16 PowerShell commands for network troubleshooting

Rate this post


Windows PowerShell has revolutionized the Windows command line. From configuration management to software installation to scripting, PowerShell is one of the most powerful tools in any Windows administrator’s toolbox. And PowerShell is also useful for managing Windows network settings and services.

This article demonstrates 16 PowerShell cmdlets for network troubleshooting. The first group of cmdlets deals with displaying network information so admins can confirm it is correct. The second group covers name resolution, and the final set looks at managing network services with PowerShell.

This article doesn’t focus on learning PowerShell, but does provide a brief reminder of how to run cmdlets. The basic PowerShell syntax is verb-noun followed by possible parameters. For example, Get-Date displays the system’s current date and time.

PowerShell cmdlets use the verb-noun syntax, as with Get-Date.

Here are a few PowerShell tricks to remember:

  • PowerShell cmdlets are not case-sensitive.
  • Use the Format-Table cmdlet to organize output.
  • Use the Up arrow key to browse recent commands.
  • Use the Tab key after verbs to see what nouns are available — many options are available.
  • Use the Tab key after a parameter dash () to see the available parameters.
  • Use the Tab key after a parameter to see the valid parameter values.

Display network settings

PowerShell helps admins display or confirm existing network settings as part of troubleshooting. The following cmdlets show the current configuration.

1. Get-NetIPAddress — view IP address settings

Frequently, the first step in troubleshooting a network problem is confirming the host’s IP address configuration. While many admins use ipconfig to display this information, the Get-NetIPAddress cmdlet serves the same purpose.
Consider the following output displaying the system’s truncated IPv6 address.

Screenshot showing partial output from the Get-NetIPAddress PowerShell cmdlet
Partial output from the Get-NetIPAddress cmdlet

2. Get-NetIPConfiguration — display IP address details

Another option is to use the Get-NetIPConfiguration cmdlet to display details about the IP address settings. One major feature of this cmdlet is its ability to provide more focused information. Depending on the parameters admins include, the output displays information for specific interfaces and at varying levels of detail.
Here is the basic cmdlet.

Screenshot showing output from the Get-NetIPConfiguration cmdlet
Output from the Get-NetIPConfiguration cmdlet

Notice the InterfaceAlias and InterfaceIndex values. These values are common identifiers for referencing the interface. For example, Get-NetIPConfiguration -InterfaceAlias Ethernet is the cmdlet for an interface with the Ethernet alias. Admins could also add the -Detailed parameter for additional information. It’s even possible to combine the -InterfaceAlias and -Detailed parameters for detailed information on a specific interface.

3. Get-NetAdapter — display network interface settings

It can be helpful to display specific information about the network card itself rather than the logical addressing associated with it. Use the Get-NetAdapter cmdlet to see the interface’s attributes, including name, description, interface index, status, media access control address and link speed.
Notice the network interface information below.

Screenshot showing output from the Get-NetAdapter cmdlet
Output from the Get-NetAdapter cmdlet

4 and 5. Enable-NetAdapter and Disable-NetAdapter — up and down an interface

Admins may discover another admin has downed a network interface, or perhaps someone configured the interface as a failover and kept it in the down state. They can use the Enable-NetAdapter cmdlet to reenable — or up — an interface. Downing the interface relies on the Disable-NetAdapter cmdlet.
Watch how the state of the adapter changes in the Status column in the following example. Also, note the confirmation options displayed with the Disable-NetAdapter cmdlet.

6. Get-NetRoute — show the routing table

If admins are confident the system’s IP address settings are correct and the network interface is responsive, they may need to confirm the routing table. Rather than using the older route command, try the Get-NetRoute cmdlet instead.
Here’s the routing table information on a lab computer.

Screenshot showing output from the Get-NetRoute cmdlet
Output from the Get-NetRoute cmdlet

7 and 8. Test-Connection and Test-NetConnection — test connectivity

Ping is probably the most ubiquitous network troubleshooting tool. PowerShell has its own cmdlet for ping: Test-Connection. The syntax and responses are similar to the more generic tool.
The following example shows both ping and Test-Connection to confirm network connectivity.

Screenshot that compares ping and Test-Connection commands
Comparing ping and Test-Connection

The Test-Connection cmdlet includes many useful parameters that extend beyond the functionality of ping. Two of my favorites are -Quiet and the ability to test multiple connections simultaneously.
As seen below, quiet mode displays only the result of the connection test. To test multiple connections, separate the hostnames or IP addresses by commas.

Screenshot showing output from the Test-Connection -Quiet cmdlet with a successful test
Output from the Test-Connection -Quiet cmdlet showing a successful test
Screenshot showing output from the Test-Connection cmdlet in quiet mode with one successful and one failed result
Output from the Test-Connection cmdlet in quiet mode with one successful and one failed result

Admins can also use the Test-NetConnection for similar diagnostic information.

