Johnson 3.2 02 05 23

Objective: Understand broadcast domains on a layer 2 LAN

Goals:

  • Observe and explain the importance of ARP and layer 2 broadcasts

  • Understand the limitations of layer 2 LANs

  • Introduce the need for "routing" to connect LANs

  • Observe the impact on layer 2 headers (MAC Addresses) as packets cross from one LAN to another

Remember, for each lab your tech journal should include:

  • A brief (one sentence) summary describing what you did in the lab.

  • Any commands or instructions that you found useful and will need to use again in the future.

  • Any problems you ran into during the lab, and what troubleshooting steps you took to fix them.

  • Labs will also contain specific items to include or questions to answer within your tech journal. (For this lab, you'll find them at the very end of this document.)

I. Analyze Traffic to a Remote Network (different LAN)

  1. Open a Command Prompt (windows) or Terminal (Linux)

  2. Open wireshark and start a capture

  3. Back in the Command Prompt/Terminal- ping the Google Public DNS server (8.8.8.8)

  4. Stop Capture

  5. Deliverable 1: Analyze the ICMP Response from Google:

    • Answer: What is the source MAC address? What is the destination MAC address? (Hint: Data Link Layer Header)

Source: 00:0c:29:84:a4:ca

Destination: ec:13:db:c8:8e:81

    • Answer: Does the source MAC address look familiar from prior labs? Do you think it is the Google Server's MAC address?

      1. The source is our Virtual Machineโ€™s Mac address and the destination is the Juniper default gateway.

II. Examine both sides of a ping

  1. Find a partner in class and get their IP address.

  2. From your workstation, ping your partner's IP and make sure you get a response

  3. On your workstation, start a wireshark capture, ping your partner's IP, and stop the capture

  4. On your workstation, analyze the capture

    • Deliverable2: What are the source and destination MACs in the ping reply

  6. What is your partner's MAC address?

    • Deliverable3: Does the MAC address match the address from you traffic capture? If not - what do you think happened?

    • Yes this is the correct MAC address.

III: Capture both sides of the ping request

  1. Start a Wireshark capture on both PCs and let it run

  2. From a command prompt on your workstation, ping your partner's IP address

  3. Stop the captures on both Workstations

  4. Find and compare the ICMP traffic on both devices

  5. Deliverable4:

    1. On your workstation, what is the source and destination MACs from the pings?

    3. On your partner's workstation, what is the source and destination MACs from the pings?

    4. On my partnerโ€™s machine they are switched, their destination is my address and their source is their address.

  6. Deliverable5: Why do you think they are different?

    1. Because I am sending the ping request from my machine and my partner is sending the ping request from theirs.

Tech Journal

Deliverable 6: Add link to typed up tech journal notes.

  • Make sure you understand ARP

  • Make sure you know how to capture a packet and how to look through network traffic.

PreviousWeek 4NextLab 3.2 notes

Last updated