Tuesday, September 22, 2009

CDP - What Switch Am I Connected To?

I'm sitting here on my day off, I've mowed the lawn and I had a few minutes to spare so I thought I would have a closer look at a CDP packet.

CPD stands for Cisco Discovery Protocol and it's a packet that is sent out of every interface of my switch by default. Now I'll be covering CDP in more detail in another post but I wanted to just quickly get this down because it's so cool.

How many times have you had a PC that you need to figure out which switch and which port its plugged into? Probably loads right. Me too. Well a simple packet capture for a minute or so will give you all the information to go to the right switch and the right port.

As can be seen in the screenshot below, I have Wireshark set to filter on CDP and in the first packet that comes through I can see that my PC is connect to switch S1 (Device ID: S1) and is on port FastEthernet 0/3 (Port ID: FastEthernet 0/3). How cool is that! My days of tracing cables are now over (maybe!).

Now there's some other useful information in there too like the IP Address of the switch, the Switch model and IOS version.

Just thought I would share that useful tip (well I thought it was pretty useful anyway).


Anonymous said...

If you need to do this in tcpdump the command to use is

tcpdump -nn -v -i INTERFACE_NAME -s 1500 -c 1 'ether[20:2] == 0x2000'

I use this at my workplace, very handy.


SynJunkie said...

Very cool. Cheers.