Home
Begin by opening the Windows Command Prompt application. Type “ipconfig /release”.
Open the captured traffic file and given pcap file “dhcp”in Wireshark to answer the following questions.
a. Are DHCP messages sent over UDP or TCP?
b. Draw a timing datagram illustrating the sequence of the first four-packet Discover/Offer/Request/ACK DHCP exchange between the client and server. For each packet, indicated the source and destination port numbers.
c. What is the link-layer (e.g., Ethernet) address of your host?
d. What values in the DHCP discover message differentiate this message from the DHCP request message?
DHCP Request packet
DHCP Discover Packet
e. What is the value of the Transaction-ID in each of the first four (Discover/Offer/Request/ACK) DHCP messages? What are the values of the Transaction-ID in the second set (Request/ACK) set of DHCP messages? What is the purpose of the Transaction-ID field?
The purpose of the transaction id field in DHCP is to differentiate request made by the user. Here first set of Discover/offer/Request/ACK has same transaction id which indicates all four packets deals with same request. The second four set of packets has another Transaction id. This indicates that these packets deals with the request which is different from previous one.
f. A host uses DHCP to obtain an IP address, among other things. But a host’s IP address is not confirmed until the end of the four-message exchange! If the IP address is not set until the end of the four-message exchange, then what values are used in the IP datagrams in the four-message exchange? For each of the four DHCP messages (Discover/Offer/Request/ACK DHCP), indicate the source and destination IP addresses that are carried in the encapsulating IP datagram.
Both client and server use the broadcasting address as the destination address in four(Discover/Offer/Request/ACK) packets. Here address of client is taken as 0:0:0:0 (which means any address) and the broadcasting address is 255:255:255:255.
g. What is the IP address of your DHCP server?
h. What IP address is the DHCP server offering to your host in the DHCP Offer message? Indicate which DHCP message contains the offered DHCP address.
i. In the example screenshot in this assignment, there is no relay agent between the host and the DHCP server. What values in the trace indicate the absence of a relay agent? Is there a relay agent in your experiment? If so what is the IP address of the agent?
j. Explain the purpose of the router and subnet mask lines in the DHCP offer message.
The subnet mask line tells the client which subnet mask it should use.
k. In the DHCP trace file, the DHCP server offers a specific IP address to the client. In the client’s response to the first server OFFER message, does the client accept this IP address? Where in the client’s RESPONSE is the client’s requested address?
No, the client does not accpet the ip address.
l. Explain the purpose of the lease time. How long is the lease time in your experiment?
The lease time in this experiment is 1 day. The purpose of this is the amount of time the DHCP server assigns an IP address to a client.
m. What is the purpose of the DHCP release message? Does the DHCP server issue an acknowledgment of receipt of the client’s DHCP request? What would happen if the client’s DHCP release message is lost?
A DHCP release message is sent by the client to cancel the lease on an IP address given to it by the DHCP server, it does sends an acknowledgement of receipt and incase it gets lost then it will continue to run until the lease expires.
n. Clear the DHCP filter from your Wireshark window. Were any ARP packets sent or received during the DHCP packet-exchange period? If so, explain the purpose of those ARP packets.
