Best Network Diagnostics and Troubleshooting Tools

Like with most jobs, when it comes to network troubleshooting, the software you use can make a world of difference.

Network analysis can show you the leading causes of network problems, such as slow speeds, network connection problems, and packet loss center on overloaded network devices, such as switches and routers, or missing information in your routing table and other system databases, such as the DNS server or the DHCP system.

By using all of the network diagnostic tools in this list, you can put together a workflow that will give you information on all potential network problems. If the network engineers planned your network correctly, it should never encounter the problems that cause the system to slow down, and network analysis and management should be an enjoyable task.

Here’s our list of the best network diagnostic tools and troubleshooting software:

  1. SolarWinds Network Configuration Manager EDITOR’S CHOICE An essential system security and administration tool that automatically checks on device settings. The NCM will gather all device configurations, allow the creation of standard settings, and ensure that any unauthorized changes are immediately rolled back. Start 30-day free trial.
  2. SolarWinds Port Scanner (FREE TOOL) Check the TCP and UDP port status (open, closed, or filtered) of the IP addresses on your network devices to ensure that you don’t have unattended ports open. Great for resolving IP conflicts and can be run from the command line with the option to export results to file.
  3. Datadog Network Performance Monitoring (FREE TRIAL) A cloud-based network monitoring and management service that includes troubleshooting tools.
  4. N-able RMM (FREE TRIAL) A remote monitoring and management tool that enables central IT departments to manage networks on several remote sites.
  5. Paessler Network Troubleshooting with PRTG Infrastructure management system that includes port monitoring.
  6. Ping Simple command-line utility that checks on the speed of connections.
  7. Tracert Free command-line utility that lists the probable hops to a network or internet destination address.
  8. Ipconfig This command-line tool reports the IPv4 and IPv6 addresses, subnets, and default gateways for all network adapters on a PC.
  9. Netstat This tool displays active connections on your computer.
  10. Nslookup Available for Windows, Unix, Linux, and Mac OS, this tool gives you DNS server diagnostics.
  11. Speed and up/down test sites A list of websites that will test your internet connections.
  12. Sysinternals Set of Microsoft tools for Windows that help troubleshoot and configure Active Directory.
  13. Wireshark Free packet sniffer that will help you analyze traffic flows.
  14. Nmap Network security and monitoring tool that needs a companion utility, Zenmap, as a user interface.

The best network diagnostics tools & troubleshooting software

When curating this list, we considered the reliability of the tool in use in diverse situations, ease of setting up and use, documentation and support, and how up to date the diagnostic software is kept.

What should you look for in a network diagnostic tool? 

We reviewed the market for network diagnostic tools and analyzed the options based on the following criteria:

  • A package of several useful tools accessible through a single interface
  • Methods to reconcile addressing issues with DHCP and DNS servers
  • Connection testing systems
  • A system of alerts that allow technicians to get on with other tasks if not notified of problems
  • Automated system sweeps or useful tests that can be launched on a schedule
  • A free tool or a trial period for risk-free assessment
  • Value for money from paid tools and worthwhile functions from free tools

Five of the tools in our list (ping, tracert, ipconfig, netstat, & nslookup) can be executed directly from a Windows command prompt (cmd.exe) without installing any additional programs for advanced troubleshooting. The rest of the network analysis tools can be used alone or in combination for network discovery.

1. SolarWinds Network Configuration Manager (FREE TRIAL)

SolarWinds Network Configuration Manager

The SolarWinds Network Configuration Manager offers the opportunity to automate system troubleshooting and problem resolution. Busy systems managers often overlook the settings of network devices. The network could be performing badly because you don’t have all of the settings of your devices coordinated. The Network Configuration Manager saves you time by seeking out all devices, the network device health, importing their settings into a central manager, and allowing you to create a standard configuration for each device type and make.

