Saturday, 31 March 2012

Roadmap for Testlink 2.0 is delayed , developement team is working on 1.9.4 version.

TestLink  ( Test management system ) we are using for almost close to 1.5 years and not faced any serious issues. We are using version 1.8.5 and we were waiting for Testlink 2.0 . Yesterday when browsing through forums i came to know that they have put on hold for version 2.0 and development is working on 1.9.4 version.

They are in need of development people, if you are into development and want to contribute for a good open source project, you can try contacting  at :

Why FTP uses two ports and HTTP one?

Well. i tried to find answer for this question but I am still not very clear on this. Below reasons i came across for choosing two ports for FTP.

1) By using two ports, the data channel is separated from the control channel. This is to not to interfere with the control messages (on port 21), and for other who are trying to connect. Also this will separate full-duplex data flow on port 20. The control channel is basically a Telnet channel, and is not optimize for  receiving relatively large flows of data.

2) In order to avoid the extra headers and details for each and every packets which will consume the bandwidth.
A separate port is used for data connection.

3) In the original FTP RFC (114) there is a reference in the Endnotes to RFC 103, which dicusses NCP communications and the problem
of not having enough buffer space on the receiving host to accept a control command if the data and control ports are not separated,

Please post in comments what you think about it. Also which reason you believe could be true or its all ??

Friday, 30 March 2012

How to disable SELinux and IPtables ?

If SELinux / iptables is enabled in Linux PC and it is acting as a server, we need to add specific entries to allow each and every type of traffic or easy way is to disable it completely.

To disable SELinux give following commands:

echo 0 > /selinux/enforce

 vim /etc/selinux/config

To disable iptables issue following commands.

 chkconfig iptables off

 service iptables stop

Wednesday, 28 March 2012

How to install Windows PPPoE Server (RasPPPoE)

How to install Windows PPPoE Server

To use PPPoE Server on windows is easy. We can use RASPPPoE Server from to download the installation file. It will work for Almost all win flavours other then WIN Vista. We have used PPPoE Server on Linux Pcs generally but due to some limitation like ping size 9000 and above some Linux PPPoE server won't allow. We have to use Win PPPoE server. Why is it so with Linux servers still we need to investigate.

Steps to configure win PPPoE server.

1) Download package from

2) If you are running Windows 2000, right-click the My Network Places icon on your desktop and select Properties to bring up the Network and Dial-up Connections window.

3) If you are running Windows XP/2003, click the Start button, select Control Panel, then click Network and Internet Connections and then click the Network Connections control panel icon to bring up the Network Connections window.

4)Go to the menu and select View then Details to get a detailed view of the network connections on your machine.

5) You should find one or more Local Area Connection objects. Locate the one for the network adapter connected to your broadband modem (you should be able to tell by the name in the Device Name column), right-click it and select Properties.
In the properties dialog box, click the Install... button.
In the Select Network Component Type window, select Protocol and click the Add... button. (Note: It could take a few seconds for the following window to come up.) In the Select Network Protocol window, click the Have Disk... button.

6) In the Install From Disk window, either type the name of your temporary installation directory or click the Browse... button to navigate to it (it does not matter which of the INF files you select, Windows will automatically pick the right one later). Then click the OK button. ( Point it to the directory where you have unzipped the raspppoe files)

7) A new window opens, offering the PPP over Ethernet Protocol for installation. Click OK to start installing the protocol.
During installation, a window titled Digital Signature Not Found (Windows 2000) or Hardware Installation (Windows XP/2003) may come up several times (typically four times per installed network adapter), warning you that the driver has no digital signature or Windows Logo. Make sure you click "Yes" (Windows 2000) or "Continue Anyway" (Windows XP/2003) every time you are prompted to allow successful installation of the protocol.

8) Back at the Local Area Connection Properties window, click Close to close the window. Note: If you have a network adapter dedicated to your broadband modem, it is recommended that you first clear the checkboxes for all other components listed and leave only PPP over Ethernet Protocol checked.

9) If you have more than one network adapter in your system, you may want to disable the PPP over Ethernet Protocol for all adapters but the one your broadband modem is actually connected to. To do this, bring up the properties of each network adapter you want to disable the protocol for and clear the checkbox next to PPP over Ethernet Protocol in the listed components. BEWARE: If you accidentally disable the protocol for the network adapter you want to connect through, simply re-checking the checkbox, even if you do so immediately, may not be enough to make the protocol functional on that network adapter again.

10) Select properties TCP/IP of the connection and give ip address of the range of the clients.

Done and ready to use.

Please post your comments , which type of PPPoE server you use for testing purpose.

Layer2 QoS/CoS using VLAN

Layer2 QoS/CoS using VLAN

LAN Layer 2 QoS/CoS Protocol for Traffic Prioritization

For Layer Three IPQoS management the ToS or DSCP filed is marked as explained in another post.

For Layer 2 with VLAN the CoS field or the Priority field is used for QoS mapping of queues.

In Ethernet-II frames For VLAN tagged packet: TPID ( Tag protocol id) is 2 byte and TCI ( tag control information ) is of two bytes.

TPID ( 2bytes) - defined value of 8100 in hex. When a frame has the EtherType equal to 8100, this frame carries the tag IEEE 802.1Q / 802.1P.

TCI - Tag Control Information field including user priority, Canonical format indicator and VLAN ID. This is 2 byte field or 16 bits field. in which :

3bits : User Priority, a 3-bit field storing the priority level for the frame. Use of this field is defined in IEEE 802.1p.

1 bit : Canonical format indicator (CFI): a 1-bit indicator that is always set to zero for Ethernet switches. CFI is used for compatibility between Ethernet and Token Ring networks. If a frame received at an Ethernet port has a CFI set to 1, then that frame should not be bridged to an untagged port.

12 bit: VLAN ID (VID): a 12-bit field specifying the VLAN to which the frame belongs. A value of 0 means that the frame doesn't belong to any VLAN; in this case the 802.1Q tag specifies only a priority and is referred to as a priority tag. A value of hex FFF is reserved for implementation use. All other values may be used as VLAN identifiers, allowing up to 4094 VLANs. On bridges, VLAN 1 is often reserved for management.

For L2 QoS the pri bit or the first three bits of TCI is used and is mapped with the QoS priority Queues. The mapping of queues depend largely on the implementation.

Generally it follows this rule:

VLAN CoS Bits QoS Priority Queues :
111---------------- 7
110---------------- 6
101---------------- 5
100---------------- 4
011---------------- 3
010---------------- 2
001---------------- 1
000---------------- 0

IPv4 TOS Field and QoS

IPv4 TOS Field and QoS

According to [RFC791], the IPv4 TOS octet is divided into a 3 bit
Precedence field and a 3 bit TOS field. The last two bits of the TOS
octet are reserved for future use:

Bits 0-2: Precedence.
Bit 3: 0 = Normal Delay, 1 = Low Delay.
Bits 4: 0 = Normal Throughput, 1 = High Throughput.
Bits 5: 0 = Normal Reliability, 1 = High Reliability.
Bit 6-7: Reserved for Future Use.

