Operating System

Network Diagnostics Tools Feature Overview

By Sherwood Lawrence
Microsoft Corporation
Published: November 2001

Abstract

This technical article describes the network diagnostics tools now available in the Windows® XP
operating system. The tools discussed are the Network Diagnostics Web page based on the Windows
Management Instrumentation (WMI) framework, the Support Tab now included on network
connections, the Task Manager enhancements (Networking Tab), and the Repair link now included on
network connections. This document is intended primarily for network engineers and support
professionals to help in troubleshooting and diagnosing network-related errors.
 Microsoft® Windows® XP Technical Article

The information contained in this document represents the current view of

Microsoft Corporation on the issues discussed as of the date of
publication. Because Microsoft must respond to changing market
conditions, it should not be interpreted to be a commitment on the part of
Microsoft, and Microsoft cannot guarantee the accuracy of any
information presented after the date of publication.
This document is for informational purposes only. MICROSOFT MAKES
NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION
IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the
user. Without limiting the rights under copyright, no part of this document
may be reproduced, stored in or introduced into a retrieval system, or
transmitted in any form or by any means (electronic, mechanical,
photocopying, recording, or otherwise), or for any purpose, without the
express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights,
or other intellectual property rights covering subject matter in this
document. Except as expressly provided in any written license agreement
from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual
property.
© 2001. Microsoft Corporation. All rights reserved. Microsoft and Windows
are either registered trademarks or trademarks of Microsoft Corporation in
the United States and/or other countries.
The names of actual companies and products mentioned herein may be
the trademarks of their respective owners.
 Microsoft® Windows® XP Technical Article

Contents
Acknowledgements...................................................................................................................... v

Introduction................................................................................................................................... 1

The Network Dilemma................................................................................................................. 1

Network Diagnostics Features.................................................................................................... 3

A New Wealth of Tools................................................................................................................ 3

Network Diagnostics Web Page and Netsh Helper..................................................................3

Network Connections Support Tab.......................................................................................... 3

Network Connection Repair Link............................................................................................. 3

Task Manager Network Tab..................................................................................................... 3

Network Diagnostics Web Page and Netsh Helper....................................................................4

Design Objective......................................................................................................................... 4

Applications............................................................................................................................. 4

Providers................................................................................................................................. 4

Registry................................................................................................................................... 4

The Network Diagnostics Web Page........................................................................................... 5

How Do I Access This Tool?.................................................................................................... 5

User Interaction....................................................................................................................... 5

The Network Diagnostics NETSH Helper....................................................................................8

How do I access this tool from the command line?..................................................................8

What Specific Information Do These Tools Display?.................................................................10

Computer Information............................................................................................................ 10

Modems and Network Adapters............................................................................................. 11

What Specific Information Do These Tools Test?......................................................................15

The Network Diagnostics WMI provider....................................................................................16

How to access the WMI provider........................................................................................... 16

The Network Diagnostics Log Provider.....................................................................................17

How to Access the Log provider............................................................................................ 17

Windows XP WMI Providers..................................................................................................... 17

Network Connections Support Tab........................................................................................... 18

Design Objective....................................................................................................................... 18
 Microsoft® Windows® XP Technical Article

How do I access the Support Tab?............................................................................................18

What Specific Information Does This Tab Display?...................................................................18

Network Connections Repair Link............................................................................................. 21

Design Objectives..................................................................................................................... 21

How Do I Access the Repair Link?............................................................................................21

What Specific Repair Steps Are Taken?....................................................................................21

Task Manager Network Tab........................................................................................................ 23

Design Objectives..................................................................................................................... 23

How do I access the Networking Tab in Task Manager?...........................................................23

What New Features Are Supported?......................................................................................... 23

Network Diagnostics Troubleshooting.....................................................................................25

Providing a Solution.................................................................................................................. 25

Common Issues........................................................................................................................ 25

Dial-up and VPN Scenarios................................................................................................... 25

Primary and Secondary WINS servers..................................................................................26

IP Filters Enabled.................................................................................................................. 26

TV Adapters........................................................................................................................... 26

1394 and PC Card (PCMCIA) Adapters.................................................................................26

Empty DNS Server Scope Options........................................................................................ 27

Proxy Server Settings Appear When Proxy Server is Not Enabled........................................27

Summary..................................................................................................................................... 28

Related Links................................................................................................................................ 29
 Microsoft® Windows® XP Technical Article

Acknowledgements
Network Diagnostics Team, Microsoft Corporation.

v
 Microsoft® Windows® XP Technical Article

Introduction
The Network Dilemma
Diagnosing network related problems can consume a considerable amount of time and lead to frustration for
consumers not trained as network experts. Network problems can be the result of a wide range of issues,
from minimal disruptions in service to simple configuration problems of the operating system. In order to
tackle network problems, the computer industry leans heavily toward a layered network approach, known as
the ISO/OSI (International Organization for Standardization Open System Interconnection) model. Another
model used is the standard TCP/IP model, also a layered network approach. The layers of both models are
shown below in Figure 1. The stratification of the network allows a programmer to focus on a layer within a
model, without having to understand the layers above or below.

Figure 1. The network architecture model

While this is an excellent approach for building networks, the layered approach falls short in cooperative error
reporting. Applications generally must work independently of the network environment, and lower layers of
the network do not generally report meaningful errors to upper layer applications. The result is that lower
layer network problems can cause upper layer application problems without giving any information about why
the errors are occurring.

Applications do not have sophisticated methods for identifying and correcting network related errors.
Because specific problems are not identified for the application by the network, no corrective action can be
taken. This results in confusion and frustration for consumers, who must then call support professionals to
help solve their application problems.

