/
  • Last updated
/
  • 7 min read

Top 7 Network Commands You Should Know

Top 7 Network Commands You Should Know blog banner image

Command lines offer a set of powerful network commands that go far beyond what graphical tools provide, allowing you to diagnose connectivity problems, trace data paths, inspect configurations, and even uncover security vulnerabilities. Network commands give you the ability to quickly pinpoint issues, optimize performance, and maintain control over complex network environments.

What are network commands?

Network commands are specialized text-based instructions you enter into your system’s command-line interface to diagnose, configure and troubleshoot network connections. These powerful tools give you direct access to networking functions without navigating through graphical interfaces.

The command-line interface varies depending on your operating system. Windows users typically access the Command Prompt or PowerShell, while Linux and macOS users work with Terminal. Regardless of platform, mastering these commands significantly improves your ability to manage networks efficiently.

The top 7 best network commands you should know

The best network commands can significantly slash the time you spend on troubleshooting issues. These seven tools form the core toolkit for any network administrator or IT professional. Each command serves a specific diagnostic purpose, from basic connectivity testing to advanced security scanning.

These commands work across most operating systems with minor syntax variations. Windows, Linux and macOS all support these fundamental networking tools, though the exact implementation might differ slightly.

ping

The ping command tests basic connectivity between your device and a target host. When you send a ping, your system transmits ICMP echo request packets to the destination and measures how long it takes to receive a response. This tool helps determine if a device is reachable across the network.

Here’s how to use the ping command:

  • Basic connectivity test: Type ping followed by the hostname or IP address (e.g., ping 192.168.1.1 or ping google.com). The command returns response time in milliseconds, packet loss percentage and TTL values.
  • Continuous monitoring (Windows): Add the -t flag (e.g., ping -t google.com).
  • Continuous monitoring (Linux/macOS): Simply run ping without additional parameters.

tracert/traceroute

The tracert (Windows) or traceroute (Linux/macOS) command reveals the path packets take to reach their destination. This command maps the route through the internet, showing each hop and identifying where delays or failures occur.

Here’s how to use the tracert/traceroute command:

  • Trace route: Run tracert google.com (Windows) or traceroute google.com (Linux/macOS). The command displays each router your data passes through, along with round-trip times for each hop.

Pay attention to points where response times increase or where packets are dropped, as these often indicate bottlenecks or failures.

ipconfig/ifconfig

The ipconfig (Windows) or ifconfig (Linux/macOS) command displays your current network configuration details, including IP address, subnet mask and default gateway.

Here’s how to use the ipconfig/ifconfig command:

  • Basic configuration: Type ipconfig (Windows) or ifconfig (Linux/macOS).
  • Comprehensive information: Use ipconfig /all (Windows) or ifconfig -a (Linux/macOS) to show additional details like DNS server addresses, DHCP lease information and MAC addresses.

An APIPA address (169.254.x.x) indicates DHCP failures, while duplicate IP addresses cause intermittent connectivity issues.

netstat

Netstat provides a view of all active network connections and listening ports on your system. This command helps you identify which applications are communicating over the network, detect unwanted connections and monitor network traffic patterns.

Here’s how to use the netstat command:

  • View all connections and listening ports: Execute netstat -an to view all connections and listening ports in numerical form. The output shows local and foreign addresses along with their current state (ESTABLISHED, LISTENING, etc.).
  • Additional details (Windows): Add the -b flag to see which programs own specific connections (e.g., netstat -anb).
  • Additional details (Linux): Use netstat -anp to see which programs own specific connections.

nslookup

The nslookup command queries DNS servers to retrieve information about domain names and IP addresses. When websites or network resources become unreachable, DNS resolution problems are often the culprit. Nslookup helps you verify DNS functionality and troubleshoot name resolution issues.

