Scribd
Upload
16 views15 pages

UDP-Lab Manual

Uploaded by

Ketan Shukla
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
16 views15 pages

UDP-Lab Manual

Uploaded by

Ketan Shukla
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

User Datagram Protocol

(UDP)

1
© 2021 C-DAC, Hyderabad
Table of Contents
Objective 2

Prerequisites 3

Problem Statement/Case 3

Summary 3

Fundamental concepts 4

Template for each step 4


Step-1: Capture the real time network traffic using Wireshark 4
Open Wireshark Application 4
Select the network interface 6
Step-2: Apply nslookup command in Terminal 8
Step-3: Stop the Wireshark and save the captured traffic 8
Step-4: Analyze UDP Protocol with Domain Name System 11
Analyze First DNS Traffic 11
Analyze Second DNS Traffic 13

References 15

2
© 2021 C-DAC, Hyderabad
1. Objective

Understanding UDP header fields using Packet Analyzer tools.

2. Prerequisites

Prerequisites Version

Tools required Wireshark

Operating System Linux/ Windows 10

3. Problem Statement/Case

The UDP (User Datagram Protocol) is a communications protocol that is primarily used
for establishing connections between applications on the internet.
Here wireshark is used to read the UDP header packet structure. UDP wraps datagram
with a UDP header. The fields in a UDP header are: Source port and destination port of
the device sending the data.

4. Summary

Steps Description

Step-1 Capture the real time network traffic using Wireshark


● Open the wireshark
● Select the network interface

Step-2 Apply nslookup command in Terminal

Step-3 Stop the Wireshark and save the captured traffic

3
© 2021 C-DAC, Hyderabad
Step-4 Analyze UDP Protocol with Domain Name System
● Analyze First DNS Traffic
● Analyze Second DNS Traffic

5. Fundamental concepts

Introduction of UDP:

UDP is simple to analyze because it is having a 8 byte header and also it doesn’t
guarantee the delivery of packets. UDP is a connectionless protocol and the

applications like DHCP, DNS that run on top of the UDP have to provide their own
acknowledging and sequencing, retry timers and timeout values. In order to analyze the
UDP headers, DHCP server is configured in windows server 10 machine and windows
8.1 is acquiring an ip address. And in the process of acquiring the ip address the DHCP
packets flowing through the network use UDP in the transport layer.

UDP Header format :

Source port(16 bits) Destination port(16 bits)

Length(16 bits) Checksum(16 bits)

Data

6. Template for each step

1. Step-1: Capture the real time network traffic using Wireshark


a. Open Wireshark Application

To open the wireshark go to the Top left corner, click on the icon to open the list of
the tools available.

4
© 2021 C-DAC, Hyderabad
Then type wireshark in the search bar and click on the launch button.

5
© 2021 C-DAC, Hyderabad
b. Select the network interface

select eth0 interface to start capturing the data and Click on this option to
capture the N packets. This screen is shown below.

6
© 2021 C-DAC, Hyderabad
Once you will click on the capture button, packet capturing will start. The packets
capturing screen is shown below.

7
© 2021 C-DAC, Hyderabad
2. Step-2: Apply nslookup command in Terminal
To open the command prompt go to the top left corner of your screen, click on
“Applications”and then select “Terminal Emulator”. Execute the “nslookup 8.8.8.8”
command in the terminal.

3. Step-3: Stop the Wireshark and save the captured traffic


Go to the wireshark application. Stop the Wireshark and save the captured traffic

8
© 2021 C-DAC, Hyderabad
In order to save the captured network packets. Go to the top left corner and click
on “File” followed by “save” .

Give any name to your file . Here we have given Traffic1 which is shown below:

9
© 2021 C-DAC, Hyderabad
Now select the extension as pcap by clicking on the drop down beside the
“save as”. Choose the “wireshark/tcpdump- pcap” option and click on the
“save” button.

10
© 2021 C-DAC, Hyderabad
4. Step-4: Analyze UDP Protocol with Domain Name System
Observe the traffic captured in the top Wireshark packet list pane. To view only UDP
traffic related to the DNS type udp.port == 53 (lower case) in the Filter box and press
Enter.

a. Analyze First DNS Traffic


Select the first DNS packet, labeled Standard query.

11
© 2021 C-DAC, Hyderabad
Observe the packet details in the middle Wireshark packet details pane. Notice that it is
an Ethernet II / Internet Protocol Version 4 / User Datagram Protocol / Domain Name
System (query) frame.

Expand Ethernet II to view Ethernet details.


● Observe the Destination and Source fields. The destination should be your DNS
server's MAC address if it is local, or your default gateway's MAC address if the
DNS server is remote. The source should be your MAC address. You can use
ifconfig to confirm.

Expand Internet Protocol Version 4 to view IP details.


● Observe the Source address. Notice that the source address is your IP address.
● Observe the Destination address. Notice that the destination address is the DNS
server IP address.

12
© 2021 C-DAC, Hyderabad
Expand User Datagram Protocol to view UDP details.
● Observe the Source port. Notice that it is a dynamic port selected for this DNS
query.
● Observe the Destination port. Notice that it is domain (53), the DNS server port.

b. Analyze Second DNS Traffic


In the top Wireshark packet list pane, select the second DNS packet, labeled Standard
query response.

13
© 2021 C-DAC, Hyderabad
Observe the packet details in the middle Wireshark packet details pane. Notice that it is
an Ethernet II / Internet Protocol Version 4 / User Datagram Protocol / Domain Name
System (response) frame.

Expand Ethernet II to view Ethernet details.


● Observe the Destination and Source fields. The destination should be your MAC
address and the source should be your DNS server's MAC address if it is local, or
your default gateway's MAC address if the DNS server is remote.

Expand Internet Protocol Version 4 to view IP details.


● Observe the Source address. Notice that the source address is the DNS server IP
address.
● Observe the Destination address. Notice that the destination address is your IP
address.

Expand User Datagram Protocol to view UDP details.


● Observe the Source port. Notice that it is domain (53) the DNS server port.

14
© 2021 C-DAC, Hyderabad
● Observe the Destination port. Notice that it is the same dynamic port used to
make the DNS query in the first packet.

7. References
● https://www.wireshark.org/

15
© 2021 C-DAC, Hyderabad

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy