Notice: Undefined offset: 8192 in /var/www/html/drupal-5.5/includes/common.inc on line 553

Notice: Undefined offset: 8192 in /var/www/html/drupal-5.5/includes/common.inc on line 560

Notice: Undefined property: stdClass::$theme in /var/www/html/drupal-5.5/includes/theme.inc on line 45

Notice: Undefined offset: 8192 in /var/www/html/drupal-5.5/includes/common.inc on line 553

Notice: Undefined offset: 8192 in /var/www/html/drupal-5.5/includes/common.inc on line 560

Notice: Undefined offset: 8192 in /var/www/html/drupal-5.5/includes/common.inc on line 553

Notice: Undefined offset: 8192 in /var/www/html/drupal-5.5/includes/common.inc on line 560

Notice: Undefined offset: 8192 in /var/www/html/drupal-5.5/includes/common.inc on line 553

Notice: Undefined offset: 8192 in /var/www/html/drupal-5.5/includes/common.inc on line 560

Notice: Undefined offset: 8192 in /var/www/html/drupal-5.5/includes/common.inc on line 553

Notice: Undefined offset: 8192 in /var/www/html/drupal-5.5/includes/common.inc on line 560

Notice: Undefined offset: 8192 in /var/www/html/drupal-5.5/includes/common.inc on line 553

Notice: Undefined offset: 8192 in /var/www/html/drupal-5.5/includes/common.inc on line 560
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">

<head>
  <title>Decoding Cisco Discovery Protocol (CDP) packets | Open Source Experts</title>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="/themes/zen/ose_blog/print.css" type="text/css" media="print" />

<meta name="copyright" content="Copyright © 2010 Open Source Experts all rights reserved." />
<meta name="description" content="This how-to enables you to filter network traffic for a single packet of Cisco Discovery Protocol (CDP). The CDP packet contains information about the switch port you are connected to, and Wireshark and Ethereal will decode this information for you." />
<meta name="robots" content="index,follow" />
<meta name="DC.title" content="Decoding Cisco Discovery Protocol (CDP) packets" />
  <style type="text/css" media="all">@import "/modules/node/node.css";</style>
<style type="text/css" media="all">@import "/modules/system/defaults.css";</style>
<style type="text/css" media="all">@import "/modules/system/system.css";</style>
<style type="text/css" media="all">@import "/modules/user/user.css";</style>
<style type="text/css" media="all">@import "/themes/zen/ose_blog/style.css";</style>
<style type="text/css" media="all">@import "/themes/zen/html-elements.css";</style>
<style type="text/css" media="all">@import "/themes/zen/tabs.css";</style>
<style type="text/css" media="all">@import "/themes/zen/ose_blog/layout.css";</style>
<style type="text/css" media="all">@import "/themes/zen/ose_blog/ose_blog.css";</style>
<style type="text/css" media="all">@import "/themes/zen/block-editing.css";</style>
  <!--[if IE]>
    <link rel="stylesheet" href="/themes/zen/ie.css" type="text/css">
      <![endif]-->
  </head>

<body class="not-front not-logged-in node-type-blog one-sidebar sidebar-left page-node-38 section-node">

  <div id="page"><div id="page-inner">

    <a name="top" id="navigation-top"></a>
        <div id="header"><div id="header-inner" class="clear-block">

      
              <div id="header-blocks">
          <div id="block-block-2" class="block block-block region-odd even region-count-1 count-4"><div class="block-inner">

  
  <div class="content">
    <p><a href="/"><img src="/files/images/ose_title07.png" width="960" height="75" alt="Open Source Experts"/></a></p>
<div id="site-slogan">Opening Doors to Open Source.</div>
  </div>

  
</div></div> <!-- /block-inner, /block -->
        </div> <!-- /#header-blocks -->
      
    </div></div> <!-- /#header-inner, /#header -->

    <div id="main"><div id="main-inner" class="clear-block">

      <div id="content"><div id="content-inner">

        
        
                  <div id="content-header">
            <div class="breadcrumb"><a href="/">Home</a> › <a href="/blog">Blog</a> › <a href="/blog/1">Steven Kohrs</a> › </div>                          <h1 class="title">Decoding Cisco Discovery Protocol (CDP) packets</h1>
                                                          </div> <!-- /#content-header -->
        
        <div id="content-area">
          <div class="node node-type-blog" id="node-38"><div class="node-inner">