So IPV4 TOS octet is 8 bit field with last two bits reserved for future.

The first three bit i.e. bits 0-2 are Precedence field and generally used in IP QoS for ToS mapping and Marking.

Generally there are 7 queues
�� Urgent
�� Premium
�� Real-Time
�� Critical
�� High
�� Medium
�� Low
�� Default

Which are mapped to IP Precedence field as

QoS Traffic Class QoS Level IP Precedence Bits

Urgent 7 111
Premium 6 110
Real-Time 5 101
Critical 4 100
High 3 011
Medium 2 010
Low 1 001
Default 0 000

The DSCP is nothing but the first 6 bit of the same 8 bits and the it uses the IP precedence bits to set the QoS priority class. The Diff Serv architecture also uses the 3 extra bits to prioritize and differentiate same class of traffic.

The DSCP value 0x2E ~ 0xb8 Ipv4 ToS value is used for real time traffic (EF).

Above is very basic explanation of L2/L3 QoS.  In wireless we have something known as WMM which is used for exactly same thing , to prioritize the traffic.

Please let me know in your comments whether anytime you have used this fields for your testing.

Tuesday, 27 March 2012

List of Important RFCs

List of Important RFCs

We should Refer RFC or IEEE standard as frequently as we can. Initially it seems tough but slowly if we read it, it will be easier to understand.

And few answers are given in standards which is otherwise difficult to find.

Also some RFCs are horrible like ARP RFC, but some are really good like DHCP.

If you have to do something new, search for relevent RFC or standard go through it, and then only start actual testing.

Here is some basic RFC list which you can go through for reference.

NetworkRFC 826 - Ethernet Address Resolution Protocol
RFC 791 - Internet Protocol
RFC 2460 - Internet Protocol, Version 6 (IPv6) Specification
RFC 793 - Transmission Control Protocol
RFC 2581 - TCP Congestion Control
RFC 768 - User Datagram Protocol

RFC 1945 - Hypertext Transfer Protocol -- HTTP/1.0
RFC 2616 - Hypertext Transfer Protocol -- HTTP/1.1
RFC 2246 - The TLS Protocol Version 1.0

FTPRFC 959 - File Transfer Protocol •

SMTPRFC 2821 - Simple Mail Transfer Protocol •

POP3RFC 1939 - Post Office Protocol - Version 3 •

RFC 3501 - Internet Message Access Protocol - Version 4rev1 •

Web Application TestRFC 1945 - Hypertext Transfer Protocol -- HTTP/1.0
RFC 2616 - Hypertext Transfer Protocol -- HTTP/1.1
RFC 2246 - The TLS Protocol Version 1.0

SIPRFC 3261 - SIP: Session Initiation Protocol •

MGCPRFC 3435 - Media Gateway Control Protocol (MGCP) Version 1.0 •

RFC 2326 - Real Time Streaming Protocol (RTSP)
RFC 3550 - RTP: A Transport Protocol for Real-Time Applications
RFC 3376 - Internet Group Management Protocol, Version 3
RFC 4445 - A Proposed Media Delivery Index (MDI)
RFC 2250 - RTP Payload Format for MPEG1/MPEG2 Video
RFC 2327 - SDP: Session Description Protocol

TelnetRFC 854 - Basic Telnet protocol specification
RFC 855 - Telnet option specifications
RFC 856 - Telnet binary transmission
RFC 857 - Echo option
RFC 858 - Suppress Go Ahead option
RFC 859 - Status option
RFC 860 - Timing Mark option
RFC 1091 - Terminal Type option
RFC 1073 - Window Size option
RFC 1079 - Terminal Speed option
RFC 1372 - Remote Flow Control option
RFC 1184 - Linemode option
RFC 1408 - Environment Variables option

RFC 1034 - Domain names - concepts and facilities
RFC 1035 - Domain names - implementation and specification
RFC 951 - Bootstrap Protocol (BOOTP)
RFC 1534 - Interoperation Between DHCP and BOOTP
RFC 1542 - Clarifications and Extensions for the Bootstrap Protocol
RFC 2131 - Dynamic Host Configuration Protocol
RFC 2132 - DHCP Options and BOOTP Vendor Extensions (not all options are supported)
RFC 3046 - DHCP Relay Agent Information Option
RFC 3396 - Encoding Long Options in the Dynamic Host Configuration Protocol (DHCPv4)

LDAPRFC 1777 - Lightweight Directory Access Protocol
RFC 1778 - The String Representation of Standard Attribute Syntaxes
RFC 2251 - Lightweight Directory Access Protocol (v3)
RFC 2252 - Lightweight Directory Access Protocol (v3): Attribute Syntax Definitions
RFC 2253 - Lightweight Directory Access Protocol (v3): UTF-8 String Representation of Distinguished Names
RFC 2254 - The String Representation of LDAP Search Filters
RFC 2255 - The LDAP URL Format
RFC 2256 - A Summary of the X.500(96) User Schema for use with LDAPv3
RFC 2829 - Authentication Methods for LDAP
RFC 2830 - Lightweight Directory Access Protocol (v3): Extension for Transport Layer Security
RFC 3377 - Lightweight Directory Access Protocol (v3): Technical Specification

RTSP and RTPRFC 2326 - Real Time Streaming Protocol (RTSP)
RFC 3550 - RTP: A Transport Protocol for Real-Time Applications
RFC 2327 - SDP: Session Description Protocol

Saturday, 17 March 2012

What is RTS threshold in wireless?

What is RTS threshold in wireless?

RTS is "Request to Send" . It is used with CTS "Clear to send" .  It can be used in below scenarios and used by Stations or Wireless AP.

1) When medium is too noisy or lot of interference is present. The AP/Station if it is not getting chance to send the packet it can initiate RTS/CTS mechanism to get a chance to send the packet.

2) In mixed mode to avoid hidden node problem. This can be used.

As use of RTS/CTS decreases throughput the RTS threshold value is used .  This parameter controls what size data packet the low level RF protocol issues to an RTS packet.
The default value used by many vendors is 2346. The RTS value range can be 0-2347. If the value is set to 2346 this means that effectively it will never be used as in Ethernet network the max packet size can be only 1518 ( with all headers+ Max data size).

The RTS value 0 means for every data exchange there has to be RTS/CTS exchange mechanism.

When we use or set RTS threshold value to say 500 means that for every data byte more then 500 bytes there will be RTS/CTS. This will consume more bandwidth therefore reducing the  throughput.  However the more RTS packet are sent the chances are the system will cover up for packet loss due to collision and interferences properly and more fast.

