8E Kurose & Ross header
Wireshark Labs

"Tell me and I forget. Show me and I remember. Involve me and I understand."
Chinese proverb

One's understanding of network protocols can often be greatly deepened by "seeing protocols in action" and by "playing around with protocols" - observing the sequence of messages exchanges between two protocol entities, delving down into the details of protocol operation, and causing protocols to perform certain actions and then observing these actions and their consequences. This can be done in simulated scenarios or in a "real" network environment such as the Internet. The Java applets in the textbook Web site take the first approach. In these Wireshark labs, we'll take the latter approach. You'll be running various network applications in different scenarios using a computer on your desk, at home, or in a lab. You'll observe the network protocols in your computer "in action," interacting and exchanging messages with protocol entities executing elsewhere in the Internet. Thus, you and your computer will be an integral part of these "live" labs. You'll observe, and you'll learn, by doing.

The basic tool for observing the messages exchanged between executing protocol entities is called a packet sniffer. As the name suggests, a packet sniffer passively copies ("sniffs") messages being sent from and received by your computer; it will also display the contents of the various protocol fields of these captured messages. For these labs, we'll use the Wireshark packet sniffer. Wireshark is a free/shareware packet sniffer (a follow-on to the earlier Ethereal packet sniffer) that runs on Windows, Linux/Unix, and Mac computers. The Wireshark labs below will allow you to explore many of the Internet most important protocols.

We're making these Wireshark labs freely available to all (faculty, students, readers). They're available in both Word and PDF so you can add, modify, and delete content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following:

Solutions to these Wireshark labs are available for course instructors only from the publisher (not from the authors) - see our instructors' page for information about how to get solution, either standalone or for an LMS.

Wireshark labs: click on the links below to download a Wireshark lab on the given topic.

Lab topic 8th ed. 7th ed.
Getting Started 8.0 (PDF, Word) 7.0 (PDF, Word)
HTTP 8.0 (PDF, Word) 7.0 (PDF, Word)
DNS 8.0 (PDF, Word) 7.01(PDF, Word)
TCP 8.0 (PDF, Word) 7.0 (PDF, Word)
UDP 8.0 (PDF, Word) 7.0 (PDF, Word)
IP 8.0 (PDF, Word) 7.0 (PDF, Word)
NAT 8.0 (PDF, Word) 7.0 (PDF, Word)
ICMP 8.0 (PDF, Word) 7.0 (PDF, Word)
Ethernet and ARP 8.0 (PDF, Word) 7.0 (PDF, Word)
DHCP 8.0 (PDF, Word) 7.0 (PDF, Word)
802.11 WiFi 8.0 (PDF, Word) 7.0 (PDF, Word)
SSL (currently being updated to TLS) 8.0 (PDF, Word) 7.0 (PDF, Word)
Trace files(same for 7E, 8E) wireshark-traces.zip wireshark-traces.zip

These Wireshark sides are copyright 2005-2020, J.F. Kurose, K.W. Ross, All Rights Reserved.
Last update to labs: June 4, 2020
Comments welcome: kurose@cs.umass.edu