prev
next
out of 7

CST 3607 ARP lab

Embed Size (px)

Citation preview

  • 8/12/2019 CST 3607 ARP lab

    1/7

    3607

    Arp Lab

    STEP 1Ran IPconfigresults:

    IP address: 192.168.5.100Subnet Mask: 255.255.255.0Default Gateway: 192.168.5.1

    Typed arpaThis command gave me a list of all the devices with a NIC, their IP address, and

    their MAC address. I also see a broadcast IP, and other IP address that begin with 239 and

    another one beginning with 224.

    1.1 What entries if any are in the ARP table?

    C:\windows\system32>arp -a

    Interface: 192.168.5.100 --- 0xe

    Internet Address Physical Address Type

    192.168.5.1 00-18-f8-43-85-66 dynamic192.168.5.105 e8-92-a4-ed-9e-2f dynamic

    192.168.5.109 bc-3b-af-21-b4-18 dynamic

    192.168.5.110 58-b0-35-03-32-52 dynamic192.168.5.111 4c-b1-99-60-2c-a4 dynamic

    192.168.5.114 30-f7-c5-1a-37-b3 dynamic

    192.168.5.116 28-37-37-a0-21-f3 dynamic

    192.168.5.118 a8-e3-ee-0c-c0-c8 dynamic192.168.5.119 00-22-43-4e-f4-21 dynamic

    192.168.5.255 ff-ff-ff-ff-ff-ff static

    224.0.0.2 01-00-5e-00-00-02 static224.0.0.252 01-00-5e-00-00-fc static

    224.0.0.253 01-00-5e-00-00-fd static

    239.192.83.80 01-00-5e-40-53-50 static239.192.152.143 01-00-5e-40-98-8f static

    239.255.255.250 01-00-5e-7f-ff-fa static

    255.255.255.255 ff-ff-ff-ff-ff-ff static

    1.2 Why are there entries or no entries?

    There are entries because the ARP, or Address Resolution Protocol, is used to convert IP

    addresses into a physical address. It resolves network layer addresses into link layer addresses.What ARP -a does is it displays current ARP entries by interrogating the current protocol data. If

    more than one network interface uses ARP, entries for each ARP table are displayed.

    STEP 2:

  • 8/12/2019 CST 3607 ARP lab

    2/7

    Running WiresharkCapture Interface Atheros

    On my Arpa table, there is no 192.168.5.111 so I pinged it.

    C:\windows\system32>ping 192.168.5.111

    Pinging 192.168.5.111 with 32 bytes of data:Request timed out.Request timed out.

    Request timed out.

    Request timed out.

    Ping statistics for 192.168.5.111:

    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

    On my Wireshark capture, there was a ARP request for who has 19.168.5.111 and a reply came

    back with a MAC address.

    Upon giving the command ARPa again, at a glance right under 192.168.5.110 was

    192.168.5.111 and with the same MAC address from the Wireshark capture.

    2.1 Why might the first ping take longer than the rest?

    The first ping might take longer than the rest because it has to find the path first by asking

    around. Once a path has been found, the rest follow.

  • 8/12/2019 CST 3607 ARP lab

    3/7

    Step 3:

    1ARP Ethernet & ARP Request

    2. ARP Ethernet & ARP Reply

    3.1 For both the ARP request and ARP reply explain each field in the Ethernet frame and

    in the ARP packet.

    The Ethernet frame in the request displays a broadcast message that was sent to all the devices in

    the network to see who has the IP address 192.168.5.111. It carries the source MAC address of

    the sender. The destination field has Broadcast (ff:ff:ff:ff:ff:ff) and it is the MAC address to the255.255.255.255 IP address which is the broadcast for my network. The address: Broadcast

    (ff:ff:ff:ff:ff:ff) is the source or destination hardware address. The source field has the

    information of the sending device. It has the MAC address of the machine I used to make theARP request. And underneath that, it informs what type it is.

    The Address Resolution Protocol packet header has a hardware type: field which describes thelayer 2 type used. In this case its Ethernet. The protocol type is the higher-layer protocol for

  • 8/12/2019 CST 3607 ARP lab

    4/7

    which the ARP request is being used (IP). The Hardware size tells the length of the hardware

    address in use. It is 6 bytes for Ethernet. The protocol size tells the length of the logical address

    of the specified protocol type. It is 4 for Ethernet. But these two fields are one byte each. The

    OpCode is the operation code which tells the function of the ARP packet which would be request(1) or reply (2). The sender MAC address and IP address belong to the senders machine and the

    target MAC address is left blank because this value is unknown. The target IP address is knownsince it is the address I pinged.

