TCP/IP in Windows 2000 Professional

  • Article

If host name resolution occurs successfully, the problem might lie elsewhere. In this case, the problem might be simply a matter of correcting the IP configuration rather than examining the name resolution process.

TCP/IP troubleshooting generally follows a set pattern. In general, first verify that the problem computer's TCP/IP configuration is correct, and then verify that a connection and a route exist between the computer and destination host by using Ping.

Compile a list of what works and what doesn't work, and then study the list to help isolate the failure. If link reliability is in question, try a large number of pings of various sizes at different times of the day, and plot the success rate or use the PathPing tool.

Check Configuration with Ipconfig

When troubleshooting a TCP/IP networking problem, begin by checking the TCP/IP configuration on the computer experiencing the problem. Use the ipconfig command to get the host computer configuration information, including the IP address, subnet mask, and default gateway.

When Ipconfig is used with the /all switch, it produces a detailed configuration report for all interfaces, including any configured remote access adapters. Ipconfig output can be redirected to a file and pasted into other documents. To do so, type ipconfig > directory \ file name . The output is placed in the directory you specified with the file name you specified.

The output of Ipconfig can be reviewed to find any problems in the computer network configuration. For example, if a computer has been configured with an IP address that is a duplicate of an existing IP address that has already been detected, the subnet mask appears as 0.0.0.0.

If no problems appear in the TCP/IP configuration, the next step is to test the ability to connect to other host computers on the TCP/IP network.

Test Network Connection with Ping and PathPing

Ping is a tool that helps to verify IP-level connectivity; PathPing is a tool that detects packet loss over multiple-hop trips. When troubleshooting, the ping command is used to send an ICMP Echo Request to a target host name or IP address. Use Ping whenever you want to verify that a host computer can send IP packets to a destination host. You can also use the Ping tool to isolate network hardware problems and incompatible configurations.

note-icon

Note

If you call ipconfig /all and receive a response, there is no need to ping the loopback address and your own IP address—Ipconfig has already done so to generate the report.

It is best to verify that a route exists between the local computer and a network host by first using Ping and the IP address of the network host to which you want to connect. The command syntax is:

**ping <**IP address >

Perform the following steps when using Ping:

  1. Ping the loopback address to verify that TCP/IP is installed and configured correctly on the local computer.

ping 127.0.0.1

If the loopback step fails, the IP stack is not responding. This might be because the TCP drivers are corrupted, the network adapter might not be working, or another service is interfering with IP.

  1. Ping the IP address of the local computer to verify that it was added to the network correctly. Note that if the routing table is correct, this simply forwards the packet to the loopback address of 127.0.0.1.

ping < IP address of local host >

  1. Ping the IP address of the default gateway to verify that the default gateway is functioning and that you can communicate with a local host on the local network.

ping < IP address of default gateway >

  1. Ping the IP address of a remote host to verify that you can communicate through a router.

ping < IP address of remote host >

  1. Ping the host name of a remote host to verify that you can resolve a remote host name.

ping < Host name of remote host >

  1. Run a PathPing analysis to a remote host to verify that the routers on the way to the destination are operating correctly.

pathping < IP address of remote host >

note-icon

Note

If your local address is returned as 169.254. y.z , you have been assigned an IP address by the Automatic Private IP Addressing (APIPA) feature of Windows 2000. This means that the local DHCP server is not configured properly or cannot be reached from your computer, and an IP address has been assigned automatically with a subnet mask of 255.255.0.0. Restart the Windows 2000 Professional– based computer, and see if the networking problem persists.

If your local address is returned as 0.0.0.0, the Microsoft MediaSense software override started because the network adapter detects that it is not connected to a network. To correct this problem, turn off MediaSense by making sure that the network adapter and network cable are connected to a hub. If the connection is solid, reinstall the network adapter's drivers or a new network adapter.

Ping uses host name resolution to resolve a computer name to an IP address, so if pinging by IP address succeeds, but fails by name, then the problem lies in host name resolution, not network connectivity. For more information about troubleshooting host name resolution, see Troubleshooting Name Resolution earlier in this chapter.

If you cannot use Ping successfully at any point, check the following:

  • The local computer's IP address is valid and appears correctly in the IP Address tab of the Internet Protocol ( TCP/IP)Properties dialog box or when using the Ipconfig tool.

  • A default gateway is configured and the link between the host and the default gateway is operational. For troubleshooting purposes, make sure that only one default gateway is configured. While it is possible to configure more than one default gateway, gateways beyond the first are only used when the IP stack determines that the original gateway is not functioning. Because the point of troubleshooting is to determine the status of the first configured gateway, delete all others to simplify your troubleshooting.

