TCIF - Analisa Paket DHCP Menggunakan Wireshark

Introduction

This tutorial guides you through analyzing DHCP packets using Wireshark, a powerful network protocol analyzer. Understanding DHCP packet analysis is crucial for troubleshooting network issues and ensuring proper network configuration. By following these steps, you'll learn how to capture and interpret DHCP packets effectively.

Step 1: Setting Up Wireshark

• Download and Install Wireshark

  • Visit the Wireshark website and download the latest version compatible with your operating system.
  • Follow the installation instructions specific to your OS.

• Open Wireshark

  • Launch the application after installation is complete.

Step 2: Capturing DHCP Packets

• Select the Network Interface

  • In Wireshark, choose the correct network interface to monitor. This is usually the one connected to your local network (e.g., Wi-Fi or Ethernet).

• Start the Capture

  • Click on the interface name to begin capturing packets. You will see a live feed of network traffic.

• Apply Display Filter

  • To focus on DHCP packets, enter the following filter in the filter bar:

    bootp
    

  • Press Enter to apply the filter. This will limit the displayed packets to only those related to DHCP.

Step 3: Analyzing DHCP Packets

• Identify Key Packet Types

  • Look for the following DHCP message types:
    • DHCP Discover
    • DHCP Offer
    • DHCP Request
    • DHCP Acknowledgment

• Examine Packet Details

  • Click on each packet to view its details in the lower pane. Pay attention to:
    • Source and Destination IP addresses
    • Transaction ID
    • Client MAC Address

• Follow the DHCP Transaction Flow

  • Use the "Follow" feature to view the sequence of DHCP messages exchanged between the client and server. This helps in understanding the lease assignment process.

Step 4: Troubleshooting Common Issues

• No Response to DHCP Discover

  • Ensure the DHCP server is operational.
  • Check network connectivity between the client and server.

• DHCP Offer Not Received

  • Verify that the correct DHCP scope is configured on the server.
  • Check for any network segmentation issues.

• DHCP Lease Issues

  • Inspect the lease duration and ensure clients are renewing leases appropriately.

Conclusion

In this tutorial, you learned how to set up Wireshark for capturing and analyzing DHCP packets. By following the steps outlined, you can troubleshoot DHCP-related issues efficiently. Remember to regularly practice packet analysis to enhance your skills and become more proficient in network diagnostics. For further learning, consider exploring other network protocols and their analysis methods using Wireshark.