If you are managing a large network where you have to make regular configuration changes to the network and routing configurations, things can get very complicated, very quickly.

Windows 2000 includes some GUI utilities such as the Routing and Remote Access MMC that can help in this situation, but sometimes the utilities that are the easiest to use don’t provide the power or flexibility you need to efficiently get the job done. Often, it takes a command-line utility to generate the most power for any given task. The NETSH command is an example of such a command-line tool. In this Daily Feature, I’ll show you how NETSH can help you monitor and configure your network with speed and ease.

NETSH basics
NETSH, also known as NetShell, is a command-line scripting interface used to configure and monitor Windows 2000. As the name NetShell suggests, NETSH is a shell that allows you to execute other applications from within it.

Much like the Command Prompt shell in Windows 2000, NetShell can’t do much by itself. NetShell has some basic commands, but it relies mostly on helper DLLs, which perform the actual work. A helper provides configuration and/or monitoring support for one or more services, utilities, or protocols, but helpers can also be used to extend other helpers. The command shell directs the command to the appropriate helper, and the helper carries out the command. Some helper DLLs that work with NetShell include:

  • IPMONTR.DLL: Routing and Remote Access IP configuration
  • IFMON.DLL: Interface monitoring
  • RASMONTR.DLL: Routing and Remote Access monitoring

NetShell’s reliance on helper DLLs is a good thing. This modularity allows you to register additional helper DLLs within NetShell to perform additional tasks if you need them. At the same time, helper DLLs you might not otherwise not need aren’t loaded, which keeps NetShell small and efficient.

Some of the things you can do with NetShell include:

  • Configure network interfaces.
  • Configure routing protocols.
  • Configure remote access in Windows 2000’s Routing and Remote Access Server (RRAS) Service.
  • Display the configuration of routers running on any computer.

NetShell uses contexts. A context simply segregates all similar activities into one area, similar to the directory structure in a command shell. You can see an example of how the contexts work in Figure A, where I have systematically navigated deep into the NETSH command, one step at a time. Another way to think about NetShell contexts is to compare them to the DNS name space: microsoft.com is the domain and office.microsoft.com is a subdomain. By the same token, netsh is the root context and netsh interface is a sub context.

Figure A
NetShell contexts work like directories and subdirectories in a command-line shell.

NetShell supports abbreviation. Less really is more in most cases. When working with NetShell, you can abbreviate most commands to the least number of characters that makes a command unique. For example, if I enter int i from the netsh root, I will dive two levels deeper and set the context as netsh interface ip, as seen in the bottom two lines in Figure A.

NetShell also supports inheritance, which means that commands from higher levels may sometimes be passed down as you navigate deeper into the NetShell structure. This keeps you from having to retype the commands over and over again. Just press the up arrow on your keyboard to cycle through previously entered commands.

Running NETSH
To run NetShell, open a command prompt on your server, type NETSH, and press [Enter]. As you can see, executing the NETSH command from the command line does little—on the surface, at least. All you see when NetShell starts is a NETSH prompt. Although there isn’t enough room here to go into great detail about all of the commands and helpers that you can use with the NetShell utility, I will list some specific commands, which you may find yourself using more often than others:

  • ..
    Goes up one context level
  • ?
    Displays a list of commands
  • abort
    Discards changes made while in offline mode
  • add
    Adds a configuration entry to a list of entries
  • alias
    Adds an alias
  • bridge
    Changes to the “NETSH bridge” context
  • bye, exit, quit
    Exits the program
  • commit
    Commits changes made while in offline mode
  • delete
    Deletes a configuration entry from a list of entries
  • diag
    Changes to the “NETSH diag” context
  • dump
    Displays a configuration script
  • exec
    Runs a script file
  • help
    Displays a list of commands
  • interface
    Changes to the ”NETSH interface” context
  • offline
    Sets the current mode to offline
  • online
    Sets the current mode to online
  • popd
    Pops a context from the stack
  • pushd
    Pushes current context on stack
  • ras
    Changes to the “NETSH ras” context
  • routing
    Changes to the “NETSH routing” context
  • set
    Updates configuration settings
  • show
    Displays information
  • unalias
    Deletes an alias

When using NETSH, you have the choice to work either in offline mode or in online mode. If you work in online mode, any changes made are immediately reflected in the running configuration. If you work in offline mode, any changes are reflected in the running configuration when you switch back to online mode.

Practical NetShell examples
Now that I’ve outlined the root-level commands, I’m going to look at two nifty things you can do with NetShell. These two examples come from literally hundreds that I could have chosen instead, so remember that the options are almost limitless when you are working with NetShell.

Configuring network adapters
By changing to the NETSH interface context, you can work with individual network adapters installed on the computer. Figure B shows an example of what you can do from the interface context. The first two things I did in this example were to display the adapters on the machine, and then from the ip subcontext, I displayed the specifics of each adapter. After doing this, I configured one adapter to use DHCP instead of manually assigned values and then checked the specifics of the adapters again to verify my work. Note that by typing set machine machinename, where you replace “machinename” with the name of the remote computer you want to access, you can work on remote machines.

Figure B
NetShell helps you configure network adapters.

Configuring a RRAS server
By changing to the NETSH raps context, you can work with any RRAS server on your network. If the RRAS server you want to work with is not the local machine, simply use the SET MACHINE command as I discussed above.

In this next example, I work with the local RRAS server. First, I show the authentication types supported on the RRAS server and then I add to them. The next configuration item I work with involves the network access that remote clients will have (I have changed the access from the entire network to the RRAS server only) and the IP address pool that will be available to remote clients upon connection. Figure C shows this example.

Figure C
You can use NetShell to configure a remote access server.

If your administrative duties involve maintaining the networking or routing configuration in your organization, you may want to look into the NetShell utility. While GUI utilities are easy to use, they sometimes aren’t as fast and efficient as you might like. Once you learn your way around, NetShell’s command-line interface can help you solve problems quicker and lets you get on with your other network administration duties.