NETSH (Network Shell)
Configure Network Interfaces, Windows Firewall, Routing & remote access.
Syntax
NETSH [Context] [sub-Context] command
Key
The contexts and commands available vary by platform, the list below is for Windows 2008.
= add - Add a configuration entry to a list of entries.
netsh add helper - Install the specified helper DLL
= advfirewall - Change the 'netsh advfirewall' context.
netsh advfirewall consec ? - Display a list of commands.
netsh advfirewall consec add - Add a new connection security rule.
netsh advfirewall consec delete - Delete all matching connection security rules.
netsh advfirewall consec dump - Display a configuration script.
netsh advfirewall consec set - Set new values for properties of an existing rule.
netsh advfirewall consec show - Display a specified connection security rule.
netsh advfirewall dump Create a script that contains the current configuration.
If saved to a file, this can be used to restore the configuration settings.
netsh advfirewall export path\filename - Export the current policy to the specified file.
netsh advfirewall import path\filename - Import policy from the specified file.
netsh advfirewall firewall add - Add a new inbound or outbound firewall rule.
netsh advfirewall firewall delete - Delete all matching inbound rules.
netsh advfirewall firewall dump - Display a configuration script.
netsh advfirewall firewall set - Set new values for properties of a existing rule.
netsh advfirewall firewall show - Display a specified firewall rule.
netsh advfirewall monitor delete - Delete all matching security associations.
netsh advfirewall monitor dump - Display a configuration script.
netsh advfirewall monitor show - Show all matching security associations.
netsh advfirewall reset - Reset to factory settings (Firewall=ON)
netsh advfirewall set allprofiles - Set properties in all profiles.
netsh advfirewall set currentprofile - Set properties in the active profile.
netsh advfirewall set domainprofile - Set properties in the domain profile.
netsh advfirewall set global - Set the global properties.
netsh advfirewall set privateprofile - Set properties in the private profile.
netsh advfirewall set publicprofile - Set properties in the public profile.
netsh advfirewall show allprofiles - Display properties for all profiles.
netsh advfirewall show currentprofile - Display properties for the active profile.
netsh advfirewall show domainprofile - Display properties for the domain properties.
netsh advfirewall show global - Display the global properties.
netsh advfirewall show privateprofile - Display properties for the private profile.
netsh advfirewall show publicprofile - Display properties for the public profile.
netsh advfirewall show store - Display the policy store for the current interactive session.
=bridge - Change to the 'netsh bridge' context.
netsh bridge dump - Display a configuration script.
netsh bridge install - Install the component corresponding to the current context.
netsh bridge set - Set configuration information.
netsh bridge show - Display information.
netsh bridge uninstall - Remove the component corresponding to the current context.
=delete - Delete a configuration entry from a list of entries.
netsh delete helper Remove the specified helper DLL from netsh.
Note that after a helper is removed, it is no longer supported by netsh.
=dhcpclient - Change to the 'netsh dhcpclient' context.
netsh dhcpclient list - List all the commands available.
netsh dhcpclient trace enable - Enable tracing for DHCP client and DHCP QEC.
netsh dhcpclient trace disable - Disable tracing for DHCP client and DHCP QEC.
=dump - Display a configuration script.
netsh dump - Create a script that contains the current configuration.
If saved to a file, this can be used to restore the configuration settings.
=exec - Run a script file.
exec - Load a script file and run it.
=firewall - Change to the 'netsh firewall' context.
netsh firewall add - Add firewall configuration.
netsh firewall delete - Delete firewall configuration.
netsh firewall dump - Display a configuration script.
netsh firewall reset - Reset firewall configuration to default.
netsh firewall set allowedprogram - Set firewall allowed program configuration.
netsh firewall set icmpsetting - Set firewall ICMP configuration.
netsh firewall set logging - Set firewall logging configuration.
netsh firewall set multicastbroadcastresponse - Set firewall multicast/broadcast response configuration.
netsh firewall set notifications - Set firewall notification configuration.
netsh firewall set opmode - Set firewall operational configuration.
netsh firewall set portopening - Set firewall port configuration.
netsh firewall set service - Set firewall service configuration.
netsh firewall show allowedprogram - Show firewall allowed program configuration.
netsh firewall show config - Show firewall configuration.
netsh firewall show currentprofile - Show current firewall profile.
netsh firewall show icmpsetting - Show firewall ICMP configuration.
netsh firewall show logging - Show firewall logging configuration.
netsh firewall show multicastbroadcastresponse - Show firewall multicast/broadcast response configuration.
netsh firewall show notifications - Show firewall notification configuration.
netsh firewall show opmode - Show firewall operational configuration.
netsh firewall show portopening - Show firewall port configuration.
netsh firewall show service - Show firewall service configuration.
netsh firewall show state - Show current firewall state.
