Windows Network Troubleshooting Commands Explained

When a Windows machine cannot reach the internet, resolve names, obtain an IP address, or connect to a service, a handful of built-in commands can tell you a lot very quickly.

This article walks through some of the most useful Windows Terminal and Command Prompt commands for network troubleshooting. I also corrected a few command examples where needed and added plain-English explanations for what each one does.

Why these commands matter

Network issues usually fall into a few common buckets:

• The host cannot reach another machine.
• DNS is not resolving names correctly.
• The computer has a bad IP configuration.
• The TCP/IP or Winsock stack is corrupted.
• A firewall rule is blocking traffic.
• An application is listening on a port, but traffic cannot get through.

These commands help isolate which layer is failing.

---

1) ping: basic connectivity testing

ping sends ICMP Echo Request packets to a target and waits for a reply. It is one of the fastest ways to check whether a host is reachable.

Command forms

ping <hostname-or-ip>
ping -n 4 <hostname-or-ip>
ping -t <hostname-or-ip>
ping -4 <hostname-or-ip>
ping -6 <hostname-or-ip>

Corrections

Your original examples:

ping -n
ping -t
-4 -6

These are incomplete by themselves. They need a destination, and -4 or -6 must be used as options to ping, not as standalone commands.

Correct usage:

ping -n 4 google.com
ping -t 8.8.8.8
ping -4 google.com
ping -6 google.com

What each option does

• ping <target>: Sends a small number of test packets to a host.
• ping -n 4 <target>: Sends exactly 4 echo requests. On Windows, -n means number of echo requests.
• ping -t <target>: Pings continuously until you stop it with Ctrl + C.
• ping -4 <target>: Forces IPv4.
• ping -6 <target>: Forces IPv6.

When to use it

• Test whether a device is reachable.
• Check whether name resolution works.
• Compare IPv4 and IPv6 behavior.
• Watch for packet loss or latency spikes over time.

Example

ping -n 4 192.168.1.1

This checks whether the local gateway responds.

---

2) ipconfig: inspect and refresh IP configuration

ipconfig displays and manages IP addressing information on Windows.

Useful commands

ipconfig /?
ipconfig
ipconfig /all
ipconfig /release
ipconfig /renew
ipconfig /flushdns

What each command does

ipconfig /?

Shows help for the command and all available switches.

ipconfig /?

Use this when you want to quickly check syntax on a real machine.

ipconfig

Displays a summary of the current IP configuration for each adapter.

ipconfig

This is useful for checking whether the host has an IPv4 address, subnet mask, and default gateway.

ipconfig /all

Displays detailed information, including:

• Hostname
• MAC address
• DHCP enabled status
• DNS servers
• Lease obtained and expiration times

ipconfig /all

This is often the first command to run in a real troubleshooting session.

ipconfig /release

Releases the current DHCP-assigned IPv4 address for DHCP-enabled adapters.

ipconfig /release

This tells Windows to give up its current leased address.

ipconfig /renew

Requests a new IP lease from the DHCP server.

ipconfig /renew

This is commonly paired with /release.

ipconfig /flushdns

Clears the local DNS resolver cache.

ipconfig /flushdns

Use this when a hostname is resolving to an old or incorrect IP address from cache.

Common workflow

ipconfig /release
ipconfig /renew
ipconfig /flushdns

This is handy when a client has stale addressing or cached DNS problems.

Important note

ipconfig /release and ipconfig /renew mainly apply to DHCP-managed interfaces. They are less useful for statically configured IP addresses.

---

3) nslookup: test DNS resolution

nslookup queries DNS servers directly. It helps determine whether the problem is DNS-related or something else.

Correct syntax

Your original command:

nslookup host server

This is conceptually correct, but host and server are placeholders. A practical example would be:

nslookup google.com
nslookup google.com 8.8.8.8

What it does

• nslookup <host>: Resolves a hostname using the system's default DNS server.
• nslookup <host> <server>: Resolves a hostname using a specific DNS server.

Examples

nslookup openai.com
nslookup openai.com 1.1.1.1

Why this matters

If ping openai.com fails, but ping <known-ip> works, the network may be fine and DNS may be the actual problem.

nslookup helps confirm that.

---

4) netsh: advanced network configuration and repair

netsh is the Windows Network Shell. It can inspect and change many networking settings.

