Cisco Discovery Protocol (CDP)
CDP is a layer 2 protocol that is proprietary to Cisco. Most Cisco devices support CDP in both version 1 and 2.
CDP is used to convey information such as software code version, hardware type, device capabilities,
VLAN information, layer 3 network information
even to the point of being able to share subnet information between routers without a routing protocol.
Any layer 2 protocol that supports SNAP within its frame can run CDP.
These SNAP-capable protocols include Ethernet (CDP uses LLC/SNAP (OUI of 0x00000c and protocol ID
of 0x2000), Token Ring, Frame Relay and ATM,
plus HDLC (protocol type 0x2000) and PPP (protocol type 0x0207).
Structure of CDP packet
The CDP frame has a header followed by one or more TLV fields that can be extended if desired (the CDP version 2 fields are
- Version - CDP version (0x01 or 0x02)
- Time to Live (TTL) - this is the holdtime (in seconds) that the information should be kept for by the receiving device
default 180 seconds).
- Type - The CDP Type/Length/Value which can be one of the following:
- Device ID - 0x0001
- Address - 0x0002
- Port ID - 0x0003
- Capabilities - 0x0004
- Version - 0x0005
- Platform - 0x0006
- IP Prefix - 0x0007
- VTP Management Domain - 0x0009 (CDPv2)
- Native VLAN - 0x000a (CDPv2)
- Duplex status - 0x000b (CDPv2)
- Appliance ID (separate voip) - 0x000e (CDPv2)
- Power consumption (milliwatts) - 0x0010 (CDPv2)
- Length - This is the length (in bytes) of the Type/Length/Value fields
- Value - This has the Type/Length/Value information, and can be the following:
- Device ID - This can be the device's MAC address in ASCII or the FQDN
- Address - This TLV has a frame structure as illustrated below!
- Port ID - This has an ASCII string that names the port from which the message is sent
- Capabilities - has a value describing the device capabilities
- 0x01 - level 3 routing
- 0x02 - level 2 transparent bridging (or source-route bridging if 0x04 bit set)
- 0x04 - level 2 source-route bridging
- 0x08 - level 2 switching not running Spanning Tree
- 0x10 - sends and receives packets for a network layer protocol
- 0x20 - the device does not forward IGMP reports
- 0x40 - level 1 function
- Version - Software version running on the device
- Platform - ASCII string describing the device e.g. Cisco 7000
- IP Prefix - a set of 0 or more IP prefixes.
The length field includes the length of the type and value fields, plus 5 bytes for every IP prefix
(directly connected IP network) included. Each IP
prefix consists of 4 bytes for the IP network plus 1 byte for the mask. The network mask can be in the range 0
to 32, and represents the number of bits set in the mask.
This IP Prefix enables IP router to communicate IP topology information to a central router, without using an IP routing protocol
Structure of Address Fields
- Protocol Type - 1 = NLPID, 2 = 802.2
- Length - Length of the protocol field. This is 1 byte for NLPID, or for 802.2 it is either 3 or 8 bytes
- 0x81 — ISO CLNS (Type 1)
- 0xCC — IP (Type 1)
- 0xAAAA03 000000 0800 — IPv6 (Type 2)
- 0xAAAA03 000000 6003 — DECNET Phase IV (Type 2)
- 0xAAAA03 000000 809B — AppleTalk (Type 2)
- 0xAAAA03 000000 8137 — Novell IPX (Type 2)
- 0xAAAA03 000000 80c4 — Banyan VINES (Type 2)
- 0xAAAA03 000000 0600 — XNS (Type 2)
- 0xAAAA03 000000 8019 — Apollo Domain (Type 2)
- Address Length - Length of the address field in bytes
- Address - address of the interface or system
Operation of CDP
A device periodically sends out a CDP advertisement every 60 seconds using the layer 2 multicast address 01:00:0c:cc:cc:cc
which is also used by VTP. In the case of Token Ring the functional address c000.0800.0000 is used.
The receiving device(s) creates a table from these CDP advertisements and holds on to the information for 180 seconds (the holdtime).
If a switch runs CDPv1, it ignores and drops v2 frames. If a switch runs CDPv2 and receives a CDPv1 frame on a
particular interface, it will send out CDPv1 frames out of that interface as well as CDPv2 frames.
Cisco switches see the MAC multicast address 0100.0ccc.cccc used by CDP as a special address and will not forward it out of
other interfaces on that switch. Routers do not forward layer 2 frames out of other interfaces, therefore
only directly connected neighbors receive the CDP advertisements.