Ethernet Lab

1
© 2021 C-DAC, Hyderabad
Table of Contents
Objective 3

Prerequisites 3

Problem Statement 3

Summary 3

Fundamental concepts 4

Template for each step 4

Step-1 : Open the Wireshark and start capturing packets 5
Step-2: Apply ifconfig command to know the IP address of the machines 5
Step3 : Applying ping command between two IP addresses 7
Step-4: Stop the Wireshark and save the captured traffic 8
Step-5: Analyze the ICMP Packets 11
Analyze ICMP Echo Request Traffic 12
Analyze ICMP Echo Reply Traffic 13

References 14

2
© 2021 C-DAC, Hyderabad
1. Objective

Understanding the structure of Ethernet packets using Packet Analyzer tools.

2. Prerequisites

Prerequisites Version

Tools required Wireshark

Operating System Linux/ Windows

3. Problem Statement

By capturing the Ethernet packets, the Ethernet header information is obtained about
the packets’ source and destination address and packet length.

4. Summary

Steps Description

Step 1 Open the Wireshark and start capturing packets

Step2 Apply ipconfig/ifconfig command to know the IP address

of the machines

Step3 Apply ping command to check the communication

between two IP addresses

Step4 Stop the Wireshark and save the captured traffic

3
© 2021 C-DAC, Hyderabad
 Step5 Analyze the ICMP Packets
● Analyze ICMP Echo Request Traffic

● Analyze ICMP Echo Reply Traffic

5. Fundamental concepts

Introduction of Ethernet:
Ethernet is a Data Link Protocol, which controls the way data is transmitted over a
local area network (LAN). It is specified in a standard, IEEE 802.3. Ethernet LAN cards
with speeds up to 100 Mbps; while the fastest Ethernet speed is Gbps (1 Gbps = 1000
Mbps).

Ethernet header is very simple to analyze

Ethernet Header Format :

Cyclic

Destinati MA Type Data redundancy

on C

address Source MAC address check (crc)

6 bytes 6 bytes 2 bytes (46-1500)byt 4 bytes

es

6. Template for each step

1. Step-1 : Open the Wireshark and start capturing packets

To open the wireshark go to the Top left corner, click on the icon to open the list of
the tools available. Then type wireshark in the search bar and click on the launch
button.

Click on this option to capture the N packets. This screen is shown below.

4
© 2021 C-DAC, Hyderabad
2. Step-2: Apply ifconfig command to know the IP address of the machines
For Linux operating systems use the ifconfig command. Apply ifconfig
command to know the IP addresses of the machines. By applying the ifconfig we
obtain the following details that are related to Layer3 (i.e Network layer).

To open command prompt go to the top left corner of your screen click on the
command prompt

5
© 2021 C-DAC, Hyderabad
 6
© 2021 C-DAC, Hyderabad
Then type ifconfig command in the terminal the following output will be obtained.

3. Step3 : Applying ping command between two IP addresses

By applying the ping command we are able to analyze the connectivity between the IP
addresses.

Apply ping command in the command prompt to check the communication between
source and destination address.
Source address:172.17.0.4
Destination address: 10.244.10.239

In the below command prompt it is shown that from the source address of 172.17.0.4
ping command is given to the destination address of 10.244.10.239. Press ctrl+c to stop
the ping.

7
© 2021 C-DAC, Hyderabad
4. Step-4: Stop the Wireshark and save the captured traffic

Go to the wireshark application. Stop the Wireshark and save the captured traffic

In order to save the captured network packets. Go to the top left corner and click
on “File” followed by “save” .

8
© 2021 C-DAC, Hyderabad
Give any name to your file . Here we have given Traffic1 which is shown below:

9
© 2021 C-DAC, Hyderabad
Now select the extension as pcap by clicking on the drop down beside the
“save as”. Choose the “wireshark/tcpdump- pcap” option and click on the
“save” button.

10
© 2021 C-DAC, Hyderabad
5. Step-5: Analyze the ICMP Packets
Observe the traffic captured in the top Wireshark packet list pane. All of the
traffic you see is likely to be Ethernet traffic. If you want to specifically identify
the traffic generated from the ping command above, look for traffic with ICMP
listed as the protocol and Echo (ping) request or Echo (ping) reply in the
description.

Look for traffic with ICMP listed as the protocol. To view only ICMP traffic, type
icmp in the Filter box and press Enter.

11
© 2021 C-DAC, Hyderabad
 a. Analyze ICMP Echo Request Traffic

Select the first ICMP packet, labeled Echo (ping) request. Observe the packet details in
the middle Wireshark packet details pane. Notice that it is an Ethernet II/ Internet
Protocol Version 4/ Internet Control Message Protocol frame.

Expand Internet Control Message Protocol to view ICMP details. Observe the Type.
Notice that the type is 8 (Echo (ping) request).

Select Data in the middle Wireshark packet details pane to highlight the data portion of
the frame. Observe the packet contents in the bottom Wireshark packet bytes pane.
Notice that Windows sends an alphabet sequence during ping requests.

12
© 2021 C-DAC, Hyderabad
 b. Analyze ICMP Echo Reply Traffic

In the top Wireshark packet list pane, select the second ICMP packet, labeled Echo
(ping) reply.

Observe the packet details in the middle Wireshark packet details pane. Notice that it is
an Ethernet II/ Internet Protocol Version 4/ Internet Control Message Protocol frame.

Expand Internet Control Message Protocol to view ICMP details. Observe the Type.
Notice that the type is 0 (Echo (ping) reply).

Select Data in the middle Wireshark packet details pane to highlight the data portion of
the frame. Observe the packet contents in the bottom Wireshark packet bytes pane.
Notice that the reply echoes the request sequence.

13
© 2021 C-DAC, Hyderabad
7. References
● https://www.wireshark.org/

14
© 2021 C-DAC, Hyderabad