Depending on the network, interference and whether hidden node problem exist or not we should use this parameter effectively.

To determine if we should activate RTS/CTS or not in the network first monitor the wireless LAN for retransmissions. If we find a large number of retransmissions and the users are relatively far apart and likely out of range, then we can try enabling RTS/CTS on the applicable user wireless NICs.If collisions are occurring between users within range of each other, the problem may be the result of high network utilization or possibly RF interference.

After activating RTS/CTS, test to determine if the number of retransmissions is reduced and the resulting throughput has increased. Because RTS/CTS introduces overhead, we should not use it if there is a dop in throughput, even if there is fewer retransmissions.

Because the whole exercise is to improve the throughut of the network, if it getting decreased then no point in using this.

Also as hidden node problem exist from station point of view but not from Access point of view we should not enable RTS/CTS in AP as in can significantly increase the overhead and reduce throughput.
The RTS threshold value can be set on station by going into advance properties of the network in network connection. Also almost all vendors Access point  give option to change RTS thershold value. You can experiment in Cisco Aironet. netgear, linksys  and Dlink AP.

What is the recommeded value for RTS threshold  parameter  ?

 Well here is the list:

1) Linksys WMP300N adaptor with windows Vista suggest "2304"

2) Dlink default to 2346 and says "If you encounter inconsistent data flow, only minor modifications to the value range between 256 and 2346 are recommended"

3) Proxim AP 4000 - default 2347 ( disabled ) --Says "This parameter affects message flow control and should not be changed under normal circumstances. Range is 0 to 2347. When set to a value between 0 and 2347, the Access Point uses the RTS/CTS mechanism for packets that are the specified size or greater. When set to 2347 (the default setting),RTS/CTS is disabled

 4) Netgear ->Default value is 2346 - The Request to Send threshold packet size determines if the wireless access point should use the CSMA/CD (Carrier Sense Multiple Access with Collision Detection) mechanism or the CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) mechanism for packet transmission:

    * With the CSMA/CD transmission mechanism, the transmitting station sends out the actual packet as soon as it has waited for the silence period.
    * With the CSMA/CA transmission mechanism, the transmitting station sends out an RTS packet to the receiving station, and waits for the receiving station to send back a CTS (Clear to Send) packet before sending the actual packet data.

5) Asus Wl500G : Recommended value 500 , default value 2347 ( disable) says: This is an advanced setting that may make your WiFi unstable and it's recommended to leave it be. Imagine having 2 laptops connected to your router. Both laptops are too far away to communicate with each other directly, but the router between the laptops allows them to communicate through the router. When both laptops send a frame at the same time the router will need to drop both frames (frame collision). This is of course an unwanted situation. With RTS enabled the laptops will first send a Request To Send message to the router. When the router hasn't any other transmissions going on it will send back a Clear To Send (CTS) message back. After the laptop receives the CTS it will send the frame. This RTS/CTS communication reduces frame collisions when multiple clients are connected. Usually turning this option on will slow down your network.

The above data is taken from the UG and/or from support site of the individual vendors and just taken to emphasize that there is no uniformity in the recommeded values and it is always the network administrator intelligence how he/she uses these parameter to optimize the performance.

One of the ways to optimize it is ping from CPE/station to AP with 2347 bytes and see the result ( latency ). Slowly decrease the packet size and compare the latencies , in which u get best lets say 1024 use that as RTS threshold value and use some tool like iperf, chariot to measure the increase and decrease in the performance with RTS as higher and lower limit.

What is Fragmentation threshold in Wireless (WLAN)/ How Fragmentation threshold is used in Wireless

What is Fragmentation threshold in Wireless (WLAN)/ How Fragmentation threshold is used in Wireless

Fragmentation Threshold is one  parameter which is given in all stations and Access points. Fine tuning Fragmentation Threshold parameter can result in good throughput but not using it properly can results in low throughput.

1 ) What is fragmentation threshold?

In simple words it does the same thing which MTU do in Ethernet. Both are different parameters but the work done is same , it fragments the data packets.

2) When fragmentation threshold will be used ?

Fragmentation threshold
will be used when we have more data packet size to be transmitted and we have less fragment threshold value. Lets say from Ethernet we have to send 1400 byte packet but the fragmentation threshold is set as 400. In this case when the packet is to be transmitted on air it will fragment the packet in to 4 small packet 400+400+400+200 and send on air.This includes MAC header+ frame body and CRC so 400 byte will be in total including headers.

The reason while sending in fragments increases throughput and affects throughput can be because in a wireless network where RTS/CTS are not used , a wireless workstation needs 34us to sense a channel, 16us RTS, data transmission of roughly 600us for full payload, 16us for ack, 34us for DIFS, and roughly another 9us for another slot time. So the total time is 709 us. With a fragmented payload, the time-in flight for a full frame is reduced, even the DIFS time. (i.e. -400us for payload, -34us for DIFS). This helps in increasing the throughput.

3) What is the range of
fragmentation threshold ?

Typically the range used for fragmentation threshold is 256-2346. The default value for many devices is set to be 2346. Typically this means that it is disabled and will never be used.

4) Does it will apply to broadast and multicast packets ?

No, it is meant for only unicast packets.

5) How fragmentation and reassembly takes place in wireless using fragmentation threshold parameter?

When we enable Fragmentation parameters the AP/station fragments the packets and send it on air. Each packet will have its own MAC header+frame body ,FCS.  and fragment number which is to know the sequence of the fragments. It has a fragment header which consists of
Sequence control field. It includes a Fragment Number sub field, indicating the fragment number of the frame.This number is zero for first fragment and gets increments by one for next fragment of a single frame.The single bit "More Fragment field" in the fragment header indicates
that this is the last fragment of the series. Also for all others fragments the the More Fragment field is set to "1" and its set to zero if no more fragments are present in the sequence.
 The destination station reassembles the fragments back into the original frame using fragment numbers found in the header of each frame. When it receives the full complete frame , the station hands the frame up to higher layers for processing.

6) What is relation between MTU and fragmentation threshold / Why we have not used MTU for wireless also why new parameter is required ?

This is the first question which i had in mind when i first came to know about this parameter. MTU and fragmentation threshold does the same thing , they fragment the packet if the data packet is more than this value. But we have not used this parameter in Wireless also because one of the reason i could understand was as it is wireless there is lot of chances of collision and interference and data getting lost. Even 1500 byte packet size is more if we have a noisy or RF interference environment so we can divide the wireless packets in to small size say 500 and send them over wireless. As each fragment is send in burst mode and requires ACK for each one ,only those fragments which are lost needs to be transmitted, not all.

