Marwadi University

Faculty of Engineering and Technology

Department of Information and Communication Technology
Subject: Computer Aim: Monitor the live/real time network and analyze the concepts of
Networks (01CT0503) various networking protocols like ARP, RARP, DHCP, HTTP, etc.

Experiment No: 12 Date: 18-11-2024 Enrolment No: 92200133021

Aim: Monitor the live/real time network and analyze the concepts of various networking protocols like
ARP, RARP, DHCP, HTTP, etc.

Address Resolution Protocol:

ARP (Address Resolution Protocol) is a network protocol used to map an IP address (logical address)
to a corresponding MAC address (physical address) within a local network. ARP operates at the Data
Link Layer (Layer 2) and is crucial for communication within a LAN (Local Area Network).

The ARP process involves the following steps:

1. Sending an ARP Request
• When a device (Host A) wants to communicate with another device (Host B) in the same
network, it checks its ARP table (a cached list of known IP-to-MAC address mappings).
• If Host A doesn’t find the MAC address of Host B in its ARP table, it sends a broadcast ARP
request.
o Broadcast means the request is sent to all devices on the LAN.
o Example ARP Request: "Who has IP 192.168.1.2? Tell 192.168.1.1."
2. Receiving an ARP Reply
• The device with the matching IP address (Host B) responds with an ARP reply, which includes
its MAC address.
o Example ARP Reply: "I have IP 192.168.1.2, and my MAC address is
00:14:22:01:23:45."
• This reply is sent directly (unicast) to the requesting device (Host A).
3. Updating the ARP Table
• Host A updates its ARP table with the new IP-to-MAC mapping.
• Host A can now use this information to send packets directly to Host B.
4. Communicating Data
• Once Host A knows Host B's MAC address, it can encapsulate the IP packet in an Ethernet
frame and send it to the destination device on the network.
 Marwadi University
Faculty of Engineering and Technology
Department of Information and Communication Technology
Subject: Computer Aim: Monitor the live/real time network and analyze the concepts of
Networks (01CT0503) various networking protocols like ARP, RARP, DHCP, HTTP, etc.

Experiment No: 12 Date: 18-11-2024 Enrolment No: 92200133021

ARP Packet Header

• Hardware type: Specifies the type of hardware address being used, typically Ethernet (1).
• Protocol type: Specifies the type of protocol address being used, typically IPv4 (0x0800).
• Hardware Address length: Specifies the length of the hardware address, usually 6 bytes for
Ethernet.
• Protocol Address length: Specifies the length of the protocol address, usually 4 bytes for IPv4.
• Opcode: Specifies the operation code:
o 1: ARP request
o 2: ARP reply
• Sender IP Address: The IP address of the device sending the ARP request or reply.
• Sender MAC Address: The MAC address of the device sending the ARP request or reply.
• Target IP Address: The IP address of the device being queried in an ARP request or the target
device in an ARP reply.
• Target MAC Address: The MAC address of the device being queried in an ARP request or the
target device in an ARP reply.

First select the Wireshark Select Wifi interface and Put the display filter of arp Then we would like to
remove our ARP map we can do that by opeing the command prompt as administrator type arp -d hit
enter it will remove the ARP data and system will put request for to ARP and we will see the pacakge in
Wireshark.
 Marwadi University
Faculty of Engineering and Technology
Department of Information and Communication Technology
Subject: Computer Aim: Monitor the live/real time network and analyze the concepts of
Networks (01CT0503) various networking protocols like ARP, RARP, DHCP, HTTP, etc.

Experiment No: 12 Date: 18-11-2024 Enrolment No: 92200133021

Here we can ARP request and reply

This is a request as the opcode is 1 and it’s broadcast

This is a reply as the opcode is 2. And we get the MAC address of target device that is
6c:ca:41:e9:1b:84 (6c:ca:41:e9:1b:84)
 Marwadi University
Faculty of Engineering and Technology
Department of Information and Communication Technology
Subject: Computer Aim: Monitor the live/real time network and analyze the concepts of
Networks (01CT0503) various networking protocols like ARP, RARP, DHCP, HTTP, etc.

Experiment No: 12 Date: 18-11-2024 Enrolment No: 92200133021

Reverse Address Resolution Protocol:

RARP stands for Reverse Address Resolution Protocol. It's a networking protocol that allows a device
to obtain its IP address by broadcasting its MAC address to a RARP server on the same network. This is
the opposite of the more common Address Resolution Protocol (ARP), which maps an IP address to a
MAC address.

Here's how RARP works:

1. Device boots up: A device without a preconfigured IP address boots up.

2. RARP request: The device broadcasts a RARP request packet containing its MAC address.

3. RARP server receives: The RARP server, which maintains a database of MAC addresses and
their corresponding IP addresses, receives the request.

4. RARP reply: The RARP server sends a RARP reply packet containing the device's IP address.

5. Device receives IP address: The device receives the RARP reply and obtains its IP address.

RARP has the same fromat as ARP with few chagnes such as operation field in either 3 or 4 ie. 3-RARP
request and 4-RARP reply.

There is no way for client PC to do RARP request and reply and in a established network. So I will be
using a thrid party file.

This is the broadcast request to find the devices IP from it’s MAC
 Marwadi University
Faculty of Engineering and Technology
Department of Information and Communication Technology
Subject: Computer Aim: Monitor the live/real time network and analyze the concepts of
Networks (01CT0503) various networking protocols like ARP, RARP, DHCP, HTTP, etc.

Experiment No: 12 Date: 18-11-2024 Enrolment No: 92200133021

This is the RARP reply for with the target IP address.

This was all about the ARP and RAPR protocol.