Just typing this opens the netsh interactive shell:

netsh

In practice, most admins use it directly from the command line with a full subcommand.

---

5) Resetting the TCP/IP stack

Correct command

Your original command:

-netsh int ip reset : reset tcp/ip stack, fix corrupter tcp/ip stack.

Corrected version:

netsh int ip reset
netsh int ip reset c:\resetlog.txt

What it does

This resets TCP/IP settings back toward default state. It is useful when:

• Network settings are corrupted
• A machine has strange connectivity issues
• Manual changes or broken software damaged the IP stack

Think of it as rebuilding core IP networking settings.

With logging

netsh int ip reset c:\resetlog.txt

This does the same reset and writes actions to a log file so you can review what changed.

Important note

A reboot is often recommended after this reset.

---

6) Resetting Winsock

Correct command

netsh winsock reset

What it does

Winsock is the Windows API layer used by applications to access network services. If malware, broken software, or bad network filter drivers corrupt Winsock settings, applications may fail to connect even when the network itself is fine.

This command resets Winsock catalog entries to default.

When to use it

• Browsers cannot connect but the network adapter looks normal
• Socket-related application errors appear
• Network filtering software was removed badly

Typical repair sequence

netsh winsock reset
netsh int ip reset
shutdown /r /t 0

---

7) Demonstrating APIPA

APIPA stands for Automatic Private IP Addressing.

When a Windows client is configured for DHCP but cannot reach a DHCP server, it may assign itself an address in the range:

169.254.0.0/16

This is called an APIPA address.

What it looks like

Run:

ipconfig

You may see something like:

IPv4 Address. . . . . . . . . . . : 169.254.x.x

That usually means the client failed to get an address from DHCP.

Your note

demonstrate apipa: disable dhcp client services

That may produce the behavior you want in a lab, but it is a rough demonstration method and can have side effects. A cleaner explanation is:

• If DHCP is unavailable or unreachable, Windows may self-assign an APIPA address.
• APIPA allows limited local-link communication only.
• It does not provide normal routed network access.

Better demo idea

In a lab environment, disconnect the client from the DHCP-capable network or place it on an isolated network segment with no DHCP server, then run:

ipconfig /release
ipconfig /renew
ipconfig

If DHCP cannot be reached, the host may fall back to APIPA.

---

8) Ports demo with Python

Your example:

python -m http.server 8000

This is correct.

What it does

This starts a very simple HTTP server on TCP port 8000 in the current directory.

Why it is useful

It is a great troubleshooting demo because it lets you quickly prove:

• An application is listening on a port
• The firewall may be blocking or allowing traffic
• Another machine can or cannot connect to that service

Example

On one machine:

python -m http.server 8000

On the same machine or another machine, test access in a browser:

http://<server-ip>:8000

If it works locally but not remotely, the likely causes include:

• Windows Firewall blocking inbound traffic
• Network ACLs blocking traffic
• Wrong IP address or wrong interface
• The service bound only to localhost in some other app scenario

---

9) TCP vs UDP: why it matters in troubleshooting

Not every network issue is the same because not every protocol behaves the same way.

TCP

TCP is connection-oriented. It provides:

• Reliable delivery
• Sequencing
• Retransmission
• Flow control

Common examples:

• HTTP / HTTPS
• RDP
• SMB
• SSH

When TCP fails, you might see timeouts, refused connections, or handshake issues.

UDP

UDP is connectionless. It provides:

• Low overhead
• No guaranteed delivery
• No built-in retransmission
• Faster, simpler communication

Common examples:

• DNS queries
• DHCP
• VoIP
• Streaming
• Some games

When UDP fails, the symptoms can be more subtle, such as missing responses or intermittent behavior.

Why admins care

A firewall rule blocking TCP 80 is not the same as blocking UDP 53. You must know which transport protocol the application is using.

---

10) Windows Firewall rules with netsh advfirewall

These commands are useful for demonstrating how firewall rules affect connectivity.

Your examples are mostly correct. I only made minor wording and formatting cleanups.

Block outbound HTTP

netsh advfirewall firewall add rule name="Block HTTP" dir=out action=block protocol=TCP remoteport=80

This blocks outbound TCP traffic to remote port 80, which is standard HTTP.