Also if we have lets say Ethernet MTU as 1500 and Fragmentation threshold as 2000, does it make sense ? No. Because in any case you will not get packet which is larger than 1500 so practically your FT value will never be used. But if your MTU is 1500 and your Fragmentation threshold value is say 800 then it will used and you can see the fragmented packets over the air using some sniffer.

Wireless Protocols and Basics of wireless protocols (WLAN 802.11a/b/g/n)

Wireless Protocols and Basics of wireless protocols (WLAN 802.11a/b/g/n)

IEEE Wireless Standards, amendments and recommended practices.
The actual standard with which all this started is IEEE 802.11-1997. This is the base standard after that all are are amendment
to this standard.
The nomenclature is a lowercase letter designates an amendment and a capital letter designates a recommended practice e.g 802.11a is amendment but 802.11F and 802.11T are  recommended practices.
Below is the list of all standard till date ( 2011, Oct )

802.11 — Released in 1997. This original MAC protocol specification includes the base functionality
along with FHSS and DSSS PHY.This standard offers throughputs up to 2Mbps.
802.11a — Defines the use of OFDM modulation in 5 GHz band with data rates up to 54 Mbps.
802.11b — Defines support for DSSS with CCK rates - 5.5 and 11 Mbps in 2.4 GHz to extend throughputs
from 2Mbps to 11Mbps in 2.4GHz band.
802.11c — Defines MAC bridging for 802.11 stations. This functionality is incorporated into 802.1d.
802.11-1999 — Contains 802.11 prime with all above enhancements.
802.11d — Defines support for world-wide WLAN operation by introducing new regulatory domains through
‘country’ code information element.
802.11e — Defines packer classification and prioritization to support Quality of Service (QoS)
for multimedia applications such as real time voice and video applications.
The important amendments rolled into WMM specification by Wi-Fi Alliance.
802.11F — Includes Inter-Access Point Protocol (IAPP) for interoperability
between different vendor Access Point products.Withdrawn in Feb 2006 and is not used now.
802.11g — Defines OFDM operation in 2.4GHz by introducing Extended Rate PHY (ERP),
 which extends throughputs in 2.4GHz band to 54Mbps.
802.11-R2003 — Rolled up 802.11-1999 and prior amendments, excluding 802.11e.
802.11h — Defines Transmit Power Control (TPC) for managing transmit power for 802.11 clients,
and Dynamic Frequency Selection (DFS) for radar detection and avoidance in some 5 GHz bands( 802.11 a) .
802.11i — Defines security enhancements to the previous and broken security
specification based on Wired Equivalent Protocol (WEP). It defines Wi-Fi Protection Access (WPA2)
with the use of Advanced Encryption Standard (AES) and 802.1X Extended Authentication Protocol (EAP).
802.11j — Defines WLAN operation in 4.9 to 5 GHz band in Japan. This standard is applicable only to Japan.
802.11-2007 — Rolled up 802.11-R2003 with earlier amendments.
802.11k — Defines radio resource management (RRM) methods for spectrum or RF data collection
and sharing between client and AP. This standard is for enablement of noise-free operation in enterprise WLAN networks.
802.11l — This standard is not in use as it is bypassed due to potential ambiguity and
confusion between the letter “l” and number “1”.
802.11m — This standard is used as a “maintenance” amendment to the 802.11 standard for updating inaccuracies,
omissions, and ambiguities.
802.11n — Defines High Throughput (HT) PHY with data rates up to 600 Mbps in 2.4 GHz and 5 GHz bands
through Media Access Control (MAC) level enhancements and Multiple Input and Multiple Output (MIMO) techniques.
802.11o — For the reasons mentioned for 802.11l, this standard is skipped due to potential ambiguity and confusion
between the letter “o” and number “0”.
802.11p — Defines the wireless access in vehicular environments (WAVE) to support Intelligent Transportation Systems (ITS)
 applications by enabling high speed vehicles to exchange data in the licensed 5.85 to 5.925GHz band.
802.11q — This standard is bypassed as there is a potential confusion of this standard with the existing
802.1Q standard defined for VLAN tagging.
802.11r — Defines fast and secure roaming of mobile clients from one Access Point (AP) to other, seamlessly.
This standard addresses the jitter and latency issues associated with voice and video applications during
 roaming from one AP to other.

802.11s — Defines the support for “standard based” mesh networking for wireless devices to interconnect
with each other to form a WLAN mesh network.

802.11T — Defines the recommended ways and practices for testing wireless performance in a predictable manner.
802.11T is cancelled and it doesn’t exist now.

802.11u — Defines internetworking with external networks( wireless internetworking with external networks), such as cellular networks. This standard covers
enablement of emergency call and alert services without having prior authentication from the user to the Wi-Fi network.

802.11v — Defines enhancements for advanced Wi-Fi network management. It includes the specification of
configuring and managing the client devices while they are connected to the Access Point.The 802.11v group is dependent on the 802.11k group, which is defining measurements that
 will be incorporated into the management interface being defined by 802.11v. 

802.11w — Defines protected management frames for all 802.11 standards. The 802.11i covers the security aspect of the ‘Data’ frames,
but all 802.11 management frames are not protected and they are subject to vulnerability. This standard protects against DoS(Denial of Service) attacks and network disruptions caused by spurious or forged management frames as they are not protected.

802.11x — This name can be used to refer whole family of 802.11 technologies collectively. So this standard/name is bypassed.

802.11y — Defines use of OFDM and high power WLAN devices in 3.65-3.7GHz band by changing Media Access Control (MAC) timings
. Unlike traditional WLAN devices, the devices in this band are allowed to transmit at high power.
As a result, the devices can operate at distances up to 5km, unlike up to 100m supported by today’s devices
operating in ISM band.

802.11z — Defines enhancements to peer-to-peer Direct Link Setup (DLS), by extending the DLS to be independent
of Access Point. This amendment defines a mechanism to tunnel the protocol messages through data frames for
establishing peer-to-peer link to improve the video performance between clients.

802.11aa — This amendment defines enhancements to video transport streams.

802.11ab — This amendment is bypassed to avoid confusion with devices using 802.11a and 802.11b technologies, which are often abbreviated as 802.11ab.

802.11ac — This amendment defines Very High Throughput (VHT) techniques to support speeds up to one gigabit per second (Gbps)
in below 6GHz frequency bands. It defines the use of wider bandwidth up to 160MHz, MIMO streams up to 8, and high-density
modulation up to 256-QAM to achieve 1Gbps performance.

802.11ad — This amendment defines super-fast WLAN operation with up to 7 Gbps throughputs in 60GHz.
802.11ae — Defines enhancements for managing QoS on WLAN networks. Note that 802.11e defines the base QoS for WLAN networks.

802.11af — Defines the use of Wi-Fi in newly opened TV white space frequencies between 50 and 600MHz, the available bandwidth
in this band is scattered,with handful of 6MHz wide channels.
The application throughputs will be relatively lower compared to 802.11a/g standards.As this is a low frequency band,
the range/coverage would be fantastic due to signal penetration.This standard can be used for rural broadband applications
where coverage is crucial and throughputs are less important.

