Scribd
Upload
15 views5 pages

Wireshark DHCP Lab

Wireshark Lab

Uploaded by

Abby Wilkes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
15 views5 pages

Wireshark DHCP Lab

Wireshark Lab

Uploaded by

Abby Wilkes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

IT1080C Computer Networking

Wireshark DHCP Lab

Name: Test
This lab examines the packets captured by a host in the Dynamic Host Configuration Protocol (DHCP)
exchange.

DHCP is used extensively in corporate, university and home-network wired and wireless LANs to
dynamically assign IP addresses to hosts, as well as in a variety of other network configurations. This lab
captures the exchanged DHCP messages.

Follow these instructions:


1. Start the Wireshark packet sniffer and begin Wireshark packet capture.

2. Open the Windows Command Prompt application and enter “ipconfig /release”. The
results, as shown in Figure 1, releases your current IP address and your host IP address
becomes 0.0.0.0 – the reserved address for “this computer.”

Figure 1 Command Prompt window showing ipconfig/release command

803816439.docx
Copyright © 2019—2022 University of Cincinnati, Ohio. All rights reserved.
3. At the Windows Command Prompt and enter “ipconfig /renew”. This instructs your host
to obtain a network configuration, including a new IP address. In Figure 2, the host obtains the
IP address 192.168.1.5

Figure 2 Command Prompt window showing ipconfig/renew command

4. Stop the Wireshark capture.

To see only the DHCP packets, enter “dhcp” into the filter field. Figure 2 shows the first ipconfig
renew command w h i c h caused four DHCP packets to be generated: a DHCP Discover packet, a
DHCP Offer packet, a DHCP Request packet, and a DHCP ACK packet.

NOTE: If you are using a version of Wireshark older than version 3.4.0, you will enter “bootp” not
“dhcp” in the filter. DHCP derives from an older protocol called BOOTP; both BOOTP and DHCP use
the same port numbers, 67 and 68.

803816439.docx
Copyright © 2019—2022 University of Cincinnati, Ohio. All rights reserved.
Figure 2 “dhcp” entered in the filter field

Figure 3 shows the Dynamic Host Configuration Protocol window in the DHCP Discover packet.

Figure 3 The Wireshark window with the DHCP Discover packet expanded.

803816439.docx
Copyright © 2019—2022 University of Cincinnati, Ohio. All rights reserved.
Answer the following questions:

1. Are DHCP messages sent over UDP or TCP?


Click here to enter text.

2. Notice that there is a sequence of four packets-- Discover/Offer/ Request/ACK DHCP exchange
between the client and server. Compare the source and destination port numbers. Which port
numbers are assigned to each of the four-packet sequence?
Discover packet source and destination port numbers
Click here to enter text.
Offer packet source and destination port numbers
Click here to enter text.
Request packet source and destination port numbers
Click here to enter text.
ACK packet source and destination port numbers
Click here to enter text.

3. What is the link-layer (Ethernet) address of your host?


Click here to enter text.

4. Compare the Discover packet and the Request packet. What values in the DHCP discover
message differentiate this message from the DHCP request message?
Click here to enter text.

5. What is the value of the Transaction-ID in each of the first four (Discover/Offer/Request/ ACK)
DHCP messages?
Discover: Click here to enter text.
Offer: Click here to enter text.
Request: Click here to enter text.
ACK: Click here to enter text.

What is the purpose of the Transaction-ID field? (10 points)


Click here to enter text.

6. A host uses DHCP to obtain an IP address, among other things. But the IP address of the host is
not confirmed until the end of the four-message exchange. Indicate the source and destination
IP addresses of the client (your device) that are carried in the encapsulating IP datagram for each
of the four DHCP messages.
Discover Source: Click here to enter text. Destination: Click here to enter text.
Offer Source: Click here to enter text. Destination: Click here to enter text.
Request Source: Click here to enter text. Destination: Click here to enter text.
ACK Source: Click here to enter text. Destination: Click here to enter text.

7. What is the IP address of your DHCP server?


Click here to enter text.

803816439.docx
Copyright © 2019—2022 University of Cincinnati, Ohio. All rights reserved.
8. In the example screenshot in this assignment, there is no relay agent between the host and the
DHCP server. What values in the trace indicate the absence of a relay agent?
Click here to enter text.

9. Explain the purpose of the router and subnet mask lines in the DHCP offer message.
Click here to enter text.

10. Explain the purpose of the lease time. How long is your lease time?
Click here to enter text.

11. Did you have any difficulties with this lab? If so, explain.
Click here to enter text.

Use the responses from this lab to complete the Wireshark DHCP Quiz.

803816439.docx
Copyright © 2019—2022 University of Cincinnati, Ohio. All rights reserved.

You might also like