Network Diagnostics Tools Feature Overview 1

 Microsoft® Windows® XP Technical Article

Support professionals must then embark on one of two strategies, depending on accessibility of the machine.
One, spend time teaching the consumer command line utilities such as PING, Telnet, and others (frequently
used by phone support) or Two, ask the user to allow the support professional to work at the machine while
the consumer/user does something else during the troubleshooting process (frequently used by onsite
support).

In both cases, fixing network related problems in a timely fashion requires methodical troubleshooting
techniques. The first critical step is gathering information about the consumer’s machine. The second critical
step is identifying what works and what doesn’t. Many of the tools and techniques used in this process only
frustrate a consumer who is not interested in the command line tools and interfaces that are necessary to
solve the problem. On the other hand, support professionals generally prefer command line utilities for their
speed and batch capabilities.

Question: How does the support professional gather the required information unobtrusively and solve the actual
problem in a timely fashion, assuring a satisfactory customer experience?

The answer is the new suite of Network Diagnostics Tools. For consumers, there are new graphical HTML–
based and windows based tools that are simple to click and use, and for administrators, there are still
command line tools for batch execution and scripts. This new suite of tools is effective for both the consumer
and the administrator.

Regardless of which Network Diagnostics tool is run, the support professional and consumer will find useful
information or the immediate resolution to a problem. These tools help eliminate the necessity for consumers
to ever have to use a command line utility, while also providing command line tools for the administrator,
making the troubleshooting experience easier for everyone.

Network Diagnostics Tools Feature Overview 2

 Microsoft® Windows® XP Technical Article

Network Diagnostics Features

A New Wealth of Tools
With the emerging importance of networks within the home, it has become necessary to provide a wide range
of troubleshooting and diagnostics tools that are easily run and easily understood. Along these lines, the
Network Diagnostics Team now offers several mechanisms for helping diagnose and fix network related
problems. The current tool set now includes four primary additions to the Windows XP operating system.
These are the Network Diagnostics Web Page, the Network Connections Support Tab, the Network
Connections Repair Link, and the Task Manager networking tab. Each of these are summarized below and
are further detailed in respective sections that appear later in this document.

Network Diagnostics Web Page and Netsh Helper

The Network Diagnostics Web Page in Windows XP was designed to make it easy for both the consumer and
the support professional to quickly gain usable information about the consumer’s home network environment.

This tool provides a wealth of information to the user. It includes computer and operating system information,
adapter information, ping and connect tests, and many other features for diagnosing network problems.

Network Connections Support Tab

This addition to the network connection status page promises to become widely used for resolving network
problems. This enhancement provides all of the information and tasks that the Win9x support tool
Winipcfg.exe used to provide while improving it in the process.

Network Connection Repair Link

Quite possibly the coolest network diagnostics tool yet, the repair link performs a series of safe configuration
repair steps that support professionals normally ask a customer to perform during the first few minutes of a
support call. By automating these initial repair steps into a single task, users now have considerable
troubleshooting and problem fixing power within one click of a mouse.

Task Manager Network Tab

Another useful addition to the network diagnostics family is the network tab within Task Manager. This tab
displays each network adapter on the machine, LAN or WAN, and displays the percentage network utilization
and other metrics for the adapter. This is useful in those situations where a user is not sure whether the
network traffic is high or whether a server is just slow in responding. By using this tool, users have a quick
guide to how well their network is performing.

Network Diagnostics Tools Feature Overview 3

 Microsoft® Windows® XP Technical Article

Network Diagnostics Web Page and Netsh Helper

Design Objective
As part of the development of the Network Diagnostics Web page and Netsh Helper, it was necessary to
achieve two primary objectives: Provide a friendly and usable web application that would be easy for
consumers to use and provide a powerful command line tool for administrators and support professionals.
The result is the architecture illustrated in Figure 2.

In order to understand this architecture, it is necessary to break it down into functional component areas. The
top layer contains applications that consume information, the middle layer consists of providers of
information, and the lower layer is the operating system registry, where many parameters are stored.

Applications
The Network Diagnostics Web Page
The Network Diagnostics Netsh Helper (Command Line)
Third-Party Applications/Scripts

Providers
The Network Diagnostics WMI Provider
The Network Diagnostics Log Provider
The Windows XP WMI Providers

Registry
The Windows XP Registry

Figure 2. The Windows XP Network Diagnostics model

Network Diagnostics Tools Feature Overview 4

 Microsoft® Windows® XP Technical Article

The Network Diagnostics Web Page

For many consumers, the Web page will be the first tool run when trying to diagnose a networking problem.

How Do I Access This Tool?

There are a number of ways to run the Network Diagnostics Web page. Each way results in the tool running
and gathering the current network configuration. The following methods will run the Network Diagnostics Web
page. Methods to find the Web page may vary slightly depending on menu and window styles:

Windows Classic Style

 Click Start, and then click Help and Support. On the Help and Support page, under Pick a Task, click
Use Tools to view your computer information and diagnose problems. In the left hand column of the
tools page, click Network Diagnostics.

Windows XP Style
 In Control Panel, click Network and Internet Connections in the bottom left corner, and then click the
link named Network Diagnostics.
 From a command prompt, type netsh diag gui.
 Click Start, and then click Run. Enter the Help and Support command syntax:
hcp://system/netdiag/dglogs.htm and click OK.

Once run, the Web page for the Network Diagnostics Tool appears as shown in Figure 3.

Figure 3. The Windows XP Network Diagnostics Tool

User Interaction
As soon as the Web page is launched, the user is given the choice of whether to set scanning options or to

Network Diagnostics Tools Feature Overview 5

 Microsoft® Windows® XP Technical Article

start a diagnostics scan.

Scanning Options
If the User selects the “Set scanning options” link, a drop down page appears allowing the user to check or
uncheck the options that the User is interested in diagnosing. This can be useful, particularly if you know
certain tests are failing and you want to avoid those for time purposes while troubleshooting a more generic
network problem. For instance, you may want to stop the proxy test until you can confirm the default gateway
test passes. The available options are shown below.