Key Features:

  • Standardizes configurations
  • Backs up configurations
  • Rolls back unauthorized setup changes
  • Spots intruder activity

The configuration manager rolls out the standard configurations that you write into the central dashboard. This standardization should fix a lot of the problems that you experience on your network because it will wipe out inappropriate settings for network devices, such as routers and switches that might be slowing down data transfers. Once the standard configurations have been stored, they can only be changed through the password-protected dashboard of the Network Configuration Manager.

This system configuration troubleshooter is an important security tool. Unauthorized intruders can be traced or blocked through the network devices of the network, so altering settings is a common intrusion strategy. The Network Configuration Manager constantly monitors the configurations of all network devices and automatically restores the authorized settings, stored as images, should any change be detected.

SolarWinds produces a range of IT whole infrastructure monitoring and network management tools, and many of these are created on a common platform, called Orion. This makes it possible for the independent tools to interact, and the Network Configuration Manager is one of these Orion-based utilities. The central network monitoring tool in the suite is the Network Performance Monitor and this is usually the lead utility in any monitoring system, which is complemented by the Network Configuration Manager. However, SolarWinds NCM can also be used as a standalone tool.

Pros:

  • Built for medium to enterprise size networks, with features designed to streamline troubleshooting and improve TTR and overall productivity
  • Can automatically discover new devices on the network and provide templated health reports for immediate insights upon installation
  • Offers configuration management, allowing teams to quickly backup and restore changes that may have impacted performance
  • Can monitor settings for unauthorized changes and specific teams or managers
  • Offers a customizable dashboard that has a host of different options for visualizing network performance

Cons:

  • Not designed for home networks, this is an enterprise tool built for system administrators and network technicians

The Network Configuration Manager is a paid tool. However, SolarWinds makes it available on a 30-day free trial.

EDITOR'S CHOICE

The SolarWinds Network Configuration Manager is our top choice on this list because it automates network troubleshooting by examining the settings of all switches and routers. The services of this tool save a lot of time on research and they ensure that no changes can be made to network devices without authorization.

The NCM is an essential security tool because it closes off the intruder strategy of altering switch and router settings to facilitate unauthorized monitoring through these devices. Changes can only be made to device configurations through the NCM dashboard, making system control easier.

Official Site: solarwinds.com/network-configuration-manager

OS: Windows Server 2016 or 2019

2. SolarWinds Port Scanner (FREE TOOL)

SolarWinds free port scanner

SolarWinds free port scanner offers benefits similar to those of the popular nmap port scanner (which we discuss in this list too) with a GUI that is intuitive and easy to get started with. If you’re looking to dive right into the world of network troubleshooting and port scanning, this tool is a great place to start. The ease of use helps eliminate some of the technical barriers to entry other similar tools may have.

Key Features:

  • Seeks out open ports
  • Covers TCP and UDP
  • Reports operating system per device
  • Shows device MAC address
  • Free to use

Free Download:SolarWinds Port Scanner Tool

This scanner is a portable executable that can be run on Windows operating systems. In addition to scanning TCP and UDP ports to determine whether they’re open/closed/filtered, SolarWinds Port Scanner can detect MAC addresses and operating systems. Scan results can be saved in .csv, .xlsx, or .xml format.

SolarWinds Port Scanner is a powerful free tool that can provide you with a list of open, closed and filtered ports on each scanned IP. It can also resolve hostnames, provide an overview of MAC addresses, and more. Can run in a command-line and export results to file.

Pros:

  • A completely free tool
  • Helps provide a more user-friendly interface to access features similar to nmap and port scanning
  • Better option for new network technicians
  • Provides simple outputs based on what port scanning settings you choose
  • Good option for home users and small businesses

Cons:

  • Not designed for enterprise use, this tool lacks a few features found in their flagship product – SolarWinds Network Configuration Manager

You can download SolarWinds Port Scanner for free here.

SolarWinds Port Scanner Download 100% FREE Tool

3. Datadog Network Performance Monitoring (FREE TRIAL)

Datadog Network Monitor - Network view

Datadog is a cloud-based monitoring system for IT resources that is available as a menu of modules. The base package of the service is an Infrastructure module that covers network monitoring. However, this service can be enhanced by adding on the Network Performance Monitoring module.

