Wireshark Lab: DHCP v7.0
0. 实验文件地址
Wireshark Lab: DHCP v7.0
DHCP:动态主机配置协议。允许主机自动获取(被分配)一个IP地址(即插即用)。还允许一台主机得知其他信息,例如它的子网掩码、它的第一跳路由器地址(常称为默认网关)与它的本地DNS服务器的地址。
1. DHCP Experiment
Question & Answer
1. Are DHCP messages sent over UDP or TCP?
2. Draw a timing datagram illustrating the sequence of the first four-packet Discover/Offer/Request/ACK DHCP exchange between the client and server. For each packet, indicated the source and destination port numbers. Are the port numbers the same as in the example given in this lab assignment?
对于源主机和目的主机而言,端口号都是一样的。
3. What is the link-layer (e.g., Ethernet) address of your host?
4. What values in the DHCP discover message differentiate this message from the DHCP request message?
从上面两幅图可以看出,只有前四个Option和Padding不一样。
5. What is the value of the Transaction-ID in each of the first four (Discover/Offer/Request/ACK) DHCP messages? What are the values of the Transaction-ID in the second set (Request/ACK) set of DHCP messages? What is the purpose of the Transaction-ID field?
前四个的Transaction-ID:0x3e5e0ce3
后2个的Transaction-ID:0x257e55a3
Transaction-ID的作用是识别相应的客户机,区分不同的DHCP请求标识。
6. A host uses DHCP to obtain an IP address, among other things. But a host’s IP address is not confirmed until the end of the four-message exchange! If the IP address is not set until the end of the four-message exchange, then what values are used in the IP datagrams in the four-message exchange? For each of the four DHCP messages (Discover/Offer/Request/ACK DHCP), indicate the source and destination IP addresses that are carried in the encapsulating IP datagram.
7. What is the IP address of your DHCP server?
8. What IP address is the DHCP server offering to your host in the DHCP Offer message? Indicate which DHCP message contains the offered DHCP address.
Offer 和 ACK DHCP messages中包含这个IP地址。
9. In the example screenshot in this assignment, there is no relay agent between the host and the DHCP server. What values in the trace indicate the absence of a relay agent? Is there a relay agent in your experiment? If so what is the IP address of the agent?
10. Explain the purpose of the router and subnet mask lines in the DHCP offer message.
区分IP地址的类型。
11. In the DHCP trace file noted in footnote 2, the DHCP server offers a specific IP address to the client (see also question 8. above). In the client’s response to the first server OFFER message, does the client accept this IP address? Where in the client’s RESPONSE is the client’s requested address?
12. Explain the purpose of the lease time. How long is the lease time in your experiment?
lease time:客户机获得的IP地址能保持的时间。
上图表明可以持续1天。
13. What is the purpose of the DHCP release message? Does the DHCP server issue an acknowledgment of receipt of the client’s DHCP request? What would happen if the client’s DHCP release message is lost?
release message:释放租用的IP地址。
服务器没有发出客户端DHCP的接收确认。如果release message丢失,那么就会回收IP地址。
14. Clear the bootp filter from your Wireshark window. Were any ARP packets sent or received during the DHCP packet-exchange period? If so, explain the purpose of those ARP packets.
有ARP。通过广播检测IP是否发生冲突。