LAB EXERCISE 1

UNDERSTANDING BASIC NETWORK COMMANDS

I. Objectives
- Understand several network-related commands

II. Requirements
Students are required to capture screenshots of the results and analyze them according to the
following tasks:

1. “ipconfig” Command
- Function:
-The ipconfig command is used in Windows to display the current IP configuration of a
computer’s network interfaces. It provides basic information such as the IP address, subnet
mask, and default gateway.

- Syntax:
-ipconfig

- Execution Results (screenshot):

- Analysis of Results:
- The output displays the IP address, subnet mask, and default gateway of the active
network interfaces. If multiple adapters are connected (e.g., Ethernet, Wi-Fi, VPN), each will
have a separate section. This command is useful for quickly identifying an IP address or
troubleshooting connectivity issues

Perform similar tasks with the following ipconfig commands:

ipconfig /all
- Function:
- The ipconfig /all command provides a comprehensive view of the network
configuration for all active and inactive network adapters on a Windows system. It displays
detailed information, including the MAC address, DHCP status, DNS servers, and IP lease times,
which are useful for troubleshooting network issues.
- Syntax:
-ipconfig /all

- Execution Results (screenshot):

- Analysis of Results:

ipconfig /release
- Function
- The ipconfig /release command is used to release the current IP address assigned to
the network adapter. It is useful when you want to disconnect from the network or request a
new IP address from a DHCP server.

- Syntax:
-ipconfig /release
- Execution Results (screenshot):

- Analysis of Results:
- After executing this command, the network adapter’s IP address is removed, and the
adapter is left without a valid IP configuration. If the system is using a static IP, the address will
remain unchanged. If DHCP is enabled, the adapter will have no IP until a new lease is obtained.
The output may show 0.0.0.0 as the IP address, indicating the adapter has been disconnected
from the network.
ipconfig /renew
- Function:
- The ipconfig /renew command is used to request a new IP address from a DHCP server.
This is useful for obtaining a fresh lease when troubleshooting network connectivity issues.
- Syntax
ipconfig /renew
- Execution Results (screenshot):
- Analysis of Results:
- After running this command, the network adapter communicates with the DHCP server
to obtain a new IP lease. The output will show a newly assigned IPv4 address, Subnet Mask,
and Default Gateway. If the DHCP server is unavailable, the adapter may receive an APIPA
address (169.254.x.x), indicating it failed to obtain an IP from the DHCP server.

ipconfig /displaydns
- Function:
- The ipconfig /displaydns command displays the contents of the DNS resolver cache.
This cache stores previously resolved domain names to speed up future lookups and reduce the
need to query external DNS servers
- Syntax:
- ipconfig /displaydns

- Execution Results (screenshot):

- Analysis of Results:
- The output lists domain names that have been resolved recently, along with their
associated IP addresses and Time-To-Live (TTL) values. This cache helps speed up browsing by
reducing DNS lookup times. However, outdated or incorrect entries can cause connection
issues, which is why clearing the cache (ipconfig /flushdns) is sometimes necessary for
troubleshooting.

netstat Command
- Function:
- The netstat command (short for "network statistics") is used to display active network
connections, listening ports, routing tables, and network interface statistics. It helps in
troubleshooting network-related issues and monitoring system connections.
- Syntax:
- netstat
- Execution Results (screenshot):
- Analysis of Results:
- The output displays a list of active network connections, including protocol type
(TCP/UDP), local and remote addresses, and connection states (e.g., ESTABLISHED, LISTENING,
CLOSE_WAIT). It helps identify open connections, diagnose network latency, and check for
unauthorized access.

