As Network Engineers we need to be versatile and troubleshooting-savvy in our work environment.

In addition to having strong knowledge of networking protocols and commands on network devices (routers, switches, firewalls etc) we need also to have very good knowledge of IP and other networking related commands on end-point devices such as Windows computers, Linux servers and workstations etc.

Now type: ipconfig, then press the Enter key. In this case, I am connected to both Wireless and Wired networks, so I have IP addresses displayed for both. Finding your IP address on Windows PCs. Dec 02, 2020 In Windows, ipconfig is a console application designed to run from the Windows command prompt. This utility allows you to get the IP address information of a Windows computer. It also allows some control over your network adapters, IP addresses (DHCP-assigned specifically), even your DNS cache. I pconfig replaced the older winipcfg utility.

In this article we’ll list and describe the most useful and helpful IP Commands on Windows operating system. Most of these commands (with some exceptions and variations) are also available on Linux OS.

I have found myself thousands of times to start troubleshooting network and connectivity problems from an end-point device first (computer, server etc) before moving on to the actual core network devices for further investigation.

Having knowledge of the following IP commands will add a strong array of resources in your troubleshooting arsenal.

At the end of this post you will find a download link for the PDF version of this article with all the commands which you can download for your own use.

Table of Contents

• Windows IP Commands

Windows IP Commands

Let’s now examine the most popular Windows CMD commands (from the DOS prompt) that are related to networking etc:

ipconfig command

This is one of the most useful IP commands on Windows. It displays tons of useful information about the current network settings on the machine such as IPv4 and IPv6 address of all network interface cards (Ethernet adapters, WiFi adapters, virtual network adapters etc), MAC address, default gateway, subnet mask, DNS server, DHCP information etc.

If you want to find the local IP address assigned to your computer or the MAC address of your Ethernet Adapter (shown as “Physical Address” in the command output as shown in the picture below), this is the quickest way to find this information.

Here is a screenshot example of what you can expect as output from ipconfig:

As shown above, you get information such as IPv4 and IPv6 address, MAC address, Default Dateway, DNS Servers etc.

Here are some different options of this command:

ipconfig /? : Displays all available options.

ipconfig /all : This will display output as shown on the screenshot above but for ALL network connection adapters of the computer (Wired Ethernet, WiFi, Vmware adapters etc).

ipconfig /release : This will release the current IPv4 addresses which were assigned dynamically from a DHCP server. If you specify also a connection name at the end, it will release only the IP of that connection adapter.

ipconfig /release6 : Same as above but for the IPv6 address.

Ipconfig Commands Ubuntu Tutorial

ipconfig /renew : This usually comes after the above command and is used to request a new IP address from a DHCP server.

ipconfig /renew6 : Same as above but for the IPv6 address.

ipconfig /flushdns : This deletes the local DNS resolver cache of the computer. This cache stores DNS entries of frequently accessed internet resources so that the computer will not query an external DNS server every time you try to access an internet resource (website etc). This command is useful when troubleshooting DNS connection problems.

ipconfig /displaydns : It shows the local DNS resolver cache entries as explained above.

ipconfig /registerdns : Refreshes all DHCP addresses and also communicates again with the external DNS server to make sure its reachable etc. Very useful when troubleshooting DNS and network connectivity problems of the local computer.

nslookup command

“nslookup” stands for “Name System Lookup” and is very useful in obtaining Domain Name System (DNS) related information about a domain or about an IP address (reverse DNS lookup).

nslookup [domain name]: The most popular usage of this command is to find quickly the IP address of a specific domain name (A-record) as shown below:

Example:

nslookup www.networkstraining.com

As shown above, the “nslookup” command followed by a domain name will show you the IPv4 and IPv6 addresses (A records and AAAA records) assigned to the specific domain.

nslookup [IP Address]: This will perform a reverse-DNS lookup and will try to match the given IP address in the command with its corresponding domain name.

Example:

nslookup 8.8.8.8

As shown on the screenshot above, the IP address 8.8.8.8 is mapped with the name “google-public-dns-a.google.com”. You should note however that not all IP addresses are assigned to a domain name so a lot of times you will not get any information from the command above.

There are several other interesting features of the nslookup command such as finding the authoritative DNS servers of a domain, the SOA and MX records of a domain and much more.

ping command

Now let’s examine one of the most popular utilities related to network connectivity.

Probably the first command that every computer user runs on the command line when having connectivity problems is the “ping” command.

This will quickly show you if can send and receive packets (icmp packets to be exact) from your computer and hence shows whether you have network connectivity or not.

Note also that “ping” is useful for testing connectivity for both the local computer from where you execute the command and also for a remote computer or server which you try to reach.

If for example you try to “ping” your local default gateway IP address and you get replies back (icmp echo replies), this means your local computer is properly connected to the network.

Now, if you “ping” a remote server on the Internet and you get replies back, it means that the remote server is properly connected to its network as well.

ping /? : Displays all available options as shown below:

ping [IP Address] : By default it will send 4 ICMP packets to the stated IP address.

Example:

ping 8.8.8.8

As you can see from the screenshot above, pinging the IP 8.8.8.8 results in sending 4 packets and then receiving back 4 packets from that IP.

ping [hostname or domain] : When “pinging” a hostname or domain name, the command will resolve first the name to IP address and then send the icmp packets to that IP.