Key Features:

  • Drill down into network flows and traces
  • Locates traffic hogs
  • Can monitor containers, pods, and deployments
  • Great visualization and mapping

The Network Performance Monitoring module of Datadog adds on analytical functions to the Infrastructure package and includes capacity planning and troubleshooting utilities. While the Infrastructure module looks at device statuses, the Network Performance Monitoring service examines traffic flows.

The Datadog system uses agent software on-site, but all processing and data storage is implemented on the Datadog server. Systems administrators access the Network Performance Monitoring console through any browser in order to see live statistics on current traffic flows on the network. Given that the service is based in the cloud, it can easily monitor remote networks, just as long as that network has the agent module installed on it.

The service doesn’t just display live network traffic data. It also stores that information for analysis. Administrators can trace the journey of a packet, view conversations between endpoints, segment traffic statistics per application or per origin or source, and identify the major bandwidth hogs on the network. The service can unify both onsite, cloud-based, and remote networks to give a complete picture of all network traffic generated by the business. The tool includes live network maps with traffic flows shown on them and it is also possible to see overloaded links or bottlenecks.

Pros:

  • Operates in the cloud, making scaling your troubleshooting efforts easier than most on-premise solutions
  • Offers excellent visual reporting that are fully customizable
  • Agent software can be installed on multiple operating systems as well as in the cloud to monitor container-based services
  • Live data can be stored for later view, or forwarded to other systems such as a SIEM
  • Pricing options are flexible, making DataDog a good choice for both small and large size networks

Cons:

  • Platform offers infrastructure, network, and application monitoring services, making this a feature-rich option that may take time to fully explore

Datadog has a single plan level for its Network Performance Monitoring module. Charges are levied per host per month with a discount for paying annually in advance. The service is available for a 15-day free trial.

Datadog Network Performance Monitoring Start 15-day FREE Trial

4. N-able RMM (FREE TRIAL)

N-able RMM Insights

N-able RMM is a cloud-based remote monitoring and management software package. As this system monitors the network, it also stores metrics for analysis. Having access to all aspects of a system, including endpoints and servers, N-able has many channels of data for diagnostics and troubleshooting.

Key Features:

  • Data retention for analysis
  • LOGICcard advice
  • 30-day free trial

Among the benefits offered by N-able RMM is a service called LOGICcards. This is a data source for a wide range of diagnostic projects. The main value of these feeds lies in security. However, they also give insights into how to improve efficiency and avoid system management mistakes.

LOGICcards gathers data from 5,000,000 endpoints on 4,000,000 networks. Comparing the data extracted from these studies, the LOGICcard system analyzes a network and is able to point out factors and settings that are missing from that system, compared to the organization of the majority of other networks.

Another LOGICcard service is a feed of warnings to look out for, such as patches that cause problems and should be held off or new internet-based scams. A guidance aspect to this service also identifies errors to avoid in network configuration and tips on how to optimize bandwidth usage. Furthermore, the topics covered by a LOGICcard feed adapt according to your responses to past advice.

The dashboard for N-able RMM is resident on the cloud. It doesn’t require any special equipment to use the service – any standard web browser will do and there is also a N-able RMM mobile app available.

Pros:

  • Cloud-based RMM solution, great cloud alternative to Network Configuration Manager
  • Leverages LOGIcards to find security and performance issues in any size or configuration of network
  • Accessible from any web browser and available via mobile app
  • Aims to provide a complete RMM solution and integrates well with their other MSP focused offerings
  • Flexible subscription-based pricing

Cons:

  • Designed for larger networks, specifically managed service providers

N-able RMM is a subscription service. This is a great attraction for startups because there are no upfront costs for getting set up. There are no setup fees and there is no need to fork out for a software package Instead, the subscribing company pays a little each month. Interested potential customers can access a 30-day free trial of N-able RMM.

