Lab 3 1 ARP Observation - Shadowsarespooky/TechJournal GitHub Wiki

Lab 3-1 - ARP Observation

Objective

Observe Address Resolution Protocol operations and draw conclusions on how Layer 2 (MAC) and Layer 3 (IP) addresses interoperate.

Goals

• Understand how ARP is used between hosts on a LAN
• Recognize the basic flow of ARP
• Identify the role of broadcasts with ARP

Summary

In this lab I cleared the arp cache, and pinged a connected pc on the same network and pinged an outside LAN DNS. The command arp -d did not work so I used the following command ip -s -s neigh flush all to clear the cache instead. These two are useful commands to know if/when ever I need to clear the cache. There was some confusion with understanding what the ARP packets were doing but an explanation from the professor helped resolve the confusion.

Things to consider:

Make sure to document among other things, how to dump your arp cache in linux (see videos from module 2) in linux. Make sure to reflect on this exercise as well.

When dumping the cache it was recommend and needed to clear it while in sudo mode, which is when the user using admin/elevated permissions to give specific commands in the terminal. Use the command sudo su, give the correct password, and now I have elevated permissions to use the commands arp -d or ip -s -s neigh flush all.

Optional, If you have administrator access to a Windows 10 system, can you figure out how to install Wireshark, dump your arp cache, and capture the associated arp traffic to and from your default gateway? You will likely need to do this in follow on networking classes or in the likely event that you get a Windows VM in near future.

I didn't try on the Windows 10 VM but I can imagine finding the commands for the windows terminal and performing the Wireshark capture of the arp packets is not difficult.