    In the ARP reply, the Ethernet header has fields Destination & Address, both values are the

    MAC address of my machine (initially the sender, now the receiver). The source field tells theMAC address of the sender of the ARP reply.

    The Address Resolution Protocol packet will have the same information from Hardware type to

    Protocol Size. The Opcode is different this time as this is a reply to my request. This ARP reply

    came from the 4c:b1:99:60:2c:a4 MAC address with the IP address that I asked about. The targetMAC and IP address are both the machine I am using.

    3.2 Explain why the ARP process needed to take place.

    The ARP processes need to take place because MAC addresses are used for

    communication on a single network at layer 2.

    3.3 Explain the reason why the ARP request is a broadcast and the ARP reply is a unicast.

    The ARP requests are broadcast because the sender doesnt know the MAC address thatbelongs to the IP address pinged. Therefore, it sends a message to broadcast ff:ff:ff:ff:ff:ff asking

    every device its IP address and MAC address. The reply comes from the machine whose IP

    matches the one requested and sends a reply message to the source machine. This is considered a

    unicast because it is sent to only one device.

    STEP 4:

    C:\windows\system32>arp -d

    C:\windows\system32>arp -a

    Interface: 192.168.5.100 --- 0xe

    Internet Address Physical Address Type

    192.168.5.1 00-18-f8-43-85-66 dynamic

    After deleting my ARP table, I verified an empty table and then pinged www.google.com

  • 8/12/2019 CST 3607 ARP lab

    5/7

    STEP 5:1. Img of wireshark capture after pinging www.google.com

    5.1 Explain why the ARP request was for the default gateway and not the IP address of the

    ping. How did the host decide this?

    The ARP request was for the default gateway and not the IP address of the ping because

    when an address that is not in my network is pinged, it automatically sends the request to the

    default gateway which is my router because it will have another table that connects the outernetworks to my network.

    6.1 What is the command to create a static ARP entry? Create a static ARP entry to

    another device on the local network. Show the commands and the outputs. What is the

    advantage of a static ARP entry?

    The command to create a static ARP entry is: ARPs [IP address] [MAC address]

    The advantage of a static ARP entry is that it will never change. This should be used for

    commonly-used devices so that there is no need to create a map to the desired device over andover again.

    6.2 How long does ARP entries stay in the ARP table? Is this dependent upon the

    Operating System?

    It is dependent on whether the device is statically or dynamically stored. Static ARP

    entries remain in the cache permanently, whereas dynamic ARP entries are only kept for a periodof time.

  • 8/12/2019 CST 3607 ARP lab

    6/7

  • 8/12/2019 CST 3607 ARP lab

    7/7

    Identify the first two packets that are ARP packets.

    For packets that are ARP packets fill in the following information. Convert the IP

    numbers to dotted decimal. Arp operation names are request and reply.

    Packet ___ARP_______

    Layer 2 Dest address e8:40:f2:e0:26:69___ Layer 2 Src Address __4c:b1:99:60:2c:a4__Layer 2 code for encapsulated data ___Frame________________

    Hardware Type ___Ethernet__ Layer 3 Protocol Type _____IP______

    Hardware Addr Length __6____ Layer 3 Addr Length ____4____________

    Arp Operation Code and Name _Code:2__________ _______Reply________Sender Hardware address ______4c:b1:99:60:2c:a4____________

    Sender IP address ___11000000(192)__. _10101000(168)_. _00000101(5)__._01101111(111)_

    Target Hardware Address ____ e8:40:f2:e0:26:69_______________

    Target IP Address 11000000(192)__. _10101000(168)._00000101(5)._ 01100100_(100)

    Packet ___ARP_______Layer 2 Dest address _ff:ff:ff:ff:ff:ff__ Layer 2 Src Address e8:40:f2:e0:26:69__

    Layer 2 code for encapsulated data FRAME__

    Hardware Type __Ethernet (1)_ Layer 3 Protocol Type ____IP______

    Hardware Addr Length __6________ Layer 3 Addr Length ___4_____________Arp Operation Code and Name _Code:1____________ ___Request_________

    Sender Hardware address __ e8:40:f2:e0:26:69______________________________________