 Marwadi University
Faculty of Engineering and Technology
Department of Information and Communication Technology
Subject: Computer Aim: Monitor the live/real time network and analyze the concepts of
Networks (01CT0503) various networking protocols like ARP, RARP, DHCP, HTTP, etc.

Experiment No: 12 Date: 18-11-2024 Enrolment No: 92200133021

Dynamic Host Configuration Protocol (DHCP):

Dynamic Host Configuration Protocol (DHCP) is a network management protocol used to dynamically
assign an IP address to nay device, or node, on a network so they can communicate using IP (Internet
Protocol). DHCP automates and centrally manages these configurations. There is no need to manually
assign IP addresses to new devices. Therefore, there is no requirement for any user configuration to
connect to a DHCP based network.

DHCP does the following:

DHCP manages the provision of all the nodes or devices added or dropped from the network.

DHCP maintains the unique IP address of the host using a DHCP server.

It sends a request to the DHCP server whenever a client/node/device, which is configured to work with
DHCP, connects to a network. The server acknowledges by providing an IP address to the
client/node/device.

DHCP is also used to configure the proper subnet mask, default gateway and DNS server information
on the node or device.

DHCP uses a process known as DORA to assign IP addresses:

1. Discover

o The client broadcasts a DHCPDISCOVER message to find available DHCP servers.

o This message is sent to the network's broadcast address 255.255.255.255 using UDP port
67.

2. Offer

o One or more DHCP servers respond with a DHCPOFFER message.

o The offer contains an available IP address, subnet mask, gateway, lease duration, and
other configuration details.

3. Request

o The client selects one offer and sends a DHCPREQUEST message to indicate its
choice.

o The message also confirms that the client accepts the lease terms.

4. Acknowledge

o The server acknowledges the request with a DHCPACK message.

 Marwadi University
Faculty of Engineering and Technology
Department of Information and Communication Technology
Subject: Computer Aim: Monitor the live/real time network and analyze the concepts of
Networks (01CT0503) various networking protocols like ARP, RARP, DHCP, HTTP, etc.

Experiment No: 12 Date: 18-11-2024 Enrolment No: 92200133021

o This message finalizes the lease agreement, and the client can now use the assigned IP
address.

Releasing an IP Address (DHCP Release)

When a client no longer needs an IP address (e.g., shutdown, disconnect), it sends a DHCPRELEASE
message to the server.

• This informs the server that the client is relinquishing its assigned IP address, allowing the
server to make it available for others.

• Packet Details:

o Sent to the DHCP server directly.

o Contains the client's assigned IP and lease ID.

Now to analyse DHCP in Wireshark we will first realse our current DHCP ip and request a new one by
the commands ipconfig -release and ipconfig -renew
 Marwadi University
Faculty of Engineering and Technology
Department of Information and Communication Technology
Subject: Computer Aim: Monitor the live/real time network and analyze the concepts of
Networks (01CT0503) various networking protocols like ARP, RARP, DHCP, HTTP, etc.

Experiment No: 12 Date: 18-11-2024 Enrolment No: 92200133021

Now make sure when you type these commands make sure Wireshark is running and is on. After this
put dhcp in display filter and see that first DHCP package would be a release.

And the other 4 packages are DORA in the end of which we are assigned a IP for a time period
mentioned in lease time 1 hr.

So this was DHCP now

 Marwadi University
Faculty of Engineering and Technology
Department of Information and Communication Technology
Subject: Computer Aim: Monitor the live/real time network and analyze the concepts of
Networks (01CT0503) various networking protocols like ARP, RARP, DHCP, HTTP, etc.

Experiment No: 12 Date: 18-11-2024 Enrolment No: 92200133021

Hypertext Transfer Protocol(HTTP):

HTTP (Hypertext Transfer Protocol) is the foundational communication protocol of the World Wide
Web, enabling the transfer of data such as HTML documents, images, videos, and other resources
between a client (browser) and a server. It operates on a request-response model and is the backbone
of web communication.

HTTP Request

An HTTP Request is the data sent by a browser to load a webpage. Key components include:

• HTTP Version: Version of HTTP used (e.g., 1.1, 2.0).

• URL: Address of the resource.

• HTTP Method: Indicates the action (e.g., GET, POST).

• Headers: Key-value pairs with client information.

• Body: Data sent with the request (used in methods like POST).

HTTP Response

An HTTP Response is the server's reply to a request. Components:

• HTTP Status Code: Indicates the request's outcome (e.g., 200 OK, 404 Not Found).

• Headers: Metadata about the response (e.g., content type).

• Body: The actual content, like HTML for a webpage.

Here is HTTP reuest that is request page from http://example.com

 Marwadi University
Faculty of Engineering and Technology
Department of Information and Communication Technology
Subject: Computer Aim: Monitor the live/real time network and analyze the concepts of
Networks (01CT0503) various networking protocols like ARP, RARP, DHCP, HTTP, etc.

Experiment No: 12 Date: 18-11-2024 Enrolment No: 92200133021

We are getting the HTML text in the response.

Conclusion:

Through this practical exploration, I have delved into the working principles and live monitoring of key
networking protocols like ARP, RARP, DHCP, and HTTP using tools like Wireshark.
1. ARP and RARP:
I observed how ARP maps an IP address to a MAC address to facilitate communication within a
local network and the reverse process (RARP) to obtain an IP address from a MAC address.
Both protocols are essential for resolving addressing challenges in networks.
2. DHCP:
The DORA process demonstrates how DHCP dynamically assigns IP addresses to devices,
simplifying network configuration and ensuring efficient address management. Observing
DHCP packets highlights its role in IP leasing and renewal.
3. HTTP:
HTTP's request-response mechanism underpins web communication, enabling resource sharing
over the internet. By capturing HTTP packets, we gained insights into how clients interact with
servers to fetch resources.