  • IP Security is not currently enabled. In some cases, IPSec functions interfere with ping packets being sent to or from a remote host. For more information about IPSec, see Configuring IPSec Policies earlier in this chapter.
    important-icon
    Important
    If the remote system being pinged is across a high-delay link such as a satellite link, responses might take longer to be returned. The -w (wait) switch can be used to specify a longer time-out.

Clear ARP Cache

If you can ping both the loopback address and your own IP address, the next step is to clear out the ARP cache and reload it. This can be done by using the Arp tool. Use commands arp -a or arp -g to display the cache contents. Delete the entries with arp -d < IP address >.

Verify Default Gateway

Next, look at the default gateway. The gateway address must be on the same network as the local host; if not, no messages from the host computer can be forwarded to any location outside the local network. Next, check to make sure that the default gateway address is correct as entered. Finally, check to see that the default gateway is a router, not just a host, and that it is enabled to forward IP datagrams.

Ping Remote Host

If the default gateway responds correctly, ping a remote host to ensure that network-to-network communications are operating as expected. If this fails, use Tracert to examine the path to the destination. For IP routers that are Windows NT or Windows 2000 – based computers, use the Route tool or the Routing and Remote Access administrative tool on those computers to examine the IP route table. For IP routers that are not Windows NT or Windows 2000 – based computers, use the appropriate tool or facility to examine the IP route table.

Four error messages are commonly returned by Ping during troubleshooting as shown in Table 22.13.

Table 22.13 Ping Error Messages

Error Message

Meaning and Action

TTL Expired in Transit

Number of required hops exceeds TTL. Increase TTL by using the ping -i switch.

Destination Host Unreachable

A local or remote route does not exist for destination host. Modify the local route table or notify the router administrator.

Request Timed Out

No Echo Reply messages were received due to network traffic, failure of the ARP request packet filtering, or router error. Increase wait time using the ping -w switch.

Unknown Host

Destination host name cannot be resolved. Verify name and availability of DNS servers.

Check IP Security

IPSec can increase the defenses of a network, but it can also make changing network configurations or troubleshooting problems more difficult. In some cases, IPSec running on a Windows 2000 Professional– based computer can create difficulties in connecting to a remote host. If IPSec is implemented locally, turn off IPSec and attempt to run the requested network service or function.

To disable local IPSec policies

  1. In Control Panel, double-click Network and Dial-up Connections .

  2. Right-click the local area connection you want to change, and then select Properties .

  3. Select Internet Protocol (TCP/IP) , and then click Properties .

  4. Click Advanced .

  5. Click the Options tab.

  6. Select IP Security , and then click Properties .

  7. Click Do not use IPSEC , and then click OK .

If IPSec is implemented through IPSec policies at a Windows 2000 domain controller, contact the security administrator to disable the security policy for that computer.

If the problem disappears when IPSec policies are turned off, you know that the additional IPSec processing burden or its packet filtering are responsible for the problem. Contact the security administrator to permanently modify the IPSec policy for the computer.

For more information about IPSec issues, see Configuring IPSec Policies earlier in this chapter.

Check Packet Filtering

Any mistakes in packet filtering can make address resolution or connectivity fail. To determine if packet filtering is the source of a network problem, you must disable the TCP/IP packet filtering.

To disable TCP/IP packet filtering

  1. In Control Panel, double-click the Network and Dial-Up Connections .

  2. Right-click the Local Area Connection , and then click Properties .

  3. Select Internet Protocol (TCP/IP) , and then click the Properties tab.

  4. Click Advanced , and then click Options .

  5. In the Optional Settings window, click TCP/IP Filtering, and then click the Properties tab.

  6. Clear the Enable TCP/IP Filtering (All Adapters) check box, and then click OK .

Try pinging an address by using its DNS name, its NetBIOS name, or its IP address. If the attempt succeeds, the packet filtering options might be misconfigured or might be too restrictive. For instance, the filtering might permit the computer to act as a Web server, but might in the process disable tools like Ping or remote administration. Restore a wider range of permissible filtering options by changing the permitted TCP, UDP, and IP port values.

If the attempt still fails, another form of packet filtering might still be interfering with your networking. For more information about Routing and Remote Access service filtering functions, see Unicast IP Routing in the Internetworking Guide . For more information about IPSec packet filtering, see Internet Protocol Security earlier in this chapter.