    Sender IP address 11000000(192)__. _10101000(168)._00000101(5)._ 01100100_(100)

    Target Hardware Address ____ ff:ff:ff:ff:ff:ff _

    Target IP Address 11000000(192)__. _10101000(168)_. _00000101(5)__._00000001(1)


BOWNESS ARP

BOWNESS ARP

Documents
Harshad Arp

Harshad Arp

Documents
ARP Presentation_Arjit_Rahul_shasanka.ppt

ARP Presentation_Arjit_Rahul_shasanka.ppt

Documents
ARP-2215AP-G00 ARP-2217AP-G00 ARP-2219AP-G00 ARP … › products › _download › _manual...The ARP-2200AP-G00 Series touch panel computer can be placed on a shelf, table, or mounted

ARP-2215AP-G00 ARP-2217AP-G00 ARP-2219AP-G00 ARP … › products › _download › _manual...The ARP-2200AP-G00 Series touch panel computer can be placed on a shelf, table, or mounted

Documents
理解 ARP 及proxy ARPcourse.rzpt.cn/uploads/resources/118/2018-12-10/1544430308_2365661.pdf · ARP ARP Proxy 2.2 Proxy ARP ARP (Address Resolution Protocol) IP MAC ARP ARP IP MAC

理解 ARP 及proxy ARPcourse.rzpt.cn/uploads/resources/118/2018-12-10/1544430308_2365661.pdf · ARP ARP Proxy 2.2 Proxy ARP ARP (Address Resolution Protocol) IP MAC ARP ARP IP MAC

Documents
Arp Catalog

Arp Catalog

Documents
fm.roll no-3607

fm.roll no-3607

Documents
ARP Proposal

ARP Proposal

Documents
S#arp Architecture Documentation · S#arp Architecture Documentation Release 2.1rc S#arp Architecture team October 10, 2016

S#arp Architecture Documentation · S#arp Architecture Documentation Release 2.1rc S#arp Architecture team October 10, 2016

Documents
Acacia,llc grace community united methodist church-3607

Acacia,llc grace community united methodist church-3607

Spiritual
ARP Basics (ARP picture book-1 from VisualLand Animations)

ARP Basics (ARP picture book-1 from VisualLand Animations)

Documents
last grade 3607-11-2012-mpm

last grade 3607-11-2012-mpm

Documents
HMC8015 bro en 3607-3374-12 v0101

HMC8015 bro en 3607-3374-12 v0101

Documents
Presenting 3607 Denise Drive

Presenting 3607 Denise Drive

Documents
Chapter5 ARP

Chapter5 ARP

Documents
GSA 3607 - Motor Vehicle Operator's License and Driving Record

GSA 3607 - Motor Vehicle Operator's License and Driving Record

Documents
Arp portfolio

Arp portfolio

Documents
Arp conference

Arp conference

Real Estate
Phase I Environmental Site Assessment 3607 and 3609 Spenard

Phase I Environmental Site Assessment 3607 and 3609 Spenard

Documents
3607 THE IMPACT OF COMFORT CONTROL ON AIR …

3607 THE IMPACT OF COMFORT CONTROL ON AIR …

Documents
Tower, HH119 V112, 0028-3607.V0.pdf

Tower, HH119 V112, 0028-3607.V0.pdf

Documents
ARP Poisoning

ARP Poisoning

Documents
WARTA KERAJAAN PERSEKUTUAN 9 2019 3607

WARTA KERAJAAN PERSEKUTUAN 9 2019 3607

Documents
ARP Guide - arp-15-mt-book.pdf

ARP Guide - arp-15-mt-book.pdf

Documents
3607 Parkway Lane BOV

3607 Parkway Lane BOV

Documents
ARP Report

ARP Report

Documents
Course: Physical Handicaps-I SEMESTER: AUTUMN, 2018 (3607)

Course: Physical Handicaps-I SEMESTER: AUTUMN, 2018 (3607)

Documents
ARP Address Resolution Protocol ARP Sécurité ? Requête ARP Réponse ARP

ARP Address Resolution Protocol ARP Sécurité ? Requête ARP Réponse ARP

Documents
ARP Scenarios CIS 81 and CST 311 Rick Graziani Fall 2005

ARP Scenarios CIS 81 and CST 311 Rick Graziani Fall 2005

Documents
CST Ladder Systems - CST Industries

CST Ladder Systems - CST Industries

Documents