Windows commands for network:PING,Netstat and Tracert

1.Ping

What: 

The ping command operates by sending Internet Control Message Protocol (ICMP) Echo Request messages to the destination computer and waiting for a response.

How many of those responses are returned, and how long it takes for them to return, are the two major pieces of information that the ping command provides.

When:

The ping command helps to verify IP-level connectivity. When troubleshooting, you can use ping to send an ICMP echo request to a target host name or IP address. Use ping whenever you need to verify that a host computer can connect to the TCP/IP network and network resources.

How:(example)

ping -n 5 -l 1500 www.google.com

In this example, the ping command is used to ping the hostname www.google.com. The -n option tells the ping command to send 5 ICMP Echo Requests instead of the default of 4 and the -l option sets the packet size for each request to 1500 bytes instead of the default of 32 bytes. The result displayed in the Command Prompt window will look something like this:

Pinging www.google.com [74.125.224.82] with 1500 bytes of data:
Reply from 74.125.224.82: bytes=1500 time=68ms TTL=52
Reply from 74.125.224.82: bytes=1500 time=68ms TTL=52
Reply from 74.125.224.82: bytes=1500 time=65ms TTL=52
Reply from 74.125.224.82: bytes=1500 time=66ms TTL=52
Reply from 74.125.224.82: bytes=1500 time=70ms TTL=52

Ping statistics for 74.125.224.82:
    Packets: Sent = 5, Received = 5, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 65ms, Maximum = 70ms, Average = 67ms

2.Tracert

What:

A traceroute is a function which traces the path from one network to another. It allows us to diagnose the source of many problems.

When:

To be effective, the traceroute MUST be run during a time when you are experiencing the problem, from a computer that is experiencing the problem. A trace when you are able to connect, or one from another computer, is not helpful. Therefore, you should try to connect to your site again just before you run it. If the problem is no longer occurring, you will have to wait until the next time the problem occurs (if there is a next time) before running your traceroute.

How: 

tracert www.google.com

Using the tracert command as shown above, we're asking tracert to show us the path from the local computer all the way to the network device with the hostname www.google.com.

Tracing route to www.l.google.com [209.85.225.104]
over a maximum of 30 hops:

   1    <1 ms    <1 ms    <1 ms  10.1.0.1
   2    35 ms    19 ms    29 ms  98.245.140.1
   3    11 ms    27 ms     9 ms  te-0-3.dnv.comcast.net [68.85.105.201]
   ...
  13    81 ms    76 ms    75 ms  209.85.241.37
  14    84 ms    91 ms    87 ms  209.85.248.102
  15    76 ms   112 ms    76 ms  iy-f104.1e100.net [209.85.225.104]

Trace complete.

In this example we can see that tracert identified fifteen network devices including our router at 10.1.0.1 and all the way through to the target of www.google.com, which we now know uses the public IP address of 209.85.225.104.

3.Netstat

What:

The netstat command is a Command Prompt command used to display very detailed information about how your computer is communicating with other computers or network devices.

Displays active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP, and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols). Used without parameters, netstat displays active TCP connections.

When:

Specifically, the netstat command can show details about individual network connections, overall and protocol-specific networking statistics, and much more, all of which could help troubleshoot certain kinds of networking issues.

How:

The most common iteration of netstat is to use the -a parameter, which displays all connections and listening ports.

netstat -f

In this first example, I execute netstat to show all active TCP connections. However, I do want to see the computers I'm connected to in FQDN format [-f] instead of a simple IP address.

Here's an example of what you might see:

Active Connections

  Proto  Local Address          Foreign Address        State
  TCP    127.0.0.1:5357         VM-Windows-7:49229     TIME_WAIT
  TCP    127.0.0.1:49225        VM-Windows-7:12080     TIME_WAIT
  TCP    192.168.1.14:49194     75.125.212.75:http     CLOSE_WAIT
  TCP    192.168.1.14:49196     a795sm.avast.com:http  CLOSE_WAIT
  TCP    192.168.1.14:49197     a795sm.avast.com:http  CLOSE_WAIT
  TCP    192.168.1.14:49230     TIM-PC:wsd             TIME_WAIT
  TCP    192.168.1.14:49231     TIM-PC:icslap          ESTABLISHED
  TCP    192.168.1.14:49232     TIM-PC:netbios-ssn     TIME_WAIT
  TCP    192.168.1.14:49233     TIM-PC:netbios-ssn     TIME_WAIT
  TCP    [::1]:2869             VM-Windows-7:49226     ESTABLISHED
  TCP    [::1]:49226            VM-Windows-7:icslap    ESTABLISHED

Reference:

https://www.lifewire.com/ping-command-2618099

http://www.techrepublic.com/blog/the-enterprise-cloud/netstat-tips-and-tricks-for-windows-server-admins/