Writing a Better Network Tester

by | Dec 13, 2022 | Tech Blog

Patch Tuesday Webinar

Join Patch My PC's Jordan Benzing and Bryan Dam every Thursday succeeding Patch Tuesday for the Patch Tuesday Support Group Webinar.

Patch Tuesday Releases

Tech Blogs

Critical Patches

There are few things more frustrating in IT than troubleshooting weird network problems. Especially when those weird network problems, impact browsing to normal everyday websites where our other tools live. It’s a pain point we can all identify with.

Inevitably, when you complain you can’t reach a website you’ll be greeted with one of the following questions:

– Have you tried pinging it?

– Have you cleared the cache on your browser?

– Try a different browser

Of course, you try all of these and either none of them work, or some of them do, or a confusing array of both happens. Over the course of this post, we are going to move from a simple ping network test to programmatic testing using PowerShell, and GO.

Wait what am I going to learn here?

Essentially, writing network tests is hard, doubly so when you have to test against over 100 sites. We are going to show you how you can test network connections with Ping, PowerShell and GO. Additionally, you’ll walk away with a couple of PowerShell snippets you can re-use, some GO code, and a very, very fast network tester app for all of the websites and ports Patch My PC uses.  

Let’s dive into network testing, and what it looks like.

The Problem

Let’s face it, networking is hard. Right wrong or indifferent the language everyone has been conditioned to use is either “the internet works”, or “the internet doesn’t work”. When it comes to corporate network environments this is rarely the case. Here is a fun example where I used the windows firewall to block a couple of Googles IP Addresses. The resulting behavior is interesting.

The Internet doesn't work

Writing Tests

There are a TON of ways to test a network connector. Each of these methods has their own strengths and weakness’s. There is no one size fits all when it comes to testing network connections, because of how flexible networking has grown to be. The methods below are by no means exhaustive.

Good Ole Ping

The first method people typically learn is good ole “ping” through the command prompt. Ping is a fantastic tool, it’s included on almost every machine in the world. Windows, Linux, Mac Ping doesn’t care it’s there for you.

Let’s try it out.

cmd

ping google.com

Good Ole Ping

As you can see above Ping sent four packets of data using what’s called ICMP (Internet Control Message Protocol). What’s important to know about this is ICMP is ephemeral, IE it’s not port specific. This can cause you to miss certain types of blocks when performing tests, especially if a firewall is only blocking specific ports. 

While Ping doesn’t support testing specific ports, there are a ton of other useful options you can use to better test the availability of the network including some useful options below.

There are a bunch of other options, and you can learn more about them here: ping | Microsoft Learn

PowerShell Tests

While you can certainly use Ping in PowerShell, there are some better options, especially for when you need to validate access to a resource first. There are two PowerShell cmdlets we are going to talk about, Test-Connection and

Test-Connection

Test-connection is effectively a wrapper cmdlet for ping, and as a result conveys a lot of the same information, with a lot of the same limitations (IE can only test for ICMP). What makes Test-Connection special is how it returns objects of type: ‘Win32_PingStatus’

Test-Connection-PingStatus
Test-Connection-StoredResponse

Because the feedback from test-connection is an object as presented above, you can actively evaluate the information that was returned from the attempted ICMP communication and then make decisions based on the details of the results. 

Test-NetConnection

Test-NetConnection provides some of the granularity for network tests ping is missing. This cmdlet instead produces an object of TestNetConnectionResult. One thing to note about Test-NetConnection, the cmdlet always displays information about the test while it’s running by default unless you configure the $ProgressPreference environment variable. This variable cannot be set at run time, and instead must be set for the environment.

The most important thing about Test-NetConnection, is the ability to specify your desired port using the port parameter.

TestNetConnection Port Option

What if you have a ton of websites you need to test? Programmatic Testing

A question we commonly get asked at Patch My PC, is do you have an allow list available to better understand what ports we would need to open in our network? Conveniently we do have a list:

List of Domains for Firewall Allowlist when Using Patch My PC – Patch My PC

However, that list is quite large, 864 different URLS in fact! Testing all of those will take surely take some time. Unless you automate it!

PowerShell Bulk Testing

Something you could surely do with some simple PowerShell.

powershell

However, it will take a significant portion of time as each action must be done in serial order. If you’re familiar with PowerShell we could of course look at using the parallelization features available in PowerShell 7.1+, assuming it’s available for you to use.

Go Bulk Testing

Earlier on in the article I mentioned the idea of testing network’s with using GO. Go is a relatively young programming language first released in 2009. You can learn more about the language, and it’s adorable mascot, here: The Go Programming Language

GO has been gaining popularity, especially in the security space for a large number of reasons, from it’s ability to cross compile to Linux, Mac, and Windows to it’s native concurrency features.

Implementing concurrency in go is “as simple as”

go

The code above combines two core concepts in GO. Routines, and a wait group. A wait group, indicates that we should wait for the routines to finish. All of these routines within the wait group then run completely independent of each other.

While GO supports Types and Methods, there is no Type Hierarchy, and more interestingly, as long as you have the GO environment you do not have to compile the code to run it for testing purposes.

Your First GO Network Test

In order to make a functional test, we’ll need to ensure we import three default packages.

“FMT”
“NET”
“Time”

With these we can quickly write a test to validate if we can get to google!

go

First GO Network Test

This works great if we want to painstakingly go through a ton of URL’s and ports. What if instead we wanted to say download a URL from a website that was in CSV Format and already had all of the websites and ports we would need? Well no problem we can do that!