N-able RMM Start 30-day FREE Trial

See also: Network Configuration & Backup Tools

5. Paessler Network Troubleshooting with PRTG

Paessler Network Troubleshooting with PRTG

Paessler’s PRTG is a complete monitoring system. It can help you with troubleshooting because it can diagnose network issues right down the protocol stack and identify the root of the problem. Port monitoring is one of the network diagnostics techniques that you can use with this tool.

Key Features:

The PRTG system includes two port monitoring sensors. One homes in on a specified port on a particular device, the other will check a range of port numbers. This tool only monitors TCP ports. The port range sensor has one extra feature that the single port sensor does not have. You can set it to check the port with TLS protection. Both sensors report on the response time of the port and whether it is open or closed.

PRTG includes network traffic analysis tools to help you troubleshoot delivery speeds. The tool includes a range of traffic monitoring techniques including route tracing to a destination with Traceroute and a Ping sweep, which will give you the response times to each node on your network. A packet-sniffing utility can tell you which applications and endpoints are producing excessive traffic and you can query the health of the network devices to see which are congested to the point of queuing.

Paessler built a tool that covers servers and applications as well as network statuses, port response times, and services to monitor all conditions that can cause software performance issues. If you’ve got VMs on your network, PRTG can sort through their underlying connections, services, servers, and operating software. That monitoring is constant, so you will be able to trace back through events to spot the source of any performance issues.

Pros:

  • Built for professionals and enterprise use
  • Offers monitoring templates for quick insights into network and device performance
  • Can check device health through a series of checks such as ICMP and ping
  • Makes great use of visualizations to map out more complex wireless networks
  • Pricing is based on utilization, making it a predictable and scalable option for any size network

Cons:

  • Offers a wide range of monitoring options, requiring time to fully utilize all features

Paessler delivers PRTG as a cloud service or you can install the diagnostic software on your premises. The tool installs on Windows Server environments. You can use the system for free for up to 100 sensors.

6. Ping

Ping is the ideal command to use when you need to confirm network connectivity, at the IP level, between two hosts, or to confirm the TCP/IP stack is working on your local machine. A successful ping confirms network connectivity between the two hosts and it also gives reports on packet loss.

Key Features:

  • Widely used
  • Connection error detection
  • Free to use

Using Ping with Examples

Below is an example of a successful run of the ping command to the “google.com” remote host.

C:\Users>ping google.com

Pinging google.com [172.217.9.46] with 32 bytes of data:

Reply from 172.217.9.46: bytes=32 time=38ms TTL=56

Reply from 172.217.9.46: bytes=32 time=12ms TTL=56

Reply from 172.217.9.46: bytes=32 time=14ms TTL=56

Reply from 172.217.9.46: bytes=32 time=12ms TTL=56

Ping statistics for 172.217.9.46:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milliseconds:

Minimum = 12ms, Maximum = 38ms, Average = 19ms

In addition to confirming IP connectivity to “google.com”, these results confirm that we are able to properly resolve domain names (i.e. DNS is working on the local machine).

That Loss figure that you see in the last line of the ping output is the number of lost packets followed by the packet loss rate in brackets.

A few pro-tips for working with the ping command for advanced troubleshooting:

  • Use ping –t to ping a host continuously. For example:
ping –t google.com

would continue to ping google.com until the ping was interrupted. Press control-c (the “CTRL” and “C” keys) to end a continuous ping.

  • If you cannot ping domain names like google.com, but you can ping IP addresses on the Internet like 8.8.8.8 (Google’s DNS servers), you may have a DNS-related problem.
  • If you cannot ping IP addresses on the Internet like 8.8.8.8, but you can ping hosts on your Local Area Network (LAN), you may have a problem with your default gateway.
  • You can use “ping localhost”, “ping::1”, or “ping 127.0.0.1” to test the TCP/IP stack on your local machine. “localhost” is a name that resolves to one of the loopback addresses of a local machine, “::1” is an IPv6 loopback address, and “127.0.0.1” is an IPv4 loopback address.

Pros:

  • Built directly into Windows command prompt
  • Easy to use, simple syntax
  • Can quickly identify if there is a problem with a device
  • Allows you to easily see if there are any network drops, latency issues, or jitter over the connection

Cons:

  • Does not work if ICMP is turned off on your target device
  • No visualization features
  • Not a proactive form of monitoring
  • Limited output options for reporting

7. Tracert

Tracert is similar to ping, except it leverages Time To Live (TTL) values to show how many “hops” there are between two hosts. This makes it a helpful tool in determining where a network connectivity breakdown is occurring. Basically, tracert helps you understand if the router or network that is down between your computer and a remote host is one you control or not.

Key Features:

  • Connection path trace
  • Spots overloaded links
  • Free to use

Using tracert with examples

Again using google.com as an example, we can see there were 10 hops between our PC and google.com.

C:\Users>tracert google.com

Tracing route to google.com [172.217.4.78]

over a maximum of 30 hops:

  1    1 ms   1 ms 3 ms  192.168.1.1

  2  246 ms    49 ms 56 ms  10.198.1.177

  3   58 ms    48 ms 54 ms  10.167.184.102

  4   63 ms    55 ms 85 ms  10.167.184.107

  5   50 ms    55 ms 56 ms  10.164.72.244

  6   72 ms   365 ms  69 ms 10.164.165.43

  7   92 ms    61 ms 45 ms  209.85.174.154

  8   67 ms    42 ms 58 ms  108.170.244.1

  9  372 ms    66 ms 46 ms  216.239.51.145

 10    64 ms  73 ms 44 ms  lga15s47-in-f78.1e100.net 172.217.4.78]

Trace complete.

Pros:

  • Built directly into Windows command prompt
  • Easy to use, simple syntax
  • Displays gateways that your traffic passes through
  • Can see if where a bottleneck occurs during the route

Cons:

  • Does not provide any root cause analysis or features to aid technicians
  • No visualization features
  • Not a proactive form of monitoring
  • Limited output options for reporting

8. Ipconfig

Determining the IP settings on your computer is an essential part of network troubleshooting. The ipconfig command helps you do just that. Entering ipconfig at a command prompt will return IPv4 and IPv6 addresses, subnets, and default gateways for all network adapters on a PC. This can help determine if your computer has the right IP configuration. Additionally, ipconfig can be used to change or update selected IP settings.

Key Features:

  • Lists interface statuses
  • Shows gateway address
  • Free to use

Pro-tips for working with ipconfig:

  • If ipconfig returns an IP address that starts with 169.254 (e.g. 169.254.0.5), your PC is likely configured for DHCP but was unable to receive an IP address from a DHCP server.
  • Use ipconfig /all to get the full TCP/IP configuration information for all network adapters and interfaces.
  • Use ipconfig /release to release the current DHCP assigned network parameters.
  • Use ipconfig /renew to renew the current DHCP assigned network parameters.
  • Use ipconfig /flushdns to clear the DNS cache when troubleshooting name resolution issues.

Pros:

  • Built directly into Windows command prompt
  • Easy to use, simple syntax
  • Shows basic network configuration such as gateway, DNS servers, and subnets
  • Can be used with other syntax to perform functions like flushing DNS or renewing an IP address

Cons:

  • Can take a while for new users to learn all of the different ways ipconfig can be used to troubleshoot
  • Can only apply fixes to one machine at a time

9. Netstat

Netstat allows you to display active connections on your local machine. This can be helpful when determining why users are unable to connect to a given application on a server or to determine what connections are made to remote hosts from a computer. Entering netstat at the command prompt will display all active TCP connections. Adding parameters to the netstat command will extend or alter the functionality.