  
  
  
      <div class="submitted">
      Submitted by Steven Kohrs on Thu, 11/03/2011 - 08:24.    </div>
  
  
  <div class="content">
    <p>This how-to enables you to filter network traffic for a single<br />
packet of Cisco Discovery Protocol (CDP). The CDP packet<br />
contains information about the switch port you are connected to,<br />
and Wireshark and Ethereal will decode this information for you.</p>
<p>Wireshark is the name for the program formerly known as Ethereal.<br />
We will be using tshark, the CLI version of Wireshark.<br />
On older systems you may run "tethereal" with the same options<br />
as shown below for tshark.</p>
<p>Choose an interface on which to capture traffic. You specify the<br />
interface in tshark using the -i option and can provide either the numeric<br />
interface from "tshark -D" or the named interface from "ip link show".</p>
<p>The -V option says to display the entire packet in verbose mode.<br />
The -c 1 option says to exit after capturing one packet.</p>
<p>The -f parameter specifies the capture filter. </p>
<p>The following command thus captures and verbosely decodes a single CDP packet:</p>
<p><code>tshark -i any -V -c1 -f "ether[12:2] &lt;= 1500 &amp;&amp; ether[14:2] == 0xAAAA &amp;&amp;<br />
ether[16:1] == 0x03 &amp;&amp; ether[17:2] == 0x0000 &amp;&amp; ether[19:1] == 0x0C<br />
&amp;&amp; ether[20:2] == 0x2000"</code></p>
<p>Peruse the output for some very interesting information!</p>
  </div>

      <div class="links">
      <ul class="links inline"><li class="first last comment_forbidden"><span class="comment_forbidden"><a href="/user/login?destination=comment/reply/38%2523comment-form">Login</a> to post comments</span></li>
</ul>    </div>
  
</div></div> <!-- /node-inner, /node -->
        </div>

        
        
      </div></div> <!-- /#content-inner, /#content -->

      
              <div id="sidebar-left"><div id="sidebar-left-inner">
          <div id="block-menu-70" class="block block-menu region-odd odd region-count-1 count-1"><div class="block-inner">

  
  <div class="content">
    
<ul class="menu">
<li class="leaf"><a href="/">Home</a></li>
<li class="collapsed"><a href="/node/3">Services</a></li>
<li class="leaf"><a href="/node/7" title="Events">Events</a></li>
<li class="collapsed"><a href="/node/28">Press</a></li>
<li class="leaf"><a href="/node/15">Careers</a></li>
<li class="leaf"><a href="/blog">Blog</a></li>
<li class="leaf"><a href="/node/11">About Us</a></li>

</ul>
  </div>

  
</div></div> <!-- /block-inner, /block -->
<div id="block-menu-63" class="block block-menu region-even even region-count-2 count-2"><div class="block-inner">

  
  <div class="content">
    
<ul class="menu">
<li class="leaf"><a href="/node/2" title="OSE Employee Login">Login</a></li>

</ul>
  </div>

  
</div></div> <!-- /block-inner, /block -->
<div id="block-block-5" class="block block-block region-odd odd region-count-3 count-3"><div class="block-inner">

  
  <div class="content">
    <p><img class="logo" src="/files/images/OSE_logo.png" width="138" height="318" alt="OSE Logo"/></p>
  </div>

  
</div></div> <!-- /block-inner, /block -->
        </div></div> <!-- /#sidebar-left-inner, /#sidebar-left -->
      
      
    </div></div> <!-- /#main-inner, /#main -->

    <div id="footer"><div id="footer-inner">

      <div id="footer-message">
</div>

    </div></div> <!-- /#footer-inner, /#footer -->

          <div id="closure-blocks"><div id="block-block-3" class="block block-block region-even odd region-count-2 count-5"><div class="block-inner">

  
  <div class="content">
    <p>&nbsp;</p>
<p>
Copyright © 2002-2011 Open Source Experts all rights reserved.<br />
Please send comments to <a href="mailto:webmaster@opensourceexperts.com">webmaster@opensourceexperts.com</a>.<br />
Questions? Call 402.598.0630
</p>
<div align="right">
<p>
A SiLK Enterprises, Inc. company.
</p>
</div>
  </div>

  
</div></div> <!-- /block-inner, /block -->
</div>
    
    
  </div></div> <!-- /#page-inner, /#page -->

</body>
</html>