802.11ag — Similar to 802.11ab, this standard is skipped to avoid potential confusion with devices using 802.11a and 802.11g PHY technologies, which are often abbreviated as 802.11ag.

802.11ah — Define the use of WLAN technology in frequencies below 1 GHz. 
802.11 ai - This standard is used for fast initial link setup.

The above list should be used as a reference to know about IEEE Wireless Standards, amendments and recommended practices.


Sample Packet Capture for different Networking Protocols ( Layer 2- Layer 7)

Sample Packet Capture for different Networking Protocols ( Layer 2- Layer 7)

When we have to test new embedded system protocols or any other networking protocols it is very necessary that we should have sample packet capture file. If you want to learn about any protocol  you should know the definition of that protocol, how it works and also we should see it working at packet level also . We should see sample Packet captures of that protocols.

It is easy if we read and go thought the packet through the sample packet capture file . Some protocols packet capture are easy to generate we can use wireshark on computer and capture it. Lets say you are reading about ARP protocol , then you should actually open the wireshark in you pc and capture the ARP Packet and see its fields and then read through RFC or any standard. It is always good to see, understand and read. Only theory does not help in long way.

Lets say you are reading about OSPF or RIP protocol, for you to prepare setup and generate these packets are difficult then you can download sample capture files and study them.

I have found few great sites which i use regularly to study about protocols . They have given many sample packet capture file s to download and use it.

Use these sites for your understanding of networking protocols. Also if you come across any other packet captures which is not yet uploaded you can upload into these sample packet capture websites for everyone to use it.

The sites are :  ( You need to download their capsa network analyzer to view them )

Please post in comments if you know any other such sites.

Protocol Level Tests: What is Protocol Testing?

Protocol Level Tests

In networking Domain we have many types of protocols and we need to test basic functionality of all protocols. When we say " Protocol level tests" we mean the networking protocols which comes in Layer 2-7. Layer 1 is physical layer and to test it we need specilized hardware devices.
In L2-L7 we have many protocols which we can tests. Some of the protocols which is required by router, modem, switches and bridges are given below . I will be adding how to test them and the general guidelines to test these protocols. When I am referring to layers they are layers of OSI model.  For who does not know or new to protocols or embedded system tests , the OSI layer is basically a model which has divided all the fuctions of communication systems into layers. This was done for interoperibility and understanding purposes. We have TCP/IP model as well which talks in terms of 4 layers which are mapped to OSI layers for understanding purposes.
We have protocols which resides in respective layers are given and categorised below. The important one are mentioned below :
Layer 1 - Physical layer-Actual Physical meduim , RS-232, RJ45, T1, E1, 10BASE-T, 100BASE-TX, POTS,DSL, 802.11a/b/g/n PHY ( This is where hub works, basically hub doesn't have any intelligence it just forwards data received on one port to all other ports )
Layer 2- Data Link Layer- MAC and LLC Layer ,  802.3 (Ethernet), 802.11a/b/g/n MAC/LLC, 802.1Q (VLAN), ATM,FDDI, Fibre Channel,HDLC, ISL, PPP, CRC, STP, RSTP  ( This is the Layer in which Bridge and Switches works, they read the MAC address of the data received and map it  with the port on which it is received.)
ARP in between Layer 2 and 3 , it help in getting MAC address for corresponding Ip address.
Layer 3 - Network Layer - IP, IPsec, ICMP, IGMP, OSPF
Layer 4 - Transport Layer - TCP, UDP
Layer 5 - Session Layer -NetBios, L2TP, PPTP
Layer 6 - Presentation Layer - MIME, SSL

Minimum packet size used in Smartbits for Ethernet UDP and TCP

Minimum packet size used in Smartbits for Ethernet UDP and TCP

Smartbits uses following minimum frame size for its calculation :
For TCP:
 Ethernet : 14
IP : 20
Signature : 18
CRC : 4
 Min: 76

 Ethernet : 14
IP 20
UDP/custom : 8
CRC: 4
 Min: 64

How Unicast/multicast/Broadcast Traffic is forwarded by Switch, Router and Hub

How Unicast/multicast/Broadcast Traffic is forwarded by Switch, Router and Hub

To Answer this first we should know what is unicast /multicast and Broadcast traffic is.

Unicast Traffic : The traffic destined to a single host in network is unicast traffic . Like ARP Request is Broadcast traffic but the ARP reply is unicast traffic.

Broadcast traffic : Broadcast traffic is the traffic which is destined for all the host in the same subnet.

Multicast Traffic : Multicast traffic is destined to a group of hosts who wishes to join the group. How the hosts join the multicast stream ? They open the desired port/ ip address pair which receives the traffic.

How  Hub forwards the Unicast/ Multicast and Broadcast Traffic ?

Hub is a single Collision domain and a single broadcast domain, which means that every packet whether it is unicast/multicast or broadcast will be forwarded to every other port.

How  Switch forwards the Unicast/ Multicast and Broadcast Traffic ?

Switch breaks collision domain and is single boradcast domain. It has its own Learning table or bridge table or MAC table. It updated the entry in this table based on source mac address and the port no. So when a packet is received on lets say PORT A with Source mac as AA:AA:AA:AA:AA:AA it will update its entry and all packets destined to this host will be sent to this port only. 


 How  Router  forwards the Unicast/ Multicast and Broadcast Traffic ?

 Router each port is single broadcast and single collision domain. It only forwards unicast traffic and drops broadcast traffic. Multicast traffic will only be forwarded if it has IGMP capability.

Test Plan coverage: What Should be included in a test Plan

How to Write Test Plans

Test Plans should be based on functionality and the feature to be tested. It can cover following things :

1) Configuration test cases

2) Functionality Test cases

3) Standard Based/ RFC based test cases

4)  Negative test cases

5) Performance related test cases

6) Stress Test cases

7) Logs related test case

8) Statistics Related test cases

9) User interface related test cases

10) Inter Feature test cases ( Lets say VLAN test plan is to be written and in this section we can add DHCP server related test cases, a combination of two or more  features)

How to test Spanning tree protocol ( STP )

How to test Spanning tree protocol ( STP )

Spanning tree protocol is one of the most interesting protocols. It is invented by Radia Perlman, she holds more than 50 patents and presently working in Intel ( year 2011 ).

We can use some testing tools to test spanning tree protocol. The main aim of Spanning tree protocol is to stop the loop formation and disable the redundant link so that packet follows only one path.

One of the imp question asked is why we need Spanning tree protocol in bridge to stop loop formation but why not in routers? Or if someone asks you we have STP in layer 2 to stop loops what is corresponding protocol in layer 3 to stop loop formation , don't get confused as in layer 3 it is not required ! Why ? because you have TTL field in routing mode which help in discarding the packet once TTL becomes zero.

