The session begins with an ARP query for the MAC address of the gateway router, followed by four ping requests and replies. A filter has been applied to Wireshark to view the ARP and ICMP protocols only. The Wireshark capture below shows the packets generated by a ping being issued from a PC host to its default gateway. Type Data FCS 8 Bytes 6 Bytes 6 Bytes 2 Bytes 46 – 1500 Bytes 4 Bytes Step 2: Examine Ethernet frames in a Wireshark capture. Step 1: Review the Ethernet II header field descriptions and lengths. A Wireshark capture will be used to examine the contents in those fields. In Part 1, you will examine the header fields and content in an Ethernet II Frame provided to you. CyberOps Workstation virtual machine Instructions Part 1: Examine the Header Fields in an Ethernet II Frame.In Part 2, you will use Wireshark to capture and analyze Ethernet II frame header fields for local and remote traffic.
In the first part of this lab, you will review the fields contained in an Ethernet II frame. When learning about Layer 2 concepts, it is helpful to analyze frame header information. For example, if the upper layer protocols are TCP and IP and the media access is Ethernet, then the Layer 2 frame encapsulation will be Ethernet II. The frame composition is dependent on the media access type. When upper layer protocols communicate with each other, data flows down the Open Systems Interconnection (OSI) layers and is encapsulated into a Layer 2 frame. Part 2: Use Wireshark to Capture and Analyze Ethernet Frames Background / Scenario.Part 1: Examine the Header Fields in an Ethernet II Frame.Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. 8.2.8 Lab – Using Wireshark to Examine Ethernet Frames (Instructor Version)
0 kommentar(er)