=help - Display a list of netsh commands.
netsh help
=http - Change to the 'netsh http' context.
netsh http add - Add a configuration entry to a table.
netsh http delete - Delete a configuration entry from a table.
netsh http dump - Display a configuration script.
netsh http flush - Flushe internal data.
netsh http show - Display information.
=interface - Change to the 'netsh interface' context.
netsh interface 6to4 + Change to the 'netsh interface 6to4' context.
netsh interface add - Add a configuration entry to a table.
netsh interface delete - Delete a configuration entry from a table.
netsh interface dump - Display a configuration script.
netsh interface ipv4 + Change to the 'netsh interface ipv4' context.
netsh interface ipv6 + Change to the 'netsh interface ipv6' context.
netsh interface isatap + Change to the 'netsh interface isatap' context.
netsh interface portproxy + Change to the 'netsh interface portproxy' context.
netsh interface reset - Reset information.
netsh interface set - Set configuration information.
netsh interface show - Display information.
netsh interface tcp + Change to the 'netsh interface tcp' context.
netsh interface teredo + Change to the 'netsh interface teredo' context.
The following sub-contexts are available:
6to4 ipv4 ipv6 isatap portproxy tcp teredo
=ipsec - Change to the 'netsh ipsec' context.
netsh ipsec dump - Display a configuration script.
netsh ipsec dynamic add - Add policy, filter, and actions to SPD.
netsh ipsec dynamic delete - Delete policy, filter, and actions from SPD.
netsh ipsec dynamic dump - Display a configuration script.
netsh ipsec dynamic set - Modifiy policy, filter, and actions in SPD.
netsh ipsec dynamic show - Display policy, filter, and actions from SPD.
netsh ipsec static add - Create new policies and related information.
netsh ipsec static delete - Delete policies and related information.
netsh ipsec static dump - Display a configuration script.
netsh ipsec static exportpolicy - Export all the policies from the policy store.
netsh ipsec static importpolicy - Import the policies from a file to the policy store.
netsh ipsec static set - Modify existing policies and related information.
netsh ipsec static show - Display details of policies and related information.
=lan - Change to the 'netsh lan' context.
netsh lan add - Add a configuration entry to a table.
netsh lan delete - Delete a configuration entry from a table.
netsh lan dump - Display a configuration script.
netsh lan export - Save LAN profiles to XML files.
netsh lan reconnect - Reconnect on an interface.
netsh lan set - Configure settings on interfaces.
netsh lan show - Display information.
=nap - Change to the 'netsh nap' context.
netsh nap client + Change to the 'netsh nap client' context.
netsh nap dump - Display a configuration script.
netsh nap hra + Change to the 'netsh nap hra' context.
netsh nap reset - Reset configuration.
netsh nap show - Show configuration and state information.
=netio - Change to the 'netsh netio' context.
netsh netio add - Add a configuration entry to a table.
netsh netio delete - Delete a configuration entry from a table.
netsh netio dump - Display a configuration script.
netsh netio show - Display information.
=ras - Change to the 'netsh ras' context. (Remote Access Server)
netsh ras aaaa - Change to the 'netsh ras aaaa' context.
netsh ras add - Add items to a table.
netsh ras delete - Remove items from a table.
netsh ras diagnostics - Change to the 'netsh ras diagnostics' context.
netsh ras dump - Display a configuration script.
netsh ras ip - Change to the 'netsh ras ip' context.
netsh ras ipv6 - Change to the 'netsh ras ipv6' context.
netsh ras set - Set configuration information.
netsh ras show - Display information.
=rpc - Change to the 'netsh rpc' context. (RPC firewall filter)
netsh rpc add - Create an Add list of subnets.
netsh rpc delete - Create a Delete list of subnets.
netsh rpc dump - Display a configuration script.
netsh rpc filter - Change to the 'netsh rpc filter' context.
netsh rpc reset - Reset the selective binding settings to 'none' (listen on all interfaces).
netsh rpc show - Display the selective binding state for each subnet on the system.
