Packet Inspector: DHCP Deep Dive with Wireshark

A comprehensive, hands-on course for network engineers and IT professionals who want to master DHCP troubleshooting using Wireshark packet analysis.

Course Overview

This course takes you from Wireshark fundamentals through advanced DHCP analysis, covering real-world troubleshooting scenarios that network engineers encounter daily. By the end, you'll be able to capture, filter, and interpret DHCP traffic with confidence.

Modules

#	Module	Description
1	Wireshark Fundamentals	Installation, interface, capture filters, and display filters
2	DHCP Message Flow	The DORA process, lease lifecycle, and packet-level analysis
3	DHCP Options	Common options, vendor-specific extensions, and option overloading
4	DHCP Relay	Relay agent operation, Option 82, and cross-subnet DHCP
5	Advanced Wireshark	Custom columns, profiles, coloring rules, and scripting
6	Troubleshooting	Real-world scenarios, common failures, and systematic debugging
7	DHCPv6	IPv6 address assignment, SLAAC vs DHCPv6, and prefix delegation
8	DHCP Security	DHCP snooping, rogue server detection, and starvation attacks

Diagrams

The diagrams/ folder contains visual aids referenced throughout the modules:

• Diagram 1 - Lab Topology
• Diagram 2 - DHCP DORA with Relay Flow
• Diagram 3 - DHCP Packet Structure
• Diagram 4 - Troubleshooting Flowchart

Prerequisites

• Basic networking knowledge (IP addressing, subnetting)
• A computer with Wireshark installed (v3.x or later recommended)
• Access to a lab environment or virtual network (GNS3, EVE-NG, or physical gear)

License

This course material is provided for educational purposes.