Ok back to main topic "How to test Spanning tree Protocol" .  To test Spanning tree you have following ways:

1) Use some hardware test tool

2) Use some Software based packet generator

3) Use actual devices and test it.

How to use Hardware test tools to test Spanning Tree Protocol

We have some costly hardware test tools, but if you company is implementing spanning tree protocol , the chances are you will have any of these tools in ypur lab.

1) Agilent N2X has in built Spanning tree protocol test suite which can give you convergence time and packet loss. You can build the BPDU packet using the tool and test.

2) IXIA IxNetwork is another testing tool, which can be used for testing Spanning tree protocol. Using their Spanning tree protocol emulation software all the spanning tree parameters can be verified .

3) Smartbits : We can generate different type of packets using SmartWindows and test the Spanning tree protocol.

How to use Software test tools to test Spanning Tree Protocol

We have some software test tool which can generate STP packets

 Yersinia test tool can generate Spanning tree packets but it is more like attacking the device or flooding the device with STP packets and see how device is responding .

How to test Spanning tree protocol using more than one device

If you don't have any tool to test it don't worry connect two similar devices back to back and test it. It should have two paths. One path will be blocked by STP and one will be in forward mode. For detailed test cases please refer STP test cases page.

How to Display file extensions in Windows

How to Display file extensions in Windows 

Display the File extensions
 Windows OS contain an option to "Hide file extensions for known file types". The option is enabled by default, but a user may choose to disable this option in order to have file extensions displayed by windows. After disabling this option, there are still some file extensions that, by default, will continue to remain hidden from the user.
There is a registry value which, if set, will cause windows to hide certain file extensions regardless of user configuration choice. The " NeverShowExt" registry value is used to hide the extensions for basic windows file types.
This can be useful when thevirus affects the pc, sometimes the extensions are changed and we will not notice it.
 Remove all occurrences of the value "NeverShowExt" from the registry

1) Start >> Run >> Regedit
2) From the "Edit" menu, select find
3) Uncheck the "keys" and "data" entries under "Look at", and ensure that "Values" entry is checked
4) Enter "NeverShowExt" in the "Find What” box and click "Find Next"
5) When a value is found, right click on the value name and select "Delete"
6) Press F3 to find the next occurrence of "NeverShowExt"
7) Repeat the previous two steps until all occurrences of "NeverShowExt" have been deleted from the registry
8) The computer will need reboot for changes to take effect.
Refer to

Embedded System Testing Interview Questions

Embedded System Testing Interview Questions

To enter into Embedded System testing you should know what things you should study and what interview questions are asked . If you want to make Embedded system testing as your career some of the questions asked are :
1) Why you want to choose  embedded system testing as your career?
The answer could vary from person to person , you should show your interest and eagerness to learn about the embedded systems and networking protocols. Give interviewer impression that you like knowing about this.
2) Which embedded platform you have worked or you know ?
It depends on your experience on which you have tested or if you are a fresher you can just tell I am new to it and does not have much idea about it .  In market today we have many RTOS (Real time operating system) :
  •  Green Hills RTOS
  • Free RTOS
  • Embedded Linux
  • Enea
  • Wind River
  • QNX
  • Mentor/Acck
  • LynuxWorks
  • MontaVista
3) What is OSI layer ?
We should know about OSI layer and in which layer they work . Also Embedded system testing interviews will cover in depth of all protocols like ARP, DHCP, SNMP, SMTP, diff between routing and switching, diff between TCP and UDP protocols.

Some more are updated at my another blog entry:

Command: How to know MTU of Windows System

Command: How to know MTU of Windows System

For Linux it is very easy to know the MTU of the interface . We have to give command ifconfig and the interface name and it will show the mtu of the interface as well .

To know MTU in windows there is one command  "netsh" , basically its an interesting command to know various parameters.

To know MTU we can use below command but Routing and remote access service should be started otherwise you will get below error:

C:\>netsh interface ip show interface

The Routing and Remote Access Service is not currently running on the local mach
Please use 'net start remoteaccess' on the machine to start the service.

C:\>net start remoteaccess

C:\>netsh interface ip show interface

MIB-II Interface Information
Index:                              1
User-friendly Name:                 Loopback
GUID Name:                          Loopback
Type:                               Loopback
MTU:                                32768
Speed:                              10000000
Physical Address:
Admin Status:                       Up
Operational Status:                 Operational
Last Change:                        0
In Octets:                          0
In Unicast Packets:                 0
In Non-unicast Packets:             0
In Packets Discarded:               0
In Erroneous Packets:               0
In Unknown Protocol Packets:        0
Out Octets:                         0
Out Unicast Packets:                0
Out Non-unicast Packets:            0
Out Packets Discarded:              0
Out Erroneous Packets:              0
Output Queue Length:                0
Description:                        Internal loopback interface for 127.0.0 netw

Index:                              2
User-friendly Name:                 Local Area Connection
GUID Name:                          {2E2515A4-6473-4502-B718-5A6A2FEC516B}
Type:                               Ethernet
MTU:                                1500
Speed:                              100000000
Physical Address:                   00-11-11-5C-EB-88
Admin Status:                       Up
Operational Status:                 Operational
Last Change:                        3753568741
In Octets:                          332340138
In Unicast Packets:                 330402
In Non-unicast Packets:             451241
In Packets Discarded:               0
In Erroneous Packets:               0
In Unknown Protocol Packets:        9747
Out Octets:                         50853810
Out Unicast Packets:                265788
Out Non-unicast Packets:            5886
Out Packets Discarded:              0
Out Erroneous Packets:              0
Output Queue Length:                0
Description:                        Intel(R) PRO/100 VE Network Connection - Pac
ket Scheduler Miniport

Are there any Full duplex Ethernet HUB ?

Are there any Full duplex Ethernet HUB ?

Is it possible to have a full duplex Hub? Answer is NO. The Hub always works in Half duplex mode. And if it says 100 Mbps full duplex then probably its switch not hub.

If you want to sniff the packets using HUB, go for real hub ( 10 Mbps)  . The hub actually sends all traffic to all ports but switches and Dual speed Hub can be little picky in traffic.

Hubs can work in either 10 Mbps or 100 Mbps but always in half duplex mode.

Please read for more details.

What is Path MTU and How it is used ?

What is Path MTU and How it is used ?