=set - Update configuration settings on a remote machine.
netsh set machine [name=] [user=][[DomainName\]UserName] [pwd=][Password | *]
If a machine name is not specified, the local machine is used.
A username and password cannot be used to connect to the local machine.
=show - Display information.
netsh show alias - List all defined aliases.
netsh show helper - List all the top-level helpers.
=winhttp - Change to the 'netsh winhttp' context.
netsh winhttp dump - Display a configuration script.
netsh winhttp import - Import WinHTTP proxy settings.
netsh winhttp reset - Reset WinHTTP settings.
netsh winhttp set - Configure WinHTTP settings.
netsh winhttp show - Display currents settings.
=winsock - Change to the 'netsh winsock' context.
netsh winsock audit - Display a list of Winsock LSPs that have been installed and removed.
netsh winsock dump - Display a configuration script.
netsh winsock remove - Remove a Winsock LSP from the system.
netsh winsock reset - Reset the Winsock Catalog to a clean state.
netsh winsock show - Display information.
netsh - Interactive mode
In interactive mode, switch context by typing any context name: advfirewall, bridge, firewall, http, interface, ipsec.. etc
list commands with ? exit interactive mode with Quit or Exit.
To view help for any command, type the command, followed by a space and ?
The syntax on this page is based on Windows 2008, for backwards compatibility with XP dns is an alias for dnsserver, ip is an alias for ipv4
Examples:
Install ipmontr.dll:
C:\> netsh advfirewall net add helper ipmontr.dll
Export the fiewall policy:
C:\> netsh advfirewall export “c:\advfirewallpolicy.wfw”
Show TCP/IP settings
C:\> netsh interface ip show config
Set a static IP address (e.g. for a laptop)
C:\> Netsh interface ip set address name=”Local Area Connection” source=static addr=192.168.0.10 mask=255.255.255.0 gateway=192.168.0.1 gwmetric=1
Set a dynamic IP address with DHCP
C:\> Netsh interface ip set address name=”Local Area Connection” source=dhcp
Add multiple DNS servers:
C:\> Netsh interface ipv4 add dns “Local Area Connection” 10.0.0.1
C:\> Netsh interface ipv4 add dns “Local Area Connection” 10.0.0.3 index=2
index=2 adds the IP as a secondary dns server.
Set a static DNS server address:
C:\> Netsh interface ip set dns name=”Local Area Connection” source=static addr=192.168.0.2 register=none
Set a dynamic DNS server address with DHCP:
C:\> netsh interface ip set dns name=”Local Area Connection” source=dhcp
Set a static address for the WINS server:
C:\> Netsh interface ip set wins name=”Local Area Connection” source=static addr=192.168.100.3
To configure WINS from DHCP:
C:\> Netsh interface ip set wins name=”Local Area Connection” source=dhcp
Backup the local DHCP server configuration to a file:
C:\> netsh dump dhcp > C:\backupDHCPconfig.dat
You can use this backup file to recreate the DHCP server with Netsh .
Work against a remote machine:
C:\> netsh set machine server64
Backup the current network interface configuration to a file:
C:\> netsh dump interface > c:\backupInterfaceConfig.dat
Restore network interface configuration from a file:
C:\> netsh exec c:\backupInterfaceConfig.dat
Run Netsh from Powershell (returns a Text object you can manipulate)
PS C:\> $myFWstate=netsh firewall show state
PS C:\> $myFWstate -match “disable”
Disable Network auto-tuning (certain routers and networking devices perform better with this off.)
PS C:\> netsh interface tcp set global autotuning=disabled
Enable Network auto-tuning (certain routers and networking devices perform better with this on.)
PS C:\> netsh interface tcp set global autotuning=normal
Routing Tables Overview
When routers need to forward packets, they interpret the addresses of the packets, and then use the information in the routing tables to pass the packet on. Data packets contain both source and destination addresses in their packet headers. This is the information that is used when routing decisions need to be made.
The destination address is compared with the local address to determine the following information on how to route the packet:
* Should the packet be sent up the stack on the local host
* Should the packet be sent to a different destination
* Should the packet simply be ignored
The routing table contains route entries. The different types of routes in the routing are:
* Host route: A host route provides a route to either of the following destinations:
o Specific destination host
o Broadcast address
Host routes are identified in the routing table by a network mask of 255.255.255.255.
