Network Tracing in Windows 7
Updated: December 23, 2009
Applies To: Windows 7, Windows Server 2008 R2
As the complexity of the networking stack increases, it is often difficult to quickly trace and diagnose issues within the stack. Windows 7 expands on the Network Diagnostic Framework (NDF) to provide a quick method for troubleshooting network connectivity issues by enabling collection of all the needed information in one step, and by leveraging Event Tracing for Windows (ETW) to log network events & packets in a single file.
Related events and packets are grouped together for a given activity, such as browsing a web site, across the various components in the networking stack. The output of this process is an Event Trace Log (ETL) file. By allowing all of the events related to a specific activity to be viewed at once in this file, the time required to isolate and diagnose network issues can be greatly reduced.