Netsh: Understanding the Important Command Line Tool

Command-line interfaces may seem intimidating, but their importance in managing computer networks is undeniable. One of these important command-line tools is a utility called netsh, or network shell. Netsh is included as one of the IP commands for most Windows operating systems, allowing you to configure various network settings. In this article, learn what netsh is, various netsh commands, and how administrators can use them to quickly and efficiently manage networks.

What is netsh?

In computing, netsh stands for network shell. It's a powerful command-line tool used to update Windows network configuration settings. It allows users to display or modify the network configuration of the computer that is currently running.

Though it was first introduced as a scripting tool, it's evolved to perform a wide range of tasks, including changing IP addresses and altering DNS server settings. It also handles several network adapters, which allows users to view each network's adapter settings or configure them simply by specifying the adapter name. Users can efficiently manage multiple network adapters from a single command-line utility.

Users can also configure virtual private networks (VPNs) and firewalls by modifying their network settings. Netsh is straightforward and provides numerous advanced network configuration options through a single utility.

Netsh is a Windows command line tool

What's the purpose of the netsh command?

The main purpose of network shell is to allow users to configure their computer's network without needing the graphical user interface. It allows users to display the status of various computers or servers, which then makes management easier.

Netsh commands are most helpful when users experience network issues, as users can utilize the command to display network data and perform the necessary troubleshooting techniques.

What tasks can you perform with netsh?

Network shell allows you to change almost any network configuration setting, making it a highly versatile tool. It's been included in all versions of Windows since 2000; therefore, network shell can be used on any Windows version to make changes to networks and gain more control over your settings. Below are several tasks users can perform using netsh.

Restore network configuration

The netsh exec command runs netsh script files and restores network configuration settings on Windows computers. It allows users to automate the execution of multiple commands in a script file. This can be useful if you need to restore several network settings at once. Use the command netsh exec filename.dat.

Show TCP/IP settings

If you wish to display your system's current TCP/IP configuration settings, use the command netsh interface ip show config. In addition to seeing whether the system is using static addressing or DHCP, you can also view the system's new IP address, subnet mask, and default gateway.

Change a DNS server address

You can also change a DNS server address using network shell. If you change your IP address, you likely need to change your DNS server address to properly correspond with the IP address change. Use the command netsh interface ip set dns and add your connection name along with your DNS server. For example, netsh interface ip set dns "Local Area Connection" static 192.168.0.2 sets a static DNS server address for a network adapter named "Local Area Connection" using the netsh tool.

Use a dynamic DHCP assigned address

The command netsh interface ip set address "Local Area Connection" dhcp is used to configure the network interface of a Windows computer to obtain its IP address automatically from a DHCP server. In this case, the computer will request an IP address, subnet mask, default gateway, and DNS server information from a DHCP server on the network.

Save a current configuration

The netsh command can save the current configuration of a Windows computer's network settings. To do this, use the netsh interface dump > myc command. This command saves the current configuration of all network interfaces including IP addresses, DNS servers, and other settings to a text file.

Configure a WINS server

With netsh, you can configure a WINS server in a Windows computer. WINS is a legacy technology that resolves NetBIOS names to IP addresses. This command, for example, can configure a WINS server using network shell:

netsh interface ip set wins "Local Area Connection" static 192.168.1.10

In this example, "Local Area Connection" is the name of the network adapter that you want to configure with the WINS server IP address. "Static" indicates that you want to assign a static IP address to the WINS server. Finally, "192.168.0.10" is the IP address of the WINS server that you want to configure.

Work with remote systems

One of the more underrated features of netsh is its ability to work with remote systems. It manages network settings on remote systems as long as you have administrative privileges on the remote computer and the necessary network connectivity.

How do I access netsh on Windows?

In order to access netsh on Windows, you need to open the command prompt or Windows PowerShell as an administrator.

