Scribd
Upload
19 views15 pages

ARP-Lab Manual

Uploaded by

Ketan Shukla
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
19 views15 pages

ARP-Lab Manual

Uploaded by

Ketan Shukla
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

Address Resolution Protocol

(ARP)

1
© 2021 C-DAC, Hyderabad
Table of Contents
Objective 3

Prerequisites 3

Problem Statement 3

Summary 3

Fundamental Concepts 4

Template for each step 4


Step-1 : Open the Wireshark and start capturing packets 4
Step-2: Apply ifconfig command to know the IP address of the machines 5
Step3 : Apply ping command between two IP addresses 7
Step-4: Stop the Wireshark and save the captured traffic 8
Step-5: Analyze the ARP Packets 11
Analyze an ARP Request. 12
Analyze an ARP Reply 14

References 15

2
© 2021 C-DAC, Hyderabad
1. Objective

Understanding the structure of Ethernet packets using Packet Analyzer tools.

2. Prerequisites

Prerequisites Version

Tools required Wireshark

Operating System Linux/ Windows

3. Problem Statement

By capturing the Ethernet packets, the Ethernet header information is obtained about
the packets’ source and destination address, packet length.

4. Summary

Steps Description

Step 1 Open the Wireshark and start capturing packets

Step2 Apply ipconfig/ifconfig command to know the IP address


of the machines

Step3 Apply ping command between two IP addresses

Step4 Stop the Wireshark and save the captured traffic


3
© 2021 C-DAC, Hyderabad
Step5 Capture and Analyze Address Resolution Protocol (ARP)
traffic
● Analyze an ARP Request
● Analyze an ARP Reply

5. Fundamental Concepts

Introduction of Ethernet:
Ethernet is a Data Link Protocol, which controls the way data is transmitted over a
Local Area Network (LAN). It is specified in Standard, IEEE 802.3. Ethernet LAN
cards with speeds up to 100 Mbps while the fastest Ethernet speed is Gbps (1 Gbps =
1000 Mbps). Ethernet header is very simple to analyze.

Ethernet Header Format :

Cyclic

Destinati MAC Type Data redundancy


on

address Source MAC check (crc)


address

6 bytes 6 bytes 2 bytes (46-1500)byt 4 bytes


es

6. Template for each step

1. Step-1 : Open the Wireshark and start capturing packets


To open the Wireshark, go to the Top left corner, click on the icon to open the list of
the tools available. Then type wireshark in the search bar and click on the launch
button.

Click on this option to capture the N packets. This screen is shown below.

4
© 2021 C-DAC, Hyderabad
2. Step-2: Apply ifconfig command to know the IP address of the machines
For Linux operating systems use the ifconfig command. Apply ifconfig command to
know the IP addresses of the machines. By applying the ifconfig we obtain the
following details that are related to Layer3 (i.e Network layer).

To open command prompt, go to the top left corner of your screen; click on the
command prompt

5
© 2021 C-DAC, Hyderabad
6
© 2021 C-DAC, Hyderabad
Then type ifconfig command in the terminal the following output will be obtained.

3. Step3 : Apply ping command between two IP addresses


By applying the ping command we are able to analyze the connectivity between the IP
addresses.

Apply ping command in the command prompt to check the communication between
source and destination address.
Source address:172.17.0.4
Destination address: 10.244.10.239

In the below command prompt it is shown that from the source address of 172.17.0.4
ping command is given to the destination address of 10.244.10.239.

7
© 2021 C-DAC, Hyderabad
4. Step-4: Stop the Wireshark and save the captured traffic
Go to the Wireshark application. Stop the Wireshark and save the captured traffic

In order to save the captured network packets, go to the top left corner and click on
“File” followed by “save” .

8
© 2021 C-DAC, Hyderabad
Give any name to your file . Here we have given Traffic1 which is shown below:

9
© 2021 C-DAC, Hyderabad
Now select the extension as pcap by clicking on the drop-down beside the “save as”.
Choose the “wireshark/tcpdump- pcap” option and click on the “save” button.

10
© 2021 C-DAC, Hyderabad
5. Step-5: Analyze the ARP Packets

Observe the traffic captured in the top Wireshark packet list pane. Look for traffic with
ARP listed as the protocol. To view only ARP traffic, type arp in the Filter box and press
Enter. Select the first ARP packet.

11
© 2021 C-DAC, Hyderabad
a. Analyze an ARP Request.

Let's observe and Analyze an ARP Request. Observe the packet details in the middle
Wireshark packet details pane. Notice that it is an Ethernet II/ Address Resolution
Protocol frame.

Use ifconfig to display your computer's Physical Address.

12
© 2021 C-DAC, Hyderabad
Expand Ethernet II to view Ethernet details.
Observe the Destination field. Notice that the destination field is the Ethernet broadcast
address (FF:FF:FF:FF:FF:FF). All devices on the network will receive the ARP request.
Observe the Source field. This should contain your MAC address. You can use ipconfig
/all, getmac, or ifconfig to confirm.
Observe the Type field. Notice that the type is 0x0806, indicating ARP.

Expand Address Resolution Protocol (request) to view ARP details.


● Observe the Sender MAC address. Notice that the sender MAC address is your
MAC address.
● Observe the Sender IP address. Notice that the sender IP address is your IP
address.
● Observe the Target MAC address. Notice that the target MAC address is all zeros,
because the target MAC address is unknown at this point.

13
© 2021 C-DAC, Hyderabad
● Observe the Target IP address. Notice that the target IP address is the IP address
of the default gateway.

b. Analyze an ARP Reply


Select the second ARP packet. Observe the packet details in the middle Wireshark
packet details pane. Notice that it is an Ethernet II/ Address Resolution Protocol frame.
Confirm that in the middle packet details pane that the packet is labeled Address
Resolution Protocol (reply).

Expand Ethernet II to view Ethernet details.


● Observe the Destination field. Notice that the destination field is your MAC
address.
● Observe the Source field. This should be the MAC address of the default gateway.
● Observe the Type field. Notice that the type is 0x0806, indicating ARP.

14
© 2021 C-DAC, Hyderabad
Expand Address Resolution Protocol (reply) to view ARP details.
● Observe the Sender MAC address. Notice that the sender MAC address is the MAC
address of the default gateway.
● Observe the Sender IP address. Notice that the sender IP address is the IP
address of the default gateway.
● Observe the Target MAC address. Notice that the destination MAC address is your
MAC address.
● Observe the Target IP address. Notice that the destination IP address is your IP
address.

7. References
● https://www.wireshark.org/

15
© 2021 C-DAC, Hyderabad

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy