Network troubleshooting using PowerShell

Introduction

In my previous article Managing network adapters using PowerShell here in my articles section on WindowsNetworking.com we examined some of the Windows PowerShell capabilities built into Windows Server 2012 and Windows Server 2012 R2 that let you perform network administration tasks from the PowerShell command line or by running PowerShell scripts. PowerShell can not only be used to manage networking configurations but also to troubleshoot network issues when they occur in your environment. This present article provides a few examples of what you can do in this area. The explanation and procedures included below are adapted from my book Training Guide: Installing and Configuring Windows Server 2012 R2 (Microsoft Press, 2014). Also included near the end of this article are a few additional tips on this subject that I’ve gleaned from the larger IT pro community including the almost 100,000 followers of our WServerNews weekly newsletter which you can subscribe to at http://www.wservernews.com/subscribe.htm.

Get-NetAdapter and Get-VMNetworkAdapter

The Get-NetAdapter cmdlet was first introduced in Windows Server 2012 to enable you to retrieve the configuration of all physical network adapters in the server. If you’re experiencing what might be a networking issue with one of your servers, the first thing you probably want to check is the configuration of the network adapters. For example, see what happens when you run this command on a Hyper-V host named SERVER1.contoso.com that is running Windows Server 2012 R2:

PS C:\> Get-NetAdapter
 
Name                      InterfaceDescription                    ifIndex Statu
                                                                          s
----                      --------------------                    ------- -----
vEthernet (Broadcom Ne... Hyper-V Virtual Ethernet Adapter #2          18 Up
Ethernet                  Broadcom NetXtreme Gigabit Ethernet          12 Di...
Ethernet 2                Broadcom NetXtreme Gigabit Ethernet #2       13 Up

Because this is a Hyper-V host, there are probably some virtual machines running on it. On Hyper-V hosts running Windows Server 2012 and later, you can use the Get-VMNetworkAdapter cmdlet to collect configuration information for the network adapters for these virtual machines. For example, the following command retrieves information about all virtual machine network adapters on the host:

PS C:\> Get-VMNetworkAdapter *
 
Name            IsManagementOs VMName       SwitchName
----            -------------- ------       ----------
Network Adapter False          SRV-STANDARD Broadcom NetXtreme Gigabit Ether...
Network Adapter False          SRV2012R2    Broadcom NetXtreme Gigabit Ether...
Network Adapter False          SRV2012R2
Network Adapter False          SRV2012      Broadcom NetXtreme Gigabit Ether...
Network Adapter False          SRV2012      Broadcom NetXtreme Gigabit Ether...
Network Adapter False          Gen2Test     Broadcom NetXtreme Gigabit Ether...

You can also use Get-VMNetworkAdapter with the -VMName parameter to display network adapters for a specific virtual machine on the host.

Get-NetIPAddress

The Get-NetIPAddress cmdlet was first introduced in Windows Server 2012 to enable you to retrieve the IP addresses configured on the system’s network adapters. You can use the Get-NetIPAddress cmdlet both on physical servers and within virtual machines. For example, you can run this command on SERVER1 described above:

PS C:\> Get-NetIPAddress
 
 
IPAddress         : fe80::8843:1e98:a8a6:6fab%12
InterfaceIndex    : 12
InterfaceAlias    : Ethernet
AddressFamily     : IPv6
Type              : Unicast
PrefixLength      : 64
PrefixOrigin      : WellKnown
SuffixOrigin      : Link
AddressState      : Deprecated
ValidLifetime     : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource      : False
PolicyStore       : ActiveStore
 
IPAddress         : fe80::1905:8ae1:5bfd:7b8e%18
InterfaceIndex    : 18
InterfaceAlias    : vEthernet (Broadcom NetXtreme Gigabit Ethernet #2 -
                    Virtual Switch)
AddressFamily     : IPv6
Type              : Unicast
PrefixLength      : 64
PrefixOrigin      : WellKnown
SuffixOrigin      : Link
AddressState      : Preferred
ValidLifetime     : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource      : False
PolicyStore       : ActiveStore
 
IPAddress         : fe80::5efe:172.16.11.30%14
InterfaceIndex    : 14
InterfaceAlias    : isatap.{3D53D3DC-9209-4C7F-8AAE-AD8ADCBD93FC}
AddressFamily     : IPv6
Type              : Unicast
PrefixLength      : 128
PrefixOrigin      : WellKnown
SuffixOrigin      : Link
AddressState      : Deprecated
ValidLifetime     : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource      : False
PolicyStore       : ActiveStore
 
