on my trace I have I don't understand what triggers the second request. the difference between the two request packets is the packet subtype first request packet flags: .... ..01 = DS status: Frame from STA to DS via an AP (To DS: 1 From DS: 0) (0x01) second request packet flags: .... ..10 = DS status: Frame from DS to a STA via AP(To DS: 0 From DS: 1) (0x02) anyone can help me to figure out whats going on? asked 10 Oct '11, 05:16  ddayan edited 10 Oct '11, 05:24 |
2 Answers:
On your wireless lan, all traffic within the same subnet is sent to the AP first and then from the AP to the destination. Depending on the physical location of the capturing device compared to the source, the AP and the destination you will see some or all of the packets. I suspect that the AP is also the DHCP server and that it responds to the DHCP request. The second Request is most probably due to the fact that it was a broadcast packet so the AP needs to send it to all systems too. answered 10 Oct '11, 06:24  SYN-bit ♦♦ |
I think you will find the first request is the "DHCP Discover", where your client doesn't know of any DHCP servers. Once it sees a response, the ACK, it can then send a proper "DHCP Request". This is still a broadcast, but it will contain a non-zero entry in the the Server IP address field indicating a particular server it would like a DHCP Offer from. answered 10 Oct '11, 05:26  martyvis How come theres no 2nd ACK packet? Also in both request packets the bootp protocol info is the same (10 Oct '11, 05:43) ddayan |
Makes sense, right now i'm using a simple topology where the AP is the DHCP server and the client is also the capturing device. thanks!