Windows: Setting up IP, DNS and other handy CLI commands
How-To
November 3, 2022
This is typically where you start when you are setting up a windows server without GUI for the first time. This post includes both netsh and powershell configuration examples.
IP Address Management
IPv4
Open a command prompt. Enter netsh configuration mode:
netshinside netsh configration mode, you can retrieve information about current adapters and what internal interface numbers they have
interface ipv4 show config
Interface ipv4 show config "Ethernet1"Example:
netsh>interface ipv4 show config "Ethernet1"
Configuration for interface "Ethernet1"
DHCP enabled: No
IP Address: 10.11.1.11
Subnet Prefix: 10.11.1.0/24 (mask 255.255.255.0)
Default Gateway: 10.11.1.1
Gateway Metric: 1
InterfaceMetric: 25
Statically Configured DNS Servers: None
Register with which suffix: Primary only
Statically Configured WINS Servers: NoneSet or change IPv4 address on the interface:
interface ipv4 set address name="Ethernet1" static 10.11.1.11 mask=255.255.255.0 gateway=10.11.1.1https://www.technig.com/configure-ip-address-with-command-prompt-in-windows/
IPv6
Enter netsh configuration mode:
netshTo show interfaces and address information:
interface ipv6 show interfaces
interface ipv6 show addressesThis is actually more useful then the IPv4 equivalent, because you get to see the interface identifier that you would need if you were planning to make static routes:
netsh>interface ipv6 show interfaces
Idx Met MTU State Name
--- ---------- ---------- ------------ ---------------------------
1 75 4294967295 connected Loopback Pseudo-Interface 1
4 5 1500 disconnected Ethernet0
6 25 1500 connected Ethernet1Add an IPv6 address to an interface
You can either use the name, or the Idx number:
Interface ipv6 add address interface=6 2001:DB8:BA5:B001::B/64Deleting IPv6 Addresses:
Note: You cannot change IPv6 addresses by just overwriting an existing one, since you can have more that one IPv6 address per interface. You have to delete existing ones if you wish to replace it:
interface ipv6 del address interface=6 2001:DB8:BA5:B001::Bhttps://www.interfacett.com/blogs/enable-ipv6-addresses-windows-box-using-netsh/
IPv6 Special address Management
To disable temporary IP addresses and use EUI 64 standard
Useful for servers, but not recommended for clients due to privacy issues:
netsh
interface ipv6 set global randomizeidentifiers=disabled
interface ipv6 set privacy state=disabledhttps://www.sevenforums.com/tutorials/304071-ipv6-temporary-address-enable-disable.html
Disable all DHCP and RA options
This makes sure that your server doesn’t get ignorantly hacked by your router or firewall that accidentally sending DHCPv6 offer or RA messages.
netsh
interface ipv6 set interface 6 managedaddress=disabled
interface ipv6 set interface 6 otherstateful=disabled
interface ipv6 set interface 6 rabaseddnsconfig=disabled
interface ipv6 set interface 6 routerdiscovery=disabledDisable DHCP/Static IP coexistence
This should work too, but seems to be some kind of bug. I can enable it just fine, but not disable it:
netsh>interface ipv6 set interface 6 dhcpstaticipcoexistence=enabled
Ok.netsh>interface ipv6 set interface 6 dhcpstaticipcoexistence=disabled
The parameter is incorrect.https://serverfault.com/questions/978076/how-to-disable-ipv6-dhcpstaticipcoexistence-on-server-2019
Disable IPv4 on an interface
Note that this is a powershell command:
Disable-NetAdapterBinding -Name "Ethernet1" -DisplayName "Internet Protocol Version 4 (TCP/IPv4)"Changing the MTU on an interface
Note that I had no luck increasing the MTU over 1500 with this command. I could only decrease it:
netsh>interface ipv4 set subinterface "Ethernet1" mtu=1473 store=persistentVerification:
netsh>interface ipv4 show subinterfaceshttps://www.sevenforums.com/tutorials/94721-mtu-limit-test-change-your-connections-mtu-limit.html
Adding and editing routes
Verification:
route printConfiguration:
route add -p 2001:DB8:BA5:2000::/52 Fe80::1 IF 6 Metric 10
route change -p ::/0 Fe80::1 IF 4 Metric 10Note that “-p” makes it persistent through reboots
Set DNS with powershell
Set-DNSClientServerAddress "Ethernet1" –ServerAddresses 2001:DB8:BA5:B000::B,2001:DB8:BA5:B001::BRemove DNS Server:
Remove-DNSClientServerAddress "Ethernet1" –ServerAddresses 2001:DB8:BA5:B000::BConfigure Hostname with powershell
Verification:
hostnameConfiguration:
Rename-Computer -NewName "SAUNA-AD"Enable SSH through powershell
Get the name of the current version of SSH Server:
Get-WindowsCapability -Online -Name Open*Install SSH Server:
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0Configure SSH Server:
Start-Service sshd
Start-Service ssh-agent
Set-Service -Name sshd -StartupType Automatic
Set-Service -Name ssh-agent -StartupType AutomaticReboot Server:
Shutdown /rVerification:
Get-Service sshd
Get-Service ssh-agenthttps://www.osradar.com/how-to-enable-ssh-in-windows-server-2019/
Add and Remove a server to a domain with powershell
Add local Computer to the domain:
Add-Computer –DomainName "bastuklubben.online" -RestartRemove local computer from the domain:*
Remove-Computer -Restart*Note that I have not tested this myself. I assume it will use credentials of the user currently logged in. For more granular control, check the source linked below.
https://activedirectorypro.com/join-computer-to-domain-using-powershell/
Wireless Ethernet Card Management
Generate a report showing recent wireless session information:
netsh wlan show wlanreportShows the wireless capabilities of the system:
netsh wlan show wirelesscapabilitiesShows properties of the wireless LAN drivers on the system:
netsh wlan show driversFor more WLAN related netsh commands:
netsh wlan showThanks Kjetil for the… very useful information… if you care about wireless 😉