cmd commands for network analysis
With simple commands a quick overview of the current network settings can be read out and thus possible connection errors can be found, or an overview of other devices in the network can be obtained. The commands described here are cmd commands for Windows. They are entered via the command prompt: cmd.
Aim of this article Effort Prerequisite
in the command prompt
and a Windows computer
Determine IP address
The IP address or network address can be read out with the ipconfig command:
Relevant is usually the IPv4 address, which has the following format xxx.xxx.xxx.xxx, where xxx are each 3 numbers from 0-255. (In the screenshot 192.168.1.114)
IPv4 should be replaced by IPv6 in the long run, but it stubbornly persists and is typically in use. In the rarest cases, IPv6 is used for a home network.
The standard gateway is also interesting at this point. The standard gateway connects other networks, it forwards requests that cannot be answered by the local network. Mostly the standard gateway leads to the internet.
The router can be managed by calling the address in a browser.
Get Mac address
The MAC address is a unique address of the network adapter.
The MAC address can be read out either with the getmac command or with ipconfig /all:
Usually a laptop has several network cards, e.g. the WLAN adapter (wireless LAN adapter) and an RJ45 network card: Ethernet adapter.
The respective MAC address can be found under "Physical address".
Test connection
To test the connection to another network device, a ping can be sent:
Ping requests a response from the network device and measures the time until it comes back (RTT: Round trip; latency).
ping xxx.xxx.xxx.xxx
xxx.xxx.xxx.xxx is the IP address
E.g. ping 192.168.0.1
Pinging 192.168.0.1 with 32 bytes of data:
Reply from 192.168.0.1: bytes=32 time<1ms TTL=128
Reply from 192.168.0.1: bytes=32 time<1ms TTL=128
Reply from 192.168.0.1: bytes=32 time<1ms TTL=128
Reply from 192.168.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 192.168.0.1:
Packets: Sent = 4, Received =4, Lost = 0 (0% loss), ...The answer in this case is: the device with 192.168.0.1 is reachable and is in the immediate vicinity, because time<1ms
List of all network connections:
The command: netstat -ano prints a list of all network connections.
Legend:
| Lokale Adresse | Connection from the address |
|---|---|
| Foreign Address | Connection to the address with the indicated port (The port is after the ":" ) |
| State | For example, listening means that the computer is listening at this address, i.e. it is waiting for a connection; established means that there is an active connection here. |
| PID | To identify the programs behind it, the PID (Process Identification) is on the right. |
The program for the PID can be displayed either in the Task Manager or by means of the parameter /b.
To do this, open the Task Manager with [Ctrl-Alt-Del]. In Windows 10 you can find the PID under Details and possibly under Services.
The PID may have to be displayed using Select columns.
see also: show active network connections and processes | Windows
Determine the MAC address from the IP address
To do this, we must first ping the IP address (ping xxx.xxx.xxx.xxx) so that the client enters it into the ARP cache. With the command arp -a a list with IP addresses and the corresponding MAC addresses is output:
Interface: xxx.xxx.xxx.xxx --- xxxxxx
| Internetadresse | Physikal. Adresse | Typ |
|---|---|---|
| xxx.xxx.xxx.xxx | xx-xx-xx-xx-xx-xx | dynamic |
| xxx.xxx.xxx.xxx | xx-xx-xx-xx-xx-xx | dynamic |
also here with "physical address" the MAC address is meant.
Display routing tables
route print
Routing is used to assign networks to the various network adapters.
By interface is meant, for example, a network adapter and its associated IP address.
The route add command can be used to assign specific networks to specific interfaces.
The default gateway, for example, is used if no entry exists for a certain network, i.e. all networks. The default gateway always appears with the network destination 0.0.0.0 and with a network mask of 0.0.0.0.
Find out IP address of a domain
The nslookup command can be used to query a DNS server for a domain for its IP address.
Route tracing
tracert www.libe.net traces routes to the domain (which servers, routers, ... are traversed to the domain)
Connected network drives
By means of the netuse command, connected network drives can be displayed
({{pro_count}})
{{percentage}} % positive
({{con_count}})
THANK YOU for your review!
Top articles in this section
As is well known, the tool ping can be used to test the access to a certain network device and its response time. Not all devices will respond to a ping, but they may respond to a particular Tcp-Port if a particular network service is provided through it. Windows PowerShell allows you to test a specific port using Windows board tools. The psping tool can also measure the response time to a specific port.
OpenWRT provides a uniform and up-to-date software for different network devices like routers or access points and delivers countless additional setting options, software packages and functions. This makes it possible to combine new and old devices from different manufacturers and, among other things, to use low-cost hardware in a common WiFi, see: Setting up a home network: Extending LAN and WLAN | Improving.
If you want to get a quick overview of all active devices in a network, you can do this with network discovery, commands in the command prompt, in PowerShell or with special IP scanners. The PowerShell commands presented at the beginning of this post give a quick overview of all devices on the local network and may make special programs for scanning the network unnecessary. For expanding your own network, see also: Set up network for home: Expand and improve your LAN / Wi-Fi.