What is a CDP packet?
Cisco Discovery Protocol (CDP) is a proprietary Data Link Layer protocol developed by Cisco Systems in 1994 by Keith McCloghrie and Dino Farinacci. It is used to share information about other directly connected Cisco equipment, such as the operating system version and IP address.
What ethertype is CDP?
CDP is assigned the Cisco HDLC protocol type value 0x2000. A Cisco-proprietary SNAP value enumerates HDLC protocol type values so CDP can run on all media that support SNAP, such as LAN media, Frame Relay, and ATM. CDP sends packets on LANs using the multicast address 0100.0CCC.
What information does CDP communicate?
CDP is used to convey information such as software code version, hardware type, device capabilities, VLAN information, layer 3 network information even to the point of being able to share subnet information between routers without a routing protocol.
Why would you use CDP?
CDP offers several benefits to service providers that need more visibility into their network, including: Allowing the use of different network layer protocols and the real-time transport protocol to discover devices and how they are configured.
Why CDP and LLDP is used?
To manage the networks, we use the Cisco Discovery Protocol (CDP) , and Link Layer Discovery Protocol (LLDP) which gather information about the neighboring devices useful for network design decisions, troubleshooting, and network documentation.
How does a Cisco device process a CDP packet?
All Cisco devices receive CDP packets, process them and cache the information in the packet. Cisco devices never forward a CDP packet. If any information changes from the last received packet, the new information is cached and the older information is discarded even if its time-to-live value has not yet expired.
Which is the most recent version of the CDP protocol?
CDPV2:- Is the most recent release of the protocol and provides more intelligent device tracking features like instances of mismatch native VLAN IDs on 802.1Q trunks, and mismatch in duplex states between connecting devices. All Cisco devices transmit CDP packets periodically (default time interval value is 60 seconds though this is adjustable).
What’s the default TTL for a Cisco CDP packet?
All Cisco devices transmit CDP packets periodically (default time interval value is 60 seconds though this is adjustable). These packets advertise a time-to-live (TTL) value in seconds, which indicates the number of seconds that the packet must be retained before it can be discarded (default value is 180 seconds).
Which is the MAC address in CDP Spoofing?
In CDP spoofing, an attacker sends packet with multicast mac-address (01:00:0c:cc:cc:cc) as destination and various spoofed or fake mac-addresses as source.