup

Ping / Path Ping

Ping is probably one of the most used Command Line tools and for good reason. it is a quick
and easy way to see whether the site or service you are trying to connect to is actually alive. It
is usually the first tool most network administrator use when faced with any kind of problem.
You can use results from other actions to carry out further actions in Ping to discovered
where the problem may be.
Using Ping
To use ping, simply open a command prompt and enter ping then the name of the host that
you want to check, without the http, ftp etc or any directories, slashes or other information.
pingwww.dosprompt.info
You can also ping IP addresses:
ping85.234.131.90

After pressing enter you will get a number of responses:

Response returned

Which means...

ping request could not find The address you have entered doesn't exist. Check your spelling
host...
and try again.
reply from...

The address that you have entered is alive and responding to

pings

request timed out...

The address was found but it isn't responding to ping requests

Getting the "Request timed out" doesn't always mean that the host you are pinging is actually
down. Some sites will block the "ping packets" from being returned as a security measure, so
they will never respond to a ping. There are other tests that you can do to verify whether the
host is alive or not, using Telnet.
Infinite Ping
With an additional command you can ask your machine to keep pinging a machine until you
end it. This is useful if you are moving a cable that you think is a problem or you have an
intermittent fault.
To continuously ping a host, add the command "-t" to the end after the host. For example:
pingwww.dosprompt.infot
To end the continuous ping, press Ctrl and C which sends a break to it.
Path Ping (Windows XP and Windows 2003 server and higher only)
Path ping is a new tool introduced by Microsoft which combines ping and Trace Route. It
analyzes the route in the same way that trace route does, but sends multiple pings to each hop
on the way. It then collects statistics on this route to tell you whether one particular hop is
being very slow, indicating a problem. This does make it a slower tool than ping, but can
provide more information useful for diagnosis.
Using Path Ping
Using pathping is very similar to the standard ping application. In a command prompt enter
the command "pathping" then the host or Ip address that you want to check. For example:
pathpingwww.dosprompt.info
pathping85.234.131.90
After pressing enter you will get one of two results. Either "unable to resolve target" which
means that the name doesn't exist or the pathping will begin, only to end with a successful or
failure result code. Refer to the tracert results table below for information on these result
codes.
If the process seems to be going on too long, then press Ctrl and C to end it.

More information on pathping can be found in the online Windows Help system.
Netsh Ping
You can also ping through the Netshell interface, allowing you to ping certain servers and
settings that are configured on your machine. See the netsh section below for more
information on this powerful application.

Trace Route
When you browse the Internet, your machine doesn't not connect directly to the other site, it
goes through many hops. This can be as few as one or two if you are connecting to the web
servers internally or at your internet service provider, to as many as 30 if you are browsing to
a web site hosted on the other side of the world. In most cases you don't need to worry about
how many hops you go through. the ISP will be routing your traffic to the required host,
possible over a number of routes to ensure that your request reaches it and the reply gets
back.
What Trace Route does is show you the route that it is taking.
If you are getting a problem where you cannot connect to a certain site, trace route can help
you diagnose whether it is a local problem, an ISP problem or a wider issue.
Using Trace Route
The trace route command is "tracert" and as with ping, you can trace to either an name or an
IP address. In an open command prompt windows, enter the command tracert followed by the
host you want to connect to.
tracertwww.dosprompt.info
tracert85.234.131.90
After pressing enter, the trace will either fail immediately, or you will get one of the
following result codes:
Message

Which means...

Unable to resolve
target system <site
name>

the name you entered doesn't exist

Trace complete

trace was successful, the results will be shown above

Request timed out

either the host or one of the hops on the way didn't respond in the
timeout period. This usually indicates there is a problem.*

this means that a device that the rest of the Internet is sending traffic to
Destination network the host cannot connect to it or doesn't know where to send the traffic.
unreachable
Again, usually indicates a problem that is often outside of your
control.**
* If you get this message more than two or three times together in a trace, you can usually do
the CTRL-C key combination to stop it. Waiting for the timeout to complete is a waste of
time.

