1. NDI Communications - Engineering & Training
Network analysis Using Wireshark
Lesson 9 – ARP and IP Analysis
2. Page 2
Lesson Objectives
By the end of this lesson, the participant will be able to:
Understand ARP and IP
Isolate and fix basic IP/ARP networking problems
3. Page 3
Chapter Content
Analysing connectivity problems with ARP
Using IP traffic analysis tools
Finding fragmentation problems
Analysing routing problems
Finding duplicate IPs
Analysing DHCP problems
9. Page 9
IP Name Resolution
Source name and address Destination name and address
Reload
Source and
destination
presented in
their names
10. Page 10
Chapter Content
Analysing connectivity problems with ARP
Using IP traffic analysis tools
Finding fragmentation problems
Analysing routing problems
Finding duplicate IPs
Analysing DHCP problems
11. Page 11
What is Fragmentation
ID
=x
offset
=0
fragflag
=0
length
=4000
ID
=x
offset
=0
MF
=1
length
=1500
ID
=x
offset
=1480
MF
=1
length
=1500
ID
=x
offset
=2960
MF
=0
length
=1040
One large datagram fragmented to
several smaller ones
ID=X is equal to the
Whole frame
Fragment 1
Fragment 2
Fragment 3
DataDataData
Data
Original
packet
0
0
0
DF
=0
DF
=0
DF
=0
12. Page 12
When can Problems Accrue (Example)
PC2
S2S1
PC1
SP Network
Remote
office with
DB clients
Data Center
with DB
servers
IPSec & GRE Tunnel