Hello everyone, I am Lao Yang.
If you were asked which command you use most frequently in your daily work, what would be your subconscious first reaction.
Years ago, I made an incomplete statistics. About 100 fans participated in a questionnaire survey, investigating the four network commands that each network worker uses the most when solving network failures.
Thus, there is today's ranking list.
Is there a useful command for you, but it is not included in this poll? You are also welcome to tell me the order + reason in the message area, and share a wave with other colleagues.
Today's article reading benefits: "The most complete technical map of networkers (HD)"
Private message Lao Yang, reply the keyword "network technology", and you can get the classic technology mind map of Internet workers (the most complete version), which will help you clarify your technical ideas, clear away the technical fog, and guide you in the direction of your 23-year efforts.
01 Ping command
The ping command is an executable command that comes with the Windows system to verify the connection between computers, and it is also one of the most written commands in my official account.
It is based on the TCP/IP protocol and detects the connection status between two computers by sending and receiving data packets.
Generally speaking, network workers use ping to check network conditions, mainly to check two indicators:
- The first is to see if it is timed out
- The second is to see if the delay is too high
If it times out, there must be a problem with the network (except for ping bans). If the delay is too high, the network situation must be very bad.
Therefore, when there is a network failure, you can use the ping command to estimate the failure point.
If the ping command is not successful, then you should consider whether the hardware connection is wrong, such as whether the network card settings are correct, such as whether the network cable is connected, and then consider whether the IP address setting is correct. The specific method of use is to call up the command prompt window, and then Ping the IP address.
To call up the command prompt window, you can enter CMD in Start-Run (or Win key + R, and then enter CMD) to call it up.
You can see that in the image above, the returned values include bytes, time, and TTL. The time indicates the length of time to connect with this address, and the smaller the value, the faster the time.
The TTL value represents the time to live (Time To Live), which refers to the number of network segments allowed to pass before the data is discarded by the router.
You can also see from the figure above that by default only 4 data packets are sent, if you want to return multiple data packets, you can use ping -n to achieve it.
If you want to return data packets without interruption, then use ping -t to achieve it, so that you will continue to return data until the administrator manually closes it. The shortcut key for closing is Ctrl+C.
For more applications of ping command parameters, you can enter: ping/? in the command line to view it.
Of course, here is also a series of usages of ping for you, remember to save it.
01 Use of ping-t
Ping the specified computer without interruption, until the administrator interrupts.
This shows that the computer is connected to the router and the network effect is good. Next, hold down the keyboard's Ctrl+c to terminate it and continue to ping, and it will stop, and it will summarize how many packets are running and how many are on and off.
02 Use of ping-a
Ping-a resolves the computer name and NetBios name. That is, the host name can be resolved by pinging its IP address.
03 Use of ping-n
By default, only 4 data packets are generally sent. Through this command, you can define the number of packets to be sent, which is very helpful for measuring the network speed.
For example: if you want to test the average return time of sending 10 data packets, what is the fastest time, and what is the slowest time, you can get the following information:
From the above operations, you can know that in the process of sending 10 data packets to 47.93.187.142, 10 data packets were returned without loss. Among the 10 data packets, the fastest return speed was 32ms, the slowest was 55ms, and the average speed was 37ms.
Description: The network is good.
For some bad networks, such as the monitoring system is very stuck, the returned results of this test may show a part of the loss. If the loss is relatively large, then it means that the network is not good.
Through this, you can intuitively judge the network situation.
04 Use of ping-I size
-l size: Send a data packet of the specified size to the target host.
By default, the size of the data packet sent by Windows ping is 32 bytes, and the maximum size can be 65500 bytes.
When the data packet sent at one time is greater than or equal to 65500byte, it may cause the receiver's computer to crash. So Microsoft has limited this value; this parameter is very harmful when combined with other parameters.
For example, an attacker can combine the -t parameter to implement a DOS attack. (So it is dangerous, don't easily use it on other people's computers).
For example, ping -l 65500 -t 211.84.7.46
The ping command will be continuously executed on the IP address until interrupted by the user with Ctrl+C.
In this way, it will continuously send data packets with a size of 65500 bytes to the 211.84.7.46 computer.
If you only have one computer, maybe it won't work.
But if you have a lot of computers, you can completely paralyze the other party and cause serious network congestion, which shows that the power is not trivial.
05 Use of ping-r count
Record the route of outgoing and return data packets in the "Record Route" field, and detect the number of routes passed, but only 9 routes can be traced at most.
ping -n 1 -r 9 202.102.224.25 (send a data packet, record up to 9 routes)
All 9 routes will be displayed, as shown in the figure above.
These 6 are the most commonly used Ping commands, and you may use them in projects. Here is a less commonly used but useful ping method.
06 Batch ping network segments
For a network segment with many IP addresses, if a single detection is too troublesome, then we can directly ping the network segment detection in batches, and it will be clear at a glance which IP address has a problem.
