Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    4.16. Lab Activities

    4.16.1. Activity 1—Determining Your IP Address and Your Default Gateway

    Materials: A Windows computer with a network connection

    1. In Windows, click the Start button.

    2. In the run box, type cmd and press Enter. A command window opens.

    3. Type ipconfig /all. This will display the IP address of your computer. The output will be similar to the following. This shows your IP address and the address of the default gateway.

      Windows IP Configuration

Mini-PCI Express Adapter
   Physical Address. . . . . . . . . : 00-22-68-90-D5-DB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.15.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.15.1
   DHCP Server . . . . . . . . . . . : 192.168.15.1
   DNS Servers . . . . . . . . . . . : 24.56.123.4
                                       106.12.34.56
   NetBIOS over Tcpip. . . . . . . . : Enabled

    4.16.2. Activity 2—Examining the ARP Table

    Materials: A Windows computer with a network connection

    1. In the command window, type arp -a. This will provide the same output shown in Figure 4-6. This gives an idea about nodes on the network with whom the computer has recently communicated.

    2. Record the IP addresses you see in this table, as you’ll need them later.

    4.16.3. Activity 3—Packet Capture

    Materials: A Windows computer with a network connection and packet capture software

    1. To capture the ARP traffic, first clear the ARP table or cache. To do this, type arp -d * in the command window, then type arp -a to verify there are no entries.

    2. In Wireshark, select your adapter and start a capture.

    3. Back in the command window, ping one of the nodes previously listed in the ARP table. In the capture window, you should see the ARP request and ARP reply. These will be followed by the ICMP traffic. In pinging the default gateway, you may see the return ARP. That is, after pinging the gateway and seeing the associated traffic, the gateway generates its own ARP request directed back to you.

    4.16.4. Activity 4—Gratuitous ARP

    Materials: A Windows computer with a network connection, packet capture software, and a DHCP server like a Linksys router

    To see a node ARPing for itself, typically the best time is right after an exchange with the DHCP server. This can be done on startup or by forcing the node to go through the IP address release and renewal process.

    1. Start another capture.

    2. In the command window type ipconfig /release. This forces the node to give up its IP address.

    3. In the command window type ipconfig /renew. This causes the node to ask for an IP address again.

    4. After the DHCP exchange has completed, you should see your node ARP for the very IP address it was assigned during the exchange. This is the gratuitous ARP.

    4.16.5. Activity 5—How Long Does an ARP Table Entry Live?

    Materials: A Windows computer with a network connection

    1. In the command window, type arp -a to show the other nodes on the network.

    2. Ping one of these nodes to refresh the ARP table entry.

    3. At an interval of about 30 seconds, repeat the command arp -a until the entry disappears from the ARP table. How long did it take?