This article is also available as a PDF download.

NETSH is one of the
most powerful tools in the Windows networking toolkit. This list will introduce
you to some good uses of NETSH in various scenarios and show you how you can streamline
your networking configuration, administration, and documentation.

#1: What is NETSH?

NETSH is one of the
most powerful yet least known networking tools included with Windows 2000 and Windows
Server 2003. It’s installed by default and is located in the
%systemroot%\system32 folder. NETSH is also available on Windows XP.

NETSH enables you
to display, modify, import, and export many aspects of the network parameters
of a system. It can also connect remotely to other systems with a remote
machine parameter (-r).

#2: Contexts for NETSH

Contexts are
specific dimensions of the network configuration that can be managed by NETSH. The
commands and options within NETSH are context sensitive, and the same command
may exist in multiple context areas but have different commands and results in
each context. Here are the Windows Server 2003 NETSH context areas:

Now, to add to the
confusion, a context can have a subcontext. For example, the interface context has three subcontexts, ip, ipv6, and portproxy. NETSH refers to these subcontexts as a context, such as the netsh interface ip context. Note that Windows XP has a
different set of contexts. When using the import and export operations in noninteractive
mode, you must specify context or subcontext configuration.

#3: Coordinating network change control with NETSH

You can use NETSH
to export and import network configurations. A good example of using NETSH with
networking change control would be when a system is going to be placed on a
different network, but the communication channels need to be maintained to
various other systems. A NETSH export will allow all parties to agree on
various network settings. For example, Listing A shows a portion of a
NETSH export of the interface context from a dump operation.

Reviewing a NETSH
export with all parties involved can ensure that the system will be routed
correctly, using the correct DNS, WINS, and subnet mask. The best part is that
you can then import the entire file into the Windows system after all
appropriate entries have been made without any chance of entering the
information incorrectly. And this is only for the interface context. The same applies for all other context scripts.

#4: Using NETSH to dynamically change TCP/IP addresses

You can use NETSH
to make dynamic IP address changes from a static IP address to DHCP simply by
importing a file. NETSH can also bring in the entire Layer-3 configuration
(TCP/IP Address, DNS settings, WINS settings, IP aliases, etc.). This can be
handy when you’re working on networks without DHCP and have a mobile computer
that connects to multiple networks, some of which have DHCP. NETSH shortcuts
will far exceed the capabilities of using Windows Automatic Public IP Addressing.
Here is an example of running a dynamic update of an IP address:

C:\NETSH -f filename.netsh

In this example, filename.netsh is
the NETSH file that contains an interface dump configuration. You can make
shortcuts in Windows to a .BAT file that will run that command so you can
easily add shortcuts to get a DHCP address and switch to a static IP address
for a customer site, DMZ network, or any other static IP network.

#5: Best practice: Using a .NETSH extension

NETSH import and
export operations are in a native plain text format and can be read and edited
from any text tool. However, NETSH files should be handled as a special file
type because they’re used to document network configurations, as well as for the
import and export process. A best practice would be to make all export
operations refer to a FILE.NETSH, where this file is what has been exported
from NETSH. This is especially important because a NETSH export file doesn’t
contain the word NETSH in it. This way, even a novice can figure out what the
file contains.

The file extension
from export (dump) and import (-f) operations are entirely user specified. For
convenience, you can associate the .NETSH extension with your Windows
installation to allow native double-click editing.

#6: NETSH in interactive mode

NETSH is one of the
Windows tools that can be run in either an interactive or a noninteractive
environment. Interactive tools (such as nslookup and dnscmd) have effectively different usage scenarios
depending on the mode chosen.

Interactive mode
also has two submodes, online and offline. Online
mode is a direct interaction with the networking components while in
interactive mode. Offline mode lets you interactively make changes and then
roll them all online instantly by going to online mode.

#7: NETSH in noninteractive mode

In noninteractive
mode, you can implement NETSH commands by importing a file. Using
noninteractive mode is recommended for file import and export operations. With
NETSH in noninteractive mode, you can export key settings from each context as
a specific aspect of your system documentation. In addition, if an issue arises
and you can trace it back to a specific networking topic for which you have a
NETSH script exported from a known working time, you can re-import that NETSH
script in noninteractive mode and restore your networking functionality to that
point. Please note that NETSH does not back
up data within the contexts, such as the WINS database.

#8: Clarifying the scripts

When exchanging
NETSH scripts, you can insert comments to solicit feedback. This will allow you
to explain an entry or use it as a training tool for others. Simply insert REM
in a NETSH exported file to add a comment. Don’t put in too many comments,
however; just what is necessary.

#9: NETSH precautions

NETSH is a powerful
tool and should be used with caution. Using interactive online mode (the
default) for changes on the fly can be more risky than implementing a change in
interactive offline mode and going online to commit the changes. However, using
noninteractive mode to perform changes is popular as well because the changes
can be scripted. Try your hand at NETSH on a virtual machine or test system

#10: Navigating NETSH

The large array of
features available in NETSH may seem overwhelming at first. It’s helpful to get
into NETSH to see the options available and practice using the interface in
interactive mode (a little different for those of us used to noninteractive
tools). Getting into NETSH in interactive mode is easy: Simply type NETSH at the command prompt. Then, use
these guidelines to investigate the command options:

  • To change to another context, type the name of
    the context. For example, typing interface
    will go immediately to the interface ip
    context from which ever context you are presently located.
  • To change your mode, type offline or online. Typing
    offline will send the interactive
    session offline, so any changes won’t be brought in immediately. Typing online will bring the interactive
    session online, so changes will immediately be brought into the networking
    elements of the system.
  • Typing show
    will display the current mode (offline or online). The default mode is
    online, so be sure to immediately jump offline if you are experimenting.
  • Typing ? or help
    will show the available commands for your current context location. If you’re
    in the root of the tool, there is no active context and your interface to the
    tool will be a netsh> prompt.
  • Global commands, such as online and quit, are
    those you can use everywhere. Context commands are available only in the
    current context. For example, from the netsh
    interface ip> context, you can view the network
    configuration by running show dns, but this command may not work other contexts or
  • In contexts, running set and show will provide
    the context-sensitive command options.