A Patch My PC Network Tester

A while back, we had a pretty common occurrence where customers would be unable to download content due to network filtering rules. Troubleshooting this, and providing logs that help showcase it can be challenging especially in complex environments where things like user based proxies come into play. Instead of walking people through building PowerShell scripts unique to their environment a simplified network tester was born.

However, we need a few things to make it work.

First a function/package to download a file if we give it a URL.

go

Next a function to log everything that happens, in our favorite log format CMTrace.

go

And then finally let’s pull it all together with our main function.

go

Now we could run this entire test by simply using the go run command as seen in other examples earlier on, but that assumes the go runtime environment exists on the device running the test, a bad assumption. Instead we are going to use the build command to generate a compiled file that can be run anywhere. Don’t worry, you won’t have to build it you can download and find all the code available to you here.

PatchMyPCTeam/PMPC-NetworkTester: A network tester for Patch My PC customers to validate they are able to connect to all required websites.

The release is a signed binary file.

One final takeaway about how this is written is the sheer speed involved with the execution of the tests. Even using the previously mentioned PowerShell Parallelization methods doesn’t come close to how fast compiled code in parallel can run.

For the purposes of demonstration, a host’s file edit has been made on the server to force all GitHub.com requests to re-direct to a non-existent IP address. I hope this was helpful, and as always happy patching.

Patch My PC Network Tester

Jordan Benzing

Jordan Benzing loves patching and has had the opportunity to present on stages all around the world including the Midwestern Management Summit in Minneapolis, on subjects such as reporting, patching, and that wonderful thing no one likes doing: documentation. Jordan has been an avid content creator, and educator since 2016. Jordan has been fortunate enough to earn the Microsoft MVP award from 2020-2023 in the Enterprise Mobility category. He also has six, yes that’s right, six dogs. Two Golden Retrievers, a Shiba Inu, two german shepherds, and a Belgian Malinois.

Jordan has written blogs on MSendpointmgr, Truesec, WinAdmins, and his own blog, JordanTheITGuy

Tech Blog

PowerShell Uses - Feature Image

PowerShell Uses – Things to Start Doing, Things to Stop Doing

There are some things in PowerShell that you need to start doing but also stop doing. What is PowerShell and some of the best practices?

Intune Win32 Apps Guide to Availability and Deadlines Feature Image

Intune Win32 apps: A Strategic Guide to Availability and Deadlines

Discover the ins and outs of Intune Management Extension in our latest blog post. We’re exploring its behavior with scheduled win32 app...

Windows Defender Exploit Guard breaks Google Chrome

Often, blog titles are sensationalised and designed to draw the readers attention. In September 2023, we did actually observe the behavior described...
Discovery Apps - Intune Software Inventory - Feature Image

Discovered Apps – The Intune Software Inventory

Is there an Intune Software Inventory? How does Intune detect apps installed in my tenant? Find out everything you need to know about Discovered...

Intune Scope Tags and Role-Based Access Control Explained

In today's interconnected era, it has become increasingly common for large organizations to have multiple IT departments and workers spread across...

Intune Discovered Apps – Missing Inventory Data

At the tail end of June 2023 and into the first week of July 2023, many admins started to report that application inventory data was missing in...
Intune Discovery Apps - Detecting your applications and gaining back control Feature Image

Intune Discovered Apps – Detecting your applications and gaining back control

Learn more about the power of Intune Discovered Apps for application inventory management. Detect and manage your software inventory...

Intune Microsoft Store Integration App Migration Failures (0x87D1041C)

In July 2021, Microsoft announced that both Microsoft Store for Business and Education would be deprecated on March 31, 2023. While Microsoft has...
Automatic Deployment Rules and ConfigMgr

Automatic Deployment Rules (ADR) and ConfigMgr and why you should use them

What is an ADR Getting Started with ADR Creating and Defining an ADR What are Deployment Packages?In this blog we will review Automatic Deployment...

How to use PowerShell to install Windows updates & ensure long-term compliance

In this post I will walk you through how to install Windows updates and report on patch compliance using Windows PowerShell. We will be using:...

PowerShell Uses – Things to Start Doing, Things to Stop Doing

There are some things in PowerShell that you need to start doing but also stop doing. What is PowerShell and some of the best practices?

Intune Win32 apps: A Strategic Guide to Availability and Deadlines

Discover the ins and outs of Intune Management Extension in our latest blog post. We’re exploring its behavior with scheduled win32 app...

Windows Defender Exploit Guard breaks Google Chrome

Often, blog titles are sensationalised and designed to draw the readers attention. In September 2023, we did actually observe the behavior described...

Discovered Apps – The Intune Software Inventory

Is there an Intune Software Inventory? How does Intune detect apps installed in my tenant? Find out everything you need to know about Discovered...

Intune Scope Tags and Role-Based Access Control Explained

In today's interconnected era, it has become increasingly common for large organizations to have multiple IT departments and workers spread across...

Intune Discovered Apps – Missing Inventory Data

At the tail end of June 2023 and into the first week of July 2023, many admins started to report that application inventory data was missing in...

Intune Discovered Apps – Detecting your applications and gaining back control

Learn more about the power of Intune Discovered Apps for application inventory management. Detect and manage your software inventory...

Intune Microsoft Store Integration App Migration Failures (0x87D1041C)

In July 2021, Microsoft announced that both Microsoft Store for Business and Education would be deprecated on March 31, 2023. While Microsoft has...

Automatic Deployment Rules (ADR) and ConfigMgr and why you should use them

What is an ADR Getting Started with ADR Creating and Defining an ADR What are Deployment Packages?In this blog we will review Automatic Deployment...

How to use PowerShell to install Windows updates & ensure long-term compliance

In this post I will walk you through how to install Windows updates and report on patch compliance using Windows PowerShell. We will be using:...