handysuper.blogg.se - Determine ip and mac header information for a data packet

#Determine ip and mac header information for a data packet Pc
#Determine ip and mac header information for a data packet windows

Is the source MAC address the same as the one recorded from Part 1 for the local PC? _ The destination MAC address is from the default gateway because this is the last stop before this query exits the local network.

#Determine ip and mac header information for a data packet Pc

The source MAC address is from your local PC because your local PC originated the DNS query. The Ethernet II line displays the source and destination MAC addresses.This is the number of bytes to send a DNS query to a name server requesting the IP addresses of In the first line in the packet details pane, frame 15 had 74 bytes of data on the wire.The protocol entries are highlighted in gray. The protocols in this query are displayed in the packet details pane (middle section) of the main window. In this example, Wireshark capture frame 15 in the packet list pane is selected for analysis. Step 2: Examine a UDP segment using DNS query.Įxamine the UDP by using a DNS query for as captured by Wireshark. In the packet list pane (top section) of the main window, locate the packet that includes Standard query and A See frame 15 as an example.If this does not resolve the issue, type nslookup in the command prompt window as an alternative to the web browser. Restart the Wireshark capture and repeat the instructions in Part 2b –2e. In the command prompt window, type ipconfig /flushdns to remove all previous DNS results. Note: If you do not see any results after the DNS filter was applied, close the web browser. In the Wireshark main window, type dns in the entry area of the Filter toolbar and press Enter.In Part 3, you will examine the UDP packets that were generated when communicating with a DNS server for the IP addresses for Step 1: Filter DNS packets.

Part 3: Analyze Captured DNS or UDP Packets

Click Stop to stop the Wireshark capture when you see the Google home page.Open a web browser and type Press Enter to continue.

After selecting the desired interface, click Start to capture the packets.Select (highlight) the active capturing interface. Select an interface for Wireshark to capture packets.

#Determine ip and mac header information for a data packet windows

Click the Windows Start button and navigate to the Wireshark program.

In Part 2, you will set up Wireshark to capture DNS query and response packets to demonstrate the use of the UDP transport protocol while communicating with a DNS server. The information will be used in parts of this lab with packet analysis. Record this information in the table provided. In Part 1, you will use the ipconfig /all command on your local PC to find and record the MAC and IP addresses of your PC network interface card (NIC), the IP address of the specified default gateway, and the DNS server IP address specified for the PC. Required Resourcesġ PC (Windows 7, 8, or 10 with command prompt access, internet access, and Wireshark installed) Part 1: Record a PC’s IP Configuration Information If using a packet sniffer is an issue, the instructor may wish to assign the lab as homework or perform a walk-through demonstration. It is recommended that permission be obtained before running Wireshark for this lab. This lab assumes that you have internet access.Īnswers Note: Using a packet sniffer, such as Wireshark, may be considered a breach of the security policy of the school. Note: This lab cannot be completed using Netlab. You will use Wireshark to examine the DNS query and response exchanges with the same server. In this lab, you will communicate with a DNS server by sending a DNS query using the UDP transport protocol. DNS queries and responses are very small and do not require the overhead of TCP. UDP is connectionless and does not require a session setup as does TCP. Your PC DNS server query and the DNS server response make use of the User Datagram Protocol (UDP) as the transport layer protocol. When you type a website URL into your browser, your PC performs a DNS query to the DNS server IP address. DNS is a distributed network of servers that translates user-friendly domain names like to an IP address. If you have ever used the internet, you have used the Domain Name System (DNS). Part 3: Analyze Captured DNS or UDP Packets Background / Scenario Part 2: Use Wireshark to Capture DNS Queries and Responses Part 1: Record the IP Configuration Information of a PC 9.2.3.5 Lab – Using Wireshark to Examine a UDP DNS Capture Answers Lab – Using Wireshark to Examine a UDP DNS Capture ( Answers Version)Īnswers Note: Red font color or gray highlights indicate text that appears in the instructor copy only.