Network traffic analysis with the Pathping command
One weakness with the trace route (tracert) command has always been it doesn’t show you nic traffic flowing out which can be useful info in a multi-homed environment
One command that has been used by network admins for years is trace route (
tracert), but the output contains some information that is often unnecessary, and the output is missing one large key ingredient. Namely, trace route shows the first hop as the first router that you traverse and does not show you what physical NIC the packets are flowing out of.
Pathping. A little known command has been around for a while, of which I am only using in 2012 r2 but is in much older variants of windows. It shows the same information that
tracert does, except it saves the information about time between hops and some other details until the end of the output. This allows you to focus on the physical hops themselves in a clear manner. Main thing here is it shows you our key ingredient right away if looking in a multi-homed space —the Network card that your packets are flowing out of.
After that it was
Pathping all the way for me.
Windows OS and command prompt and nowt else
The following two steps get you started with
- Open Command Prompt on your server.
pathping <servername or IP>.
Your output will be as follows