The “Actions” check boxes on the top indicate actions to take. These actions work in conjunction with the
various categories. For instance, it is possible to select only “Ping” and “Internet Proxy Server”.

Figure 4. The Windows XP Network Diagnostics Scanning Options

Scanning with only these options would result in the Web page only showing the results that occurred when
attempting to ping the Internet Proxy server. No other tests would be run in this scenario.

Once the desired options are selected, a user can click Save Options. This saves the currently selected
options as the new default for Network Diagnostics. It is not necessary for the user to click this button in order
to run a custom set of scanning options. The user only needs to click this button to change to long term
behavior of Network Diagnostics.

Note the last five category options. These options are already included in the “Network Adapters” scanning

Network Diagnostics Tools Feature Overview 6

 Microsoft® Windows® XP Technical Article

category, but are included separately as well.

The defaults for Network Diagnostics are shown in Figure 4. Once the user has decided to keep the default
settings or make custom modifications, the next step is to click the Scan your system link.

Starting a Scan
Clicking the “Scan your system” link begins the gathering and testing of various network components. Once
the tool has completed its tests, it displays the results for each test. By default, the tool finds computer
information, enumerates network adapters, attempts resource connections, as well as attempting to ping
configured network services. It reports both successful and unsuccessful attempts to reach network
resources.

Once completed, the Network Diagnostics page appears as shown in Figure 5.

Figure 5. The Windows XP Network Diagnostics Results

For each test a result could take on several forms. A result of “Not Configured” means the option requested
could not be tested because it needs to be configured, or is not configured. If the component is configured,
then the user may see results of PASSED or FAILED. If any test results in a FAILED status, the failure is
populated up to the top of that section. For instance, under “Network Adapters”, if a default gateway test
failed, that failure would be populated up to the top of the “Network Adapters” section. A consumer or support
professional is quickly able to determine if a network error has occurred and needs to be further investigated.

The results of the Network Diagnostics Tool can be used in two ways. They can be used to find information
about the system, or as a quick check to see if there are any network problems.

Navigating Results
Once the tests are completed, the user has the option of expanding/contracting trees of data, by clicking on
the ‘+’ or ‘-‘ boxes. This is particular useful for the Network Adapter section, where test data may be under
several levels of the tree.

Network Diagnostics Tools Feature Overview 7

 Microsoft® Windows® XP Technical Article

Saving Results
They also have the ability to save the results for later inspection, either by themselves or a support
professional. A button labeled “Save to File…” is provided so that the user can easily save results.

Sometimes a user or support professional may want to view saved files from previous diagnostics efforts. By
selecting the “Show saved files” link, the user is taken directly to the location where Network Diagnostics
saves files for archival purposes.

Network Diagnostics by default checks the scanning option for “Save to Desktop”. This means that whenever
the “Save to File” link button is selected, two files are saved, one in the PCHealth directory and one on the
desktop. This is done to make it easy for users to locate saved files. This option can be disabled under the
scanning options.

Saved files are located in the \%windir%\pchealth\helpctr\system\netdiag directory. File sizes average 21-
25K. One of the advantages of saving the log files in the PCHEALTH system directory is that the logs are
protected from tampering once they are saved.

Each file is given a unique name to distinguish it from previously saved log files. The format of the saved file
is as follows:

Netdiag(Day)(Month)(Year) (Hour)(Minute)(Seconds).htm

For example, a file created on April 3, 2000 at exactly 1:00pm would have the following file name:

Netdiag03042000 130000.htm

Output saved a minute and a half later would have the following filename:

Netdiag03042000 130130.htm

Note the time format is in military time.

The Network Diagnostics Netsh Helper

Not all users of the Network Diagnostics tool will want to run the HTML version of the tool, preferring instead
to run tests from a command line or use the command line accessibility in automated scripts. By integrating
Network Diagnostics into the Netsh interface, both user needs and automation needs can both be achieved.

How Do I Access this Tool from the Command Line?

Network diagnostics is now provided as a “helper” to the Netsh utility. In order to access this helper, go to a
command prompt and type netsh -c diag. This loads the “diag” helper and allows input of diagnostic
commands. Once in the “diag” context, the following commands are available:

? or help - Displays help or actions available

connect - Connect to network resources (type “connect help”)
ping - Ping network resources (type “ping help”)
show - Show network resources (type “show help”)
gui - Runs the web based version of Network Diagnostics

? or help

Use of this command prints the command options of Diag if you are in the Diag context. Otherwise, it shows

Network Diagnostics Tools Feature Overview 8

 Microsoft® Windows® XP Technical Article

you the available commands of netsh or of any other helper you might be in.

Connect

The connect command allows you to perform connection tests to the following:

IE Proxy – Tests connection to the default IE Proxy port

IP host – Tests connection to a user-defined port
Mail – Tests connection to the default Outlook Express mail server
News – Tests connection to the default Outlook Express news server

Ping

The ping command allows you to perform ping tests to the following:

Adapter – Tests ability to ping all configured addresses on each adapter

DHCP – Tests ability to ping a DHCP server, if configured
DNS – Tests ability to ping all configured DNS servers
Gateway – Tests ability to ping all configured default gateways
IE Proxy – Tests ability to ping default IE Proxy server
IP – Tests ability to ping the IP addresses of each adapter
IP host – Tests ability to ping user-defined IP address or hostname
Loopback – Tests ability to ping the loopback adapter
Mail – Tests the ability to ping the default Outlook Express Mail server
News – Tests the ability to ping the default Outlook Express News server
WINS – Tests the ability to ping all configured WINS servers
Show

The show command allows you to see the configuration of the following:

Adapter – Shows all adapters with an IP address bound

All – Shows everything below, but does not run tests
Client – Shows the currently installed network clients on the system
Computer – Shows the current computer information of the system
DHCP – Shows any configured DHCP server IP addresses for all adapters
DNS – Shows any configured DNS servers for all adapters
Gateway – Shows any configured default gateways for all adapters
IE Proxy – Shows the default configured IE Proxy server
IP – Shows any configured IP addresses for all adapters
Mail – Shows the default configured Outlook Express Mail server
Modem – Shows any configured modems on the system
News – Shows the default configured Outlook Express News server
OS – Shows the current operating system information of the system
Test – Special command that runs and displays all tests
Version – Shows the version information of WMI and the OS
WINS – Shows any configured WINS servers for all adapters

The show command has two switches that can be used to gain different levels of information detail.