Perform similar tasks with netstat using the following parameters: [-a], [-e], [-n], [-o], [-p
protocol], [-r], [-s]
- Function:

netstat -a Displays all active connections and listening ports.

netstat -e Displays Ethernet statistics such as the number of bytes sent/received, errors, and
discarded packets

netstat -n Displays network connections with numeric addresses instead of resolving domain
names.

netstat -o Displays active connections along with their corresponding Process IDs (PIDs).

netstat -p protocol Filters connections based on a specific protocol (TCP or UDP).

netstat -r Displays the system's routing table.

netstat -s Displays detailed network statistics for different protocols (TCP, UDP, ICMP, IPv4,
IPv6).
- Syntax:
netstat -a :
netstat -e
netstat -n
netstat -o
netstat -p tcp
netstat -r
netstat -s

- Execution Results (screenshot):

netstat -a :

netstat -e
netstat -n

netstat -o
netstat -p protocol

netstat -r
netstat -s

- Analysis of Results:
netstat -a :
- Shows both TCP and UDP connections, including those waiting for incoming
connections. Useful for checking open ports and active connections.

netstat -e
- Helps diagnose network performance issues and detect packet loss or errors.
netstat -n
Useful for faster results without DNS resolution, ideal for identifying suspicious
connections.

netstat -o
Helps identify which process is using a specific network connection by matching the PID
in Task Manager

netstat -p tcp
Helps monitor TCP/UDP connections separately.

netstat -r
Shows available network routes, including default gateway and active routes. Useful for
troubleshooting routing issues.

netstat -s
Useful for analyzing network traffic and diagnosing protocol-specific issues.

3. tracert Command
- Function:
The tracert command (short for "Trace Route") is used to track the path that packets
take from your computer to a destination host. It helps diagnose network latency and identify
bottlenecks.
- Syntax:
tracert [destination]
- Execution Results (screenshot):
- Analysis of Results:
The output shows the sequence of routers (hops) that packets pass through to reach the
destination. Each hop displays the response time in milliseconds (ms).
 If the trace stops at a certain hop, it may indicate a connectivity issue.
 High latency at a specific hop suggests network congestion.
 If asterisks (* * *) appear, it means that a router is not responding to ICMP requests.

Perform similar tasks with tracert using the following parameters: [-d], [-h MaximumHops], [-j
HostList], [-w Timeout]
- Function:
Tracert -d
Runs the trace without resolving IP addresses to domain names, making it faster.

tracert -h MaximumHops
Specifies the maximum number of hops (routers) the packet can pass through.

tracert -j HostList
Allows the user to specify loose source routing, meaning the packet follows a user-
defined route.

tracert -w Timeout
Sets the waiting time (in milliseconds) for each reply before considering it unreachable.

- Syntax:
Tracert -d
tracert -d google.com
tracert -h MaximumHops
tracert -h 15 google.com
tracert -j HostList
tracert -j 192.168.1.1 google.com
tracert -w Timeout
tracert -w 500 google.com

- Execution Results (screenshot):

Tracert -d

tracert -h MaximumHops
tracert -j HostList

tracert -w Timeout
- Analysis of Results:
Tracert -d
Displays only numeric IP addresses, which helps speed up the trace by skipping DNS
resolution.
tracert -h MaximumHops
Limits the number of hops in case of a long route, useful for troubleshooting
unreachable destinations.
tracert -j HostList
Used for testing custom routing paths but is often restricted by network security
settings.
tracert -w Timeout
Helps in diagnosing slow network responses by increasing/decreasing timeout
values.

### 4. route Command

- Function:
The route command is used to view and modify the network routing table. It helps
manage how data is forwarded between networks.
- Syntax:
route
- Execution Results (screenshot):
- Analysis of Results:
The command displays active routes, including destination networks, gateways, and
interface details. It is useful for troubleshooting routing issues or configuring static routes.

Investigate the route command with parameters: [-f], [-p], [-4|-6] command [destination]
[MASK netmask] [gateway] [METRIC metric] [IF interface]
- Provide the results of the route PRINT command.

