Lesson 10 of 60 intermediate

Networking Tools on Windows

Fast triage from the command line

Open interactive version (quiz + challenge)

Real-world analogy

Network tools are like a doctor’s vitals kit: thermometer, stethoscope, blood pressure cuff. You don’t diagnose the patient by staring at them — you measure. ping, ipconfig, tracert, nslookup, gpresult are your vitals.

What is it?

Windows networking tools let you inspect every layer of connectivity without opening a packet capture. Memorizing five commands (ipconfig, ping, tracert, nslookup, gpresult) handles the vast majority of ‘internet not working’ tickets safely.

Real-world relevance

A whole branch can’t reach the CBS portal. Junior runs ipconfig (OK), pings gateway (OK), pings DNS (OK), nslookup portal.bank.local (fails). Conclusion: DNS record or DNS server issue. Escalates with evidence — not a guess.

Key points

ipconfig /all — your first move — Shows IP, subnet mask, gateway, DNS servers, DHCP status, adapter name. If a user ‘has no internet,’ 50% of the time the answer is hiding in this output (no IP, wrong DNS, APIPA 169.254.x.x address, etc.).
ping — is it reachable? — Tests layer 3 reachability and round-trip time. Ping the gateway first, then DNS servers, then a public IP (8.8.8.8), then a name (google.com). The first failure tells you which layer is broken.
tracert — where does it die? — Shows each hop on the path. If a user can reach the gateway but not the internet, tracert shows exactly where packets stop. Some hops block ICMP and look dead — read results carefully.
nslookup — is DNS working? — Resolves a name to an IP and shows which server answered. If ping by IP works but ping by name fails → DNS. If nslookup uses the wrong server → check DNS settings.
gpupdate and gpresult — gpupdate /force reapplies Group Policy. gpresult /h report.html writes a full GPO-applied report. These answer ‘did this machine actually get the policies we think?’ — a very common mystery in enterprises.
Built-in network diagnostics — netsh wlan show interfaces (Wi-Fi details), netstat -ano (open connections + PID), route print (routing table), arp -a (MAC-to-IP mapping on local network).
The 4-step network triage order — (1) Local IP correct? (2) Gateway reachable? (3) DNS resolving? (4) Destination reachable? Don’t skip ahead. The first failing step is your answer.

Code example

// 4-step network triage playbook (Windows)

1) Do I have a sane IP?
     ipconfig /all
     -> IP assigned? not APIPA 169.254.x.x? correct DNS?

2) Can I reach my gateway?
     ping <gateway-ip>        # from ipconfig output

3) Is DNS resolving?
     nslookup example.com
     Resolve-DnsName portal.company.local

4) Can I reach the destination?
     ping <public-ip>
     ping <destination-name>
     tracert <destination-name>

Group policy sanity check:
     gpupdate /force
     gpresult /h %TEMP%\gpo.html
     start %TEMP%\gpo.html

Line-by-line walkthrough

1. Step 1 — confirm the machine has a sane IP and DNS
2. ipconfig examines the full adapter state
3. Look for missing IP or APIPA
4. Blank separator
5. Step 2 — reach the gateway
6. ping the gateway IP shown in step 1
7. Blank separator
8. Step 3 — DNS resolution check
9. nslookup via default server
10. PowerShell modern equivalent
11. Blank separator
12. Step 4 — destination reachability
13. ping the IP
14. ping the name
15. tracert for path visibility
16. Blank separator
17. GPO sanity check header
18. Force reapply
19. Export HTML report
20. Open it for review

Spot the bug

Ticket: 'Internet is broken, whole office down!'
Junior immediately reboots the core router.
Outage was only DNS-related and the reboot caused an extra 5 minutes of real downtime.

Need a hint?

Which order of commands would have revealed the true layer BEFORE any reboot?

Show answer

Run the 4-step triage first: ipconfig /all, ping gateway, nslookup, ping destination. DNS failures look like ‘no internet’ but internet may actually be up. Never reboot production network hardware without evidence and, in banks, without approved change/rollback. Document findings.

Explain like I'm 5

When the internet doesn’t work, you don’t guess — you check step by step: does the phone have a number? can you call the next office? does the phonebook know the name? can you call the real destination? That order is the whole trick.

Fun fact

The name ‘ping’ comes from sonar — you send a sound, wait for an echo, and measure the delay. Mike Muuss wrote the original ping program in 1983 in one evening while debugging a network problem.

Hands-on challenge

On your own machine, run the 4-step triage: ipconfig /all, ping your gateway, nslookup a real domain, tracert that domain. Save the outputs. Try to explain each in plain English.

More resources

Windows networking commands (Microsoft Learn)
ipconfig, ping, tracert, nslookup in 10 minutes (NetworkChuck)
APIPA addressing (Wikipedia)

Open interactive version (quiz + challenge) ← Back to course: IT Jobs Bootcamp