Debugging Tools for Windows supports kernel debugging over an Ethernet network. This topic describes how to set up Ethernet debugging manually.
As an alternative to setting up Ethernet debugging manually, you can do the setup using Microsoft Visual Studio. For more information, see Setting Up Kernel-Mode Debugging over a Network Cable in Visual Studio.
The computer that runs the debugger is called the host computer, and the computer being debugged is called the target computer. The host computer must be running Windows XP or later, and the target computer must be running Windows 8 or later.
Debugging over a network has the following advantages compared to debugging over other types of cable.
- The host and target computers can be anywhere on the local network.
- It is easy to debug many target computers from one host computer.
- Network cable is inexpensive and readily available.
- Given any two computers, it is likely that they will both have Ethernet adapters. It is less likely that they will both have serial ports or both have 1394 ports.
Supported Network Adapters
The host computer can use any network adapter, but the target computer must use a network adapter that is supported by Debugging Tools for Windows. For a list of supported network adapters, see Supported Ethernet NICs for Network Kernel Debugging in Windows 8.1.
Determining the IP Address of the Host Computer
Use one of the following procedures to determine the IP address of the host computer.
On the host computer, open a Command Prompt window and enter the following command:
ipconfigMake a note of the IPv4 address of the network adapter that you intend to use for debugging.
On the target computer, open a Command Prompt window and enter the following command, where HostName is the name of the host computer:
ping -4 HostName
Choosing a Port for Network Debugging
Choose a port number that will be used for debugging on both the host and target computers. You can choose any number from 49152 through 65535. The port that you choose will be opened for exclusive access by the debugger running on the host computer. Take care to choose a port number that is not used by any other applications that run on the host computer.
If you connect several target computers to a single host computer, each connection must have a unique port number. For example, if you connect 100 target computers to a single host computer, you can assign port 50000 to the first connection, port 50001 to the second connection, port 50002 to the third connection, and so on.
Setting Up the Target Computer
Verify that the target computer has a supported network adapter.
Connect the supported adapter to a network hub or switch using standard CAT5 or better network cable. Do not use a crossover cable, and do not use a crossover port in your hub or switch.
In an elevated Command Prompt window, enter the following commands, where w.x.y.z is the IP address of the host computer, and n is a port number of your choice:
- bcdedit /debug on
- bcdedit /dbgsettings net hostip:w.x.y.z port:n
bcdedit will display an automatically generated key. Copy the key and store it on a removable storage device like a USB flash drive. You will need the key when you start a debugging session on the host computer.
Note We strongly recommend that you use an automatically generated key. However, you can create your own key as described later in the Creating Your Own Key section.If there is more than one network adapter in the target computer, use Device Manager to determine the PCI bus, device, and function numbers for the adapter you want to use for debugging. Then in an elevated Command Prompt window, enter the following command, where b, d, and f are the bus number, device number, and function number of the adapter:
bcdedit /set "{dbgsettings}" busparams b.d.f- Reboot the target computer.
Setting Up the Host Computer
Connect the network adapter of the host computer to a network hub or switch using standard CAT5 (or higher-level) network cable. Do not use a crossover cable, and do not use a crossover port in your hub or switch.
Starting the Debugging Session
Using WinDbg
On the host computer, open WinDbg. On the File menu, choose Kernel Debug. In the Kernel Debugging dialog box, open the Net tab. Enter your port number and key. Click OK.
You can also start a session with WinDbg by opening a Command Prompt window and entering the following command, where n is your port number and Key is the key that was automatically generated by bcdedit when you set up the target computer:
windbg -k net:port=n,key=Key
If you are prompted about allowing WinDbg to access the port through the firewall, allow WinDbg to access the port for all the different network types.
Using KD
On the host computer, open a Command Prompt window. Enter the following command, where n is your port number and Key is the key that was automatically generated by bcdedit when you set up the target computer:
kd -k net:port=n,key=Key
If you are prompted about allowing KD to access the port through the firewall, allow KD to access the port for all the different network types.
Allowing the debugger through the firewall
When you first attempt to establish a network debugging connection, you might be prompted to allow the debugging application (WinDbg or KD) access through the firewall. Client versions of Windows display the prompt, but Server versions of Windows do not display the prompt. You should respond to the prompt by checking the boxes for all three network types: domain, private, and public. If you do not get the prompt, or if you did not check the boxes when the prompt was available, you must use Control Panel to allow access through the firewall. Open Control Panel > System and Security, and click Allow an app through Windows Firewall. In the list of applications, locate Windows GUI Symbolic Debugger and Windows Kernel Debugger. Use the check boxes to allow those two applications through the firewall. Restart your debugging application (WinDbg or KD).
How the Debugger Obtains an IP Address for the Target Computer
The kernel debugging driver on the target computer attempts to use Dynamic Host Configuration Protocol (DHCP) to get a routable IP address for the network adapter that is being used for debugging. If the driver obtains a DHCP-assigned address, then the target computer can be debugged by host computers located anywhere on the network. If the driver fails to obtain a DHCP-assigned address, it uses Automatic Private IP Addressing (APIPA) to obtain a local link IP address. Local link IP addresses are not routable, so a host and target cannot use a local link IP address to communicate through a router. In that case, network debugging will work if you plug the host and target computers into the same network hub or switch.
Creating Your Own Key
To keep the target computer secure, packets that travel between the host and target computers must be encrypted. We strongly recommend that you use an automatically generated encryption key (provided by bcdedit when you configure the target computer). However, you can choose to create your own key. Network debugging uses a 256-bit key that is specified as four 64-bit values, in base 36, separated by periods. Each 64-bit value is specified by using up to 13 characters. Valid characters are the letters a through z and the digits 0 through 9. Special characters are not allowed. The following list gives examples of valid (although not strong) keys:
- 1.2.3.4
- abc.123.def.456
- dont.use.previous.keys
To specify your own key, open an elevated Command Prompt window on the target computer. Enter the following command, where w.x.y.z is the IP address of the host computer, and n is your port number, and Key is your key:
bcdedit /dbgsettings net hostip:w.x.y.z port:n key:Key
Reboot the target computer.
Troubleshooting Tips for Debugging over a Network Cable
Debugging application must be allowed through firewall
Your debugger (WinDbg or KD) must have access through the firewall. You can use Control Panel to allow access through the firewall. Open Control Panel > System and Security, and click Allow an app through Windows Firewall. In the list of applications, locate Windows GUI Symbolic Debugger and Windows Kernel Debugger. Use the check boxes to allow those two applications through the firewall. Restart your debugging application (WinDbg or KD).
Port number must be in range allowed by network policy
The range of port numbers that can be used for network debugging might be limited by your company‘s network policy. To determine whether your company‘s policy limits the range of ports that can be used for network debugging, check with your network administrator. On the target computer, open a Command Prompt window as Administrator and enter the command bcdedit /dbgsettings. The output will be similar to this.
key XXXXXX.XXXXX.XXXXX.XXXXX debugtype NET debugport 1 baudrate 115200 hostip 10.125.4.86 port 50085
Notice the value of port. For example, in the preceding output, the value of port is 50085. If the value of port lies outside the range allowed by your network administrator, enter the following command, where w.x.y.z is the IP address of the host computer, and n is a port number in the allowed range
bcdedit /dbgsettings net hostip:w.x.y.z port:n
Reboot the target computer.
Specify busparams if target computer has multiple network adapters
If your target computer has more than one network adapter, you must specify the bus, device, and function numbers of the network adapter that you intend to use for debugging. To specify the bus parameters, Open Device Manager, and locate the network adapter that you want to use for debugging. Open the property page for the network adapter, and make a note of the bus number, device number, and function number. In an elevated Command Prompt Window, enter the following command, where b, d, and f are the bus, device and function numbers in decimal format:
bcdedit /set "{dbgsettings}" busparams b.d.f
Reboot the target computer.