Key Features:

  • Lists active ports on the device
  • Highlights port issues
  • Free to use

netstat commands & example

Here are a few helpful netstat commands and what they do:

  • netstat –a displays all active TCP connections and the TCP and UDP ports a computer is listening on.
  • netstat –n displays all active TCP connections just like the netstat command, but it does not attempt to translate addresses or port numbers to names and just displays the numerical values.
  • netstat –o displays all active TCP connections and includes the process ID (PID) for the process using each connection.

You can combine different parameters to extend the functionality of netstat. For example,

netstat –ano

would display all active TCP connections and the TCP and UDP ports a computer is listening on, use numerical values, and report the PID associated with the connections.

Pros:

  • Can quickly show which connections are actively established on a machine
  • Can find suspicious connections quickly if you know how to interpret netstat information
  • Can filter by TCP connections to limit your scope on noisier networks

Cons:

  • Doesn’t provide geolocation mapping for connections found
  • Requires training to understand how to properly use netstat in a meaningful way

10. Nslookup

nslookup is a useful command-line utility that enables DNS troubleshooting and diagnostics. Nslookup is available on Windows and *nix operating systems. There are a variety of use cases for this flexible utility and it can be run in interactive mode or by entering commands directly at the command prompt.

To help you get started, we’ll review some nslookup commands that are helpful in three of the most common use cases: finding an IP address based on a domain name, finding a domain name based on an IP address, and looking up email servers for a domain.

Key Features:

  • Show DNS entry details
  • Troubleshoots address problems
  • Free to use

Below are examples of how to do each from a Windows command prompt.

Finding an IP address based on a domain name with nslookup:

C:\Users>nslookup google.com

Server:  ns2.dns.mydns.net

Address:  192.168.247.45

Non-authoritative answer:

Name: google.com

Addresses:  2607:f8b0:4009:805::200e

       172.217.10.46

The output above shows us that the DNS server used on our local machine was ns2.dns.mydns.net and since ns2.dns.mydns.net is not an authoritative name server on Google’s domain, we get a “Non-authoritative answer”. If we wanted to specify a different DNS server in our query, we simply add the DNS server’s domain name or IP address after the command, like this (using the 1.1.1.1 DNS server from CloudFlare).

C:\Users>nslookup google.com 1.1.1.1

Server:  1dot1dot1dot1.cloudflare-dns.com

Address:  1.1.1.1

Non-authoritative answer:

Name: google.com

Addresses:  2607:f8b0:4009:812::200e

       216.58.192.174

Finding a domain name based on an IP address with nslookup

Finding a domain name based on an IP address is similar to the previous process, you simply use an IP address instead of the domain name after the “nslookup” command. For example to find out what the fully-qualified domain name (FQDN) for the IP address 8.8.8.8 is we would use the command below:

C:\Users>nslookup 8.8.8.8

Server:  ns2.dns.mydns.net

Address:  192.168.247.45

Name: google-public-dns-a.google.com

Address:  8.8.8.8

Based on the output, we can see that the FQDN associated with 8.8.8.8 is “google-public-dns-a.google.com” which makes sense given 8.8.8.8 is one of the two popular public DNS servers available from Google.

Looking up email servers for a domain with nslookup

Sometimes you may need to determine what email servers are available on a domain. To do that, we simply need to specify that we are looking for MX records using the –ty switch. In the example below, we’ll check what mail servers are returned for gmail.com:

C:\Users>nslookup -ty=mx gmail.com

Server:  ns2.dns.mydns.net

Address:  192.168.247.45

Non-authoritative answer:

gmail.com    MX preference = 40, mail exchanger = alt4.gmail-smtp-in.l.google.com

gmail.com    MX preference = 5, mail exchanger = gmail-smtp-in.l.google.com

gmail.com    MX preference = 30, mail exchanger = alt3.gmail-smtp-in.l.google.com

gmail.com    MX preference = 10, mail exchanger = alt1.gmail-smtp-in.l.google.com

gmail.com    MX preference = 20, mail exchanger = alt2.gmail-smtp-in.l.google.com

Here, five mail servers were returned along with an MX preference value. The lower the MX preference value, the higher the priority of that server (i.e. those servers should be used first).