      Q 1) What is Path MTU?
    A)      Path MTU is the lowest MTU of the Path. From Source to destination, the router whose MTU is lowest is  considered as the Path MTU     It is applicable only for Routers and not for end PC's
     E.g. 1
PC1--Eth0(MTU1500)-----------  (MTU 1500 Eth0) Router1--(ETH1 MTU1500)------------------(ETH0 MTU1000)–PC2 ( Eth1 MTU1500),       
In above case PC2 will receive the packets up to its MRU value, if mru value is greater then the MTU value it will receive the packet and fragment it and send back according to its own mtu. Generally mtu=mru , depends on vendors.
E.g. 2

   a)      In this case : normal scenario PC1 sends 1500 packets to PC2, the router second interface fragment the packet send to pc2, pc2 will send back the reply, the path mtu is 1000.
    b) in this case if PC1 send 1500 packets with DF bit set, -f option in icmp packet. The router see the other interface mtu which is 1000, as it cannot fragment the packet it will send icmp destination unreachable message with next hop MTU as 1000 to PC1. Now the PC1 knows that the least MTU is 1000 for the same source and destination. It will add one static route with destination at that interface. Now if u ping without DF bit set also, the PC1 will itself fragment the packet with 1000 bytes and send to PC2..

This static route can be seen in PC as route print. If we disable and enable the interface this route gets cleared. Also the path mtu will be one set of source, destination and the TOS value, unique to this path, when the path mtu is discovered.

It is defined in RFC 1191 for IPv4.

What is Wake On LAN ( Remote Wake up) Feature, how to enable Wake on LAN fearure, How to test Wake on LAN feature

Wake On LAN ( Remote Wake up)

Wake on Lan is a technology used to Wake up the PC/computer who is turned off. I came across this great technology when i was supposed to test whether our bridge/router allows the Magic packets to be forwarded or not.

WoL is a standard which enables to start the computer remotely even though it was switched off.

About the standard

Wake on LAN came from Intel and IBM Advanced Manageability Alliance formed on October 1996. This alliance introduced the technology in April 1997.

At almost similar time AMD  and HP came up with Magic Packet technology that allows the networked PC to go to completely asleep yet allows them to wake up after sending a specific data frame.

The actual standard document I am unable to found and i see both AMD and IBM claiming this technology as their own.

From standard and their implementation point of view its same. The magic packet is used to wake up the client.

Magic Packet

Magic Packet if you see in Wireshark it has  following format:

Ethernet2 header ( 14 bytes )
 ( Src mac address
   Destination mac address (Broadcast , FF:FF:FF:FF:FF:FF)
  Type: IP )
IP ( 20 bytes)
   ( Src IP , Dst IP (, version, header length, DSCP, total length, flags , fragment offset, TTL, protocol (UDP) )
UDP  (8 bytes)
    (Src port, dst port (9), length)
Wake On LAN, MAC
  (  Sync stream ( ff ff ff ff ff ff )
    MAC : 16 times MAC address

Requirements :

1) NIC with WoL capability

2) OS support ( Bios )

3) Tool or utility to send Magic packet

How To configure NIC

a) Go to -> Network connection Properties of the NIC card
b) Go to-> Advanced -> Search for  Wake on Settings-> Give value -> Wake on Magic or Wake on Magic & Directed.
c) Now go to Power management and check " Allow this device to bring the computer out of standby"

For other NIC cards the configuration settings are more or less same , so u can try finding similar options in other cards.

Bios Setting

Press F2/ Ctrl +S to go to Bios Setting. Search for "Remote Wake up" and make it "on"

Tools to generate Magic Packet

1) Ether-wake ( Linux utility ) to generate magic packet

2) A simple WB GUI utility

3) AMD utility

4) Requires Dot net framework

Linux tool to generate QinQ, IPV4, IPv6 and 802.1Q ethernet packets.

Linux tool to generate different Ethernet packet types PACKETH tool

Packeth is one good tool which can generate different packets and can be used for testing.

Following are different types which can be generated from this tool.

  • you can create and send any ethernet packet. Supported protocols:
    • ethernet II, ethernet 802.3, 802.1q, QinQ
    • ARP, IPv4, IPv6, user defined network layer payload
    • UDP, TCP, ICMP, IGMP, user defined transport layer payload
    • RTP (payload with options to send sin wave of any frequency for G.711)
  • sending sequence of packets
    • delay between packets, number of packets to send
    • sending with max speed, approaching the teoretical boundary
    • change parameters while sending (change IP & mac address, UDP payload, 2 user defined bytes, etc.)
  • saving configuration to a file and load from it - pcap format supported


How to modify or delete Windows default Multicast routes

How to modify or delete Windows default Multicast routes

  If you have more than one interface on your system and you want to stream video to one network, you should be aware of multicast route .
The default multicast route will be enabled by windows on all interfaces with same metric. So it is hard to tell on which interface it will send the multicast data . For it to send to specific network interface you can delete the route but as is it virtual route the Microsoft wont allow u to delete it . By simple trick you can delete it as follows:
First add the existing route as follows:
Lets say is the network on which you want to delete the route, just add it again on same interface.
c:> route add mask
Once it is done
c:>route delete mask
It will delete the unwanted route and send the traffic to destined network.

How to calculate Throughput for Ethernet Frames

Ethernet Frame and Calculation of Throughput

Ethernet Speed and throughput is one topic which i see many people getting confused and searching for answers.

When we say Ethernet speed is 100Mbps, this does not mean that it's data throughput is 100Mbps, it is to convey that the maximum link capacity is 100Mbps , including header and everything else like Inter frame gap.

The RFC 1242 and 2544 talks about what is throughput and how we should test it.

We have many Devices using which we can calculate the throughput for Ethernet frames. Smartbits and IXIA are mostly used devices.

These devices generally gives data in packets/sec and we should know how it calculates the packets/sec

Ethernet Frame :

TDM frame rate frequency 8000 Hz

Fast Ethernet LAN capacity 100 Mbit/s

Ethernet Frame
Preamble---------------->7 bytes
Start Frame------------->1 bytes
Destination MAC Address->6 bytes
Source MAC Address------>6 bytes
Type/Length Field------->2 bytes
Minimum payload size---->46 bytes
Frame Check Sequence (FCS)->4 bytes
Frame inter-packet gap---->12 bytes

Minimum Ethernet frame size 64 bytes
Minimum Ethernet frame total 84 bytes

For every Ethernet packet of 46 byte payload, the total byts on wire is 84 bytes.

Calculate throughput:

For 100 Mbps, 64 byte, : 100000000 / ((64+20)*8) =148809.5 Frames per second.

For 100 Mbps, 1518 byte : 100000000/((1518+20)*8)= 8127.43 Frames per second .

So Ethernet payload data rates are :

1518 / (18+20+1500+4)  = 98.4435 % without VLAN tags.

Difference between Protocol Numbers and EtherType

Difference between Protocol Numbers and EtherType

Generally i have seen people getting confused between Protocol number and Ethertype (or as mostly called protocol type field).

The protocols which uses Ethernet or MAC header within which  IP packet  is present will have protocol numbers but for the protocols which uses directly Ethernet or MAC header and have their own packet format they will have only Ethernet type.

