This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Capture DHCP traffic on the DHCP server side

0

I’m pretty new to Wireshark and trying to TS an issue and want to prove that a PXE DHCP request isn’t being received by the Microsoft DHCP server. I thought it would be a case of:

  1. Start a capture on the DHCP server
  2. Kick off the boot process on the client, watch the PXE boot and note the mac address
  3. Stop the capture on the DHCP server and filter (eth.src.==xx.xx.xx.xx.xx.xx)
  4. If nothing shows then my point is proved.

Problem is, I’ve performed this on a client that is successfully obtaining an address and to see a positive result I repeated the process above but do not see any packets. I can see plenty of DHCP traffic. I’m just wondering of the source mac address will be the Cisco switch routing the request via the helper.

Any ideas how one can achieve what I’m trying to do?

Thanks..

asked 18 Sep '13, 17:37

plentymech's gravatar image

plentymech
16113
accept rate: 100%

One Answer:

1

I worked out the process myself now. I was doing it right but just played with the filters a little more and all was revealed.

answered 18 Sep '13, 20:14

plentymech's gravatar image

plentymech
16113
accept rate: 100%