** If you get this immediately then your internal routing is at fault. If it occurs after three or
four hops then it is probably outside of your control.
If the problem is a hop outside of your ISP, there is very little that you can do. Hopefully the
problem will be resolved or routers will find an alternative route around the problematic
machine.
More information on tracert can be found in the online Windows Help system.

Netstat
Net Stat is a tool that tells you what your machine is connected to at the moment the
command is run. This makes it a very useful tool to see if your machine is connecting to
servers that you don't know about - possibly via the so called "Spy Ware" or "Ad Ware". By
adjusting the switches after the command you can change the way the information is
presented.
This tool can display information about the active connections, as well as whether the
machine is listening for connections - i.e. ready to receive a connection from another
machine.
Command

Displays

netstat

Active connections only, with the full domain name

netstat -a

Active connections and listening ports with full domain name

netstat -ao

Active connections and listening ports with full domain name and PID
of application using it*

netstart -an

Active connections and listening ports but in numeric form (no domain
names)

netstat -ano

Active connections and listening ports but in numeric form (no domain
names) and PID of application using it*

netstat -<any of
above> 30

Repeats the command, updating the statistics after the number of

seconds indicated.
Change the number to increase or decrease the frequency
Replace <any of the above> with either "a", "ao", "an" or "ano"

* By adding the PID (Process Identification) you can see which application or service
running on your machine is making the connection or is in a waiting state. To see the lists of
processes, start the Task Manger (CTRL - ALT - DELETE then press Task manager, Right
click on the taskbar and choose it from the options or press CTRL ALT ESC).
Once Task manager is loaded, if you cannot see PID in the list of columns, add it from the
"View", "Select Columns" command.
Things to look for
If you have any of the following in a listening state on your machine and don't knowing know
about running those type of applications then you may have an application on your system
that is waiting for a third party to connect

Port

Information

25

SMTP Server - email server

80

Web server

110

POP3 Server - email server

If you see other ports that you want to check and the PID doesn't clarify their use then you
can look at the official list maintained by the IANA (Internet Assigned Numbers Authority)
here: http://www.iana.org/assignments/port-numbers . This lists the most common port usage
but is reliant on application providers registering the port use.
You could also do a search on Google for the word "port" and then the number to see if
anyone else has reported it or can tell you what it is.
More information on netstat can be found in the online Windows Help system.

Net Shell
With the latest versions of Windows, the TCP/IP component is core to the operating system
and therefore cannot be reinstalled, removed or disabled. This makes resolving problems with
it a little more complex than before. Microsoft introduced with Windows 2000 a new utility
that runs from the command line to allow you to adjust and diagnose the IP settings. This new
command is called netsh (net shell). It takes preset commands, looks at what is configured in
the operating system for those settings then uses them. Therefore you are testing the network
settings as the operating system sees them.
There are two ways to operate the Netsh commands, both of which require a command
prompt.
1. By entering the full command string in the command prompt.
2. By enter "netsh" and pressing enter.
If you going to be running lots of commands or want to look at the help files for
subcommands, then method 2 is the better choice.
When you are in the netsh command shell, the prompt changes from "c:\>" to "netsh>"
Sample Netsh Commands
Below are some of the commands that you can run in a Netsh session and what they do.
There are lots of commands available and these are just a sample of what is available.
In all cases, if you are running it outside of netsh (netsh>) then you need to prefix the
command with "netsh" e.g:
netshdiaggui
Action

Command

Try to connect to the mail server configured in Outlook

Express

diag connect mail

Try to connect to the news server configured in Outlook

diag connect news
Express
Try to connect to the Internet Explorer Proxy server (if
configured)

diag connect ieproxy

diag connect iphost <name>

Try to connect to a specific port on an IP address or host <port>
name
diag connect iphost <ip address>
<port>
Show network configuration

diag show all

Ping servers configured on your machine

diag ping <server type>
(run diag ping alone for the list of available server types)
Show the graphical interface

diag gui

Reset IP Configuration

int ip reset

Show IP status

int ip show config

More information on netsh can be found in the online Windows Help system.

