Interacting with TCP/IP Through PowerShell (Part 1)

A couple of weeks ago someone asked me if it were possible to access a computer’s TCP/IP configuration information through Windows PowerShell. At the time, I really didn’t put a lot of thought into the answer. My reply was that although the IPCONFIG command was really designed to run in a Windows command prompt environment that it would also work in PowerShell. Later on, I started thinking about the question a little bit more and realized that my answer while true, may have been inadequate (I’m not really sure what the person wanted to accomplish).

The reason why I say this is because IPCONFIG is more of a diagnostic tool than a configuration tool. As such, there are some areas in which IPCONFIG truly excels, but there are a lot of things that IPCONFIG can’t do. So with that said, let me take a little bit of time and show you what IPCONFIG is and is not able to do.

Normally when I use the IPCONFIG command, I use it to get an overview of a computer’s IP address configuration. You can do so by entering IPCONFIG /ALL at the Command Prompt (or at the PowerShell prompt). Upon doing so, Windows will display the IP address information for each network adapter that is installed in the system, as shown in Figure A. If you want to narrow things down a bit then you can specify the name of an individual network adapter and IPCONFIG will show you that adapter’s configuration.

Figure A: IPCONFIG can retrieve a system’s IP address configuration.

Of course acquiring an IP configuration summary isn’t the only thing that the IPCONFIG command can do. As I said before, IPCONFIG is designed to be a diagnostic tool and you can use it to try to fix some common IP configuration problems.

Suppose for a moment that a particular system is having trouble communicating on the network and you suspect a DHCP problem or possibly even an IP address conflict. In that type of situation, you can use IPCONFIG to release the current IP address lease and then acquire a new DHCP lease. You can accomplish this by using the IPCONFIG /RELEASE and IPCONFIG /RENEW commands. Similarly, if you suspect that the DNS resolver cache may contain an invalid entry you can clear the cache by using the IPCONFIG /FLUSHDNS command.

I don’t want to turn this article into a full blown tutorial on the IPCONFIG command, but I did want to spend a little bit of time talking about it for the benefit of anyone who might not have previously used this command. If you want to see the full command syntax, just enter the IPCONFIG /? command, as shown in Figure B.

Figure B: The IPCONFIG command has several command line parameters.

OK, so obviously the IPCONFIG command is useful and it can be used through PowerShell. Even so, what you saw in the previous screen capture is more or less the limit of what IPCONFIG can be used for. So how else can we interact with TCP/IP through Windows PowerShell?

As you would probably expect, PowerShell natively includes really good support for networking. There are PowerShell cmdlets for configuring TCP/IP, network adapters, and even infrastructure components such as IPAM. So with that said, let’s take a look at some of the available TCP/IP related cmdlets.

As you are no doubt aware, native TCP/IP cmdlets are made up of verb-noun combinations. The verbs that are used for configuring TCP/IP through Windows PowerShell are really straightforward. In fact, if you have ever used PowerShell for any purpose in the past you have most likely used most if not all of these verbs. The verbs that are supported for use with TCP/IP include:

• Find
• Get
• New
• Remove
• Set
• Test

The nouns that are used by the native PowerShell cmdlets for TCP/IP are a lot more varied. Even so, there is at least a degree of consistency. All of the TCP/IP related nouns (at least the ones that are being discussed in this article series) start with the word Net. You can see the list of TCP/IP related nouns below. As you look at the list, you will see that at least some of the nouns are relatively intuitive in terms of what they relate to. The list of TCP/IP related nouns includes:

• NetRoute
• NetCompartment
• NetIPAddress
• NetConfiguration
• NetIPInterface
• NetIPv4Protocol
• NetIPv6Protocol
• NetNeighbor
• NetOffloadGlobalSettings
• NetPrefixPolicy
• NetTCPConnection
• NetTCPSetting
• NetTransportFilter
• NetUDPEndpoint
• NetUDPSetting

Now that I have shown you the list of available nouns and verbs, let’s talk about some of the things that you can do through PowerShell. If you think back to the beginning of this article, you will recall that the first thing that I showed you was how to use the IPCONFIG command to retrieve IP address information. That being the case, let’s get started by doing the same thing, but this time we will use native PowerShell cmdlets.

The PowerShell cmdlet that is used for retrieving IP address information is Get-NetIPAddress. As you can see in Figure C, this command returns both IPv4 and IPv6 address configuration information for all of the network adapters in the system.

Figure C: This is what the Get-NetIPAddress cmdlet does.

As you look at the figure above, you will notice a couple of things. First, the Get-NetIPAddress cmdlet returns some really useful information. Second, the volume of information that is returned has the potential to become overwhelming. I made the screen capture on a small lab server, but you can only imagine how much data would be returned if this were a production server with lots of network adapters.

This of course raises the question of how we can begin to filter the output to make it more readable. If you only want the most basic information then you might be able to get away with appending the Format-Table cmdlet. However, the information that is returned by doing so might not be what you need, as shown in Figure D.

Figure D: The Get-NetIPAddress | Format-Table cmdlet returns basic IP address information.

One way that you might be able to shorten the list is by specifying the type of address that you want to examine. For instance, if you are only interested in IPv4 addresses then you could append the –AddressFamily switch to the cmdlet, as shown in Figure E. The actual cmdlet looks like this:

Get-NetIPAddress –AddressFamily IPv4

Figure E: You can filter the results by address type.

Obviously the volume of data that has been returned by this cmdlet is a lot more manageable. Even so, there is no denying the fact that this is a lab server with a single network adapter (actually it has three network adapters that are bonded to act as a single network adapter). You can only imagine if this server had more adapters. Fortunately, there are other tricks that you can use to extract exactly the information that you need while also cutting through the clutter.