TCP/IP Utilities


Some TCP/IP Utilities.  TCP/IP is actually a suite of protocols that each perform some function to allow computers to communicate with each other.  Most vendor's implementations have quite a few utilities built in.  For example, the utilities might relate to configuration information and troubleshooting.  This webpage will consider the following utilities.
  • PING - Packet Internet Groper
  • ARP - Address Resolution Protocol
  • RARP - Reverse ARP
  • Netstat and Tpcon
  • Nbtstat
  • IP Configuration Utilities
    • ipconfig
    • winipcfg
    • config
    • ifconfig
  • Route Tracing Utilities
    • traceroute
    • tracert
    • iptrace

PING is a simple but highly useful command line utility that can be used to check hostname connectivity.  It can be used with either the hostname or the IP address.

It works by sending and ICMP echo request to the destination computer.  That receiving computer should then return an ICMP echo reply message.  It is also possible to use PING to find out the IP address of a host if you know the name.

The following image relates to PINGing the host  Notice how it automatically gives the IP address.



ARP - Address Resolution Protocol refers to the protocol itself and the command line utility used to view and manipulate the ARP cache.  It is the means by which IP addresses are mapped to MAC addresses.  ARP builds and maintains a table called the ARP cache which retains these mappings.

RARP - Reverse ARP is used by a computer to obtain its own IP address.

The following image implements the command to view the ARP cache on my computer.  Notice the IP address and MAC address.



ARP Command Function
arp -a displays all mappings
in the cache
arp -s adds a permanent
IP address to MAC address
arp -d deletes an entry


ARP is also a command line utility provided with both UNIX/Linux and Windows implementations of TCP/IP.

The netstat command is used in Windows and UNIX to display TCP/IP connection and protocol information.

If I have my homepage open in Internet Explorer and I have Microsoft Outlook open to my e-mail account I get the following response to the netstat command.



Only the first line is associated with my connection to my webpage.

Several switches or modifiers can be used with the netstat command.  Several are given in the following table.  Some are only useful with Windows OS or with Linux OS.


netstat Switch Purpose
-a shows all connections and listening ports
-e shows Ethernet statistics
-n shows addresses and ports
-p (Microsoft) enables user to display information for only a selected protocol
-x (Linux)
enables user to display information for TCP, UDP, RAW or sockets
-r shows routing table
-s provides a summary of statistics for each protocol


The following image shows the router table information.



Windows implementations of TCP/IP include a utility called nbtstat.  It is used to display NetBIOS information.  This is likely to be empty on this network.

There are a number of switches available for this command which are shown in the following image.



When a user is looking for all kinds of information about things like
  • currently used IP addresses
  • MAC address
  • subnet mask
  • default gateway
  • DNS server address
  • WINS server address
  • DHCP information
  • enabled services

The configuration commands in the following table depend on the operating system.




ipconfig Windows 2000 and NT (command line)
winipcfg Windows 95 and 98 (graphical user interface)
ifconfig UNIX/Linux (command line)
config NetWare (server console)


The following image implements ipconfig on my computer using the /all switch.



It can also be worthwhile to trace the route a packet takes on its journey from the source computer to the destination.  TCP/IP stacks include such utilities though they depend on the operating system.




tracert Windows
iptrace NetWare NLM
traceroute UNIX/Linux


Due to an interest in wild cats I have a favorite web site at  Doing a tracert to this site is quite elaborate since it is in Europe.  But it can be interesting to see the router hops.

Finally, we need to mention some of the available application layer protocols available with TCP/IP.  These can be useful for things like the following.

  • terminal emulation
  • uploading/downloading files
  • access to WWW pages

These sorts of protocols all have acronyms.  For example the following list gives some of the most well known.

  • HTTP - Hypertext Transfer Protocol
  • SMTP - Simple Mail Transfer Protocol
  • SNMP - Simple Network Management Protocol
  • NNTP - Network News Transfer Protocol
  • FTP - File Transfer Protocol
  • telnet

Thus ends a very informative page as far as I'm concerned.