/p - shows all properties with values

Network Diagnostics Tools Feature Overview 9

 Microsoft® Windows® XP Technical Article

/v - show all properties, including properties with no values

Special Syntax

Often administrators and support professionals want the same information the Web page would have
provided, but through a command line syntax or batch file. The following command run from the Diag helper
performs all of the same steps that would be run by default using the Web page:

show test

An additional command allows administrators and support professionals to run the Web page from typing
netsh diag gui at the Start -> Run command or at a command prompt.

What Specific Information Do These Tools Display?

Before running the Network Diagnostics Web page or Netsh Diag helper, it is useful to know exactly what
information will be provided when these tools are run. The following sections display complete lists of
information that is reported and information that is tested. This list is a combination of the information
provided by the Network Diagnostics WMI provider and several of the Windows XP WMI providers of the
operating system.

The following is an example of the items and information that are reported:

Services

Outlook Express default mail server.

Outlook Express default news server.
Internet Explorer proxy server (Winsock Proxy is not detected).

Computer Information
Operating System
BootDevice = \\Device\Harddisk0
BuildNumber = 2514
BuildType (empty)
Caption = Microsoft Windows
CodeSet = 1252
CountryCode = 1
CreationClassName = Win32_OperatingSystem
CSCreationClassName = Win32_ComputerSystem
CSDVersion =
CSName = COLUMBO-TEST
CurrentTimeZone = -480
Debug (empty)
Description = Test Machine
Distributed (empty)
ForegroundApplicationBoost (empty)
FreePhysicalMemory = 54148

Network Diagnostics Tools Feature Overview 10

 Microsoft® Windows® XP Technical Article

FreeSpaceInPagingFiles = 1929044
FreeVirtualMemory = 1983192
InstallDate = 20000307055202.000000-480
LastBootUpTime (empty)
LocalDateTime = 20000309121053.060000-480
Locale = 0409
Manufacturer = Microsoft Corporation
MaxNumberOfProcesses = -1
MaxProcessMemorySize = 2093056
Name = Microsoft Windows ME|C:\WINDOWS|
NumberOfLicensedUsers (empty)
NumberOfProcesses = 14
NumberOfUsers (empty)
Organization = msft
OSLanguage = 1033
OSProductSuite (empty)
OSType = 17
OtherTypeDescription (empty)
PlusProductID (empty)
PlusVersionNumber (empty)
Primary = True
QuantumLength (empty)
QuantumType (empty)
RegisteredUser = test
SerialNumber (empty)
ServicePackMajorVersion (empty)
ServicePackMinorVersion (empty)
SizeStoredInPagingFiles = 1966632
Status = OK
SystemDevice (empty)
SystemDirectory = C:\WINDOWS\SYSTEM
TotalSwapSpaceSize (empty)
TotalVirtualMemorySize = 2097148
TotalVisibleMemorySize = 130516
Version = 4.90.2514
WindowsDirectory = C:\WINDOWS

Miscellaneous
OS Version = 4.90.2514
WMI Version = 1164.0003

Modems and Network Adapters

Modems
AnswerMode (empty)
AttachedTo = COM3

Network Diagnostics Tools Feature Overview 11

 Microsoft® Windows® XP Technical Article

Availability (empty)
BlindOff = X4
BlindOn = X3
Caption = MT5634ZBA-USB Modem
CompatibilityFlags (empty)
CompressionInfo (empty)
CompressionOff = %C0
CompressionOn = %C1
ConfigManagerErrorCode (empty)
ConfigManagerUserConfig (empty)
ConfigurationDialog = modemui.dll
CountrySelected = United States of America
CreationClassName = Win32_PotsModem
Description = MT5634ZBA-USB Modem
DeviceID = USB\MULTIUSB\WDMMDM0
DeviceLoader = *vcomm
DeviceType = External Modem
DialType (empty)
DriverDate (empty)
ErrorCleared (empty)
ErrorControlForced = \N4
ErrorControlInfo (empty)
ErrorControlOff = \N1
ErrorControlOn = \N3
ErrorDescription (empty)
FlowControlHard = &K3
FlowControlOff = &K0
FlowControlSoft = &K4
InactivityScale = "3c000000"
InactivityTimeout (empty)
Index (empty)
InstallDate (empty)
LastErrorCode (empty)
MaxBaudRateToPhone (empty)
MaxBaudRateToSerialPort (empty)
MaxNumberOfPasswords (empty)
Model = MT5634ZBA-USB Modem
ModemInfPath = MDMLUC.INF
ModemInfSection = Modem2
ModulationBell = B1B16B2
ModulationCCITT = B0B15B2
ModulationScheme (empty)
Name = Unimodem.vxd
PNPDeviceID = USB\MULTIUSB\WDMMDM0
PortSubClass = "02"
PowerManagementSupported (empty)

Network Diagnostics Tools Feature Overview 12

 Microsoft® Windows® XP Technical Article

Prefix = AT
ProviderName = Lucent
Pulse = P
Reset = AT&F
ResponsesKeyName (empty)
RingsBeforeAnswer (empty)
SpeakerModeDial = M1
SpeakerModeOff = M0
SpeakerModeOn = M2
SpeakerModeSetup = M3
SpeakerVolumeHigh = L3
SpeakerVolumeInfo (empty)
SpeakerVolumeLow = L0
SpeakerVolumeMed = L2
Status = OK
StatusInfo = 3
StringFormat (empty)
SupportsCallback (empty)
SupportsSynchronousConnect (empty)
SystemCreationClassName = Win32_ComputerSystem
SystemName = COLUMBO-TEST
Terminator =
TimeOfLastReset (empty)
Tone = T
VoiceSwitchFeature (empty)