Block outbound HTTPS

netsh advfirewall firewall add rule name="Block HTTPS" dir=out action=block protocol=TCP remoteport=443

This blocks outbound TCP traffic to remote port 443, which is standard HTTPS.

Block Google Chrome by executable path

netsh advfirewall firewall add rule name="Block Chrome" dir=out action=block program="C:\Program Files\Google\Chrome\Application\chrome.exe"

This blocks outbound traffic for Chrome specifically.

Important caveat

This path is correct only if Chrome is installed there. On some systems it may be installed in a different location, so verify the executable path first.

Block inbound traffic to local TCP port 8000

netsh advfirewall firewall add rule name="Block Inbound 8000" dir=in action=block protocol=TCP localport=8000

This blocks inbound TCP traffic targeting local port 8000, which is perfect for testing against the Python HTTP server demo.

---

11) Removing the firewall rules

These delete the demo rules you added.

netsh advfirewall firewall delete rule name="Block HTTP"
netsh advfirewall firewall delete rule name="Block HTTPS"
netsh advfirewall firewall delete rule name="Block Chrome"
netsh advfirewall firewall delete rule name="Block Inbound 8000"

This is important in a lab or classroom so you do not leave behind unexpected blocks.

---

12) A practical troubleshooting flow

Here is a simple sequence you can follow when a Windows machine has network issues.

Step 1: Check IP configuration

ipconfig /all

Look for:

• Missing default gateway
• Wrong DNS server
• APIPA address (169.254.x.x)
• DHCP disabled when it should be enabled

Step 2: Test local gateway reachability

ping -n 4 <default-gateway>

If the gateway does not respond, the issue may be local network connectivity.

Step 3: Test internet IP connectivity

ping -n 4 8.8.8.8

If this works but DNS names fail, the problem is probably DNS.

Step 4: Test DNS resolution

nslookup google.com
nslookup google.com 8.8.8.8

Compare the results using the default DNS server and a known external resolver.

Step 5: Refresh client settings

ipconfig /release
ipconfig /renew
ipconfig /flushdns

Step 6: Reset networking components if needed

netsh winsock reset
netsh int ip reset c:\resetlog.txt

Reboot afterward if required.

Step 7: Test firewall impact

Use a test service such as:

python -m http.server 8000

Then add or remove firewall rules to demonstrate whether traffic is being blocked.

---

13) Corrected command reference list

Below is the cleaned-up version of your original command set.

ping <hostname-or-ip>
ping -n 4 <hostname-or-ip>
ping -t <hostname-or-ip>
ping -4 <hostname-or-ip>
ping -6 <hostname-or-ip>

ipconfig /?
ipconfig
ipconfig /all
ipconfig /release
ipconfig /renew
ipconfig /flushdns

nslookup <host>
nslookup <host> <dns-server>

netsh
netsh int ip reset
netsh int ip reset c:\resetlog.txt
netsh winsock reset

python -m http.server 8000

netsh advfirewall firewall add rule name="Block HTTP" dir=out action=block protocol=TCP remoteport=80
netsh advfirewall firewall add rule name="Block HTTPS" dir=out action=block protocol=TCP remoteport=443
netsh advfirewall firewall add rule name="Block Chrome" dir=out action=block program="C:\Program Files\Google\Chrome\Application\chrome.exe"
netsh advfirewall firewall add rule name="Block Inbound 8000" dir=in action=block protocol=TCP localport=8000

netsh advfirewall firewall delete rule name="Block HTTP"
netsh advfirewall firewall delete rule name="Block HTTPS"
netsh advfirewall firewall delete rule name="Block Chrome"
netsh advfirewall firewall delete rule name="Block Inbound 8000"

---

Final thoughts

Windows includes a surprisingly strong set of built-in network troubleshooting tools. With just ping, ipconfig, nslookup, netsh, and a simple demo service, you can diagnose many of the most common client-side problems.

The key is to troubleshoot layer by layer:

1. Confirm the client has valid addressing.
2. Confirm it can reach the gateway.
3. Confirm it can reach external IPs.
4. Confirm DNS resolution works.
5. Confirm the stack itself is healthy.
6. Confirm the firewall is not the blocker.

Once you follow that sequence consistently, network troubleshooting becomes much less mysterious and much more methodical.