Getty Images/iStockphoto
16 PowerShell commands for network troubleshooting
These 16 Windows PowerShell cmdlets, including Get-NetIPAddress and Test-Connection, help network administrators troubleshoot their network environments.
Windows PowerShell has revolutionized the Windows command line. From configuration management to software installation to scripting, PowerShell is one of the most powerful tools in any Windows administrator's toolbox. And PowerShell is also useful for managing Windows network settings and services.
This article demonstrates 16 PowerShell cmdlets for network troubleshooting. The first group of cmdlets deals with displaying network information so admins can confirm it is correct. The second group covers name resolution, and the final set looks at managing network services with PowerShell.
This article doesn't focus on learning PowerShell, but does provide a brief reminder of how to run cmdlets. The basic PowerShell syntax is verb-noun followed by possible parameters. For example, Get-Date displays the system's current date and time.
Here are a few PowerShell tricks to remember:
- PowerShell cmdlets are not case-sensitive.
- Use the Format-Table cmdlet to organize output.
- Use the Up arrow key to browse recent commands.
- Use the Tab key after verbs to see what nouns are available -- many options are available.
- Use the Tab key after a parameter dash (-) to see the available parameters.
- Use the Tab key after a parameter to see the valid parameter values.
Display network settings
PowerShell helps admins display or confirm existing network settings as part of troubleshooting. The following cmdlets show the current configuration.
1. Get-NetIPAddress -- view IP address settings
Frequently, the first step in troubleshooting a network problem is confirming the host's IP address configuration. While many admins use ipconfig to display this information, the Get-NetIPAddress cmdlet serves the same purpose.
Consider the following output displaying the system's truncated IPv6 address.
2. Get-NetIPConfiguration -- display IP address details
Another option is to use the Get-NetIPConfiguration cmdlet to display details about the IP address settings. One major feature of this cmdlet is its ability to provide more focused information. Depending on the parameters admins include, the output displays information for specific interfaces and at varying levels of detail.
Here is the basic cmdlet.
Notice the InterfaceAlias and InterfaceIndex values. These values are common identifiers for referencing the interface. For example, Get-NetIPConfiguration -InterfaceAlias Ethernet is the cmdlet for an interface with the Ethernet alias. Admins could also add the -Detailed parameter for additional information. It's even possible to combine the -InterfaceAlias and -Detailed parameters for detailed information on a specific interface.
3. Get-NetAdapter -- display network interface settings
It can be helpful to display specific information about the network card itself rather than the logical addressing associated with it. Use the Get-NetAdapter cmdlet to see the interface's attributes, including name, description, interface index, status, media access control address and link speed.
Notice the network interface information below.
4 and 5. Enable-NetAdapter and Disable-NetAdapter -- up and down an interface
Admins may discover another admin has downed a network interface, or perhaps someone configured the interface as a failover and kept it in the down state. They can use the Enable-NetAdapter cmdlet to reenable -- or up -- an interface. Downing the interface relies on the Disable-NetAdapter cmdlet.
Watch how the state of the adapter changes in the Status column in the following example. Also, note the confirmation options displayed with the Disable-NetAdapter cmdlet.
6. Get-NetRoute -- show the routing table
If admins are confident the system's IP address settings are correct and the network interface is responsive, they may need to confirm the routing table. Rather than using the older route command, try the Get-NetRoute cmdlet instead.
Here's the routing table information on a lab computer.
7 and 8. Test-Connection and Test-NetConnection -- test connectivity
Ping is probably the most ubiquitous network troubleshooting tool. PowerShell has its own cmdlet for ping: Test-Connection. The syntax and responses are similar to the more generic tool.
The following example shows both ping and Test-Connection to confirm network connectivity.
The Test-Connection cmdlet includes many useful parameters that extend beyond the functionality of ping. Two of my favorites are -Quiet and the ability to test multiple connections simultaneously.
As seen below, quiet mode displays only the result of the connection test. To test multiple connections, separate the hostnames or IP addresses by commas.
Admins can also use the Test-NetConnection for similar diagnostic information.
9. Get-NetTCPConnection -- test existing connections to server
Another connectivity check is viewing existing connections to the server. Do this with the Get-NetTCPConnection cmdlet, which replaces the netstat command. The output from this command may be long depending on the current connections to the system and the network services running on it.
One way to narrow the scope of the results is to request current connections by a specific port number. For example, perhaps admins are interested in results on port 135/TCP. In that case, they can use the -LocalPort parameter, as seen below.
Other parameters include -State and -RemoteAddress, along with many other options.
Name resolution
Those familiar with my articles on name resolution may recognize a few of the following useful cmdlets. Name resolution is a critical part of networking because it relates easy-to-remember names with difficult-to-remember IP addresses. It's essential to ensure the system admins are troubleshooting can resolve names and services against a DNS server.
10. Resolve-DnsName -- confirm name resolution works
Begin by attempting to resolve an IP address manually with the Resolve-DnsName cmdlet. This cmdlet may replace or supplement nslookup in an admin's toolbox.
The example below displays output from the Resolve-DnsName cmdlet.
11. Get-DnsClient -- check DNS client status
Next, check the status of the DNS client software on the local machine. The Get-DnsClient cmdlet provides this information, as seen below.
Use InterfaceIndex or InterfaceAlias to focus on a specific network interface.
12 and 13. Get-DnsClientCache and Clear-DnsClientCache -- view and clear DNS cache
When troubleshooting client-side name resolution problems, it's often useful to clear the DNS cache. While the cache normally makes the name resolution process more efficient, it can potentially store incorrect or outdated information, causing name resolution to fail or return false results. Admins often use ipconfig /flushdns to do this, along with ipconfig /displaydns to view the cache.
With PowerShell, the related cmdlets are Get-DnsClientCache and Clear-DnsClientCache.
The example below demonstrates how to display and clear the cache.
The Clear-DnsClientCache cmdlet returns no results, but the cache is deleted.
14. Get-DnsClientServerAddress -- display configured DNS servers
Client computers may attempt to resolve names against invalid DNS servers. Display the configured DNS servers for a client by using the Get-DnsClientServerAddress cmdlet, as seen below.
Manage network services
What if troubleshooting takes admins to the server and they need to manage network services, such as DNS or Dynamic Host Configuration Protocol (DHCP)? The first thing they likely do is check the status of the service. Next, they probably restart the service. It's surprising how often a service restart solves issues.
15. Get-Service -- check service status
Identify services either by service name or display name. A parameter exists for both options. For example, check the status of a service by using the Get-Service -Name DhcpServer or Get-Service -DisplayName "DHCP Server" cmdlet, as shown below.
Check the status of the service below to get comfortable with the syntax:
| Name | DisplayName |
| dhcp |
DHCP Client |
| DNS |
DNS Server |
| DnsCache |
DNS Client |
| TermService |
Remote Desktop Services |
| ssh-agent |
OpenSSH Authentication Agent |
Don't forget to enclose the DisplayName value in double quotes if it contains a space, such as in the previous DNS Client example.
16. Restart-Service -- restart a service
Restarting a service uses a similar cmdlet and syntax. For example, to restart the DHCP server service, use the Restart-Service cmdlet with the -Name parameter.
Troubleshoot with PowerShell
Admins can use PowerShell in so many ways it's difficult to pick only a few helpful cmdlets. The network troubleshooting cmdlets above are a great place to start for those new to PowerShell. Admins can use the cmdlets manually or integrate them into scripts and automation strategies.
Most of the cmdlets provide several parameters to display more detailed information or better focus the output on the information admins want. Chances are: If admins need network data, a cmdlet can provide it.
