back to tech stuff

The small network troubleshooting guide

A command line session with positive and negative results on Win2k

Let's say, you want to test if you can connect to the mail server (smtp) of the Swiss internet provider Bluewin.

Open the command prompt (cmd.exe) and type the following command: 

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\>telnet mail.bluewin.ch 25

Positive case

220 mta3n.bluewin.ch ESMTP Service (Bluewin AG 6.0.040) ready
221 mta3n.bluewin.ch QUIT


Connection to host lost.

C:\>

If the telnet program gets a connection, it clears the screen and changes to interactive mode. In interactive mode you can enter and execute commands if you know the protocol of the service. You don't see what you type because the telnet application does not print what you type but only what it gets from the server. (Local echo is turned off and the smtp service on the server does not echo what it gets which is according to the smtp standard.) However, the command will be sent correctly to the server.
Talkative services like smtp welcome you in a human readable way. Others might just be silent or send unreadable binary data.
If you enter "quit" when connected to an smtp server, the server terminates the connection. The telnet application will recognize this and let you know with the the message "Connection to host lost". This is clean behavior for smtp services. All of this tells you that you do not have any problems with the connection to this service and that the service is basically up and running. In the most cases you can also be sure that you will not have any problems because of firewalls. Most known exception is ftp.

Negative case

C:\>telnet mail.bluewin.ch 25
Connecting To mail.bluewin.ch...Could not open a connection to host on port 25 :
Connect failed

C:\>

If you get the the message "Connect failed" it means that you have one of many possible problems.

Small Troubelshooting Guide

First you should try to ping the server and then go on with the list below. The list has to be checked in the enumerated order to produce appropriate diagnosis results. It is neither complete nor perfect but might give you a start.

No Problem Identification
0 Start with ping hostname If you ping a host (a network device like server, workstation or printer) by name, you find out a lot already. Quite important is the resolution of the hostname into the ip address.
(For more see below: "0. What can ping tell you").
1 Name resolution problem Try telnet by IP address instead of name. If this works it is a name resolution problem. Check your DNS, WINS, NetBEUI broadcast and hosts-file.
2 Service down Do the test on the server that runs the service or at least on another machine which is less far from the server. If it works on one but not on another station, you know that the service is running and the problem must be somewhere on the network.
3 Routing problem
(problem on the network)		 Ping to server must fail and traceroute (tracert command) breaks or loops before reaching the destination. This could also be a firewall problem. If ping or traceroute works, routing is usually ok.
4 Access restricted by access list / firewall
(problem on the network).		 If you can ping the server but not telnet to the service, access is blocked somewhere in the network.
Sometimes traceroute (tracert command) can help you to identify until where the data flows until it is blocked.


0.    What can ping tell you?

C:\>ping mail.bluewin.ch

Pinging mail.bluewin.ch [195.186.1.193] with 32 bytes of data:

Reply from 195.186.1.193: bytes=32 time=10ms TTL=244
Reply from 195.186.1.193: bytes=32 time=10ms TTL=244
Reply from 195.186.1.193: bytes=32 time=10ms TTL=244
Reply from 195.186.1.193: bytes=32 time=10ms TTL=244

Ping statistics for 195.186.1.193:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 10ms, Average = 10ms

C:\>

Ping does the following steps:

  1. Resolve the name into an IP address by using the standard name resolution mechanism (e.g. DNS, WINS, host file) on the client host.
  2. Send a packet with test data towards the destination server.
  3. Show received echo-reply packets if they were received within the timeout.

If you get a reply, you know the following for sure:

It does NOT tell you whether:

If you'd to read more details, check this (hacker) link out: http://www.hackemate.com.ar/ezines/0blivion/0blivion2/PING.TXT ( download )

1.    How to troubleshoot Name Resolution problems

First step here is to determine which name resolution mechanism you expect to do the job. Then, check with the "ipconfig -all" command if the appropriate servers are configured.
The following list can help you to find out what it might be in case you don't know:

Static resolution

Sometimes, there are static entries which define the resolution for a given name / IP address:

Check these two files for static entries if you get an unexpected result form a resolution.

Check DNS resolution with nslookup

If name cannot be resolved:

Here's a short session for the nslookup command which might give you a brief idea:

C:\>nslookup >
server 193.135.146.10
Default Server: ns.centralnet.ch
Address: 193.135.146.10

> www.sbb.ch
Server: ns.centralnet.ch
Address: 193.135.146.10

Non-authoritative answer:
Name: www.sbb.ch
Address: 193.192.251.7

> ?
Commands: (identifiers are shown in uppercase, [] means optional)
NAME - print info about the host/domain NAME using default server
NAME1 NAME2 - as above, but use NAME2 as server
help or ? - print info on common commands
set OPTION - set an option
all - print options, current server and host
[no]debug - print debugging information
[no]d2 - print exhaustive debugging information
[no]defname - append domain name to each query
[no]recurse - ask for recursive answer to query
[no]search - use domain search list
[no]vc - always use a virtual circuit
domain=NAME - set default domain name to NAME
srchlist=N1[/N2/.../N6] - set domain to N1 and search list to N1,N2, etc.
root=NAME - set root server to NAME
retry=X - set number of retries to X
timeout=X - set initial time-out interval to X seconds
type=X - set query type (ex. A,ANY,CNAME,MX,NS,PTR,SOA,SRV
querytype=X - same as type
class=X - set query class (ex. IN (Internet), ANY)
[no]msxfr - use MS fast zone transfer
ixfrver=X - current version to use in IXFR transfer request
server NAME - set default server to NAME, using current default server
lserver NAME - set default server to NAME, using initial server
finger [USER] - finger the optional NAME at the current default host
root - set current default server to the root
ls [opt] DOMAIN [> FILE] - list addresses in DOMAIN (optional: output to FILE)
-a - list canonical names and aliases
-d - list all records
-t TYPE - list records of the given type (e.g. A,CNAME,MX,NS,PTR etc.)
view FILE - sort an 'ls' output file and view it with pg
exit - exit the program

> exit

C:\>

....

For reverse lookup questions, see the discussion thread here:
http://www.mail-archive.com/swinog@swinog.ch/msg02778.html

More to follow in the future if I have some spare time :-)

I use nslookup in this example because it's delivered with most modern Windows'. In the Unix/Linux world internet engineers use the more powerful tool called "dig". dig is also available for Windows. Download dig on this page here: http://pigtail.net/LRP/dig/ The manual can be found here: http://pigtail.net/LRP/dig/dig.html

Created and copyright by Raphael Müller, Last Update: 31. January 2004