Created
February 20, 2015 01:20
-
-
Save tuxfight3r/f5fd7483967300273eed to your computer and use it in GitHub Desktop.
debugging dhcp session with tcpdump/dhcpdump
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@testserver01 ~]# tcpdump -lenx -s 1500 port bootps or port bootpc | dhcpdump | |
| tcpdump: verbose output suppressed, use -v or -vv for full protocol decode | |
| listening on eth0, link-type EN10MB (Ethernet), capture size 1500 bytes | |
| TCPdump 3.8.x output | |
| TIME: 15:54:23.478149 | |
| IP: > (00:50:56:94:00:01) > (Broadcast) | |
| OP: 1 (BOOTPREQUEST) | |
| HTYPE: 1 (Ethernet) | |
| HLEN: 6 | |
| HOPS: 0 | |
| XID: 57940001 | |
| SECS: 4 | |
| FLAGS: 7f80 | |
| CIADDR: 0.0.0.0 | |
| YIADDR: 0.0.0.0 | |
| SIADDR: 0.0.0.0 | |
| GIADDR: 0.0.0.0 | |
| CHADDR: 00:50:56:94:00:01:00:00:00:00:00:00:00:00:00:00 | |
| SNAME: . | |
| FNAME: . | |
| OPTION: 53 ( 1) DHCP message type 1 (DHCPDISCOVER) | |
| OPTION: 55 ( 24) Parameter Request List 1 (Subnet mask) | |
| 2 (Time offset) | |
| 3 (Routers) | |
| 5 (Name server) | |
| 6 (DNS server) | |
| 11 (Resource location server) | |
| 12 (Host name) | |
| 13 (Boot file size) | |
| 15 (Domainname) | |
| 16 (Swap server) | |
| 17 (Root path) | |
| 18 (Extensions path) | |
| 43 (Vendor specific info) | |
| 54 (Server identifier) | |
| 60 (Vendor class identifier) | |
| 67 (Bootfile name) | |
| 128 (???) | |
| 129 (???) | |
| 130 (???) | |
| 131 (???) | |
| 132 (???) | |
| 133 (???) | |
| 134 (???) | |
| 135 (???) | |
| OPTION: 57 ( 2) Maximum DHCP message size 1260 | |
| OPTION: 97 ( 17) UUID/GUID 00421403732bbd8f .B..s+.. | |
| e7e5d5fd1c8ce7a5 ........ | |
| 6c l | |
| OPTION: 93 ( 2) Client System 0000 .. | |
| OPTION: 94 ( 3) Client NDI 010201 ... | |
| OPTION: 60 ( 32) Vendor class identifier PXEClient:Arch:00000:UNDI:002001 | |
| --------------------------------------------------------------------------- | |
| TIME: 15:54:24.000937 | |
| IP: > (00:50:56:94:00:08) > (Broadcast) | |
| OP: 2 (BOOTPREPLY) | |
| HTYPE: 1 (Ethernet) | |
| HLEN: 6 | |
| HOPS: 0 | |
| XID: 57940001 | |
| SECS: 4 | |
| FLAGS: 7f80 | |
| CIADDR: 0.0.0.0 | |
| YIADDR: 10.2.0.67 | |
| SIADDR: 10.2.0.93 | |
| GIADDR: 0.0.0.0 | |
| CHADDR: 00:50:56:94:00:01:00:00:00:00:00:00:00:00:00:00 | |
| SNAME: . | |
| FNAME: /pxelinux.0. | |
| OPTION: 53 ( 1) DHCP message type 2 (DHCPOFFER) | |
| OPTION: 54 ( 4) Server identifier 10.2.0.93 | |
| OPTION: 51 ( 4) IP address leasetime 21600 (6h) | |
| OPTION: 1 ( 4) Subnet mask 255.255.255.0 | |
| OPTION: 3 ( 4) Routers 10.2.0.254 | |
| OPTION: 6 ( 4) DNS server 10.2.0.254 | |
| OPTION: 12 ( 3) Host name client | |
| --------------------------------------------------------------------------- | |
| TIME: 15:54:25.563625 | |
| IP: > (00:50:56:94:00:01) > (Broadcast) | |
| OP: 1 (BOOTPREQUEST) | |
| HTYPE: 1 (Ethernet) | |
| HLEN: 6 | |
| HOPS: 0 | |
| XID: 57940001 | |
| SECS: 4 | |
| FLAGS: 7f80 | |
| CIADDR: 0.0.0.0 | |
| YIADDR: 0.0.0.0 | |
| SIADDR: 0.0.0.0 | |
| GIADDR: 0.0.0.0 | |
| CHADDR: 00:50:56:94:00:01:00:00:00:00:00:00:00:00:00:00 | |
| SNAME: . | |
| FNAME: . | |
| OPTION: 53 ( 1) DHCP message type 3 (DHCPREQUEST) | |
| OPTION: 50 ( 4) Request IP address 10.2.0.67 | |
| OPTION: 55 ( 24) Parameter Request List 1 (Subnet mask) | |
| 2 (Time offset) | |
| 3 (Routers) | |
| 5 (Name server) | |
| 6 (DNS server) | |
| 11 (Resource location server) | |
| 12 (Host name) | |
| 13 (Boot file size) | |
| 15 (Domainname) | |
| 16 (Swap server) | |
| 17 (Root path) | |
| 18 (Extensions path) | |
| 43 (Vendor specific info) | |
| 54 (Server identifier) | |
| 60 (Vendor class identifier) | |
| 67 (Bootfile name) | |
| 128 (???) | |
| 129 (???) | |
| 130 (???) | |
| 131 (???) | |
| 132 (???) | |
| 133 (???) | |
| 134 (???) | |
| 135 (???) | |
| OPTION: 57 ( 2) Maximum DHCP message size 1260 | |
| OPTION: 54 ( 4) Server identifier 10.2.0.93 | |
| OPTION: 97 ( 17) UUID/GUID 00421403732bbd8f .B..s+.. | |
| e7e5d5fd1c8ce7a5 ........ | |
| 6c l | |
| OPTION: 93 ( 2) Client System 0000 .. | |
| OPTION: 94 ( 3) Client NDI 010201 ... | |
| OPTION: 60 ( 32) Vendor class identifier PXEClient:Arch:00000:UNDI:002001 | |
| --------------------------------------------------------------------------- | |
| TIME: 15:54:25.568186 | |
| IP: > (00:50:56:94:00:08) > (Broadcast) | |
| OP: 2 (BOOTPREPLY) | |
| HTYPE: 1 (Ethernet) | |
| HLEN: 6 | |
| HOPS: 0 | |
| XID: 57940001 | |
| SECS: 4 | |
| FLAGS: 7f80 | |
| CIADDR: 0.0.0.0 | |
| YIADDR: 10.2.0.67 | |
| SIADDR: 10.2.0.93 | |
| GIADDR: 0.0.0.0 | |
| CHADDR: 00:50:56:94:00:01:00:00:00:00:00:00:00:00:00:00 | |
| SNAME: . | |
| FNAME: /pxelinux.0. | |
| OPTION: 53 ( 1) DHCP message type 5 (DHCPACK) | |
| OPTION: 54 ( 4) Server identifier 10.2.0.93 | |
| OPTION: 51 ( 4) IP address leasetime 21600 (6h) | |
| OPTION: 1 ( 4) Subnet mask 255.255.255.0 | |
| OPTION: 3 ( 4) Routers 10.2.0.254 | |
| OPTION: 6 ( 4) DNS server 10.2.0.254 | |
| OPTION: 12 ( 3) Host name client | |
| --------------------------------------------------------------------------- |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment