Military College of Signals

National University of
Sciences & Technology

EE-357 Computer and Communication Networks

Submitted to: Engr. Amara Umar

Lab Report Number: 05

Submission Date: 28th March 2023

Group Members Details:

S. No Names

1. Hamna Younis (BEE-57 B)

2. Jamshaid Ahmad (BEE-57 B)

3. Kanwal Mehreen (BEE-57 B)

4. Muhammad Awais (BEE-57 B)

 EE-357 Computer & Communication Networks

Student
Name

R1 (3)

R2 (3)

R3 (3)

R4 (3)

Total (12)

RUBRICS for experiment implementation

R1 (3)

R2 (3)

Total (6)
Grand
Total (18)
RUBRICS for results presentation (Report) and viva
ANALYZING DNS, DHCP AND ICMP IN WIRESHARK

TASK 1:

1. In command prompt type ipconfig/ flushdns to erase the DNS resolver cache data.

2. Type ipconfig/all and find IP address of your DNS server.

3. Go to Wireshark and start capturing packets. Type nslookup wireshark.org 8.8.8.8 (IP
address of DNS server) in command prompt. (8.8.8.8 is Google DNS server)
 4. Go back to Wireshark, stop capturing packets and apply DNS as filter to filter out its
packets. Note that each DNS query and response has the same transaction ID.
5. Open the flag field in DNS part of header data. What is the nature of DNS query?
6. Which flag value indicates whether it’s a response or a query message?
7. Note that A and AAAA indicates IPv4 & IPv6 responses. Click on type A response,
go to the header details, and find the answers field, how many answer you can see for
wireshark.org? What does multiple answers (more than 1 IP addresses for a single
domain name) indicate?

TASK 2
1. Start capturing packets in Wireshark. Open command prompt, type ipconfig/release to
release the IP address assigned to your system.
2. Now type ipconfig/renew to generate a DHCP request which will be followed by IP
address assignment process.
3. Verify that a valid IP address is assigned to your system now.

4. Go back to Wireshark and stop capturing packets. Apply a filter to filter out DHCP
packets only. Are you able to capture all the messages shown in fig. above?
 5. Can you find the time duration for which this IP address is assigned to your system?
Hint: Lease time.

6. What is sent in DHCP request?

IP#, MAC address
7. Which of the message exchange are broadcast?
All messages from DHCP server are broadcasted.
8. What is the transport layer protocol used by DHCP?
Transport layer protocol used by DHCP is UDP
9. What is sent in DHCP ACK?
IP#, lease time

TASK 3
Ping sends a packet to the target IP address, if the target is alive. Target responds by sending
a packet back to the host. Both (request and reply) of these carry the ICMP message.
1. Start capturing packets in Wireshark. Ping any URL or IP Address and capture ICMP
Packets to observe the details. (You can also capture ICMP packets by running
tracroute command in CMD Prompt).
2. After ping is complete, go to Wireshark, stop capturing packets and apply ICMP as
filter to filter out ICMP packets.

3. How many packets appear after applying filter? Can you change the number of
packets to 2 instead of 4? How? (Hint: lab 2)
4. Click on an ICMP echo request packet, note the values of type and code in it.

5. Click on an ICMP echo reply packet, note the values of type and code in it.

6. What is the size of packet content in bytes?

32 Bytes