cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2880
Views
0
Helpful
5
Replies

CDP Packet

sabrouch001
Level 1
Level 1

Hello,

Please I would like to know the size and the composation of a CDP packet, and if the CDP make a lot of traffic on the network.

4 Accepted Solutions

Accepted Solutions

DAVID NOONAN
Level 1
Level 1

Info on the CDP frame:

http://www.cisco.com/univercd/cc/td/doc/product/lan/trsrb/frames.htm#xtocid12

CDP traffic is layer-2 so it's generally confined to a single segment. CDP sends a multicast frame every 60 seconds (by default, it can be changed with the "cdp timer") so it shouldn't be much traffic.

View solution in original post

Richard Burts
Hall of Fame
Hall of Fame

Sabri

From a capture I did the CDP packet is 194 bytes. It has a standard layer 2 header for 802.3 SNAP with a multicast MAC destination address. There is no layer 3 information in the frame. The payload is the CDP data.

No the CDP traffic does not make a lot of traffic on the network. It is a pretty small packet on the network, once every 60 seconds. Given the helpful information that CDP can generate I believe that it is well worth running CDP. And the load that it puts on the network is pretty insignificant.

HTH

Rick

HTH

Rick

View solution in original post

Some (i.e., National Secuirty Agency: http://www.nsa.gov/snac/downloads_cisco.cfm?MenuID=scg10.3.1, reference paragraph 4.2.1, page 69) have argued that cdp can be considered a security risk as it potentially exposes information about your platform to untrusted sources.

I don't share that opinion, except for public-facing interfaces. In those instances only, I would advocate "no cdp" on the interface. Properly isolated (firewall, etc.) interfaces should use cdp for the utlility it adds - especially for networks using CiscoWorks as an element manager - not having cdp enabled disables much of the Campus Manager tools' functionality (e.g., the ANI discovery process).

View solution in original post

Attached is a text printout of a CDP packet captured in Ethereal. I captured this from a 3548 switch in my lab.

View solution in original post

5 Replies 5

DAVID NOONAN
Level 1
Level 1

Info on the CDP frame:

http://www.cisco.com/univercd/cc/td/doc/product/lan/trsrb/frames.htm#xtocid12

CDP traffic is layer-2 so it's generally confined to a single segment. CDP sends a multicast frame every 60 seconds (by default, it can be changed with the "cdp timer") so it shouldn't be much traffic.

Richard Burts
Hall of Fame
Hall of Fame

Sabri

From a capture I did the CDP packet is 194 bytes. It has a standard layer 2 header for 802.3 SNAP with a multicast MAC destination address. There is no layer 3 information in the frame. The payload is the CDP data.

No the CDP traffic does not make a lot of traffic on the network. It is a pretty small packet on the network, once every 60 seconds. Given the helpful information that CDP can generate I believe that it is well worth running CDP. And the load that it puts on the network is pretty insignificant.

HTH

Rick

HTH

Rick

Some (i.e., National Secuirty Agency: http://www.nsa.gov/snac/downloads_cisco.cfm?MenuID=scg10.3.1, reference paragraph 4.2.1, page 69) have argued that cdp can be considered a security risk as it potentially exposes information about your platform to untrusted sources.

I don't share that opinion, except for public-facing interfaces. In those instances only, I would advocate "no cdp" on the interface. Properly isolated (firewall, etc.) interfaces should use cdp for the utlility it adds - especially for networks using CiscoWorks as an element manager - not having cdp enabled disables much of the Campus Manager tools' functionality (e.g., the ANI discovery process).

Attached is a text printout of a CDP packet captured in Ethereal. I captured this from a 3548 switch in my lab.

thank you for your help