IPAddress         : ::1
InterfaceIndex    : 1
InterfaceAlias    : Loopback Pseudo-Interface 1
AddressFamily     : IPv6
Type              : Unicast
PrefixLength      : 128
PrefixOrigin      : WellKnown
SuffixOrigin      : WellKnown
AddressState      : Preferred
ValidLifetime     : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource      : False
PolicyStore       : ActiveStore
 
IPAddress         : 169.254.111.171
InterfaceIndex    : 12
InterfaceAlias    : Ethernet
AddressFamily     : IPv4
Type              : Unicast
PrefixLength      : 16
PrefixOrigin      : WellKnown
SuffixOrigin      : Link
AddressState      : Tentative
ValidLifetime     : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource      : False
PolicyStore       : ActiveStore
 
IPAddress         : 172.16.11.30
InterfaceIndex    : 18
InterfaceAlias    : vEthernet (Broadcom NetXtreme Gigabit Ethernet #2 -
                    Virtual Switch)
AddressFamily     : IPv4
Type              : Unicast
PrefixLength      : 24
PrefixOrigin      : Manual
SuffixOrigin      : Manual
AddressState      : Preferred
ValidLifetime     : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource      : False
PolicyStore       : ActiveStore
 
IPAddress         : 127.0.0.1
InterfaceIndex    : 1
InterfaceAlias    : Loopback Pseudo-Interface 1
AddressFamily     : IPv4
Type              : Unicast
PrefixLength      : 8
PrefixOrigin      : WellKnown
SuffixOrigin      : WellKnown
AddressState      : Preferred
ValidLifetime     : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource      : False
PolicyStore       : ActiveStore

You can see that Get-NetIPAddress returns a lot of useful information that you can parse or pipe into other commands for further processing.

Get-NetIPConfiguration

The Get-NetIPConfiguration cmdlet was first introduced in Windows Server 2012 to enable you to retrieve able network interfaces, IP addresses, and DNS servers configured on a system. The key value of Get-NetIPConfiguration is that it gives you the big picture of the system’s network configuration in a concise way. For example, see what happens when you run this command on SERVER1 without specifying any further options:

PS C:\> Get-NetIPConfiguration
 
 
InterfaceAlias       : vEthernet (Broadcom NetXtreme Gigabit Ethernet #2 -
                       Virtual Switch)
InterfaceIndex       : 18
InterfaceDescription : Hyper-V Virtual Ethernet Adapter #2
NetProfile.Name      : contoso.com
IPv4Address          : 172.16.11.30
IPv6DefaultGateway   :
IPv4DefaultGateway   : 172.16.11.1
DNSServer            : 172.16.11.50
 
InterfaceAlias       : Ethernet
InterfaceIndex       : 12
InterfaceDescription : Broadcom NetXtreme Gigabit Ethernet
NetAdapter.Status    : Disconnected

To make things even easier, you can use the alias GIP instead of typing Get-NetIPConfiguration at the command line. For example, say you want to retrieve only the DNS Server configuration of the network adapter whose alias begins with vEthernet as shown above. Here’s how you can do this:

PS C:\> $a = GIP 'v*'
PS C:\> $a.DNSServer
 
InterfaceAlias               Interface Address ServerAddresses  PSComputerName
                             Index     Family
--------------               --------- ------- ---------------  --------------
vEthernet (Broadcom NetXt...        18 IPv6    {}
vEthernet (Broadcom NetXt...        18 IPv4    {172.16.11.50}
Get-NetIPConfiguration can also provide verbose output if you specify the -Detailed option as shown here:
PS C:\> GIP -Detailed
 