Example:

ping www.networkstraining.com

ping [IP address] -t :This will send ping packets (icmp echo requests) continuously to the target IP.

ping -n 10 [IP address] :This will send 10 ping packets (icmp echo requests) to the target IP.

ping -l 1500 [IP address] :This will send ping packets (icmp echo requests) with size of 1500 bytes length to the target IP.

ping -a [IP address] :The -a switch tells the computer to try to find the hostname assigned to the specific IP address and then ping the IP.

ping -6 [domain or IP] :The -6 switch tells the computer to send IPv6 packets to the target.

tracert command

“tracert” in Windows stands for “Trace Route”. In Linux, the same command is “traceroute”.

The command traces the path that a TCP/IP packet takes towards a destination target and shows some information (if available) of the routing nodes within this path.

Just like the “ping” command, “tracert” sends also ICMP echo packets to the destination with varying Time-to-Live (TTL) values.

tracert [domain or IP] : Traces the TCP/IP path to the specified destination target IP or domain.

Example:

tracert www.networkstraining.com

As shown above, tracing the path to domain www.networkstraining.com shows all the intermediary routing nodes (with their hostname and IP address) until the final target destination.

When troubleshooting connection problems in a large network, you can use tracert to see where the packets stop before reaching the target and focus your efforts to find the problem on the node which does not route packets.

netstat command

Another important command is the Network Statistics (“netstat”) utility found in both Windows and Linux OS.

It shows the established network TCP/IP connections of the local computer with remote hosts, open ports on the machine, the process ID (PID) of each connection etc.

Personally I use this command mostly for security forensic purposes to identify if there are backdoors running on the computer, malicious connections to external Command-and-Control servers etc.

Here are some popular usages of this command:

netstat -ano : Displays all connections and listening ports (-a), addresses and ports in numerical form (-n) and also the process ID of each connection (-o).

netstat -vb : Very useful to examine also which executable and which sequence created each connection and each port.

Example:

C:WINDOWSsystem32>netstat -vb

As shown above, for each established connection you can see the executable (e.g chrome.exe, googledrivesync.exe etc) that created the connection.

netstat -p tcp -f : The “-p tcp” switch will show only TCP connections and the “-f” switch will show the FQDN name of each connection instead of just IP address.

Example:

C:WINDOWSsystem32>netstat -p tcp -f

route command

The “route” command is used to manipulate the local routing table of the computer. You can print the current routing table, add new static routes, delete entries etc.

Personally, the way I use the “route” command is to add a permanent static route entry in a computer. For example, there might be a specific network subnet which is not accessible via the default gateway of the computer. Instead, this remote subnet might be accessible via a different gateway IP. By adding a static route in the computer’s routing table you will be able to reach that remote subnet from a different gateway.

route PRINT : Displays the current routing table of the computer

route ADD [Destination network] MASK [mask] [gatewayIP]: This adds a static route in the table.

Example:

route ADD 10.10.10.0 MASK 255.255.255.0 192.168.1.2 Rome 2 overhaul mods.

The above command will add a static route for destination subnet 10.10.10.0/24 via gateway 192.168.1.2

arp command

ARP stands for “Address Resolution Protocol” and is one of the core networking protocols that work in Layer 2 level and facilitate communication in a LAN.

The job of ARP is to find the physical address (MAC address) of the target and map it with its corresponding Layer 3 IP address when communicating in a LAN. The ARP cache table stores mappings of IP addresses with their corresponding MAC address.

arp -a : Displays all ARP cache mappings (IP to MAC address)

Example:

C:WINDOWSsystem32>arp -a

As you can see from above, the local computer has learned dynamically (type=dynamic) using the ARP protocol two other local devices (192.168.10.7 and 192.168.10.254) and has stored their MAC address (Physical Address) in the ARP table.

arp -d [IP address] : This will delete the arp entry for the specified IP address.

The above is useful when you changed hardware on a specific node (e.g you have changed the default gateway router) and you want to remove old arp entries. Usually it’s not needed to do anything in such a case but sometimes its required on some older computers.

Ipconfig is a DOS utility that can be used from MS-DOS and the Windows command line to display the network settings currently assigned and given by a network. This command can be utilized to verify a network connection and your network settings.

Availability

Ipconfig is an external command and is available for the following Microsoft operating systems as ipconfig.exe.

Ipconfig syntax

Windows Vista and later syntax

Where adapter Connection name (wildcard characters * and ? allowed, see examples).

The default is to display only the IP address, subnet mask and default gateway for each adapter bound to TCP/IP.

For release and renew, if no adapter name is specified, then the IP address leases for all adapters bound to TCP/IP will be released or renewed.

For Setclassid and Setclassid6, if no ClassId is specified, then the ClassId is removed.

Windows 2000 and XP syntax

By default, only the IP address is displayed. The subnet mask and default gateway for each adapter are bound to TCP/IP.

For release and renew, if no adapter name is specified, then the IP address releases for all adapters bound to TCP/IP will be released or renewed.

For SetClassID, if no class id is specified, then the classid is removed.

Ipconfig On Mac

Windows 95, 98, and ME syntax

Ipconfig /flushdns

See All Results For This Question

Ipconfig examples

To get your computer's local network IP address, subnet mask, and default gateway typing ipconfig alone displays this information as shown below. Keep in mind this is only your local network information. If you're trying to determine your IP address used on the Internet, we suggest viewing our system information page.

Ethernet adapter Local Area Connection:

To get all local computer network information, use the /all switch as shown below, followed by the results that would be seen when using this command.

This command displays the same information as the previous example, but one line at a time. It can be useful for those looking for specific information or who don't want a lot of lines listed simultaneously. Use Enter to display the next line or the spacebar to display one page at a time.

Running the command above would display all the DNS information.

Alan wake skidrow crack password rar file. Deletes all DNS entries.

Additional information

• See our IP address definition for further information and related links on this term.