0

I have the following problem: My University requires that all PCs have their MAC address registered to a given Ethernet jack before they are allowed on the network. I have done this with my PC, which now obtains it's IP via DHCP and goes online just fine.

However, I am now trying to interject a router with NAT between my PC and my Ethernet jack so that I can hook up additional devices. To make this possible, I cloned my PC's MAC address into the router and gave the router the same "host name" as my windows 2000 machine.

This worked fine for a while: My router was served the same IP as my PC would, and all was fine. But it stopped working at some point. Strangely, while my PC is still accepted on the network, my router isn't.

I can't understand how the two are different. I thought that by cloning the MAC and clientID (= host name?) I would have made the two devices virtually indistinguishable, but apparently not so.

Here is my question: Can I spy on the DHCP negotiation, and if so, then how? To be precise, I want to see what is relayed across my Ethernet jack when the IP is negotiated via DHCP. Ideally, this should show me the differences between my router and my PC.

Alternatively, I would like to be able to set up a third computer as a would-be DHCP server. I could then use a crossover cable and plug the device in question into my mock-up DHCP server, and hopefully see how the device reports/identifies itself. I would then compare how my PC IDs itself, and how my router IDs itself on its WAN side. What software would be able to tell me in extensive detail how a device reports itself to obtain an IP via DHCP?

Quick answers are greatly appreciated! Thanks!!

3
Contributors
4
Replies
5
Views
12 Years
Discussion Span
Last Post by douga
0

If you want to know what packets go between your pc and your switchport you can download Ethereal (learn how to use it and read packet traces) and you will be able to see every message used in negotiation.

Technically if you plug in a dumb hub with a crossover cable, then your pc sniffing, then the router and boot it, you will be able to read all the packets between the router and the switch.

Oh yeah, don't tell anyone you got this from me incase I setup security at your college :)

0

Thanks! I already came across Ethereal, and I am very impressed with that software. That's the one I'd now recommend, too.

The idea with a dumb hub (and ethereal in promiscuous mode, I guess) is good, though, I thought I'd have to equip a PC with 2 cards and put it between my router and switch or something...

Lastly, my problem was solved by putting a router between my ethernet jack and the rest of my equipment (PC and VT1000 ATA). Apparently my VT1000 is not as well-behaved as my new router or my PC when it comes to obtaining an IP by DHCP from the University's switch. I still don't know exactly what the difference is, but maybe playing some more with Ethereal will reveal the secret, if I only have the time...


Technically if you plug in a dumb hub with a crossover cable, then your pc sniffing, then the router and boot it, you will be able to read all the packets between the router and the switch.

0

Glad to hear you figured it out.

When you use a dumb hub and promiscuous mode you should only need one NIC to silently lift the packets between the two devices you are monitoring.

If you want just a little more info about DHCP you can check with Hank he might get you pointed in the right direction: http://www.routergod.com/hanktheangrydrunkendwarf/

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.