Here’s how to use the nslookup command:

  • Basic lookup: Type nslookup followed by a domain name or IP address. The command returns the corresponding IP address or hostname, along with information about which DNS server provided the answer.
  • Interactive mode: For more advanced DNS troubleshooting, enter interactive mode by typing nslookup without parameters, then use commands like set type=mx to query specific DNS record types.

arp

The Address Resolution Protocol (ARP) command displays and modifies your system’s ARP cache, which maps IP addresses to physical MAC addresses on your local network. This mapping is necessary for proper communication between devices on the same network segment.

Here’s how to use the arp command:

  • View ARP table: Run arp -a to display your current ARP table, showing all known IP-to-MAC address mappings. (This helps identify duplicate IP addresses, unauthorized devices or potential ARP spoofing attacks.)
  • Add static ARP entry: Manually add static ARP entries using arp -s [IP address] [MAC address].
  • Remove ARP entry: Remove entries with arp -d [IP address].

nmap

Nmap (Network Mapper) is a comprehensive network scanning tool that discovers hosts and services on your network. Unlike the previous commands, which come pre-installed on most systems, you’ll need to download nmap separately. This powerful utility performs port scanning, OS detection, service identification, and vulnerability assessment.

To scan a single host, use nmap [IP address]. For scanning entire networks, use CIDR notation like nmap 192.168.1.0/24.

Nmap offers numerous scanning techniques for different scenarios. Try these essential scan types:

  • Quick scan: nmap -T4 -F [target]
  • Comprehensive scan: nmap -sS -sU -T4 -A -v [target]
  • OS detection: nmap -O [target]
  • Service version detection: nmap -sV [target]
  • Vulnerability scanning: nmap –script vuln [target]

Using network commands for efficient network management

Integrating these network commands into your daily workflow strengthens your network management capabilities. When you combine multiple commands, you gain comprehensive insights that isolated tools cannot provide. For example, after discovering connectivity issues with ping, use tracert to identify where the problem occurs, then netstat to check if the relevant services are running properly.

Automating network commands through scripts can further enhance your capabilities. Create batch files or shell scripts that execute multiple commands sequentially and log the results. Schedule these scripts to run periodically using Task Scheduler (Windows) or cron jobs (Linux/macOS), then analyze the logs to identify patterns or emerging issues before they impact users.

Common mistakes and how to avoid them

Even experienced administrators make mistakes when using network commands. One common error is misinterpreting command output, particularly with tools like tracert where packet loss at intermediate hops doesn’t necessarily indicate problems. Some routers intentionally deprioritize ICMP traffic, causing misleading results. Always verify findings with multiple commands before taking action.

Another frequent mistake is overlooking network security implications. Commands like nmap can trigger intrusion detection systems or violate acceptable use policies when run against networks without proper authorization. Always obtain permission before scanning networks you don’t own. Be cautious with commands that modify network configurations (like arp -s or ipconfig /release) as incorrect usage can disrupt connectivity. Test these commands in controlled environments before applying them to production systems to prevent unintended outages.

Supercharge your network management

NinjaOne’s endpoint management software supports command-line arguments and provides features such as monitoring and alerting, software deployment, and patch management. Sign up for a free trial today.

Start your Free Trial

You might also like

How to Turn the Sleeping Tabs in Microsoft Edge On or Off blog banner image

How to Turn the Sleeping Tabs in Microsoft Edge On or Off

How to Hide or Show the Device Security Page in Windows Security blog banner image

How to Hide or Show the Device Security Page in Windows Security

How to Turn On or Off Smart App Control in Windows 11 blog banner image

How to Turn On or Off Smart App Control in Windows 11

How to Turn On or Off USB Battery Saver in Windows 11 blog banner image

How to Turn On or Off USB Battery Saver in Windows 11

How to Hide or Show Virus and Threat Protection Page in Windows Security blog banner image

How to Hide or Show Virus and Threat Protection Page in Windows Security

How to Enable or Disable BSOD Crash on Ctrl+Scroll Lock in Windows 11 blog banner image

How to Enable or Disable BSOD Crash on Ctrl+Scroll Lock in Windows 11

Back to Blog Home
Ready to simplify the hardest parts of IT?
Start a Free Trial
Get a demo