For eg. IP has ethertype as (0800).

ARP packet uses only MAC header and in Ethernet header we have ethertype field which will be set for ARP which is 0806.  It will not have protocol number.

But ICMP packet will have protocol number which is 1 and will be present inside the IP header.

We can get a list of protocol numbers as given in below link:
We can see the different ethertypes defined below:

DHCP Server , DHCP client and DHCP Relay FAQ

DHCP Server, DHCP Client and DHCP Relay FAQ


DHCP is one of very interesting protocol. The more i know about this protocol, the more i really gets fascinated. And i am really surprised by how less people know about this DHCP protocol. It is used by everyone but very few people actually knows how it works. I have put this as DHCP server , DHCP Client and DHCP relay FAQ page and i want to cover all the questions related to this protocol and it will help you for your DHCP related interviews as well.

Q.1)  What standard do you refer for DHCP ?

A.1) DHCP stands for Dynamic host control protocol. And we should refer RFC 2131 to know about it. The old RFC is 1541.

Q.2) On what protocol DHCP is based on?

A.2) DHCP is based on bootstrap protocol or bootp protocol defined in RFC 951.

Q.3) What is BootP Protocol ? Tell important points .

A.3) a) Bootstrap protocol (BOOTP) allows a diskless client machine to discover its own IP address, the address of a server host, and the name of a file to be loaded into memory and executed. Here diskless refer to the devices which are in network and does not have permanent disks and uses tftp/remote file for bootup.

       b) The BOOTP protocol uses two reserved port numbers, 'BOOTP client' (68) and 'BOOTP server' (67). The client sends requests using 'BOOTP server' as the destination port; this is usually a broadcast. The server sends replies using 'BOOTP client' as the destination port; depending on the kernel or driver facilities in the server, this may or may not be a broadcast address.

Q.4) How many types of DHCP messages are present?A.4) There are in total 8 type of message :



Q.5) Explain Basic message exchange between DHCP Client and DHCP Server?

A.5)   Client ->  DHCPDISCOVER
         Server -> DHCPOFFER
         Client->   DHCPREQUEST
         Server -> DHCPACK

Q.6) Explain a case in which DHCPDECLINE message will be sent.A.6) DHCPDECLINE message is sent by the DHCP client to the DHCP Server when the server assigns ip address which is already used in the network.

Q.7) When ARP is used in the DHCP sever -DHCP client message exchange?

A.7) ARP is used two times. When DHCP server gets DHCPDISCOVER message it searches in the pool pick one ip address and sends ARP request or ICMP ECHO Request packet with the picked ip address to the network. This is to check if any one is using the ip address which the DHCP Server is going to assign to the client. The second time is when the client gets the DHCPOFFER packet with the ip address mentioned in it. It sends DHCPREQUEST packet to the Server and after this send Gratious ARP request with the IP address offered by the server to the network. If it gets reply it sends DHCPDECLINE to server and does not take the ip address. If no body replies to it , the DHCP Client starts using the offered IP address.

Q.7) What is the lease time?

A.7) The lease time is given by the DHCP Server to the DHCP Client. It is the duration in which the DHCP client can use the ip address assigned by the server. The clients renews it when 50 % of the time remains. Lets say DHCP server has assigned ip address to the client for lease time 1 hr .After 30 min the DHCP client will send DHCP Request for the renewal of the lease time. It the server is present the time will extend to again 1 hr from the time it requested to renew the lease. Lets say 3.00-4.00 is its previous lease time. When at 3.30 it asks to renew the time will be extended from 3.30 to 4.30. Lets say DHCP server is not reachable in that case still the client can use the IP address and wait for 87.5 % of the time . After this time again it will send DHCPREQUEST to the server. If it gets reply it extends the  lease time again for one hr from the time it requested . If it did not get reply again it is allowed to use the IP address up to the lease time. Once the lease time expires it has to re initiate the whole process.

Q.8) Do DHCP server maintain the Lease time database ? Do they retain the database if we reboot the Server?

A.8) Yes, they maintain the lease time database and that is why if the client request the ip address it will first see its database and if matching MAC address entry is there it will assign the same ip address to the client.
Generally database will not be persistent and will get deleted if we reboot the server. But mainly it depends on Vendor implementation.

Q.9) How we can see message exchange and how we can generate all type of DHCP messages?

A.8) We need atleast one DHCP server, 2 DHCP clients and Wireshark installed to see the message exchange. Following is the scenario where you can see different DHCP message exchanges :

             For DHCP sever you can use  any of the following : windows server 2003, linux dhcpd deamon, tftpd server
                   DHCP client can be any windows PC. Install wireshark in both server and client.

          a) Messages 1 : DHCPDiscover, DHCPOFFER, DHCPREQUEST, DHCPACK

                            PC1 (DHCP Server )     -----------------------------  PC2 (DHCP client)                        
 Configure DHCP server pool in server. Connect the DHCP client PC with cross cable. Open wireshark and observe the DHCP messages. You can see all 4 messages.

        b) Message 2 :  DHCPRELEASE

            In DHCP client PC open command prompt and type ipconfig /release . You will observe DHCPRELEASE message in the server.

       c) Message 3 : DHCP DECLINE
             You need two clients. One static and one through DHCP server. Try to first assign ip address to dhcp client, reboot the client or just remove it from network meanwhile give the same static ip to another client. Now connect the dhcp client when the server assigns the ip address the client will do gratious arp and as static ip is already present it will send DHCPDECLINE message to the Server.

        d) Message 3: DHCPNAK

              DHCPNAK is sent by server when the requested ip address is from other subnet or when the requested ip address by the DHCP client cannot be assigned by the Server. This you can generate by changing the pool of DHCP server or by using two DHCP server. First configure pool lets say in DHCP server. Let client get the ip address. Disconnect this server and Connect another server with IP oll as When the client sends DHCPREQUEST it will ask for the previous ip address which is not present in pool so the server will send NAK. This can be tested using Windows 2003 server. I think in linux servers this is not implemented and it will be silent and wont send any message.

       e) Message 4 : DHCPINFORM
           This is new message added and is supported by only few servers. This message is generated by Windows XP OS and once connection is idle leave the setup for some time , you can observe this message.

Q.10) What is DHCP Relay ?

A.10) DHCP Relay is used in router as the DHCP messages are broadcast messages the router will not forward the DISCOVER message to other subnet . If you want the router to forward the messages to other subnet we can enable DHCP Relay in the router. It will simply forward the message to server and responses back to the client.
If you have any doubt about DHCP please ask in comments.

Now my turn for asking some question, please put your answer in comments:

1)  Why we need two ports 67,68 for DHCP? Why it was not managed using only one port like http?

2)  What is the packet size for DHCP packets?