Pros:

  • Great for quickly diagnosing DNS issues when combined with ipconfig
  • Can resolve DNS issues through the CLI without using the GUI, good for remote troubleshooting
  • Can see which DNS server have authority and prioritization

Cons:

  • Cannot easily change or modify DNS setting for multiple machines
  • Not easy to change DNS within CLI for new users

11. Speed and up/down test sites

Sometimes you need to start troubleshooting by determining if the issue is with client computers accessing a website or with the website itself. There are many sites that can help you do just that. For example, Uptrends’ uptime check tool allows you to check the status and response time for a website from checkpoints across the globe.

Key Features:

  • Checks for website availability
  • Connection speeds checks
  • Some free to use

speed up down trends

This can be especially helpful if you need to determine why some users can reach your site and others cannot. For a more simple, but more ad-heavy, up/down check you can try Down For Everyone Or Just Me.

is site down?

Alternatively, you may want a quick and easy way to test your upload and download speeds to see if you have a bandwidth or latency issue. Our broadband speed test is a great way to do just that and help raise money for charity.

speedtest

Pros:

  • Can quickly check the availability of a service base on external monitor as well as manual reports by other users
  • Can check the health of multiple sites at once
  • Can usually get an answer quickly without much digging or technical work

Cons:

  • Doesn’t work for internal applications
  • If you’re experiencing internet/DNS issues you may not be able to reach the site

12. Sysinternals

Microsoft’s Sysinternals networking utilities will well serve windows administrators that require advanced network diagnostic and troubleshooting tools. The Sysinternals utilities include tools that can help troubleshoot and configure Active Directory (AD), like AD Explorer and AD Insight.

Key Features:

  • Windows admin utilities
  • Manage Active Directory
  • Free to use

Other tools can help measure network performance (PsPing), scan file shares (ShareEnum), list or run processes remotely (PsTools), and more. If you only require one or a few of the Sysinternals utilities, you can install them separately as opposed to downloading the entire Sysinternals Suite.

Pros:

  • Built by Microsoft to serve the Windows operating system
  • Offers other tools that can help troubleshoot Active Directory servers and other Windows features
  • Offers basic network testing alongside file scanning tools that can help solve permission issues as well as file share problems

Cons:

  • Doesn’t work proactively
  • Only for Windows environments
  • Downloading the entire suite can be bulky

13. Wireshark

Wireshark is a protocol analyzer and one of the go-to networking tools for organizations of all sizes when network issues need to be troubleshot with a high level of granularity.

The benefit of using Wireshark to analyze network traffic is that you will be able to view the raw network packets, and this will often allow you to identify the root cause of an issue. This can be especially helpful in situations where it is unclear which application is not doing what it is supposed to or when you try to reverse engineer the functionality of a poorly-documented program.

Key Features:

  • Packet capture
  • Protocol analyzer
  • Free to use

The tradeoff here is that you will have a lot of data to parse through, so some technical knowledge may be required to drill down and identify the important information.

You can download Wireshark for free here.

Wireshark dashboard

On Windows operating systems, link-layer packet captures with WireShark are often made possible using Winpcap (either Winpcap or Npcap is required). In addition to enabling WireShark on Windows, Winpcap can enable the powerful Windump command line utility which is Windows answer to the popular tcpdump program found on many *nix operating systems. For a deeper dive on Winpcap, Windump, and tcpdump, check out our recent article on packet sniffers and network analyzers and download the tcpdump cheat sheet.

While WireShark is an excellent tool, the data generated isn’t always the easiest for the uninitiated to understand. If you are looking for detailed network visualization and parse through the data generated using WireShark, SolarWinds Response Time Viewer can help. This tool enables users to load and analyze .pcap files and provides easy to read summaries of the response times and data volumes.