* Network route: A network route provides a route to the following destination:
o Specific destination network
Network routes are identified in the routing table by a subnet mask between 0.0.0.0 and 255.255.255.255.
* Default route: Each routing table includes one default route. When a packet is received that has a destination address that does not correspond to any address in the routing table, the default route is used to forward this packet. The default route is identified in the routing table by a 0.0.0.0 address and a 0.0.0.0 network mask.
You can view the content of the IP routing table from:
* Routing And Remote Access management console
1. Click Start, Administrative Tools, and click Routing And Remote Access to open the Routing And Remote Access console.
2. In the console tree, expand the IP Routing node.
3. Right-click the Static Routes node, and then select Show IP Routing Table from the shortcut menu.
4. The entries in the routing table are displayed in the right pane of the Routing And Remote Access console.
* Command line
1. Open a command line window
2. Enter route print
With static routing, administrators have to manually create and modify the routing table entries. Each time a change occurs in the network configuration, the entries in the routing table have to be modified to reflect these changes. Static routing works well in a small network where it is easier to configure a small number of static routes than it is to configure dynamic routing.
With dynamic routing, routing protocols enable IP routers can communicate with each other. The routing protocols also enable routers to share the information they have in their routing tables. A router that is configured to use dynamic routing forwards its routing table’s content to the other routers configured for dynamic routing at regular time periods or intervals.
Understanding the Windows 2000 and Windows XP Routing Tables
The Windows 2000 routing table and Windows XP routing table can however only be accessed from a command line. The Routing And Remote Access management console cannot be used to view the contents of a Windows 2000 routing table and Windows XP routing table.
The standard fields in a Windows 2000 routing table and Windows XP routing table are:
* Network Destination: The Network Destination field contains entries which the router compares to the destination address of each packet that it receives. Some of these entries, like the default route entry, are the same for most routing tables. The network ID for the route can be either of the following:
o IP address for a host
o Subnet address
o Supernet address
o Class-based address
* Netmask: This is the mask used to associate the destination address to the network destination. The Netmask value basically specifies what element of the destination address of the packet is matched to the Network Destination entries. The largest match determines the route that will be applied to a specific IP packet.
* Gateway: After a route is applied to an IP packet, the value specified in the Gateway field defines the forwarding or next-hop IP address that the packet will use for the network destination.
* Interface: The value of the Interface field defines the IP address of the network interface card (NIC) used to forward the packet to the next hop.
* Metric: The value in the Metric field indicates the cost of using the route. The metric is used to determine which route is applied among the different route options.
The additional fields that can be present in the Windows 2000 routing table and Windows XP routing table are:
* Directly Attached Network ID Routes: This information is used for all routes which are directly attached. In this case, the Gateway IP address is the interface’s IP address on the specific network for all networks that are attached.
* Remote Network ID Routes: This information is used for those routes that are available through other routers. The routes are therefore not directly available. Here, the Gateway IP address is the local router’s IP address which is located between the forwarding node and the remote network.
* Host Routes: This field allows you to enter a route to a specific destination host. In this case, the network destination is the specific host’s IP address. The subnet mask is 255.255.255.255.
* Default Route: You can enter a default route that will be used to forward packets where the network ID or host route cannot be found in the routing table. In this case, the network destination is 0.0.0.0. The subnet mask is 0.0.0.0.
How to view a Windows 2000 routing table or Windows XP routing table:
1. Click Start, Run, enter cmd, and then press Enter to open a command prompt window.
2. Enter the command route help to display the different commands that can be used with the route command. Press Enter
3. To view the routing table, enter route print.
4. The default routing table entries are created whenever the TCP/IP protocol starts on the specific computer.
5. The default route should be displayed as 0.0.0.0 with the subnet mask of 0.0.0.0.
6. The loopback route should be displayed as 127.0.0.0 with a subnet mask of 255.0.0.0 and gateway 127.0.0.1.
7. The Network Destination column should contain a route entry for the local computer.
8. Enter exit to close the command prompt window.
How to add routing table entries using the route command:
1. Click Start, Run, enter cmd, and then press Enter to open a command prompt window.
2. Enter the command route help to display the different commands that can be used with the route command. Press Enter.
3. The command line format used to add a routing table entry is:
* route add [destination] [mask] [gateway] [metric] IF [interface]
4. To verify that the correct routing table entry was added, enter route print to view the routing table.
5. If the incorrect gateway or metric was entered, use the route change command to modify these values.
6. If any other information was incorrectly entered, you have to use the route delete command to delete the specific entry, and the route add command to re-enter the routing table entry.
