I am monitoring my Ethernet with this filer but none of the packets i capture are with this port, what am I doing wrong?
What are you trying to achieve using this filter? These ports are used by DHCP service. So if you see no such packets in a trace it means:
or they were not present in the network (DHCP is not in use) ; or your capture setup is not correct.
For how long did you run the capture? DHCP can be silent for some time period even when it's in use, it depends on DHCP server settings.
Thank you!! I left it working and captured one message from 0.0.0.0. to 255.255.255.255. Do you have any recommendations what should I do to capture more messages, what actions use these ports? Well honestly I do not really know what I am trying to achieve, I am just following the instructions in the book Computer networks. It is an exercise on DHCP and I am trying to understand it.
Depending on the OS you usually have some option to force a renew of the DHCP lease. This allows you to capture them 'on demand'.
So the task assumed capturing and studying DHCP DORA sequence as I understand it.
But to capture all 4 packets you need some prerequisites:
Then you can start capture and do what @Jaap recommends - manual IP address renew. To capture someone else's DORA sequence you have to arrange more complex setup with port mirroring because not all of these packets are broadcast.
Comments