Network Adapters
Caption = [0003] Intel(R) PRO PCI Adapter
ArpAlwaysSourceRoute = (empty)
ArpUseEtherSNAP = (empty)
DeadGWDetectEnabled = (empty)
Description = Intel(R) PRO PCI Adapter
MACAddress = 00:D0:B7:1F:D7:29
ServiceName = (empty)
DatabasePath = (empty)
DefaultGateway =
DefaultTOS = (empty)
DefaultTTL = (empty)
DHCPEnabled = TRUE
DHCPLeaseObtained = 03/09/00 12:09:21:
DHCPLeaseExpires = 03/09/00 12:12:21:
DHCPServer = 10.0.0.4
DNSDomain = columbo.test.com
DNSDomainSuffixSearchOrder = (empty)
DNSEnabledForWINSResolution = (empty)
DNSHostName = COLUMBO-TEST

Network Diagnostics Tools Feature Overview 13

 Microsoft® Windows® XP Technical Article

DNSServerSearchOrder =
ForwardBufferMemory = (empty)
GatewayCostMetric = (empty)
IGMPLevel = (empty)
IPAddress = 10.0.0.193
IPFilterSecurityEnabled = (empty)
IPPortSecurityEnabled = (empty)
IPSecPermitIPProtocols = (empty)
IPSecPermitTCPPorts = (empty)
IPSecPermitUDPPorts = (empty)
IPSubnet = 255.255.255.0
IPUseZeroBroadcast = (empty)
KeepAliveInterval = (empty)
KeepAliveTime = (empty)
MTU = (empty)
NumForwardPackets = (empty)
PMTUBHDetectEnabled = (empty)
PMTUDiscoveryEnabled = (empty)
TCPMaxConnectRetransmissions = (empty)
TCPMaxDataRetransmissions = (empty)
TCPNumConnections = (empty)
TCPUseRFC1122UrgentPointer = (empty)
TCPWindowSize = (empty)
WINSEnableLMHostsLookup = (empty)
WINSHostLookupFile = (empty)
WINSPrimaryServer = 10.0.0.11
WINSScopeID = (empty)
WINSSecondaryServer = 10.0.0.12
IPXEnabled = (empty)

Installed Clients
Description = Client for Microsoft Networks
InstallDate = 20000305160000.000000-480
Manufacturer = Microsoft
Name = Client for Microsoft Networks
Status = OK

Network Diagnostics Tools Feature Overview 14

 Microsoft® Windows® XP Technical Article

What Specific Information Do These Tools Test?

The following list details the items tested by the Network Diagnostics Tool. The two tests used are a PING
test and a TCP connection test. The following list shows each service or parameter that may be tested and
which tests are used for that service or parameter. Individual machines may not have all of these parameters
configured or they may not be applicable, and therefore Network Diagnostics may not perform all of the listed
tests.

PING Tests

Loopback address – Pings 127.0.0.1

IP address(s) per adapter – Manual or assigned by DHCP
Default Gateway(s) per adapter – Manual or assigned by DHCP
DHCP server(s) per adapter- Only if adapter has a DHCP assigned IP address
DNS server(s) per machine – Manual or assigned by DHCP
WINS server(s) per adapter – Manual or assigned by DHCP
Outlook Express Default Mail Server – IP address or hostname
Outlook Express Default News Server – IP address or hostname
IE Web Server (Winsock Proxy is not detected) – IP address or hostname
User-defined IP address – IP address or hostname

TCP Connection Tests

Outlook Express Default Mail Server tests the following ports:

POP3 port 110 – IP address or hostname
POP2 port 109 – IP address or hostname
SMTP port 25 – IP address or hostname
IMAP port 143 – IP address or hostname
User configured SMTP port – IP address or hostname

Outlook Express Default News Server tests the following ports:

NNTP port 119 – IP address or hostname
User configured News port – IP address or hostname

IE Proxy Server (Winsock Proxy is not detected) tests the following ports:
User configured IE Proxy port in IE settings – IP address or hostname

Network Diagnostics Tools Feature Overview 15

 Microsoft® Windows® XP Technical Article

The Network Diagnostics WMI provider

Web-Based Enterprise Management (WBEM) describes a collection of technologies designed to integrate
existing standards of systems management into an architecture that can be managed using any Web
browser. Microsoft’s implementation of WBEM is Windows Management Instrumentation (WMI). The Network
Diagnostics Web page and Netsh helper use WMI extensively. The Network Diagnostics WMI provider is the
component responsible for querying the system registry for parameters of interest, such as mail and news
configuration. It is also responsible for running tests and reporting results to the Network Diagnostics Log
provider or other scripting mechanism.

How to access the WMI provider

The Network Diagnostics WMI provider exposes an interface for developers to initiate network tests both
locally and remotely. The Network Diagnostics WMI provider supports the ability to query for information and
provides two methods of testing network resources via PING and TCP connections.

The Network Diagnostics provider resides within the root\cimv2 namespace. Once the namespace has been
connected to, enumerate an instance of NetDiagnostics and the instance data for diagnostics should be
available.

Developers also have a choice in the tools they wish to use to access this information. They can use
JavaScript, VBScript, C, C++, and many other programming languages supported by the WMI framework.

Examples of the properties that can be accessed via the Network Diagnostics WMI provider are shown here:

Netdiag.IEProxy What is the currently configured proxy server?