How to delete routing table entries:
1. Click Start, Run, enter cmd, and then press Enter to open a command prompt window.
2. The command line format to delete a routing table entry is:
* route delete [destination]
3. To verify that the correct routing table entry was deleted, enter route print to view the routing table.
Understanding the Windows Server 2003 Routing Table
The Windows Server 2003 routing table contains the following standard fields:
* Network Destination
* Netmask
* Gateway
* Interface
* Metric
* Protocol
With Windows Server 2003, you can view the routing table using:
* The route command from the command line. The route commands in Windows 2000, Windows XP and Windows Server 2003 are all the same
* The Routing and Remote Access management console. You an access the Routing and Remote Access console by clicking Start, Administrative Tools, and then clicking Routing and Remote Access.
The main differences between the previous routing tables and the Windows Server 2003 routing tables are listed below:
* With Windows Server 2003, the routing metric is automatically calculated by the TCP/IP protocol. The speed of the interface is used to determine the routing metric. The feature is automatically enabled by default.
* With the previous routing tables, the netmask for the Class D multicast is specified as 224.0.0.0. With Windows Server 2003 routing tables, the netmask for the Class D multicast is specified as 240.0.0.0.
* The routing tables in Windows Server 2003 can be viewed and maintained through the Routing and Remote Access management console. In Windows 2000 and Windows XP, routing tables could only be viewed and modified from the command line, using the route command.
How to view the routing table in Window Server 2003:
1. Click Start, Administrative Tools, and click Routing And Remote Access to open the Routing And Remote Access console.
2. In the console tree, expand the IP Routing node.
3. Right-click the Static Routes node, and then select the Show IP Routing Table command from the shortcut menu.
4. When the routing table is viewed from the Routing And Remote Access console, the Protocol field is displayed. The Protocol field indicates the manner in which the route was discovered.
How to add routing table entries using the Routing And Remote Access console:
1. Click Start, Administrative Tools, and click Routing And Remote Access to open the Routing And Remote Access console.
2. In the console tree, expand the IP Routing node.
3. To view the routing table for an interface, right-click the specific interface, and then select Show IP routing Table from the shortcut menu.
4. To add a static routing table entry, expand the IP Routing node, and then select Static Routes.
5. Right-click Static Routes, and click Add Static Route on the shortcut menu.
6. The Static Route dialog box opens.
7. From the Interface drop-down list box, select the interface.
8. Enter a value for Destination.
9. Enter a value for Network mask.
10. Enter a value for Gateway.
11. Enter a value for Metric.
12. Leave the demand-dial connections checkbox enabled if the route is to be used for demand-dial connections.
13. Click OK.
How to delete routing table entries using the Routing And Remote Access console
1. Click Start, Administrative Tools, and click Routing And Remote Access to open the Routing And Remote Access console.
2. In the console tree, expand the IP Routing node.
3. Select Static Routes to display the current static routes in the right pane.
4. Locate and select the static route that you want to remove from the IP routing table.
5. Right-click the specific static route, and then select Delete from the shortcut menu.
6. The static route is immediately removed from the routing table.
How to disable the automatic metric calculation feature:
1. Click Start, Control Panel, and then click Network Connections.
2. Select Local Area Connection.
3. The Local Area Connection Properties dialog box opens.
4. In the This connection uses the following items box, select the Internet Protocol (TCP/IP). Click Properties.
5. When the Internet Protocol (TCP/IP) Properties dialog box opens, click Advanced.
6. The Advanced TCP/IP Settings dialog box contains a number of tabs: IP Settings tab, DNS tab, WINS tab and Options tab.
7. The IP Settings tab is divided into the following areas:
* IP addresses
* Default gateways
* Automatic metric
8. In the Automatic metric area of the IP Settings tab, uncheck the Automatic metric checkbox to disable the automatic metric calculation feature.