 
ComputerName                : SERVER1
InterfaceAlias              : vEthernet (Broadcom NetXtreme Gigabit Ethernet
                              #2 - Virtual Switch)
InterfaceIndex              : 18
InterfaceDescription        : Hyper-V Virtual Ethernet Adapter #2
NetAdapter.LinkLayerAddress : 00-24-E8-50-17-F3
NetAdapter.Status           : Up
NetProfile.Name             : contoso.com
NetProfile.NetworkCategory  : DomainAuthenticated
NetProfile.IPv6Connectivity : LocalNetwork
NetProfile.IPv4Connectivity : Internet
IPv6LinkLocalAddress        : fe80::1905:8ae1:5bfd:7b8e%18
IPv4Address                 : 172.16.11.30
IPv6DefaultGateway          :
IPv4DefaultGateway          : 172.16.11.1
NetIPv6Interface.NlMTU      : 1500
NetIPv4Interface.NlMTU      : 1500
NetIPv6Interface.DHCP       : Enabled
NetIPv4Interface.DHCP       : Disabled
DNSServer                   : 172.16.11.50
 
ComputerName                : SERVER1
InterfaceAlias              : Ethernet
InterfaceIndex              : 12
InterfaceDescription        : Broadcom NetXtreme Gigabit Ethernet
NetAdapter.LinkLayerAddress : 00-24-E8-50-17-F4
NetAdapter.Status           : Disconnected

Test-NetConnection

The Test-NetConnection cmdlet has been introduced in Windows Server 2012 R2 to enable you to perform ICMP and TCP connectivity tests. To see how this cmdlet can be used, perform some tests from a Windows PowerShell prompt on the same server named SERVER1.contoso.com described previously.

First, test network connectivity between SERVER1 and another server named SERVER2 on the network:

PS C:\> Test-NetConnection SERVER2.contoso.com
 
 
ComputerName           : SERVER2.contoso.com
RemoteAddress          : 172.16.11.50
InterfaceAlias         : vEthernet (Broadcom NetXtreme Gigabit Ethernet #2 -
                         Virtual Switch)
SourceAddress          : 172.16.11.30
PingSucceeded          : True
PingReplyDetails (RTT) : 0 ms

You can also use the Test-NetConnection cmdlet to test network connectivity with hosts on remote networks and over the Internet. For example, see if SERVER1 can establish network connectivity with the Microsoft Xbox website:

PS C:\> Test-NetConnection www.xbox.com
 
 
ComputerName           : www.xbox.com
RemoteAddress          : 184.29.219.150
InterfaceAlias         : vEthernet (Broadcom NetXtreme Gigabit Ethernet #2 -
                         Virtual Switch)
SourceAddress          : 172.16.11.30
PingSucceeded          : True
PingReplyDetails (RTT) : 26 ms

You can also use the -TraceRoute option to trace the exact network route used to establish connectivity with the remote site:

PS C:\> Test-NetConnection www.xbox.com -TraceRoute
 
 
ComputerName           : www.xbox.com
RemoteAddress          : 184.29.219.150
InterfaceAlias         : vEthernet (Broadcom NetXtreme Gigabit Ethernet #2 -
                         Virtual Switch)
SourceAddress          : 172.16.11.30
PingSucceeded          : True
PingReplyDetails (RTT) : 29 ms
TraceRoute             : 172.16.11.1
                         142.161.5.200
                         142.161.5.65
                         4.28.68.21
                         4.69.158.146
                         4.69.138.166
                         4.68.111.70
                         184.29.219.150

You can also use Test-NetConnection to test connectivity on a specific TCP port by including the -Port option in your command. For example, you can verify that the Xbox website can be accessed on the standard HTTP port, which is TCP port 80:

PS C:\> Test-NetConnection www.xbox.com -Port 80
 
 
ComputerName           : www.xbox.com
RemoteAddress          : 184.29.219.150
RemotePort             : 80
InterfaceAlias         : vEthernet (Broadcom NetXtreme Gigabit Ethernet #2 -
                         Virtual Switch)
SourceAddress          : 172.16.11.30
PingSucceeded          : True
PingReplyDetails (RTT) : 28 ms
TcpTestSucceeded       : True

You can also use an alias like RDP to verify TCP connectivity with the well-known port for the Remote Desktop Protocol (RDP), which is TCP port 3389. For example, you can see if SERVER1 can establish connectivity to TCP port 3389 on SERVER2:

PS C:\> Test-NetConnection SERVER2 RDP
 
 
ComputerName           : SERVER2
RemoteAddress          : 172.16.11.50
RemotePort             : 3389
InterfaceAlias         : vEthernet (Broadcom NetXtreme Gigabit Ethernet #2 -
                         Virtual Switch)
SourceAddress          : 172.16.11.30
PingSucceeded          : True
PingReplyDetails (RTT) : 0 ms
TcpTestSucceeded       : True

The success of the above test indicates that Remote Desktop is enabled on the server SERVER2.