SolarWinds Response Time viewer for Wireshark

Pros:

  • Passionate open-source community keeps the software updated and new features added periodically
  • Built by network professionals, for network professionals
  • Can save captured packet data for further analysis or archival purposes

Cons:

  • Not user friendly, designed for network administrators
  • Steep learning curve, even for those who use IT products regularly
  • Pulls all data over the network unless intentionally filtered out

SolarWinds Response Time Viewer for WireShark Download FREE Tool

14. Nmap

zenmap

Nmap is a popular security auditing and network exploration tool released under a custom open source license based on GPLv2. While the most popular use cases for nmap are security scans and penetration testing, it can prove quite helpful as a network troubleshooting tool as well.

Key Features:

  • Command-line utility
  • Network troubleshooter
  • Free to use

For example, if you are dealing with an unfamiliar app and want to find out what services are running and which ports are open, nmap can help. Nmap itself uses a command-line interface (CLI), but that doesn’t mean you are out of luck if you prefer a graphical user interface (GUI). Zenmap is the official nmap GUI and is a good way for beginners to start working with nmap.

Pros:

  • Doubles as a security tool, allowing administrators to discover open ports, and applications communicating over ports that are suspicious
  • Massive open-source community, is one of the most popular free security tools available
  • Offers a GUI version, Zenmap, which lowers the barrier to entry for new users
  • Syntax is straightforward and not difficult to learn for most users

Cons:

  • Nmap can have a steep learning curve for new users
  • Might be overkill for simpler troubleshooting tasks
  • More of a security/auditing tool

For more on Zenmap and a deeper dive on nmap, check out our Best Free Port Checkers article.

Choosing a network diagnostics & troubleshooting tool

The tools we discussed here are great to have in your network troubleshooting toolbox and we recommend giving some of them a try the next time you find yourself dealing with a head-scratching network troubleshooting scenario. Did you try out our Editor’s choice – SolarWinds Network Configuration Manager? Did we leave any of your favorite network troubleshooting tools out, or do you have questions about the tools we mentioned here? Let us know in the comments section below.

Related post: PingPlotter Alternatives

Network Diagnostics & Troubleshooting FAQs

What are the six steps of the troubleshooting process?

Follow a formalized routine when troubleshooting networks:

  1. Identify the problem.
  2. Make an educated guess of the possible cause of the problem.
  3. Explore the system to check whether your idea is valid.
  4. Identify system elements in error; plan and implement remediation steps.
  5. Check that the solution worked and change procedures to prevent the problem from happening again.
  6. Document the problem, the solution, and recommendations for procedural change.

Steps 2 and 3 might need to be carried out recursively until you hit the problem. The documentation step is ongoing throughout the troubleshooting process with note-taking to contribute to an accurate record once the entire process is complete.

What causes intermittent network connection issues?

There are many possible causes for intermittent network connection issues:

  • Unreliable power source
  • Environmental interference
  • Queueing on a network device
  • A network device overloaded
  • A faulty network device
  • IP address renewal
  • IP address duplication
  • DNS server errors
  • Firewall software hanging
  • Network software jamming
  • Hacker attack
  • Automatic update of firmware taking a device offline
  • Interruption of external networks, e.g., the internet
  • Loose cable plug in an endpoint or network device
  • Damaged network cable
  • Loose wiring
  • Multiple domain server clashes
  • Lack of storage space on devices for traffic processing or logging
  • Security software blocking activity

Which utility or LAN command do you feel was the most useful for network troubleshooting?

Ping and Traceroute are the two LAN commands most often used for network troubleshooting. Ping shows whether an endpoint is contactable. Traceroute shows the most likely path to that endpoint. These two commonly used network utilities are usually integrated into most network monitors.

What are the most common issues that affect network performance and reliability?

The most common issues that affect network performance are:

  • Power source problems
  • Network device faults
  • Network cable faults
  • Defective cable connectors
  • System overloading
  • QoS prioritization
  • Incompatible network settings on different devices
  • Addressing issues
  • Security software
  • Hacker or intruder activity
  • Malware