Windows Network Troubleshooting Tools

Posted on February 20, 2013 by Sean Wilkins in Networking with

For those just beginning their Windows networking careers, it is important to get to know some of the commonly used network troubleshooting tools. These tools can be very useful in troubleshooting both simple and complex problems — and frankly, it can make a Windows network engineer’s or administrator’s life much easier. This article focuses on the introduction of some of these tools.

Windows Network: Common Troubleshooting Tools


The ping utility is one of the most commonly used network troubleshooting tools, largely because it is supported on a large number of platforms and devices. Its primary task is to determine whether a specific host is reachable; this is done via the Internet Control Message Protocol (ICMP). An echo ICMP packet is sent from a source device towards a destination device. Assuming there is nothing blocking the ICMP echo packet between the source and the destination, the destination device that is up will respond back to the source device with an ICMP echo reply packet. This assumption is often a problem, though, as many firewalls (host- and network-based) by default will block ICMP echo and echo reply packets. Related article: Using Ping and Traceroute for Network Troubleshooting

ping Command

tracert (traceroute)

The tracert command (or traceroute on other platforms) is another very common network troubleshooting tool. It is used to trace a packet’s path from source to destination. The output from this command gives the issuer a list of devices that a packet will move through on its way to the destination. This is then used to determine where the cause of a potential problem may exist. The tracert tool uses ICMP echo packets to determine the different points on the path to the destination. Other versions of the traceroute utility may also use UDP packets. Related article: Using Ping and Traceroute for Network Troubleshooting


The pathping utility is a Windows-specific utility that combines some of the advantages of both ping and tracert. Its output provides a tracert-like report along with an extended statistical look at all of the different hosts along the path to the destination. This information can then be used to determine the potential problem devices along with the path, especially for intermittent problems that are hard to pin down. Related forum posts: Using pathping


The route command is used on Windows devices to add, remove, and view the routing table. For the most part, simple Windows installations rarely require the alteration of the routing table, but when devices are configured with multiple Network Interface Cards (NIC), it is can be used more frequently. Related article: Cisco IOS Diagnostic Tools


The nslookup utility is used to perform lookups and troubleshooting of the Domain Name System (DNS). Sometimes the problems that occur on a Windows device stem from an issue with DNS — this is where the nslookup command comes in: to determine if the current DNS configuration of a device is operating correctly. At its most basic, the nslookup command can be used to perform a simple DNS lookup, this in a single command can determine whether the connection to the DNS server is configured correctly. When used interactively, it can be used to look up specific DNS record types and help in troubleshooting not just a specific host but the DNS system itself.  Related forum posts: Using nslookup



The arp utility it used to add, modify, delete, and view the entries of the Address Resolution Protocol (ARP) table. ARP is used on Ethernet networks to link together the physical MAC (layer 2) addresses and Internet Protocol (IP) addresses. Devices will communicate with each other on the physical Ethernet media with MAC addresses; if there was no way to determine which MAC devices linked with specific IP addresses, then IP device communications would not be possible.

The arp utility is commonly used to view the contents of the ARP table, and this gives the troubleshooter a way to determine whether devices are communicating at a layer below IP. This information (along with these other utilities) can then be used to isolate where a specific issue is coming from. Related article: Quickly Find Used IP Addresses

Tagged with ,

Register for this Webinar