1. DHCP messages are sent over UDP.
3. 58:6d:8f:0f:dd:9f
4. The identification value seems to be the only thing that differentiates the messages.
5. The transaction ID value of the first set is: 0x868096c4
The transaction ID value of the second set is: 0x44575b0c
The purpose of the transaction ID seems to be a way for the messages to stay grouped together.
6. The value used until an IP address is assigned appears to be 0.0.0.0.
Discover: Source: 0.0.0.0 Destination: 255.255.255.255
Offer: Source: 10.33.37.126 Destination: 10.33.37.45
Request: Source: 0.0.0.0 Destination: 255.255.255.255
ACK: Source: 10.33.37.126 Destination: 10.33.37.45
7. 10.40.4.45
8. 10.33.37.45. The DHCP offer message contains it.
9. The fact that the relay agent's address in the screenshot is 0.0.0.0 indicates that there isn't one. My experiment does contain a relay agent. The address of it is: 10.33.37.126.
10. The subnet mask and router lines in the frame are necessary to correctly route the data to my computer.
11. The same thing happens. The IP address is requested.
12. The "lease time" refers to how long you can use that particular IP address. The lease time on my current IP address is one day.
13. The release packet signifies that the host wants to stop using that particular IP address. There is no acknowledgement for a release packet. If the packet wasn't received, you would just continue using your existing IP address.
14. There was a large amount of ARP packets present.
No comments:
Post a Comment