Using Selected Options of the Ipconfig Command to Teach Network Troubleshooting Techniques

1. INTRODUCTION

Becoming proficient at troubleshooting network communications issues is, to say the least, an extremely involved and difficult task. Intensive study of complex technical materials is required just to become superficially familiar with operating systems and networks. Effective instructional techniques typically include hands-on laboratory exercises that provide students with an opportunity to develop a deeper understanding of the processes involved in network communications. To provide such an experience for my students, I have developed a series of lab activities that provide the opportunity to investigate network connectivity as it relates to the TCP/IP protocol stack. Command-line utilities and protocol analyzers are used to provide information regarding the messages sent between client and server during network communications. To illustrate the approach used in these labs, this teaching tip covers an Active Directory lab that my students perform. It demonstrates how selected options of the command-line utility, ipconfig, can provide information to help students analyze network connectivity issues.

2. BACKGROUND

The ipconfig command displays the Internet Protocol (IP) configuration for computers using Microsoft Windows operating systems. IP address, subnet mask, Domain Name System (DNS) addresses, physical addresses, and default gateway addresses are some of the items that are displayed when this command is issued. Ipconfig also supports a number of options for modifying existing configurations. For example, the /release and /renew options are commonly used by administrators to reset IP address information for a given network adapter. The ipconfig command also supports additional options that can be used to reset other existing configurations. One such option is flushdns which can be used to purge entries from the local DNS cache. Operating systems store results of queries to DNS servers in a local cache so that clients do not need to repeatedly query the DNS server for the same address. These DNS cache entries are known as DNS resource records, and the DNS resolver always checks the local cache before it queries the DNS server (DNS Caching, Network Prioritization, and security, 2005).

The default time-to-live (TTL) for most entries in the local DNS resolver cache is 86,400 seconds or 24 hours. Thus a location or service may become inaccessible if an IP address for the service or location changes before the 24 hour period has expired (DNS Caching, Network Prioritization, and security, 2005). Knowing how to rectify this problem is an essential skill for a network administrator. A description of a lab activity designed to guide students through the process of restoring accessibility of certain network services using the displaydns and flushdns options of ipconfig follows.

3. THE LAB ACTIVITY

3.1 Configuring Active Directory Services

The lab activity is designed to provide domain client computers access to Active Directory (AD) services located on a server designated as a domain controller. The lab involves the following three activities: (1) implementation of a domain model, (2) providing access to DNS services, and (3) installation of software on the clients that provides access to AD services.

To implement a domain model, a standalone server is first promoted (converted) to a domain controller using the dcpromo command. This is accomplished by clicking the Start button on the Windows Taskbar, choosing the Run... option, typing dcpromo in the Open text box, and clicking the OK button. A wizard then guides the user through the promotion process, during which the address of an existing DNS server is either specified or DNS software is installed on the server. In this lab, DNS is installed on the domain controller, since no other DNS server is available on the lab network. Upon completion of the promotion process, students modify IP addresses, subnet masks, default gateway, and DNS settings on client computers by manually configured the Internet Protocol (TCP/IP) settings in the Local Area Connection Properties dialog box. Students then join client computers to the domain, by changing the Member of option in the Identification Changes dialog box under Network Identification option in the System Properties dialog box. After restarting their computers students log into the new domain using the domain administrator account, download adminpak.msi from a shared directory on the domain controller, and install it on their client computers so that they can access Active Directory services on the server from their client machines. Finally, students click on the Start button then point to Programs-Administrative ToolsActive Directory Users and Computers to view the Active Directory Users and Computers dialog box that allows them to browse and modify account information (see Figure 1).

3.2 Initiating the Troubleshooting Activity

Next a troubleshooting exercise is initiated. Students delete the Preferred DNS Server address in the Internet Protocols (TCP/IP) dialog box on their client machines (see figure 2) to determine what types of error messages they might encounter when attempting to access AD from client computers.

After saving changes, but not restarting their computers (Note: restarting the computers would clear the DNS cache; the exercise is designed to allow students to learn how to clear the cache manually), students again attempt to access AD from the client computers, under the assumption that the clients will not be able to connect to the service. Surprisingly, they are successful and somewhat puzzled. Questions in the lab handout ask students to speculate why clients can still access AD. They are asked to consider whether an alternate naming system is being used or if DNS addresses have been stored in a cache. If they select caching, they are then asked if they know which cache is being used or where the cache resides.

3.3 Using a Command-line Utility to Troubleshoot the Problem

At this point it is suggested that common command-line utilities used in previous lab activities be investigated. One of the first utilities that students encountered in this course was the ipconflg command. Figure 3 shows the help screen that is displayed when students type ipconflg/? at a command prompt.

As students review the options shown in the usage screen they discover the /displaydns and /flushdns options and the effect these commands have on the DNS Resolver cache (Note: the /displaydns option is only available on computers running Windows 2000, Windows XP, or Windows Server 2003 operating systems).

3.4 Identifying the Problem using ipconfig Options

The output of the ipconfig/displaydns command now provides students with some valuable information, i.e., the contents of the DNS client resolver cache. Local Hosts file entries, as well as recently obtained resource records for queries resolved by the system are loaded into this cache (Display and View a Client Resolver Cache Using the ipconfig Command, 2005). The output of this command is a long list of resource record information. An abbreviated version of this list is shown below:

The presence of SRV records indicates that the local machine continues to point at the DNS server even though client computers no longer contain the correct IP address for that server in their TCP/IP configuration.

3.5 Resetting the Cache

Students are now instructed to issue an ipconfig/flushdns command (Troubleshooting Common Active Directory Setup Issues in Windows 2000, 2005), followed by another ipconfig /displaydns command. The following results are displayed in the command window:

The absence of SRV records indicate that the cache has been cleared of all references to the DNS server. To verify that they have rectified the accessibility issue, students again attempt to access Active Directory from client computers. The following error message is displayed:

4. CONCLUSION

The lab activity described in this teaching tip illustrates the interaction of different operating system processes and how an improperly configured system can affect accessibility to certain services. It also illustrates how common commandline tools can be used to provide an administrator with useful information for troubleshooting these connectivity problems. These utilities are easy to use, are an inherent part of the operating system, and are well documented, thus making them readily accessible and understandable. In most cases they do not overwhelm the user with an excessive amount of information, and can be easily filtered and reissued to provide a more focused view of the state of the system. Knowledge of these utilities and how they are used for troubleshooting network problems is essential to those planning a career in information technology.