TCP/IP Debugging Tools in Windows Server – Route, Nslookup and DCDiag

Completing  our series on the Windows Server TCP/IP debugging tools we look at the Route, Nslookup and DCDiag tools.


The Route tool is especially useful for troubleshooting any incorrect static routes and also for adding a route to a route table to temporarily bypass a problematic gateway. Static routes may be used instead of implicit routes specified by a default gateway. Use the Route tool to add static routes for forwarding packets going to a gateway specified by default to improve traffic time, avoid loops etc.
The main parameters for the Route tool are as below:

  • -add : Adds a route to a table, use in combination with –p to set the route as persistent for subsequent sessions.
  • -Delete : This deletes a route from the table.
  • -Print : This prints a route.
  • -change : Modifies an already existing route.
  • -destination : This parameter specifies the host address.
  • -gateway : This parameter specifies the address of  gateway for Route.
  • IF interface : This parameter specifies the interface for the routing table to modify.
  • -mask Netmask : Uses the subnet mask as specified by Netmask, if mask isn’t used, it will default to
  • -METRIC Metric :This parameter specifies the metric for the route using the value Metric.
  • -f : This parameter clears the routing table of all gateway entries.
  • -p : Use  with the -add parameter to create a persistent route.


The Nslookup tool is used queries the DNS, this can be thought of as a simple diagnostic client for DNS servers. Nslookup can operate in two different modes: Interactive and Noninteractive. Noninteractive can look up a single piece of data, whereas Interactive mode should be used to lookup look up more than one piece of data . Interactive mode can be halted at any by pressing Ctrl+B. To exit from the command, enter the term exit. If Nslookup is used with no parameters, it will use the default DNS  for the lookup.
The three parameters for Nslookup are as below:

  • -ComputerToFind : Looks up info for the defined ComputerToFind. By default this will use default DNS name server.
  • -Server : Specifies the server for the DNS nameserver.
  • -SubCommand : Specifies one or several Nslookup subcommands as a command line option. Enter a question mark (?) to display a listing of available subcommands.


The DCDiag  (Domain Controller Diagnostic) tool will analyze the state of the  domain controllers and services in an Active Directory (AD) forest. This is installed when the AD DS  (Active Directory Domain Services) role is added to the Windows Server 2008  install. DCDiag is a very good general-purpose testing tool for checking the health of the AD infrastructure.
The available tests include replication errors, domain controller connectivity,  permissions, proper roles, and connectivity, and other general AD  health tests. DCDiag is even capable of  running nondomain controller-specific tests like whether a server may be promoted to a domain controller (this is the dcpromo test). It can also register its records properly in DNS using the RegisterInDNS test.

DCDiag is run exclusively on domain controllers, with the only exceptions being the dcpromo and RegisterInDNS tests. When DCDiag is run without any parameters, all the tests are  run against the current domain controller, this will run all the main tests and is normally sufficient for most purposes.
The parameters for DCDiag are :

  • /s:DomainController : Specifies using the domain controller as the home server.
  • /n:NamingContext : Specifies using the specified naming context (FQDN, NetBIOS,  or distinguished name) to test.
  • /u:Domain\UserName /p:{*|Password|””} : Specifies using the supplied credentials for running the tool.
  • /a : Will test all the domain controllers in the site.
  • /e : Will test all the domain controllers in the enterprise.
  • /q : Shows quiet output (errors only).
  • /v : Shows verbose output.
  • /I : Ignores any minor error messages.
  • /fix : Fixes the minor problems.
  • /f:LogFile : Logs to a defined log file.
  • /ferr:ErrorLogFile : Logs any errors to the log file.
  • /c : Comprehensively runs all the tests.
  • /test:TestName : Runs only specified tests .
  • /skip:TestName : Skips all the specified tests.

When you are specifying tests to run or to skip, note that all nonskippable tests will be run regardless.

DCDiag is automatically included on  Windows Server 2008  when the AD DS (Active Directory Domain Services) role is added. Alternatively, on non-domain controllers, the utility may be installed by adding the Remote Server Administration Tools feature from the Server Manager.