9. Get-NetTCPConnection — test existing connections to server

Another connectivity check is viewing existing connections to the server. Do this with the Get-NetTCPConnection cmdlet, which replaces the netstat command. The output from this command may be long depending on the current connections to the system and the network services running on it.
One way to narrow the scope of the results is to request current connections by a specific port number. For example, perhaps admins are interested in results on port 135/TCP. In that case, they can use the -LocalPort parameter, as seen below.

Screenshot showing output from the Get-NetTCPConnection cmdlet displaying connections to port 135
Output from the Get-NetTCPConnection cmdlet displaying connections to port 135

Other parameters include -State and -RemoteAddress, along with many other options.

Name resolution

Those familiar with my articles on name resolution may recognize a few of the following useful cmdlets. Name resolution is a critical part of networking because it relates easy-to-remember names with difficult-to-remember IP addresses. It’s essential to ensure the system admins are troubleshooting can resolve names and services against a DNS server.

10. Resolve-DnsName — confirm name resolution works

Begin by attempting to resolve an IP address manually with the Resolve-DnsName cmdlet. This cmdlet may replace or supplement nslookup in an admin’s toolbox.
The example below displays output from the Resolve-DnsName cmdlet.

Screenshot showing output from the Resolve-DnsName cmdlet showing the IP address
Output from the Resolve-DnsName cmdlet showing the IP address

11. Get-DnsClient — check DNS client status

Next, check the status of the DNS client software on the local machine. The Get-DnsClient cmdlet provides this information, as seen below.

Screenshot showing output from the Get-DnsClient cmdlet displaying the status of the DNS client
Output from the Get-DnsClient cmdlet showing the status of the DNS client

Use InterfaceIndex or InterfaceAlias to focus on a specific network interface.

12 and 13. Get-DnsClientCache and Clear-DnsClientCache — view and clear DNS cache

When troubleshooting client-side name resolution problems, it’s often useful to clear the DNS cache. While the cache normally makes the name resolution process more efficient, it can potentially store incorrect or outdated information, causing name resolution to fail or return false results. Admins often use ipconfig /flushdns to do this, along with ipconfig /displaydns to view the cache.
With PowerShell, the related cmdlets are Get-DnsClientCache and Clear-DnsClientCache.
The example below demonstrates how to display and clear the cache.

The Clear-DnsClientCache cmdlet returns no results, but the cache is deleted.

14. Get-DnsClientServerAddress — display configured DNS servers

Client computers may attempt to resolve names against invalid DNS servers. Display the configured DNS servers for a client by using the Get-DnsClientServerAddress cmdlet, as seen below.

Screenshot showing output from the Get-DnsClientServerAddress displaying the IP address of configured DNS servers
Output from the Get-DnsClientServerAddress displaying the IP address of configured DNS servers

Manage network services

What if troubleshooting takes admins to the server and they need to manage network services, such as DNS or Dynamic Host Configuration Protocol (DHCP)? The first thing they likely do is check the status of the service. Next, they probably restart the service. It’s surprising how often a service restart solves issues.

15. Get-Service — check service status

Identify services either by service name or display name. A parameter exists for both options. For example, check the status of a service by using the Get-Service -Name DhcpServer or Get-Service -DisplayName “DHCP Server” cmdlet, as shown below.

Screenshot showing output of Get-Service cmdlet displaying service status by name
Output of Get-Service cmdlet displaying service status by name

Check the status of the service below to get comfortable with the syntax:

Name DisplayName
dhcp

DHCP Client

DNS

DNS Server

DnsCache

DNS Client

TermService

Remote Desktop Services

ssh-agent

OpenSSH Authentication Agent

Don’t forget to enclose the DisplayName value in double quotes if it contains a space, such as in the previous DNS Client example.

16. Restart-Service — restart a service

Restarting a service uses a similar cmdlet and syntax. For example, to restart the DHCP server service, use the Restart-Service cmdlet with the -Name parameter.

Screenshot showing output of the Restart-Service cmdlet restarting the DHCP server service
Output of the Restart-Service cmdlet restarting the DHCP server service

Troubleshoot with PowerShell

Admins can use PowerShell in so many ways it’s difficult to pick only a few helpful cmdlets. The network troubleshooting cmdlets above are a great place to start for those new to PowerShell. Admins can use the cmdlets manually or integrate them into scripts and automation strategies.
Most of the cmdlets provide several parameters to display more detailed information or better focus the output on the information admins want. Chances are: If admins need network data, a cmdlet can provide it.

Leave a Comment

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

Please consider supporting us by disabling your ad blocker on our website