Capture Cisco CDP Neighbor Info in GNS3 Using Wireshark

CDP – Overview

• CDP (Cisco Discovery Protocol) is a Cisco proprietary Layer 2 protocol.

• Used to discover directly connected Cisco devices.

• Operates independently of network layer protocols (no IP required).

Key Characteristics

• Works at OSI Layer 2 (Data Link Layer).

• Uses multicast MAC address: 01:00:0C:CC:CC:CC.

• Sends advertisements every 60 seconds (default).

• Holdtime default is 180 seconds.

• Enabled by default on most Cisco devices.

Information Discovered via CDP

• Device hostname

• Device type (router, switch, IP phone, etc.)

• Interface name and port ID

• IP address (management IP)

• IOS version

• Hardware platform (model number)

• Native VLAN (on trunk ports)

• Duplex settings

CDP vs Network Scope

• Discovers only directly connected neighbors.

• Does not cross routers.

• Works on:

  • Ethernet

  • Serial

  • Fiber interfaces

• Does not work on non-Cisco devices.

CDP Security Considerations

• CDP can expose sensitive network information.

• Recommended to disable CDP on:

  • Internet-facing interfaces

  • Untrusted or external links

• Best practice:

  • Disable CDP per interface rather than globally if needed.

CDP Use Cases

• Network documentation and topology discovery

• Troubleshooting cabling and interface issues

• Identifying connected device models and ports

• Verifying switch-to-switch or switch-to-router connections

CDP Limitations

• Cisco proprietary (not vendor-neutral)

• Potential security risk if misused

• Limited to local neighbors only

Objectives:

• Understand the purpose and benefits of CDP.

• Learn how to configure basic settings on Cisco devices to utilize CDP.

• Use Wireshark to analyze CDP packets.

1. Network Topology:

The network setup for this tutorial includes a Cisco router (R1) connected to a PC (PC-1) via a FastEthernet interface.

2. Configuring Basic Settings:

On Router R1:

On PC-1:

• Set IP Configuration:

• Verify Configuration:

3. Analyzing CDP Packets with Wireshark:

• Install Wireshark:

  • Download and install Wireshark from the official website.

• Capture Traffic:

  • Launch Wireshark and start a capture on the interface connected to the network.

• Apply Display Filter:

  • Use the filter to display only CDP packets:

• Examine CDP Packets:

  • Observe details such as device ID, IP address, platform, and capabilities.

💖 Support Our Work

If you find this post helpful and would like to support my work, you can send a donation via TRC-20 (USDT). Your contributions help us keep creating and sharing more valuable content.

Thank you for your generosity! 🙏

Keywords

CDP,Cisco Discovery Protocol,network topology,router configuration,Wireshark,packet analysis,IP addressing,troubleshooting,network management,FastEthernet,loopback interface,console access,SSH,network discovery,device identification,subnet mask,default gateway,Cisco devices,interface configuration,network monitoring, وایرشارک, nerd cafe , نرد کافه

Channel Overview

🌐 Website: www.nerd-cafe.ir

📺 YouTube: @nerd-cafe

🎥 Aparat: nerd_cafe

📌 Pinterest: nerd_cafe

📱 Telegram: @nerd_cafe

📝 Blog: Nerd Café on Virgool

💻 GitHub: nerd-cafe