Tag Archives: linux

DHCP Troubleshooting & Wireshark

The other day I needed to do some DHCP troubleshooting. I have yet to learn all that tcpdump can do (I know it can do this filtering as well), so I at this time do most of my filtering in wireshark. icon-WireShark

Say you are looking for just the packets pertaining to one particular mac address. You can view these by using the following wireshark filter:

bootp.hw.mac_addr == 00:aa:bb:cc:dd:ee

I have found this to be very useful when I am trying to debug issues client devices maybe having or looking at the dhcp options being sent to a dhcp server.