9. You can manually enter the Interface metric once the automatic metric calculation feature is disabled.
10. Proceed to set the value for the Interface metric in the available field.
11. Click OK to save your changes and close the Advanced TCP/IP Settings dialog box.
12. Click OK to close the Internet Protocol (TCP/IP) Properties dialog box.
13. Click OK to close the Local Area Connection Properties dialog box.
The workings of traceroute.
When you execute a traceroute command your machine sends out 3 UDP packets with a TTL (Time-to-Live) of 1. When those packets reach the next hop router, it will decrease the TTL to 0 and thus reject the packet. It will send an ICMP Time-to-Live Exceeded (Type 11), TTL equal 0 during transit (Code 0) back to your machine – with a source address of itself, therefore you now know the address of the first router in the path.
Next your machine will send 3 UDP packets with a TTL of 2, so the first router that you already know passes the packets on to the next router after reducing the TTL by 1 to 1. The next router decreases the TTL to 0, thus rejecting the packet and sending the same ICMP Time-to-Live Exceeded with its address as the source back to your machine. Thus you now know the first 2 routers in the path.
This keeps going until you reach the destination. Since you are sending UDP packets with the destination address of the host you are concerned with, once it gets to the destination the UDP packet is wanting to connect to the port that you have sent as the destination port, since it is an uncommon port, it will most like be rejected with an ICMP Destination Unreachable (Type 3), Port Unreachable (Code 3). This ICMP message is sent back to your machine, which will understand this as being the last hop, therefore traceroute will exit, giving you the hops between you and the destination.
The UDP packet is sent on a high port, destined to another high port. On a Linux box, these ports were not the same, although usually in the 33000. The source port stayed the same throughout the session, however the destination port was increase by one for each packet sent out.
One note, traceroute actually sends 1 UDP packet of TTL, waits for the return ICMP message, sends the second UDP packet, waits, sends the third, waits, etc, etc, etc.
If during the session, you receive * * *, this could mean that that router in the path does not return ICMP messages, it returns messages with a TTL too small to reach your machine or a router with buggy software. After a * * * within the path, traceroute will still increment the TTL by 1, thus still continuing on in the path determination.
Cloud Computing
One thing that’s come up in a lot of conversations with clients shopping for a hosting solution is the idea of cloud computing. A lot of people are interested in it and they wonder if that is not the solution they are looking for instead of a dedicated server.
As evidence to the confusion articles on the Internet that explain cloud computing make any
number of poor comparisons.
For example, is the following statement correct about cloud computing?
“In a cloud computing system, there’s a significant workload shift. Local computers no longer have to do all the heavy lifting when it comes to running applications.”
Yes it could be true but that is also true of good old-fashioned client/server computing. In fact the vast majority of all definitions seem to fit either equally well. The current buzz word “cloud computing” may be the rage but it is fuzzier than ever and seems more about marketing differences than network design.
Since when has one cared before “cloud computing” about where the data that you store is or the application that you run? Most users don’t even care or know if they are hosting on a Linux or Windows server just as long as it works.
Cloud computing is built around the idea of almost limitless resource. In the past if you were a virtual customer sharing a machine and your website became so large, popular or otherwise a very heavy user of resources the hosting company would direct you to use a dedicated machine. So scaling up would be a “cloud” advantage. On the other hand, it is a very minor advantage as that happens on only rare occasions. Also, with the use of modern control panel software it is often just a few button clicks to transfer a website and all the associated services to not just another and larger machine on a data center but to any server on any appropriate network anywhere in the world.
Our own concerns at SecureWebs are predicated in the downside of cloud computing – the concept of putting all your eggs in one basket. The type of outages or data loss that we hear about once in awhile now days are because of cloud computing and are of a huge scale. In other words, if you have lots of servers running off one network area storage unit and you loose that unit you could bring down dozens or even hundreds of servers. So do you build lots of stand-alone servers of different sizes for difference needs and practice the art of replacing each one should any software or hardware failure occur or do you build a very large array of servers to do the same thing?
You know your old when something that was once a revolution, the PC revolution where each worker would have their own private processing power (workstation) and make decisions in part on their preferred applications is no longer trendy. Given more time it might occur to all these cloud computer article authors that the metaphor for the cloud is very similar to main frame computing from yesteryear where computing time was controlled by the IT staff and you had limited flexibility in changing anything in the computing environment. Not a perfect analogy but cloud computer does remind one of the “bad old days”. Live long enough and everything comes full-circle again.