DNS
DNS is core to the operation of most networks and the Internet. It stands for Domain Name
Service and the best way to think of it is like a big phone book. Every machine on the Internet
has a unique IP address. DNS maps those addresses to friendly names. For example
www.bbc.co.uk is 212.58.224.125. Therefore if you are having problems with DNS settings
or DNS lookups, it can hinder your web browsing.
If you are getting errors when browsing about hosts not being found, especially of they are
popular sites like Microsoft, Yahoo or the BBC then your DNS could be at fault.
Flush DNS Cache
The first thing you should do is flush your DNS cache. This very simple, just start a
command prompt and enter the following text:
ipconfig/flushdns
This will clean out the cache held on your local machine forcing it to look to the servers you
have configured in your settings.
More information on the ipconfig command.

DNS Lookup
DNS lookups can be carried out from the command line using a tool called "nslookup". This
tool doesn't have online help without entering the main shell.
A name lookup will tell you whether:

a. The name or IP address exists

b. What the current address is or which name it is registered to
To do a DNS lookup from a command line, open a command prompt and enter the following
command:
nslookup<siteaddress>
for example
nslookupwww.bbc.co.uk
You can also do DNS lookups against other servers that don't belong to your ISP. This can
verify whether your ISP has a problem. If you are running internal DNS servers (for example
on a network) then using external DNS servers can be beneficial in discovering if the
problem is local or not. To do this you need to enter the "nslookup" shell. Open a command
prompt and just type "nslookup" (minus the quotes) and press enter. You will be told what
server you are currently using for DNS.
To change server enter the command "server" then the IP address of the alternative DNS
server that you want to use.
Then, to look up a host, just enter the name, for example www.bbc.co.uk .
If you want to lookup MX records, then type
settype=mx
Then enter the domain name.
An example of using nslookup and telnet together to test MX records and an email server is
here.
When you have finished, type exit to leave the nslookup shell.
More information on nslookup can be found in the online Windows Help system.

WHOIS
WHOIS, which allows you to lookup information about a domain name, is not native to
Windows.
You can download a command line WHOIS tool from the Microsoft Sysinternals site.
Extract the files, then place them in to \windows\system32. The command will then be
available to you in a standard prompt.
The information can be easily dropped to a notepad:
whoisdosprompt.info>dosprompt.info.txt

WHOISIP
To do the same as above, but for IP addresses, there is another tool called WHOISIP which
can be downloaded from here: http://www.nirsoft.net/utils/whosip.html . As with the
Microsoft tool, extract the file and drop it in to \windows\system32 and you will be able to
use it from a standard prompt.
whoisip8.8.8.8>8888.txt

Telnet
Telnet is how everything on the Internet used to work. It is the way that you connect to UNIX
type servers and is very basic. Therefore it is an excellent way to test your connectivity to
hosts on and off your network.
With the more recent versions of Windows, telnet support from the command line has been
introduced. For older versions of Windows you will to start the application from the start
menu.
You can telnet to any port on a machine to see if it is working correctly. The most common
telnet action is to connect to email servers. For example to connect to the email servers for
Microsoft you would enter the following command in a Command Prompt:
telnetmaila.microsoft.com25
Note the spaces between the name and the number.
You can also telnet to port 80 (web), 110 (pop3 email). However unless you know the
commands, actually navigating your way around is quite difficult. (For more information on
using telnet to outbound SMTP email, see the telnet-test page of our Exchange section.)
By telnetting to a host you can verify whether the port is open and ready to receive
connections. If you cannot connect on the port, then that indicates a problem.
Telnet is not installed by default on Windows Vista, Windows 7, Windows 2008 and
Windows 2008 R2. It needs to be enabled in Windows Components.