Test-NetConnection also lets you use other aliases besides RDP for testing connectivity with well-known TCP ports. For example, you can also use the following:

  • SMB
  • HTTP
  • PING

Now see what happens when you try the RDP test against the server HOST40 on the network:

PS C:\> Test-NetConnection HOST40 RDP
WARNING: Ping to HOST40 failed -- Status: TimedOut
 
 
ComputerName           : HOST40
RemoteAddress          : 172.16.11.61
RemotePort             : 3389
InterfaceAlias         : vEthernet (Broadcom NetXtreme Gigabit Ethernet #2 -
                         Virtual Switch)
SourceAddress          : 172.16.11.30
PingSucceeded          : False
PingReplyDetails (RTT) : 0 ms
TcpTestSucceeded       : True

Note that RDP connectivity succeeded but pinging the server failed. This indicates that the server’s firewall is active and blocking the inbound ICMP messages that are being sent by SERVER1.

The Test-NetConnection cmdlet also supports an -InformationLevel option that enables you to gather more detailed information concerning the connectivity test being performed:

PS C:\> Test-NetConnection SERVER2 RDP -InformationLevel Detailed
 
 
ComputerName             : SERVER2
RemoteAddress            : 172.16.11.50
RemotePort               : 3389
AllNameResolutionResults : 172.16.11.50
                           fe80::396f:7162:ab64:fa82
MatchingIPsecRules       :
NetworkIsolationContext  : Private Network
InterfaceAlias           : vEthernet (Broadcom NetXtreme Gigabit Ethernet #2 -
                           Virtual Switch)
SourceAddress            : 172.16.11.30
NetRoute (NextHop)       : 0.0.0.0
PingSucceeded            : True
PingReplyDetails (RTT)   : 0 ms
TcpTestSucceeded         : True
You also can use -InformationLevel to suppress all output except whether the desired test was successful:
PS C:\> Test-NetConnection HOST40 RDP -InformationLevel Quiet
WARNING: Ping to HOST40 failed -- Status: TimedOut
True
PS C:\>

One final note about Test-NetConnection is that you can also run it with no parameters, like this:

PS C:\> Test-NetConnection
 
 
ComputerName           : internetbeacon.msedge.net
RemoteAddress          : 131.253.3.197
InterfaceAlias         : vEthernet (Broadcom NetXtreme Gigabit Ethernet #2 -
                         Virtual Switch)
SourceAddress          : 172.16.11.30
PingSucceeded          : True
PingReplyDetails (RTT) : 49 ms

Doing this just tests whether your server has a network connection with the Internet by testing connectivity with a remote server belonging to the DNS domain msedge.net, which is registered by Microsoft.

Some Additional Tips

Finally, here are a few more tips on this subject that I’ve gleaned from my colleagues in IT and from readers of our newsletter WServerNews.com.

DotNetPing

Ben Schultz has posted a helpful script called DotNetPing to the Script Center Repository on TechNet. The script takes the IP address or hostname or a host and pings it to give you the source IP address of the stack used to ping the host. The script is also a good example of how you can use System.NET to enhance your PowerShell scripts.

Get-NetIPConfiguration vs IPConfig

The Get-NetIPConfiguration cmdlet isn’t an exact replacement for the IPConfig command-line utility. For example IPConfig also includes switches like /flushdns /registerdns and /displaydns to manage DNS settings and the client resolver cache. You can’t use Get-NetIPConfiguration to do that but there are other PowerShell cmdlets you can use such as Clear-DNSClientCache, Register-DNSClient and Resolve-DNSName.

You can also use IPConfig with the /release and /renew switches to release and renew the DHCP configuration of network adapters on your system. Once again, you can’t use Get-NetIPConfiguration to do this but you could try using Restart-NetAdapter for this purpose.

Test port connectivity

If you want to check whether a system is “listening” i.e. whether it has a certain TCP port open for establishing network connectivity with you, you could try utilizing the Test-PortConnection function by “Techibee” which is described here.

IPConfig reimagined

You should also check out the article “IPConfig Reimagined: Building a Simple PowerShell Tool” in Issue #102 of Mark Minasi’s newsletter. Mark has some great tips on how you can list IP address info in a way that is easy to read and interpret.

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top