LAB 2: Understanding Network Commands
Objectives
• Gather information including connection, hostname, Layer 2 MAC address, and Layer 3
TCP/IP network address information.
• Compare network information to other PCs on the network.
• Learn to use the TCP/IP Packet Internet Groper (ping) command from a workstation.
• Learn to use the Trace Route (tracert) command from a workstation.
• Observe name resolution occurrences using WINS and/or DNS servers.
1. Introduction
This lab assumes the use of command prompt Windows 10 and above. This is a non-destructive
lab and can be done on any machine without concern about changing the system configuration.
Ideally, this lab is performed in a Computer Lab or other LAN environment that connects to the
internet.
The commands help us to diagnose the LAN environment and troubleshoot the network. The
following command will be used to practice during the lab, Ensuring the computer has an IP
address:
A. Ping
B. Trace Route
C. ARP
NOTE: The command prompt (CMD) is displayed in black color. Students are advised not to use
the black background diagrams in reports, instead change the color and then paste figures.
How to change the color of COMMAND PROMPT?
1. COLORXY - Specifies color attribute of console output
2. Color attributes are specified by TWO hex digits -- the first corresponds X to the background; the
second Y is the foreground.
3. Each digit can be any of the following values:
To change the color of the CMD use the following command
C:\Users\Hasan Shah>COLOR F0
A. Understanding the computer’s Local area connections
Step 1 Connect to the Network
Establish and verify connectivity to the internet using a network device like a switch or router.
This ensures the computer has an IP address.
Step 2 Gather TCP/IP configuration information
Use the Start menu to open the Command Prompt, an MS-DOS-like window. Press
Windows + R Key, Then type cmd.
Task 1 IPCONFIG
Type ipconfig and press the Enter key. The spelling of ipconfig is critical, while the case is not. It
is short for IP Configuration.
This first screen shows the IP address, subnet mask, and default gateway. The IP address and the
default gateway should be in the same network or subnet. Otherwise, this host would not be able
to communicate outside the network. In figure 2.1, the subnet mask tells us that the first three
octets must be the same to be in the same network. Further understanding of IP addresses shall be
taught in Lab 3.
Figure 2.1 IPconfig command
Note: If this computer is on a LAN, the default gateway might not be seen, if it is running behind
a Proxy Server. Record the following information for this computer.
Record the following TCP/IP information for this computer
IP address: ________________________________________________________
Subnet Mask: ______________________________________________________
Default Gateway: ___________________________________________________
Record a couple of the IP Addresses: _______________________________________
Task 2 Check additional TCP/IP configuration information
To see detailed information, type ipconfig /all and press Enter.
Figure 2.2 shows the detailed IP configuration screen of multiple Ethernet adaptors connected to
the Computer. Choose an adaptor accordingly.
Figure 2.2 Ipconfig /all
Figure 2.2 shows WiFi adaptor information. It shows the IP address of the machine, its subnet
mask, its MAC address (Physical addresses) including the DHCP server address, and the date the
IP lease starts and ends should be displayed. Looking over the information we can see the
Default gateway entry to connect to the internet.
Close the screen
Close the screen when finished examining network settings. Repeat the
previous steps as necessary.
Reflection
Based on the above observations, what can be deduced about the following results taken from three
computers connected to one Switch?
Should they be able to talk to each other?
_______________________________________
Are they all on the same network?
________________________________________
Why or why not? If something is wrong, what is most likely
the problem
__________________________________
B. ICMP commands "ping" and "tracert "
Objective
• Learn to use the TCP/IP Packet Internet Groper (ping) command.
• Learn to use the Trace Route (tracert) command.
PING Background
This lab assumes the use of any Windows 10 and above version. This is a non-destructive lab and
can be done on any machine without concern about changing the system configuration. Ideally,
this lab is performed in a LAN environment that connects to the internet. It can be done from a
single remote connection via a modem or DSL-type connection. The student will need the IP
addresses that were recorded in the previous part of the lab.
Step 1 Establish and verify connectivity to the internet This
ensures the computer has an IP address.
Step 2 Access the command prompt
As accessed in the previous part of the lab. Press the windows button and type cmd
Task 1
Ping the IP address of another computer
In the CMD window, type ping, a space, and the IP address of a computer recorded in the previous
lab. The following figure shows the successful results of ping to this IP address.
Figure 2.3 Ping Command reply
ping uses the ICMP echo and reply feature to test physical connectivity. Since the ping reports
four attempts, it indicates the reliability of the connection. Look over the results and verify that
the ping was successful.
Is the ping successful? _____________________________
Step 4 ping the IP address of the default gateway
Try to ping the IP address of the default gateway if one was listed in the last exercise. If the ping
is successful, it means there is physical connectivity to the Router on the local network and
probably the rest of the world.
Step 5 ping the IP address of a DHCP or DNS servers
Try to ping the IP address of any DHCP and/or DNS servers listed in the last exercise. If this
works for either server, and they are not in the network,
What does this indicate?______________________
Was the ping successful? ____________________
Step 6 ping the Loopback IP address of this computer
Loopback address helps to identify if the NIC of the computer is working fine or if it is faulty.
Type the following command: ping 127.0.0.1
The 127.0.0.0 network is reserved for loopback testing. If the ping is successful, then TCP/IP is
properly installed and functioning on this computer.
Was the ping successful? ____________________
Step 7 ping the hostname of another computer
Try to ping the hostname of the computer that was recorded in the previous lab. The figure shows
the successful result of the ping of the hostname.
Figure 2.4 Pinging hostname
Look over the results. Notice that the first line of output shows the hostname, m450, in the
example, followed by the IP address. This means the computer was able to resolve the hostname
to an IP address. Without name resolution, the ping would have failed because TCP/IP only
understands valid IP addresses, not names.