(ARP) Cache
The address resolution protocol (ARP) cache is a list of recently resolved IP address to Media Access Control (MAC) address mappings. The MAC address is the unique physical address embedded in each network adapter.
If an entry in the ARP cache is incorrect, IP datagrams may be sent to the wrong computer. To display all mappings currently in the ARP cache, use the ARP command by typing arp -a at a command prompt. You should receive either a “No ARP Entries Found” message (if the ARP cache is empty) or a response similar to the following:
Interface: 10.1.1.3 on Interface 2 Internet Address Physical Address Type 10.1.1.7 08-00-02-06-ed-20 dynamic 10.1.1.254 08-00-02-0a-a3-10 dynamic
To remove any incorrect entries in the ARP cache, clear all entries using the following command:
Where <IP address> is an Internet address stored in the ARP cache. Use this command for each entry in the ARP cache until all entries have been deleted.
For more information on the syntax, options, and usage of the ARP command, type arp -? at a command prompt.
Ping the Loopback Address
Use the PING command to verify that TCP/IP is working properly. To do so, ping the loopback address (127.0.0.1) by typing the following command at a command prompt:
You should receive a response similar to the following:
Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time=<10ms TTL=128 Reply from 127.0.0.1: bytes=32 time=<10ms TTL=128 Reply from 127.0.0.1: bytes=32 time=<10ms TTL=128 Reply from 127.0.0.1: bytes=32 time=<10ms TTL=128
If you receive an error message at this point, TCP/IP is not properly installed.
ICMP Basics
Internet Control Message Protocol (ICMP) is an error reporting and diagnostic utility and is considered a required part of any IP implementation. Understanding ICMP and knowing what can possibly generate a specific type of ICMP is useful in diagnosing network problems.
ICMPs are used by routers, intermediary devices, or hosts to communicate updates or error information to other routers, intermediary devices, or hosts.
Each ICMP message contains three fields that define its purpose and provide a checksum. They are TYPE, CODE, and CHECKSUM fields. The TYPE field identifies the ICMP message, the CODE field provides further information about the associated TYPE field, and the CHECKSUM provides a method for determining the integrity of the message.
The TYPES defined are:
TYPE Description ---- ----------- 0 Echo Reply 3 Destination Unreachable 4 Source Quench 5 Redirect Message 8 Echo Request 11 Time Exceeded 12 Parameter Problem 13 Timestamp Request 14 Timestamp Reply 15 Information Request (No Longer Used) 16 Information Reply (No Longer Used) 17 Address Mask Request 18 Address Mask Reply
Echo Request & Echo Reply
This is the ICMP most used to test IP connectivity commonly known as PING. The Echo Request ICMP will have a Type field of 8 and a Code field of 0. Echo Replies have a Type field of 0 and a Code field of 0.
Destination Unreachable
When a packet is undeliverable, a Destination Unreachable, Type 3, ICMP is generated. Type 3 ICMPs can have a Code value of 0 to 15:
Type 3 Code Value Description ----- ----------- 0 Network Unreachable 1 Host Unreachable 2 Protocol Unreachable 3 Port Unreachable 4 Fragmentation needed and DF (Don't Fragment) set 5 Source route failed 6 Destination Network unknown 7 Destination Host unknown 8 Source Host isolated 9 Communication with Destination Network Administratively Prohibited 10 Communication with Destination Host Administratively Prohibited 11 Network Unreachable for Type Of Service 12 Host Unreachable for Type Of Service 13 Communication Administratively Prohibited by Filtering 14 Host Precedence Violation 15 Precedence Cutoff in Effect
Source Quench
An ICMP Source Quench message has a Type field of 4 and Code 0. Source Quench messages are sent when the destination is unable to process traffic as fast as the source is sending it. The Source Quench ICMP tells the source to cut back the rate at which it is sending data. The destination will continue to generate Source Quench ICMPs until the source is sending at an acceptable speed.
Redirect Message
An intermediary device will generate an ICMP Redirect Message when it determines that a route being requested can be reached either locally or through a better path. Redirect Message ICMPs are Type 5 and are further defined by the following Code field values:
Type 5 Code Value Description ----- ----------- 0 Redirect datagrams for the Network 1 Redirect datagrams for the Host 2 Redirect datagrams for the Type of Service and Network 3 Redirect datagrams for the Type of Service and Host
Time Exceeded
If a router or host discards a packet due to a time-out, it will generate a Time Exceeded Type 11 ICMP. The Time Exceeded ICMP will have a Code value of either 0 or 1. A Code 0 is generated when the hop count of a datagram is exceeded and the packet is discarded. A Code 1 is generated when the reassemble of a fragmented packet exceeds the time-out value.
