Recent Changes - Search:

Tips & Tricks

Windows Tips

Vista Tips

MS Server Tips

Apple Tips

Linux Tips

Networking Tips

Business

powered by PmWiki

MSTips /

NETSH

Hide Contents

Table of Contents

Introduction

In software, netsh, or network shell, is a utility provided with Microsoft's Windows Windows 2000, Windows Server 2003 XP and Vista. It allows local or remote configuration of network settings. It's installed by default and is located in the \system32 folder.

NETSH enables you to display, modify, import, and export many aspects of the network parameters of a system. It can also connect remotely to other systems with a remote machine parameter (-r).

Context - Description

 aaaa - Authentication, authorisation, accounting and auditing
 dhcp - DHCP server administration
 diag - OS and network service parametres
 interface - NIC configuration; includes subcontexts
 ipsec - Alternative to IP service parameters
 netsh bridge - Network bridging configuration
 ras - Remote access server configuration
 routing - Routing administration (instead of RRAS)
 rpc - subnet and interface settings
 wins - Windows Internet Name Service administration

The interface context also has three subcontexts, ip, ipv6, and portproxy. NETSH refers to these subcontexts as a context, such as the netsh interface ip context. Note that Windows XP has a different set of contexts. When using the import and export operations in noninteractive mode, you must specify context or subcontext configuration.

Navigating NETSH

The large array of features available in NETSH may seem overwhelming at first. It's helpful to get into NETSH to see the options available and practice using the interface in interactive mode (a little different for those of us used to non-interactive tools). Getting into NETSH in interactive mode is easy: Simply type NETSH at the command prompt. Then, use these guidelines to investigate the command options:

  • To change to another context, type the name of the context. For example, typing interface ip will go immediately to the interface ip context from which ever context you are presently located.
  • To change your mode, type offline or online. Typing offline will send the interactive session offline, so any changes won't be brought in immediately. Typing online will bring the interactive session online, so changes will immediately be brought into the networking elements of the system.
  • Typing show mode will display the current mode (offline or online). The default mode is online, so be sure to immediately jump offline if you are experimenting.
  • Typing ? or help will show the available commands for your current context location. If you're in the root of the tool, there is no active context and your interface to the tool will be a netsh> prompt.
  • Global commands, such as online and quit, are those you can use everywhere. Context commands are available only in the current context. For example, from the netsh interface ip> context, you can view the network configuration by running show dns, but this command may not work other contexts or subcontexts.
  • In contexts, running set and show will provide the context-sensitive command options.

NETSH in interactive mode

NETSH is one of the Windows tools that can be run in either an interactive or a non-interactive environment. Interactive tools (such as nslookup and dnscmd) have effectively different usage scenarios depending on the mode chosen.

Interactive mode also has two submodes, online and offline. Online mode is a direct interaction with the networking components while in interactive mode. Offline mode lets you interactively make changes and then roll them all online instantly by going to online mode.

NETSH in noninteractive mode

In noninteractive mode, you can implement NETSH commands by importing a file. Using noninteractive mode is recommended for file import and export operations. With NETSH in noninteractive mode, you can export key settings from each context as a specific aspect of your system documentation. In addition, if an issue arises and you can trace it back to a specific networking topic for which you have a NETSH script exported from a known working time, you can re-import that NETSH script in noninteractive mode and restore your networking functionality to that point. Please note that NETSH does not back up data within the contexts, such as the WINS database.

Common Uses

A common use of netsh is to reset the TCP/IP stack to default, known-good parameters, a task that in Windows 98' required re-installation of the TCP/IP adapter. In this mode you must provide a log file, which will be filled with what values netsh affected i.e. 

 netsh interface ip reset C:\resetlog.txt

Used to Change IP address on a Machine

You can use NETSH to make dynamic IP address changes from a static IP address to DHCP simply by importing a file. NETSH can also bring in the entire Layer-3 configuration (TCP/IP Address, DNS settings, WINS settings, IP aliases, etc.). This can be handy when you're working on networks without DHCP and have a mobile computer that connects to multiple networks, some of which have DHCP. NETSH shortcuts will far exceed the capabilities of using Windows Automatic Public IP Addressing. Here is an example of running a dynamic update of an IP address: 

 C:\NETSH -f filename.netsh

In this example, filename.netsh is the NETSH file that contains an interface dump configuration. You can make shortcuts in Windows to a .BAT file that will run that command so you can easily add shortcuts to get a DHCP address and switch to a static IP address for a customer site, DMZ network, or any other static IP network.

Static IP address : 

 netsh interface ip set address local static 123.123.123.123 255.255.255.0

Dynamic IP address : 

 netsh interface ip set address name="Local Area Connection" source=dhcp

NETSH and IPv6

NETSH can also be used to read information from the IPv6 stack, it is more user-friendly than the IPv6.exe utility and provides much of the same level of information.

To view your IPv6 address using NETSH: 

 netsh interface ipv6 show address

Coordinating network change control with NETSH

NETSH can be used to export and import network configurations. A good example of using NETSH with networking change control would be when a system is going to be placed on a different network, but the communication channels need to be maintained to various other systems. A NETSH export will allow all parties to agree on various network settings. For example, here is a portion of a NETSH export of the interface context from a dump operation. 

 set address name = "Teamed NIC" source = static addr = 10.64.32.100 mask = 255.255.252.0
 set address name = "Teamed NIC" gateway = 10.25.44.1 gwmetric = 1
 set dns name = "Teamed NIC" source = static addr = 10.64.22.50
 add dns name = "Teamed NIC" addr = 10.95.61.22
 add dns name = "Teamed NIC" addr = 10.95.45.34
 set wins name = "Teamed NIC" source = static addr = 10.95.45.70
 add wins name = "Teamed NIC" addr = 10.95.45.25

Reviewing a NETSH export with all parties involved can ensure that the system will be routed correctly, using the correct DNS, WINS, and subnet mask. The best part is that you can then import the entire file into the Windows system after all appropriate entries have been made without any chance of entering the information incorrectly. And this is only for the interface context. The same applies for all other context scripts.

Commenting in Scripts

When exchanging NETSH scripts, you can insert comments to solicit feedback. This will allow you to explain an entry or use it as a training tool for others. Simply insert REM in a NETSH exported file to add a comment. Don't put in too many comments, however; just what is necessary.

NETSH Best Practice

NETSH import and export operations are in a native plain text format and can be read and edited from any text tool. However, NETSH files should be handled as a special file type because they're used to document network configurations, as well as for the import and export process. A best practice would be to make all export operations refer to a FILE.NETSH, where this file is what has been exported from NETSH. This is especially important because a NETSH export file doesn't contain the word NETSH in it. This way, even a novice can figure out what the file contains.

The file extension from export (dump) and import (-f) operations are entirely user specified. For convenience, you can associate the .NETSH extension with your Windows installation to allow native double-click editing.

NETSH precautions

NETSH is a powerful tool and should be used with caution. Using interactive online mode (the default) for changes on the fly can be more risky than implementing a change in interactive offline mode and going online to commit the changes. However, using noninteractive mode to perform changes is popular as well because the changes can be scripted. Try your hand at NETSH on a virtual machine or test system first.

References

builder.au - Retrieved on 13 September 2007
Wikipedia - Retrieved on 12 September 2007

All text is available under the terms of the GNU Free Documentation License
Privacy Policy | About Wikitec | Disclaimer | Copyright

Edit - History - Print - Recent Changes - Search
Page last modified on 2007-09-14 03:43