Look at the code first, enter directly in the command line window: for /L %D in (1,1,255) do ping 10.168.1.%D, change the IP address segment to the IP address segment you want to check.
When the batch command is input, it will automatically ping all the IP addresses in the network segment.
So what does this "for /L %D in(1,1,255) do ping 10.168.1.%D" code mean?
The (1,1,255) in the code is the beginning and the beginning of the network segment, which is to detect all the IP addresses between the network segment 192.168.
02 ARP command
The ARP command is an address resolution protocol, which is also a TCP/IP protocol, and its function is to obtain the MAC address of the device according to the IP address. Frequently used ones include querying, adding and deleting records.
Some fans and friends have asked many times, how to prevent IP address conflicts? How to solve? In many cases, except for man-made IP address conflicts, most of them are caused by ARP.
You type in the command prompt of a computer in the LAN: arp -a
You can read the one-to-one correspondence between the IP address and the physical MAC address.
When you want to bind or add an ARP record, you can use the arp -s command. The format is: ARP+space+-s+IP address+MAC address.
When you want to delete an APR record, use arp -d directly to delete it.
01 Usage of arp -a
Use arp -a when you need to display the mac address corresponding to the current ip address,
Enter "arp -a" in the command prompt and press Enter; automatically read the correspondence table between the IP address and the mac address in the cache.
02 Usage of arp -s
When you need to manually add an arp record, you can use arp -s.
Manually input an ARP item, the format is "ARP+space+-a+IP address+MAC address";
In fact, this command is also called the command to bind the mac address. For example, in a company network, employees often like to change the ip address of their computers, which often causes ip address confusion and cannot be managed.
Then, at this time, you only need to bind its ip address with the mac address of its computer, then the next time there is a network failure, you can directly locate those computers by the mac address.
03 Usage of arp -d
When you think there is a problem with an arp record, you can use arp-d to delete it. The function of this command is to delete all ARP records.
In fact, if you want to completely clear the ARP list, you need to prohibit all network connections, otherwise, a new ARP list will still be generated during the network data interaction process.
03 tracert command
This command is a traceroute command, which is used to determine the path taken by the IP data packet in the network to access the host.
It is not difficult to use, you can enter in the command prompt: tracert
You can see its commonly used commands and analysis.
For example, if you want to track a certain IP address, you can see the specific tracking path address.
When the network response is slow, the returned value is the request timeout. Usually about 10 nodes track the completed IP address or website, and the access speed is better.
On the Unix platform, the Traceroute command is equivalent to the Tracert command on the Windows platform, and it can also help us troubleshoot problems in the network.
When in network routing, if you want to check whether the line delay configured by you is normal, you can check whether the current trace route is smooth.
When a routing loop occurs on the network, the Ping command can only be used to know that a timeout error has occurred at the receiving end, but the Tracert command can easily find potential problems such as routing loops.
When a certain address is tracet, if the same address appears multiple times, it can be considered that a routing loop has occurred.
The current network is very slow, we can also modify the settings by checking which route has a slower response speed.
04 route command
The usage of this command is to manage and view the routing table of the local machine when the data packet cannot be effectively transmitted.
It has the following format:
route [-f] [-p] [Command [Destination] [mask Netmask] [Gateway] [metric Metric]] [if Interface]]
Just looking at this syntax, you may not be familiar with it, so next, you can learn more about the meaning of its parameters.
in:
–f: The parameter is used to clear the routing table.
-p: The parameter is used to permanently reserve a route (that is, the route will not be lost when the system restarts)
Command: There are mainly 4 commands: PRINT (print), ADD (add), DELETE (delete), CHANGE: (modify).
Destination: Represents the target IP address to be reached.
MASK: It is the keyword of the subnet mask.
Netmask: Represents the specific subnet mask. If there is no description, the default is 255.255.255.255 (stand-alone IP address), so be careful when typing the mask, and confirm whether you are adding an IP address or an IP network segment. If it represents all egress subnet masks, 0.0.0.0 can be used.
Gateway: represents the egress gateway.
01 usage of route print
The route print command is used to display the current items in the routing table, and the output results on a single router network segment are shown in the figure.
02 usage of route add
Use this command route add to add routing items to the routing table.
For example, if you want to set a route to the destination network 209.99.32.33, you need to go through 5 router network segments, first you need to go through a router on the local network with an IP of 202.96.123.5 and a subnet mask of 255.255.255.224, then the user should enter the following command:
route add 209.99.32.33 mask 255.255.255.224 202.96.123.5 metric 5
03 usage of route change
You can use the route change command to modify the data transmission route, but you cannot use this command to change the data destination. The following example changes the routing of the above example to a path containing 3 network segments:
route add 209.99.32.33 mask 255.255.255.224 202.96.123.250 metric 3
04 usage of route delete
Use the route delete command to delete routes from the routing table. For example: route delete 209.99.32.33
For more specific usage, you can enter route/? Check.
Finishing: Lao Yang 丨 10-year senior network engineer, more network workers to improve dry goods, please pay attention to the official account: Network Engineer Club