- Function:
route -f
Clears all gateway entries from the routing table
route -p
Adds a persistent route that remains after a reboot.
route -4 and route -6
Specifies whether to show only IPv4 or IPv6 routes.
Adding a Static Route
Manually adds a specific route to the routing table.
route PRINT Command
Displays the current routing table, listing all network routes.
- Syntax:
route -f
route -f
route -p
route -p add 192.168.1.0 MASK 255.255.255.0 192.168.1.1
route -4 and route -6
route -4 print
 route -6 print
Adding a Static Route
route add [destination] MASK [netmask] [gateway] METRIC [metric] IF [interface]
route PRINT Command
route print
- Execution Results (screenshot):
route -f

route -p
route -4 and route -6
Adding a Static Route

route PRINT Command

- Analysis of Results:
route -f
Used to reset routes, usually requiring a system reboot or reconfiguration afterward.
route -p
Useful for setting permanent routes that do not reset on system restart.
route -4 and route -6
Helps filter route table output to focus on IPv4 or IPv6 traffic.
Adding a Static Route
Adds a specific static route to direct traffic through a defined gateway and network
interface.
route PRINT Command
The output includes:
 Network destination and subnet mask: Defines which networks can be reached.
 Gateway: The next-hop address for routing traffic.
 Interface: Specifies the local network adapter used.
 Metric: Determines route priority, where lower values take precedence.

5. ping Command
- Function
The ping command is used to test network connectivity between your computer and a
specified destination (e.g., a website, IP address, or another device in the network). It sends
Internet Control Message Protocol (ICMP) Echo Request packets and waits for a response to
measure latency and packet loss.
- Syntax:
ping [destination]
- Execution Results (screenshot):

- Analysis of Results:
 The ping command output includes:
o Reply from [IP Address]: Indicates a successful connection to the destination.
o Time (ms): Measures round-trip time, useful for diagnosing latency issues.
o Packets Sent/Received/Lost: Helps detect packet loss, which can indicate
network issues.
o Request Timed Out: May suggest that the destination is unreachable due to
network failures, firewall restrictions, or incorrect addresses.

Perform similar tasks with ping using the following parameters: [/t], [/a], [/l], [/n]
- Function:
ping /t
Sends continuous ping requests until manually stopped (Ctrl + C).
ping /a
Resolves the hostname associated with an IP address.
ping /l [size]
Specifies the size (in bytes) of the packets sent.
ping /n [count]
Specifies the number of echo request packets to send.

- Syntax:
ping /t
ping /t google.com
ping /a
ping /a 8.8.8.8
ping /l [size]
ping /l 1500 google.com
ping /n [count]
ping /n 5 google.com
- Execution Results (screenshot):
ping /t

ping /a

ping /l [size]
ping /n [count]

- Analysis of Results:
ping /t
Displays an ongoing series of replies from the target.
Useful for monitoring network stability and detecting intermittent connection drops.
Can be stopped using Ctrl + C.
ping /a

Converts the IP address into its corresponding hostname (if available).

Useful for checking if a specific IP address has an associated domain name.

ping /l [size]
Tests how a network handles different packet sizes.
Helps diagnose fragmentation issues when using large packets.

ping /n [count]
Limits the number of ping requests.
Useful for quick network tests without overwhelming the target server.

Explanation of error messages when using ping:

Notice: Explanation
Request time out The destination server did not respond within the
expected time frame. This could be due to network
congestion, firewall restrictions, or the target being
offline.
Destination host The destination is not reachable from your network.
unreachable This may be due to incorrect routing, network
disconnection, or the target device being powered
off.

6. nslookup Command
- Function:
The nslookup command is used to query DNS (Domain Name System) servers to obtain domain
name or IP address mappings. It helps troubleshoot DNS resolution issues.
- Syntax:
nslookup [hostname]
- Execution Results (screenshot):
- Analysis of Results: ……………...…………….…………….…………….…………….……………

Error Message Explanation

timed out The DNS query did not receive a response within
the allowed time, possibly due to network issues or
an unresponsive DNS server.
No response from The DNS server did not return any data, possibly
server due to misconfiguration or connectivity problems.
Nonexistent domain The domain name does not exist or is incorrectly
entered.
Network is unreachable There is no network connectivity to reach the DNS
server. This can be due to router issues, firewall
blocks, or incorrect IP settings.
Refused The DNS server refused to provide an answer,
possibly due to access restrictions or security
policies.