Task $3$: Wireshark: Investigating DHCP Traffic $($LO$2\_$Models$)$

Scenario: DHCP $($Dynamic Host Configuration Protocol$)$ is a network management protocol used to automate the process of configuring devices on IP networks. This allows devices to receive an IP address, subnet mask, default gateway, and other network settings automatically from a DHCP server, without the need for manual configuration.

You are a network administrator troubleshooting DHCP issues in your company's network. Users are reporting that they are not receiving IP addresses, leading to connectivity problems. Your task is to capture and analyse DHCP traffic using Wireshark to identify any issues with the DHCP process.

Objective:

Capture and analyse DHCP traffic to diagnose common DHCP issues, such as failure to obtain IP addresses, DHCP server unavailability, or misconfigurations.

Instructions:

$$ Open Wireshark and select the appropriate network interface $($such as Wi$-$Fi or Ethernet$).$ And start capturing traffic by clicking "Start."

$$ To generate DHCP traffic on a Mac, go to System Settings $>$ Network, select your active network connection, and click "Renew DHCP Lease." Then apply and repeat multiple times to produce DHCP traffic. This will prompt your Mac to request a new IP address from the DHCP server, triggering the DHCP process.

$$ In windows, Press Win $+$ R to open the Run dialog box. Then Type $$cmd$$ and press Enter, then type $$ipconfig$/$release$,$ipconfig$/$renew$.$

$$ Use the display filter $`$DHCP$`$ in the Wireshark filter bar to isolate DHCP traffic.

$$ Identify Key DHCP Transactions:

$$ Look for the key DHCP messages:

$$ DHCP Discover: Sent by clients to find available DHCP servers.

$$ DHCP Offer: Sent by servers to offer IP addresses to clients.

$$ DHCP Request: Sent by clients to request the offered IP address.

$$ DHCP ACK: Sent by servers to acknowledge the IP address assignment.

Requirements:

Identify any DHCP Discover packets in the capture. What is the purpose of these packets?

Find a complete DHCP handshake $($Discover$,$ Offer, Request, ACK$).$ Are there any missing packets in the sequence? What might cause these missing packets?

What is the IP address of the DHCP server, and is it responding reliably to requests?

Identify any DHCP NAK $($Negative Acknowledgment$)$ packets. What might cause a DHCP server to send a NAK?

Are there any DHCP Decline packets? What do these indicate?

Analyze the lease time offered by the DHCP server. Is it appropriate for the network environment?

What options $($like DNS servers, default gateway, etc.$)$ are provided by the DHCP server? Are these correctly configured?

What is the lease time?

What is the broadcast address for your network?

What is the subnet mask for your network?