The TCP/IP protocol suite offers several commands to help troubleshoot
Application Layer problems. Take time to fully understand the value of these
commands.

Ping
Although it basically tests Layer 3 connectivity, it can be
used to help solve application layer problems.
For example, a troubleshooting strategy using ping can be used to identify a
DNS application layer problem.

If
there is high latency due to congestion, it may cause application layer
problems because of timeout issues. In a WAN setting, latency between packets
should be expected. However, in a LAN setting, excessive latency between
packets could be an indication of network problems.
Traceroute
Traceroute can be used to pinpoint a network problem.
It identifies each intermediate router on the way from host A to host B.
As shown in Figure
,
traceroute sends the first packet with a TTL value of 1.
The first router decrements this and since the value drops to zero, the router
discards the packet and sends an ICMP Time-to-live Exceeded message back to the
sender. Traceroute then sends a packet with a TTL value of 2, which the first
router decrements and routes. But the second router decrements it to zero, and
sends an ICMP error message back. Ultimately, the TTL gets high enough for the
packet to reach the destination host, and traceroute is
done, or some maximum value (usually 30) is reached and
traceroute ends the trace.
Note that most traceroute
programs send a UDP datagram to a randomly selected high UDP port. Microsoft’s
tracert uses an ICMP echo request message instead, which
may explain why some trace results do not match those of other users.
Pathping
Pathping is a Windows NT/2000/XP feature that combines
the features of the ping and tracert
commands with additional information-gathering features. The
pathping command sends packets to each router on the way to
a final destination over a period of time and then computes results based on
the packets returned from each hop. Pathping displays the degree of packet loss
at any given router or link.
Netstat
Netstat is used to
report on the routing table of the system, TCP and UDP protocols, open
connections and the remote systems ports. It gets this networking information
by reading the routing tables in the memory, and then provides an ASCII format
at the terminal.
The output of netstat – n and
netstat – r on a Windows platform (netstat
–r produces the same output as route print) is shown in Figure
.
Other
useful netstat commands include netstat
-a, which displays all connections, and netstat
-e, which displays Ethernet statistics.
Nslookup
The most useful tool for troubleshooting DNS problems is
nslookup. It lets a user enter a host name and find out the
corresponding IP address. It will also do reverse name lookup and find the host
name for a specified IP address.
Nslookup sends a domain name query
packet to a designated (or defaulted) DNS server. Depending on the system being
used, the default may be the local DNS name server at the service provider,
some intermediate name server, or the root server system for the entire domain
name system hierarchy.