{"id":132,"date":"2010-03-06T11:24:00","date_gmt":"2010-03-06T16:24:00","guid":{"rendered":"https:\/\/rick.sh\/index.php\/2010\/03\/06\/easily-display-cdp-connection-info\/"},"modified":"2010-03-06T11:24:00","modified_gmt":"2010-03-06T16:24:00","slug":"easily-display-cdp-connection-info","status":"publish","type":"post","link":"https:\/\/rick.sh\/index.php\/2010\/03\/06\/easily-display-cdp-connection-info\/","title":{"rendered":"Easily display CDP connection info"},"content":{"rendered":"

Here’s a quick one-liner to efficiently display CDP (Cisco Discovery Protocol) information on your windows PC. I must give credit to this post<\/a>.<\/span><\/p>\n

First of all, download and install WinPcap and a copy of WinDump.exe here. WinDump is a runtime .exe, so no installation is necessary.<\/span><\/p>\n

Now, WinDump is a command-line utility, so to easily access it, I recommend you put it in your windows or system32 directory so you can easily access it from the command-line in any working directory.<\/span><\/p>\n

Use WinDump.exe -D to get your network connection’s identifier string.<\/span>
Sample:<\/span>
C:WinDump.exe -D<\/span>
<\/span>1.DeviceNPF_{FD16AF8D-2700-46D5-8C2B-759B0C54991A} (Sun)<\/span>
<\/span>2.DeviceNPF_{39E87FB9-DB40-4476-8B05-601AB3F4CC08} (Microsoft)<\/span>
<\/span>3.DeviceNPF_{6588B9CB-A7E7-4998-A780-3652193EA45B} (Intel(R) PRO\/1000 PL Network Connection)<\/span><\/p>\n

Here’s the command format I use:<\/span>
C:WinDump.exe -nn -v -i DeviceNPF_{6588B9CB-A7E7-4998-A780-3652193EA45B} -s 1500 -c 1 “ether[20:2] == 0x2000”<\/span><\/p>\n

The command breakdown is similar to what is on the original post sample.<\/span>
-nn displays output in numeric only format<\/span>
-v displays verbose information<\/span>
-i specifies the interface to use for the captures<\/span>
-s specifies packet byte size to be snagged<\/span>
-c exits the program after capturing one packet matching bytes 20 and 21 from the start of the Ethernet header for a hex value of 2000<\/span><\/p>\n

The output of the command above after successfully capturing a CDP packet looks like this:<\/span>
15:50:59.355171 CDPv2, ttl: 180s, checksum: 692 (unverified), length 418<\/span>
<\/span>Device-ID (0x01), length: 11 bytes: ‘Switch2’<\/span>
<\/span>Address (0x02), length: 13 bytes: IPv4 (1) 10.1.1.2<\/span>
<\/span>Port-ID (0x03), length: 19 bytes: ‘GigabitEthernet1\/2’<\/span>
<\/span>Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping<\/span>
<\/span>Version String (0x05), length: 289 bytes:<\/span>
<\/span>Cisco Internetwork Operating System Software<\/span>
<\/span>IOS ™ Catalyst 4000 L3 Switch Software (cat4000-IS-M), Version 12.1(13)EW1, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)<\/span>
<\/span>TAC Support: http:\/\/www.cisco.com\/tac<\/span>
<\/span>Copyright (c) 1986-2003 by cisco Systems, Inc.<\/span>
<\/span>Compiled Tue 18-Mar-03 07:33 by hqluong<\/span>
<\/span>Platform (0x06), length: 15 bytes: ‘cisco WS-C4507R’<\/span>
<\/span>Prefixes (0x07), length: 5 bytes: IPv4 Prefixes (1): 10.1.1.0\/24<\/span>
<\/span>VTP Management Domain (0x09), length: 5 bytes: ‘vtpdomain’<\/span>
<\/span>Native VLAN ID (0x0a), length: 2 bytes: 129<\/span>
<\/span>Duplex (0x0b), length: 1 byte: full<\/span>
<\/span>AVVID trust bitmap (0x12), length: 1 byte: 0x00<\/span>
<\/span>AVVID untrusted ports CoS (0x13), length: 1 byte: 0x00<\/span><\/p>\n

<\/span>This info is great, there is lots of useful data: switch name, ip, interface, switchport native vlan, vtp domain, etc. But is not immediately clear what’s on the other end. So here’s a little bit of help.<\/span><\/p>\n

I put this command and others in a batch file to simplify things and to initiate CDP capture from an icon. Start the batch file with the WinDump command and have the output echo into a .txt file.<\/span>
WinDump.exe -nn -v -i DeviceNPF_{6588B9CB-A7E7-4998-A780-3652193EA45B} -s 1500 -c 1 “ether[20:2] == 0x2000” >RESULT.txt<\/span><\/p>\n

Now, using the Find command, have it search the RESULT.txt file and output the data you like as so:<\/span>
FIND \/I “Device-ID” RESULT.txt<\/span>
<\/span>FIND \/I “Port-ID (0x03)” RESULT.txt<\/span>
<\/span>FIND \/I “Address (0x02)” RESULT.txt<\/span>
<\/span>FIND \/I “Native VLAN ID (0x0a)” RESULT.txt<\/span><\/p>\n

So now, just run the batch file, and when a CDP packet is captured, the output will display only the data you need as so:<\/span>
———- RESULT.TXT<\/span>
<\/span>Device-ID (0x01), length: 11 bytes: ‘Switch2’<\/span><\/p>\n

<\/span>———- RESULT.TXT<\/span>
<\/span>Port-ID (0x03), length: 19 bytes: ‘GigabitEthernet1\/2’<\/span><\/p>\n

<\/span>———- RESULT.TXT<\/span>
<\/span>Address (0x02), length: 13 bytes: IPv4 (1) 10.1.1.2<\/span><\/p>\n

<\/span>———- RESULT.TXT<\/span>
<\/span>Native VLAN ID (0x0a), length: 2 bytes: 100<\/span>
<\/span>
This little script saves me so much time everyday, and is a great alternative to commercial software that does the same. If anyone has any ideas to help make it better, please let me know!<\/span>
<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Here’s a quick one-liner to efficiently display CDP (Cisco Discovery Protocol) information on your windows PC. I must give credit to this post. First of all, download and install WinPcap and a copy of WinDump.exe here. WinDump is a runtime .exe, so no installation is necessary. Now, WinDump is a command-line utility, so to easily … <\/p>\n

Continue reading “Easily display CDP connection info”<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/rick.sh\/index.php\/wp-json\/wp\/v2\/posts\/132"}],"collection":[{"href":"https:\/\/rick.sh\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rick.sh\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rick.sh\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/rick.sh\/index.php\/wp-json\/wp\/v2\/comments?post=132"}],"version-history":[{"count":0,"href":"https:\/\/rick.sh\/index.php\/wp-json\/wp\/v2\/posts\/132\/revisions"}],"wp:attachment":[{"href":"https:\/\/rick.sh\/index.php\/wp-json\/wp\/v2\/media?parent=132"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rick.sh\/index.php\/wp-json\/wp\/v2\/categories?post=132"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rick.sh\/index.php\/wp-json\/wp\/v2\/tags?post=132"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}