If the ping was successful, it means that connectivity and discovery of IP addresses can be made
with only a hostname. This is how many early networks communicated. If successful, then ping a
hostname also shows that there is probably a WINS server working on the network.
Step 8 ping the Cisco website Type the following command: ping www.cisco.com
Figure 2.5 Ping Cisco.com
The first output line shows the Fully Qualified Domain Name (FQDN) followed by the IP address.
A Domain Name Service (DNS) server somewhere in the network was able to resolve the name
to an IP address. DNS servers resolve domain names, not hostnames, to IP addresses. Without this
name resolution, the ping would have failed because TCP/IP only understands valid IP addresses.
It would not be possible to use the web browser without this name resolution.
With DNS, connectivity to computers on the internet can be verified using a familiar web address,
or domain name, without having to know the actual IP address. If the nearest DNS server does not
know the IP address, the server asks for a DNS server higher in the Internet structure.
Step 9 ping the Microsoft website
Type the following command: ping www.microsoft.com
Figure 2.6 Ping www.Microsoft.com
Notice that the DNS server was able to resolve the name to an IP address, but there is no response.
Some Microsoft routers are configured to ignore ping requests. This is a frequently implemented
security measure.
Ping some other domain names and record the results. For example, ping www.msn.de
Trace the route to the Cisco website
Step 1: Type tracert www.cisco.com and press Enter.
Tracert is TCP/IP abbreviation for traceroute. The preceding figure shows the successful result
when running a tracert from Bavaria in Germany. The first output line shows the FQDN followed
by the IP address. Therefore, a DNS server was able to resolve the name to an IP address. Then
there are listings of all routers the tracert requests had to pass through to get to the destination.
Figure 2.6 Tracert to Cisco.com
Tracert uses the same echo requests and replies as the ping command but in a slightly different
way. Observe that tracert contacted each Router three times. Compare the results to determine the
consistency of the route. Notice in the above example that there were relatively long delays after
routers 11 and 13, possibly due to congestion. The main thing is that there seems to be a relatively
consistent connection.
C. What is the ARP command?
ARP stands for “Address Resolution Protocol” and is a
protocol for mapping an IP address to a physical MAC
address on a local area network.
ARP is a program used by a computer system to find
another computer’s MAC address based on its IP address.
Now you have a question “why do we need MAC
address?”
The reason is simple, any local communications would
use a MAC address, not an IP address.
When a computer wants to communicate with another computer on a different network, the IP address
would be used. The IP address is like your mailing address while the MAC address is like your name. On
a TCP/IP network, every computer is assigned an IP address, and some local server’ IP addresses are also
given to a network client. Now you’re probably wondering – “How often does your computer use ARP?”.
To demonstrate how ARP works let’s take an example.
On a local area network, a client computer tries to contact a server. Here we are talking about
communication between two computers on the same broadcast domain means a local area network. First,
the client checks its ARP cache.
ARP cache is a table of IP addresses with their corresponding MAC addresses.
To view a Windows computer’s ARP table, open a command prompt and enter the following command:
C:\Users\Hasan Shah>arp -a
You can see your computers ARP table in the following output:
The first column is the IP address, and the second column is corresponding to the MAC address.
The ARP entry is either static or dynamic. Static ARP entry is manually added to the ARP cache table.
Dynamic entries are what the ARP program gets. They stay there until the ARP cache timeout has
expired. Suppose no entry has been found for the server, the client computer will use ARP to send a
message through the whole network.
This is a broadcast message to the local network that says who has the IP address so and so, and whats
your MAC address. When a server hears the broadcast message, they respond “yes” I have that IP address,
and here is my MAC address.
Now, let’s Break down the ARP Process Step by Step:
1. The client sends a broadcast message because the destination MAC address is a broadcast address.
Simply saying hello! anyone has an IP address 192.168.1.8 if you hear me would you please give
me your MAC address?, and here are my IP address and MAC address. Other devices hear the
broadcast message and discard the ARP packet silently.
2. When a server hears the message, it sends a unicast message to the client because the destination
MAC address and IP address belong to the client.
3. The client cache the server's MAC address. At the same time, the client updates its cache table
for future reference.
ARP Summary
It is a layer 2 protocol that uses a layer 3 IP address to find the layer 2 MAC address.
It operates on a LAN or the same broadcast domain because ARP relies on broadcasting. It uses
the ARP table.
ARP Announcements
ARP Announcements are a way to officially “claim” the IP address on the network.
ARP announcement to update other hosts' ARP tables without the need for an ARP request. It helps update
the network faster when there was a recent change to a host's IP address.
How to Use ARP
ARP Command is a TCP/IP utility used for viewing and modifying the local Address Resolution Protocol
(ARP) cache.
ARP Cache contains recently resolved MAC addresses of Internet Protocol (IP) hosts on the network.
Run ARP command without any arguments will display a list of the command’s parameters.
You can display the complete ARP cache by running the following command:
arp -a
You should see the following output:
You can also find the ARP cache entry for a specific IP address by specifying the IP address with the arp
command:
Lab Task
1. Test the NIC of the PC - Ping 127.0.0.1 called (Loopback address)
2. Ping the default gateway.
3. Ping your hostname.
4. Ping the DNS server(s)
Do you get a positive reachability result? ___________________
5. How to obtain the following network configuration on your computer?
Host Name:
MAC Address:
IP Address:
Subnet Mask:
Default Gateway:
DHCP Servers:
6. Open a web browser and visit the following website: http://whatismyipaddress.com/
Is the reported IP address consistent with that obtained by ipconfig? If not, why?
7. Perform ARP and report dynamic addresses
8. Identify the computer names of the dynamic addresses and perform ARP using computer
names.