Netdiag.IEProxyPort What proxy port is IE using?
Netdiag.NewsServer What is the currently configured news server?
Netdiag.NewsNNTPPort What news port is Outlook Express using?

Examples of the methods provided by the Network Diagnostics WMI provider are shown here:

Netdiag.Ping (addr, str) PING address

Netdiag.ConnectToPort (addr, port) Connect to address and port

Network Diagnostics Tools Feature Overview 16

 Microsoft® Windows® XP Technical Article

The Network Diagnostics Log Provider

The Network Diagnostics Log Provider is the central mechanism for delivering information to the Web page
and the Netsh helper. It is also possible for 3rd party scripting mechanisms to access this provider through
scripts.

When either the netsh context is launched or the HTML page is launched, the Network Diagnostics Log
Provider gathers network resource information from the Windows XP WMI providers and the Network
Diagnostics WMI provider. The Log Provider sends the necessary instructions to the Network Diagnostics
WMI provider for testing the availability of the resources configured on the machine.

How to Access the Log provider

The Network Diagnostics Log provider exposes a single interface for developers to initiate network tests both
locally and remotely. Numerous flags can be set depending on what information is desired. All information
that is queried through the Log provider is returned in XML format.

The information available via the provider includes all of the same information available via the WMI provider,
but with extended functionality. For instance, if a developer wanted to use the WMI provider to write a web
page that pinged the proxy server, the developer would first have to find out what the proxy server settings
were, and then pass that information to the ping function. By using the Log provider, the developer would only
have to use one function and set the flags indicating that the proxy server should be pinged. The difference is
that the WMI provider provides the result data in raw format and the Log provider provides the data in XML
format.

Developers also have a choice in the tools they wish to use to access this information. They can use
JavaScript, VBScript, C, C++, and many other programming languages, as long as the XML data is desired.

Windows XP WMI Providers

The best way to access the list of available WMI providers in Windows XP is to install the WBEM SDK and
use the web browse tool to view all of the different providers available. The Network Diagnostics tool
specifically looks at information from the providers below, although many more are available:

Win32_NetworkAdapterConfiguration
Win32_ComputerSystem
Win32_POTSModem
Win32_NetworkClient
Win32_OperatingSystem
Win32_WMISetting

Network Diagnostics Tools Feature Overview 17

 Microsoft® Windows® XP Technical Article

Network Connections Support Tab

Design Objective
The popularity of the Winipcfg.exe tool for Windows 95, Windows 98, and Windows Millennium Edition made
it clear that consumers, administrators, and support professionals found it useful to be able to display the IP
configuration information on LAN and WAN adapters. Therefore the challenge for the Network Diagnostics
team was to provide the same or better functionality in the Windows XP operating system. The solution was
to provide an additional tab called “Support” to the normal status page of an adapter.

How do I access the Support Tab?

There are two ways to access the Support tab.
 Double-click a network connection icon in the connections folder to bring up the status page, then
click the Support tab.

 Click the information balloon that appears in the system tray when your IP configuration becomes
invalid.

Either of these steps brings up the window as shown in Figure 6.

Figure 6. The Windows XP Network Support Tab

What Specific Information Does This Tab Display?

The Support tab now contains all of the information that used to be available with winipcfg.exe and improves
the old Winipcfg.exe functionality by including a button link to the Repair feature. It includes the following
information:

Network Diagnostics Tools Feature Overview 18

 Microsoft® Windows® XP Technical Article

 Address Type – In any of the below configurations

o Assigned by DHCP

o Manually Configured

o Automatic Private Address (169.255.x.x)

o Invalid IP Address (0.0.0.0) because of:

 IP address conflict

 DHCP unavailable and Autonet disabled

 IP Address – Manual or assigned by DHCP

 Subnet Mask – Manual or assigned by DHCP

 Default Gateway – Manual or assigned by DHCP

Clicking the Details Tab lets you view more detailed information about the network adapter information,
including:

Physical Address – Mac address

IP Address
Subnet Mask
Default Gateways – If configured
DHCP Server – If configured
DHCP Lease Obtained – If configured
DHCP Lease Expires – If configured
DNS Servers – Manual or assigned by DHCP
WINS Servers – Manual or assigned by DHCP

Network Diagnostics Tools Feature Overview 19

 Microsoft® Windows® XP Technical Article

Figure 7. Network Connection details

Network Diagnostics Tools Feature Overview 20

 Microsoft® Windows® XP Technical Article

Network Connections Repair Link

Design Objectives
When consumers find it necessary to call support or a help center, they are generally told to perform a
common series of network diagnostics steps to help the support professional locate the actual networking
problem. The goal of the Repair link was to automate many of the common troubleshooting steps that are
useful in solving these problems. It was also critically important during the development of the Repair link that
the team choose repair steps that would not put the consumer in a worse position than they were in when
they ran this feature.

How Do I Access the Repair Link?

The Repair Link can be accessed three ways:

 Right-click a network connection icon in the Network Connections folder and click Repair Link.

 Right-click the information balloon that appears in the system tray when your IP configuration
becomes invalid and click Repair Link.

 From the Status dialog box, click the Support tab, and then click Repair.

 When selecting a network connection, look in the left-hand column (if shown) for the Repair this
connection link.

Figure 8. The Windows XP Networking Repair Functionality

What Specific Repair Steps Are Taken?

When deciding what repair steps would be taken, it was vitally important to the Network Diagnostics team
that it be impossible to put the consumer in a worse position than they were already in. With this key
objective in mind, the following steps are run when the Repair Link is selected.

The Repair link initiates six of the most common troubleshooting steps that support professionals generally
ask customers to perform when starting to diagnose a problem. These steps are shown below in the order

Network Diagnostics Tools Feature Overview 21

 Microsoft® Windows® XP Technical Article

that they are initiated:

Broadcast DHCP Lease Renew

This is the equivalent of a DHCP broadcast renewal at 87.5% of the lease time. This was chosen because it
is far safer than actually doing an DHCP release, then a DHCP renew. If a DHCP server is unavailable to
renew the address, the consumer machine keeps the current one it has, while if a new DHCP server comes
online, the DHCP can NACK the client and restart the lease process, potentially fixing a computer's IP
address problems.