To open command prompt as an admin:

  1. Click on the Windows Start button.
  2. Type cmd into the search field.
  3. Right-click on the command prompt option; then, select Run as administrator

To open Windows PowerShell as an admin:

  1. Click on the Windows Start button.
  2. Type powershell into the search field.
  3. Right-click on the Windows PowerShell option and then select Run as administrator.

Once you've opened Command Prompt or Windows PowerShell as an administrator, you can type in netsh followed by the appropriate command to manage your network configurations. Note that some commands may require additional privileges or administrative access to execute.

Common netsh commands

If you want to use the netsh command to help in your network administration, familiarize yourself with the following common commands.

  • netsh interface show interface, which displays a list of all network interfaces on your computer along with statuses and names
  • netsh interface ip set address "Local Area Connection" static 192.168.0.2 255.255.255.0, which sets the IP address and subnet mask of a network adapter named "Local Area Connection" to a static address of 192.168.0.2 and a subnet mask of 255.255.255.0
  • netsh wlan show profile, which shows a list of all wireless network profiles on your computer
  • netsh firewall show state, which displays the current state of the Windows firewall
  • netsh interface tcp show global, which shows the current TCP/IP configuration of your computer
  • netsh advfirewall firewall add rule name="Block ort 80" protocol=TCP dir=in localport=80 action=block, which creates a new Windows firewall rule that blocks incoming traffic on port 80
  • netsh interface add dnsserver "Local Area Connection" address = 8.8.8.8 index=1, which sets the DNS server of the network named "Local Area Connection" to 8.8.8.8

You can customize each of these commands to your preferences. Input your network name, desired IP address, port, and DNS server when using these commands.

How do you use netsh to capture network traffic?

You can use the netsh trace command to capture network traffic on Windows using network shell. This command creates a trace file that contains detailed information about network traffic on the computer. To do it, follow these steps:

  1. Open command prompt or Windows PowerShell as an administrator.
  2. Enter the command netsh trace start capture=yes tracefile=C:\Users\YourUsername\NetTrace.etl, but replacing :\Users\YourUsername\NetTrace.etl with the path and name of the file where you want to save the trace.
  3. Press Enter to start the trace. Then, reproduce the network issue that you want to capture.
  4. To stop the trace, go back to the command prompt or Windows PowerShell window and enter the command netsh trace stop.
  5. Finally, press Enter to stop the trace.

Now, open the trace file and analyze the captured network traffic to see the issue. Keep in mind that capturing network traffic can generate large trace files, which consume disk space. Only capture traffic when necessary to save space.

Limitations of netsh

Despite its versatility, netsh has some limitations. Users may experience compatibility issues when using network shell on older versions of Windows, and its functionality might be limited compared to other network tools. Additionally, netsh can only configure settings exposed through the Windows networking stack. This means some advanced network configurations, like those used in enterprise-level networking setups, won't work with network shell alone.

Network shell is also not known as a particularly user-friendly interface. Users who are used to graphical interface or who are inexperienced may not be able to access netsh as successfully as others.

Frequently asked questions

What is the difference between netsh and ipconfig?

Ipconfig is a tool that displays the IP address information of a single network adapter, like the IP address, subnet mask, or default gateway. Netsh, on the other hand, is a more powerful tool. It allows for the configuration of network settings and the management of network adapters.

Can netsh be used to disable or enable network adapters?

Yes, you can use network shell to disable or enable network adapters. Use the command netsh interface set interface "Local Area Connection" admin=disable or netsh interface set interface "Local Area Connection" admin=enable to do either task.

How can I restore network settings I modified with netsh to their default settings?

To restore network settings to their default settings, use the command netsh interface ipv4 reset. The command resets the TCP/IP stack to its default configuration. However, you may need to restart your computer after for the changes to fully take effect.

Can netsh be used to reset network settings?

Yes, you can use netsh to reset network settings. If you're experiencing network connectivity issues or need to return your settings after modifying them, network shell is an excellent command to use.