Parameter Problem
When an intermediary device or host discards a datagram due to inability to process, an ICMP 12 is generated. Common causes of this ICMP are corrupt header information or missing options. If the reason for the ICMP is a required missing option, the ICMP will have a Code value of 1. If the Code value is 0, the Pointer field will contain the octet of the discarded datagram’s header where the error was detected.
Timestamp Request & Timestamp Reply
Timestamp Request and Timestamp Reply is a rudimentary method for synchronizing the time maintained on different devices. The Request has a Type field of 13 and the Reply is Type 14. This method for time synchronization is crude and unreliable. Therefore, it is not heavily used.
Information Request & Information Reply
These ICMP types were originally designed to allow a booting host to discover an IP address. This method is obsolete and is no longer used. Most common methods for IP address discovery are BOOTP (bootstrap protocol) and DHCP (dynamic host configuration protocol). BOOTP is defined by RFC1542, and DHCP is defined by RFC1541.
Address Mask Request & Address Mask Reply
A booting computer to determine the subnet mask in use on the local network uses the Address Mask Request ICMP Type 17. An intermediary device or computer acting as an intermediary device will reply with a Type 18 ICMP Address Mask Reply ICMP.
Understanding IP Addressing
Every device connected to the Internet needs to have an identifier. Internet Protocol (IP) addresses are the numerical addresses used to identify a particular piece of hardware connected to the Internet.
The two most common versions of IP in use today are Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). Both IPv4 and IPv6 addresses come from finite pools of numbers.
For IPv4, this pool is 32-bits (232) in size and contains 4,294,967,296 IPv4 addresses. The IPv6 address space is 128-bits (2128) in size, containing 340,282,366,920,938,463,463,374,607,431,768,211,456 IPv6 addresses.
A bit is a digit in the binary numeral system, the basic unit for storing information.
Not every IP address in the IPv4 or IPv6 pool can be assigned to the machines and devices used to access the Internet. Some IP addresses have been reserved for other uses, such as for use in private networks. This means that the total number of IP addresses available for allocation is less than the total number in the pool.
Network prefixes
IP addresses can be taken from the IPv4 or the IPv6 pool and are divided into two parts, a network section and a host section. The network section identifies the particular network and the host section identifies the particular node (for example, a certain computer) on the Local Area Network (LAN).
Allocation
IP addresses are assigned to networks in different sized ‘blocks’. The size of the ‘block’ assigned is written after an oblique (/), which shows the number of IP addresses contained in that block. For example, if an Internet Service Provider (ISP) is assigned a “/16”, they receive around 64,000 IPv4 addresses. A “/26” network provides 64 IPv4 addresses. The lower the number after the oblique, the more addresses contained in that “block”.
IPv4
The size of the prefix, in bits, is written after the oblique. This is called “slash notation”. There is a total of 32 bits in IPv4 address space. For example, if a network has the address “192.0.2.0/24”, the number “24” refers to how many bits are contained in the network. From this, the number of bits left for address space can be calculated. As all IPv4 networks have 32 bits, and each “section” of the address denoted by the decimal points contains eight bits, “192.0.2.0/24” leaves eight bits to contain host addresses. This is enough space for 256 host addresses. These host addresses are the IP addresses that are necessary to connect your machine to the Internet.
A network numbered “10.0.0.0/8” (which is one of those reserved for private use) is a network with eight bits of network prefix, denoted by “/8” after the oblique. The “8” denotes that there are 24 bits left over in the network to contain IPv4 host addresses:16,777,216 addresses to be exact.
Classless Inter-Domain Routing (CIDR) Chart
The Classless Inter-Domain Routing (CIDR) is commonly known as the CIDR chart and is used by those running networks and managing IP addresses. It enables them to see the number of IP addresses contained within each “slash notation” and the size of each “slash notation” in bits.
Samsung SSD Awesomeness
These guys did something amazing by taking 24 256GB Samsung MLC SSD’s and put them in RAID to make an amazing awesome computer! See how they did it, and what the results were!
http://www.youtube.com/watch?v=96dWOEa4Djs
