Protocol Dysfunction and Misconfiguration
Like any software, TCP/IP protocol software sometimes doesn't get installed properly. Even after it is installed, it might stop working because of a corrupt file or some change to the system configuration. For example, even if the software is working, the computer might not be able to connect to other computers because its IP address and subnet mask are incorrect.
These utilities come standard with TCP/IP implementations for all operating systems. The following sections discuss these important TCP/IP configuration utilities.
If you notice that your computer can't complete a network operation, the first question you should ask is whether it can complete any other network operation. In other words, is your computer currently functioning as a member of the network? The ping utility initiates the most minimal test of network connectivity. It sends a message to another computer that says "Are you there?" and waits for the other computer to respond.
By the Way
where IP address is the address of the computer to which you'd like to connect. Like other utilities, ping offers a number of additional command-line options. These options differ, depending on the implementation and the operating system.
The ping utility sends a message to the recipient computer using the ICMP echo request command. (For more information on ICMP, see Hour 4.) If the recipient computer is present and operational, it responds using the ICMP Echo Reply message.
When the sending computer receives the reply, it outputs a message stating that the ping was successful.
Successful completion of the ping command verifies that both the pinging and the pinged computers are on the network and able to communicate. However, keep in mind that ping is a very minimal application. It requires only that the bottom two layers of the TCP/IP stack are operational. You could have problems with TCP, UDP, or applications in the upper two layers and ping would still operate. If ping operates correctly, you can largely rule out problems with items such as the Network Access layer, the network adapter, cabling, and even routers.
Ping offers a number of options that make it particularly useful for troubleshooting network problems. You can
Configuration Information Utilities
All modern operating systems offer a utility that lets you view the current TCP/IP configuration. These utilities output information such as the IP address, subnet mask, and default gateway for the local computer. You can use these utilities to verify that the IP address information for the computer is what you expect. With the recent popularity of DHCP, you can't always determine the IP address information from configuration files or setup dialog boxes. The configuration information utilities tell you the address that the computer is actually using. If your computer is configured for DHCP, you might even discover that the computer has no IP address at all, indicating a problem with the DHCP server connection.
Of course, these utilities don't tell what your IP address and subnet mask should be. They just tell what address and mask your computer is using. It is then up to you to verify that the address parameters are consistent with the IP addressing scheme for your network (see Hours 5, "Subnetting" and 6, "The Transport Layer").
Unix and Linux systems use the ifconfig command to display address information. As you will recall from earlier hours, the IP address is actually associated with a network interface (such as a network adapter card) rather than with the computer itself. If a computer has two network interfaces, it will have two IP addresses. The ifconfig command displays address information associated with each network interface.
where <interface_name> is the name of the network interface for which you'd like to display address information. (In Unix and Linux, each network interface is assigned a name by the configuration file that defines the interface and is referenced by that name.) For example,
displays the current IP address and netmask (and other parameters depending on the Unix/Linux version) for the interface called eth0.
ifconfig also lets you directly configure IP address information for a network interface by typing the IP address and netmask directly at the command line:
ifconfig eth0 <IP_Address> netmask <netmask>
where <IP_Address> is the address of the interface and <netmask> is the network mask of the interface.
The ifconfig up and down options let you enable and disable the network interface. For example
ifconfig eth0 up ifconfig eth0 down
Windows NT, Windows 2000, and Windows XP use the ipconfig command to display local TCP/IP configuration settings.
By the Way
A variation on the release and renew options can be used to release or renew one adapter at a time in a computer that contains multiple network adapters. Assuming one of the computer adapters is named Elnk31, this one adapter can be released or renewed by using the command ipconfig /release Elnk31 or ipconfig /renew Elnk31.
If you are using Windows 95 or 98, you use the command winipcfg instead of ipconfig. Winipcfg displays a graphical interface with the same information as displayed by ipconfig, and it provides the same options for releasing and renewing IP addresses. (See Figure 13.2.)
Address Resolution Protocol (ARP)
ARP is a key TCP/IP protocol used to determine the physical address that corresponds to an IP address. Each host on a TCP/IP network maintains an ARP cache—a table used to connect IP addresses to physical addresses. The arp command enables you to view the current contents of the ARP cache of either the local computer or another computer. In most cases, the protocol software takes care of updating the ARP cache, and cases in which you need to use the arp command to troubleshoot a network connection are rare. However, the arp command is occasionally useful for tracing subtler problems related to the association of IP addresses with physical addresses. Some Unix and Linux systems, for instance, still require manual configuration of the physical address.
The arp command also enables you to enter desired physical/IP address pairs manually. You might want to do this for commonly used hosts such as the default gateway and local servers. This helps reduce traffic on the network.
Entries in the ARP cache are dynamic by default. Entries are automatically added to the cache whenever a directed datagram is sent and a current entry does not exist in the cache of the destination computer. The cache entries start to expire as soon as they are entered. Therefore, don't be surprised if there are few or no entries in the ARP cache. Entries can be added by performing pings of another computer or router. The following arp commands can be used to view cache entries:
See Figure 13.3 for examples of arp commands and responses.