Discovery Protocols
- Nmap is a complex app that needs a computer to run
- Switch, router, and access point appliances can run simpler discovery protocols to identify other devices on the local network
Cisco Discovery Protocol
Cisco Discovery Protocol (CDP) is a proprietary protocol used by Cisco network appliances to discover layer 2 adjacent devices or neighbors.
- runs by default on all Cisco switch, router, and access point hardware
- uses Data Link layer multicast to send status announcements over local interfaces
- every 60 seconds
- uses address
01:00:0c:cc:cc:cc - each device keeps a cache table of the data compiled from announcements received
show cdp neighborsreports information from the CDP cache- reports ID/host name, IOS version, interface addresses and statistics, VLAN information, and PoE usage
Link Layer Discovery Protocol
Link Layer Discovery Protocol (LLDP) is a standards-based protocol used by network appliances to discover layer 2 adjacent devices or neighbors.
- by IEEE
- uses multicast address
01:80:c2:00:00:0e - sends announcements every 30s by default