Flush ARP cache

Sometimes, an ARP cache entry can become stale and communication cannot occur again until the bad ARP
cache entry expires. It is also possible that a bad static ARP cache entry could have been placed on the
machine and would never expire. The ARP cache is naturally flushed at 2 and 10 minute intervals, so this
operation is considered safe.

Note: If your organization relies on static ARP cache entries, make sure there is a mechanism for adding the entries
back in once this tool is run.

Nbtstat –R
Many times, the NetBIOS cache can have stale entries and communication cannot occur. This step simply
clears the NetBIOS name cache and reloads any NetBIOS name entries in the Lmhosts file with the #PRE
flag.

Nbtstat -RR
This step is the equivalent of re-registering the machines names with a WINS server. This can be very useful
in troubleshooting NetBIOS name resolution problems. It is important to note that both nbtstat –RR, and thus
the repair link functionality, simply schedule the name refresh with the operating system and return without
checking to determine if the refresh was successful.

Flush DNS cache

This step clears the DNS cache entries from memory and flushes any potentially old or bad name to IP
mappings. This can be very useful in troubleshooting DNS name resolution problems.

Register DNS name

This step is the equivalent of re-registering the machines DNS name with a Dynamic DNS server.

Network Diagnostics Tools Feature Overview 22

 Microsoft® Windows® XP Technical Article

Task Manager Network Tab

Design Objectives
This tool was designed to help visually interpret the amount of network traffic occurring on a network
connection. This tool is designed to help in troubleshooting possible network congestion issues by giving the
user a quick snapshot of network availability. As part of the current client-centric design of the tool, it only
supports LAN connections and outgoing WAN connections. Incoming WAN connections are not monitored.

How do I access the Networking Tab in Task Manager?

The Networking Tab can be accessed two ways:

 Right-click the taskbar and choose Task Manager. When Task Manager opens, select the
Networking Tab.

 Simultaneously press the Crtl – Alt – and ESC keys. When Task Manager opens, select the
Networking Tab.

Figure 9. The Windows XP Networking Tab in Task Manager

Network Diagnostics Tools Feature Overview 23

 Microsoft® Windows® XP Technical Article

What New Features Are Supported?

The Networking tab provides a wide range of features. For a complete look at the new menus that have been
added, see below:

New Task Manager Networking “Options”

 Tab Always Active. This selection indicates whether the Networking Tab should collect information,
even though the networking tab is not selected.

 Show Cumulative Data. This selection allows the user to see the cumulative data collected for
summary categories since Task Manager was opened.

 Auto Scale. The graphs maintain the scale dynamically by looking at the largest amount of traffic
that appears within the specified interval.

 Reset. Resets current window data and counters.

 Show Scale. This selection displays the scale currently used to draw the graph, this is useful in low
bandwidth scenarios.

New Task Manager Networking “View”

 Refresh Now. Resets the current view data and resets display counters to zero.

 Update Speed. Determines how often the adapters are polled to create the graphs. Polling can be
set to occur at High (.5 seconds), Normal (1 seconds), Low (2 seconds), or Paused (discontinues
polling)

 Network Adapter History. It is possible to display three different kinds of data sets: Bytes Sent,
Bytes Received, and Bytes Total.

 Select columns. Select columns allows the user to display a large range of data below the graphs,
as evidenced by Figure 10.

Network Diagnostics Tools Feature Overview 24

 Microsoft® Windows® XP Technical Article

Figure 10. The Windows XP Networking Tab Columns View in Task Manager

Network Diagnostics Tools Feature Overview 25

 Microsoft® Windows® XP Technical Article

Network Diagnostics Troubleshooting

Providing a Solution
Many network-troubleshooting tools are available for Windows XP. Most are included in the product or the
Windows Resource Kit. Troubleshooting tools include ipconfig, ping, tracert, telnet, nbtstat, netstat, and
others. When troubleshooting any problem where the validity of the data is in question, it is always helpful to
have more than one tool to diagnose the problem. The Network Diagnostics suite of tools are powerful
additions for quickly gathering and testing the network characteristics of a consumer’s machine.

Note: Network Diagnostics combines the effectiveness of standard troubleshooting tools. It answers many of the initial
questions a support professional would ask when diagnosing a network problem. It saves valuable troubleshooting time
and helps create a positive support experience for the consumer.

As an example, when a support professional first takes a call from a customer having a problem gaining
access to network resources, the first questions asked are typically:

 What are you trying to reach?

 What is your IP address?

 Are you using WINS or DNS?

 Can you resolve names?

 Can you resolve IP addresses?

The Network Diagnostics Tool can immediately answer four of the five questions. All that is required is
showing the consumer where to go to launch the tool. This is valuable for consumers unfamiliar with network
concepts.

Common Issues
In some situations, the Network Diagnostics Tool may appear to report an error or unreachable status when
there is not really an error condition This next section describes a couple of scenarios to pay attention to
when troubleshooting issues.

Dial-up and VPN Scenarios

It can be easy to forget the simple routing involved in dial-up networking scenarios. This is especially true
in dial-up scenarios where you are using a combination of dial-up networking and network cards or dial-
up networking and VPNs. You may see errors connecting to resources when using a combination of
these connection methods. The most common situation where you’ll see errors involves the use of the
default gateway. For instance, if a consumer has a machine with a network card, it may be configured
with a default gateway to internal resources. If consumers then dial up the Internet, they will have a new
default gateway to the Internet. Now any packet destined for non-local traffic will be routed to the
Internet, not to the internal network or internal router. The routing table makes this decision. The Network
Diagnostics Tool will report that it cannot reach the configured resources on the network card and mark
them UNREACHABLE. This is true and expected, but may seem odd at first. Always keep in mind how
the machine’s configuration can alter interpretation of the Network Diagnostics data.

