Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

NetLab 2A -

advertisement 
CECS 474 COMPUTER NETWORKING INTEROPERABILITY
Netlab 2-Part A: DHCP Negotiation – Wireshark Introduction
Purpose: To “pull the curtain back” while exploring the servers located on Big Apple University
network. In order to understand what goes on behind the scenes, the Wireshark packet sniffing
program will be used. Wireshark allows users to “peek inside” the transactions that occur
between clients (all the workstations) and servers. In Part A of Netlab 2, we examing the startup activity that occurs when a workstation joins a network with dynamic IP addresses
assignment. In particular, we will look at the negotiation between the client and the Dynamic
Host Configuration Protocol (DHCP) server and to obtaining a dynamic IP address. In Part B of
Netlab 2, we will examine Domain Name System (DNS) and Hyper-Text Transfer Protocol
(HTTP).
Background: The DHCP protocol is implemented using a client-server model. The client (any network
device in the LAN) requests configuration data such as an IP address, a default route, and at least one
DNS server, so that it can operate within the LAN. The DHCP server keeps a database of the available IP
addresses that it can lease. There are three typical allocation methods: Dynamic, Automatic, and Static
allocation. Each lease type can be used for different situations and environments. For example, if the
DHCP server is running on a hotspot in a coffee shop, it makes sense for the lease to be short. In the
coffee shop, you expect a large amount of turnover, so a dynamic address allocation makes sense. On
the other hand, a lease made to workstation in a small office, or even a PC on a home network, may last
the entire day. In these instances automatic lease allocation is probably easiest since DHCP will
dynamically assign the addresses from a pool if a new device is introduced or simply renew an existing
lease to devices that are always present. Some administrators who deal with a fixed number of
workstations and want to have more control of their environment may choose to permanently assign an
IP address to every individual machine. In this case, the addresses are no longer assigned dynamically;
the addresses are statically allocated. For this type of allocation, an administrator needs to know the
MAC Address for each device that will be assigned an IP address.
One important note is that we will be dealing with IPv4 DHCP and not IPv6 DHCP. Although both are
used for the same perpose, the IPv6 protocol is significantly different to its predecessor in terms of
implementation. IPv6 is also impractical to learn for a small scale setup such as Netlab. If the network
required several thousand IP address (like AT&T, Verizon, Time Warner, etc.), then IPv6 would be a good
solution.
Process
DHCP Negotiation:
 DHCP Discover: The client broadcasts messages to entire subnet to find a DHCP server.
 DHCP Offer: The server receives a request for a lease from a client and reserves an IP
address. It offers this reserved address to the client by sending a “DHCPOFFER” message to
the client.
Dr. Tracy Bradley Maples (Fall 2013)
Lab Design: Rogelio Cruz (mod. 9/25/13)
CECS 474 COMPUTER NETWORKING INTEROPERABILITY


DHCP Request: Once the client receives the offer, it replies by broadcasting to the server
asking for the offered address.
DHCP Acknowledge: In the last step the server receives the “DHCPREQUEST” message from
the client and sends back a “DHCPACK” packet back to the client. This contains information
like the lease duration and any other configuration information that the client requested.
Big Apple University
DHCP Server:
172.16.16.250
NETLAB CLIENT
`
DHCP
DHCP Offer
Src: 172.16.16.200 67
Dest: 255.255.255.255
68
DHCP server ID:
172.16.16.250
Lifetime: 3600 secs
DISC
DHC
DHC
DHCP Ack
Src: 172.16.16.200 67
Dest: 255.255.255.255
68
DHCP server ID:
172.16.16.250
Lifetime: 3600 secs
OVER
FER
POF
PR E
QUE
S
D H C PA
Time
DHCP Discover
Src: 0.0.0.0 68
Dest:
255.255.255.255 67
DHCP Request
Src: 0.0.0.0 68
Dest:
255.255.255.255 67
DHCP Server ID:
172.16.16.250
T
CK
Time
Procedure
Note: All of the Big Apple University servers are located at IP address: 172.16.16.250.
Open up your workstation’s network properties and make sure the Ethernet NIC is set up to
automatically obtain IP address. (Check Wireshark Reference Sheet)
1. Launch the command prompt and run the following command: >> ipconfig /release (For more
information check the CLI Reference Sheet)
Dr. Tracy Bradley Maples (Fall 2013)
Lab Design: Rogelio Cruz (mod. 9/25/13)
CECS 474 COMPUTER NETWORKING INTEROPERABILITY
2. Launch Wireshark and--after checking settings--start the capture. (Check the Wireshark
Reference Sheet)
3. At the command prompt, run the following command >> ipconfig /renew
4. Stop the Wireshark Capture. NOTE: Make sure the ipconfig /renew command in step 4 is done
processing before stopping the capture. Otherwise you may be missing a message.
5. Use the Wireshark filters to “clean up” the capture by entering “dhcp” in the text field. You
should see four messages displayed. If filter does not work, sort the capture by protocol and
scroll to the DHCP requests. (Check the Wireshark Reference Sheet)
Exercises
Answer the follow questions about DHCP Negotiation:
 In the DHCP Discover phase:
a. What is the source address? What UDP port is it using?
b. What is the MAC address of the source? Verify that the source is what you expect by
running an “ipconfig /all” command using the command prompt and matching it
against the address you received in your capture.
c. What is the destination address? Who is the client trying to reach? What UDP Port
is it using?
 In the DHCP Offer phase:
a. What is the source address? What UDP port is it using?
b. What address is being offered by the server? What is the lifetime (Time to live)?
Hint: Look inside the Internet Protocol information.
 In the DHCP Request phase:
a. Who does the source address send the request to?
b. What is the current address of the source?
 In the DHCP ACK phase:
a. Who is the source?
b. Who is the destination? What is the destination’s new address?
 The last message is DHCP Inform:
a. Who is sending this message? Verify by running “ipconfig” in command prompt.
b. Who is it informing? (Destination)
Dr. Tracy Bradley Maples (Fall 2013)
Lab Design: Rogelio Cruz (mod. 9/25/13)
Related documents
DHCP Security Analysis
DHCP Security Analysis
Windows 2000 DHCP Installation and Configuration
Windows 2000 DHCP Installation and Configuration
Setting DHCP Server via Winbox on Mikrotik PC Router
Setting DHCP Server via Winbox on Mikrotik PC Router
Configuring DHCP Scopes and Options
Configuring DHCP Scopes and Options
Template
Template
A Practical Guide to Red Hat® Linux® College Edition
A Practical Guide to Red Hat® Linux® College Edition
attachment
attachment
VMWare Networking
VMWare Networking
Wireshark_DHCP_Solution_July_22_2007
Wireshark_DHCP_Solution_July_22_2007
Download
advertisement