Network Diagnostics Tools Feature Overview 26

 Microsoft® Windows® XP Technical Article

Primary and Secondary WINS servers

The IP stack in Windows XP is configured to adjust for temporary or permanent outages of a primary
WINS server. If a machine is configured with a primary and secondary WINS server, and the primary
WINS server is unavailable, the IP stack will swap the addresses of the primary and secondary. At first,
this may seem like an error, because the network adapter settings do not change when this occurs.
However, this is not an error, so if encountered, is usually a sign that the primary WINS server is not
functioning.

IP Filters Enabled
Since the primary tests used by Network Diagnostics involve pinging and connecting via TCP, if a remote
location is blocking certain traffic, the Network Diagnostics Tool may report a failure when none exists.
For instance, if a consumer is connecting to an e-mail server that is blocking Internet Control Message
Protocol (ICMP) traffic, you may see results that look like this:

MailServer: smtp.email.msn.com UNREACHABLE

Mail server appears to be running [SMTP].

The fact that the ping failed does not represent an actual error, although it does give you good
information about the remote site.

TV Adapters
The Microsoft TV adapter assumes an IP address based on a device ID generated during boot. The IP
address that it takes will vary, but may appear to look like an IP network address. The Network
Diagnostics Tool tests for valid IP addresses within the network adapter IP field and does not accept
network addresses. This can result in an error condition when nothing is actually wrong. For instance,
with the Microsoft TV adapter installed, you may see something similar to the following:

[0003] Microsoft TV Data Adapter. UNREACHABLE

IP Address = 5.0.0.0 UNREACHABLE
Could not ping - pinging (5.0.0.0)
timed out
timed out
timed out
timed out

Be aware that the IP address enumerated is not actually used and thus should not interfere with normal
network activity.

IEEE 1394 and PC Card (PCMCIA) Adapters

It is important to note that for many adapters, the drivers may or may not be loaded depending on
whether the adapter is attached to the system or to other networking devices, such as hubs or switches.

Network Diagnostics Tools Feature Overview 27

 Microsoft® Windows® XP Technical Article

Below are a few examples of where this can be important.

 PC card (PCMCIA) adapters that have been removed from their slots will no longer have WMI
properties and therefore will no longer show up in the Network Diagnostics Tool.

 IEEE 1394 adapters will not be enumerated by WMI until they are connected to another IEEE
1394 device or hub. Although the adapter and IP bindings will be viewable in system
properties, neither Ipconfig nor Winipcfg will show the adapter. This also means that the
Network Diagnostics Tool will not see the adapter either.

Empty DNS Server Scope Options

There can be rare cases where an administrator has configured a DNS scope option, but has not entered
any DNS server information into the scope. When this occurs, WMI reports that the DNS server address
is 0.0.0.0. The Network Diagnostics Tool will fail on this address, indicating that a DNS server was not
available. While rare, this test case can inform administrators if they have overlooked assigning the DNS
servers within a scope. If the scope is removed or if valid DNS servers are added to the scope option, the
Network Diagnostics error does not occur.

Proxy Server Settings Appear When Proxy Server is Not Enabled

Internet Explorer settings are accessed based on how they appear in the registry. There are two primary
registry keys that are read. The first is whether the proxy server is enabled, the second is the name of the
configured proxy server. These registry keys are independent of each other. If a consumer configures a
proxy server and enables it, the Network Diagnostics Tool displays the proxy server information and
determines whether it can connect to the proxy server. If the consumer configures a proxy server and
disables it, the registry information for the proxy server is still maintained. If Network Diagnostics is run, it
displays the proxy server information in the registry, but is smart enough to know not to actually try to
connect to the server, since this functionality is disabled. This can be helpful when determining whether
the Internet Explorer settings have changed or are not what the consumer expects.

Network Diagnostics Tools Feature Overview 28

 Microsoft® Windows® XP Technical Article

Summary
The Network Diagnostics Team offers several mechanisms for helping diagnose and fix network related
problems. The current tool set now includes four primary additions to the Windows XP operating system:

 Network Diagnostics Web Page and Netsh Helper. This tool includes computer and operating
system information, adapter information, ping and connect tests, and many other features for
diagnosing network problems.

 Network Connections Support Tab. This addition to the network connection status page promises
to become widely used for resolving network problems. This enhancement provides all of the
information and tasks that the Win9x support tool Winipcfg.exe used to provide while improving it in
the process.

 Network Connection Repair Link. The repair link performs a series of safe configuration repair
steps that support professionals normally ask a customer to perform during the first few minutes of
a support call. By automating these initial repair steps into a single task, users now have
considerable troubleshooting and problem fixing power within one click of a mouse.

 Task Manager Network Tab. This tab displays each network adapter on the machine, LAN or
WAN, and displays the percentage network utilization and other metrics for the adapter. This is
useful in those situations where a user is not sure whether the network traffic is high or whether a
server is just slow in responding. By using this tool, users have a quick guide to how well their
network is performing.

Network Diagnostics Tools Feature Overview 29

 Microsoft® Windows® XP Technical Article

Related Links
See the following resources for further information:

 Windows 2000 Communications and Networking Services at

http://www.microsoft.com/windows2000/technologies/communications/default.asp

For the latest information about Windows XP, see the Windows XP Web site at
http://www.microsoft.com/Windows XP.

Release Note: If you have comments or suggestions for the Network Diagnostics team, please submit them
to pubnetdg@microsoft.com and include “Network Diagnostics Feedback” in the title. Depending upon
volume, you may not receive a reply; however, we appreciate your contributions and will read all of your
comments.

Network Diagnostics Tools Feature Overview 30