OnWorks favicon

cdp - Online in the Cloud

Run cdp in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command cdp that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator



cdp - cdp packet generator


cdp -i <interface> [-v -n x -l x -c c -r] [-D <string> -P <string> -L <string> -S <string>
-F <ip address> -C <capabilities>]


This manual page documents briefly the cdp command. This manual page was written for the
Debian distribution because the original program does not have a manual page.

CDP is a layer 2 protocol used by Cisco routers to discover each other on the same link
(segment). This protocol is not routed and therefore this tool is just usefull in the
local segment.

CDP messages contain information about the sending Cisco router. These include the device
ID (hostname), port ID (which port was the sender), the platform running on, the software
incl. version, what the box is capable of and which network address (IP address) the
interface has. If not configured otherwise, Cisco routers send these messages out every 30
seconds. In our case (ethernet), they are send to a special MAC address
(01:00:0C:CC:CC:CC) and therefore are received from every Cisco router in the same
segment. Other routers store the data and hold it for a time defined in the message (the
tool uses the maximum of 255 seconds).

Very interesting is, that Cisco IOS uses the device ID as key to find out if the received
message is an update and the neighbor is already known or not. If the device ID is to
long, this test seems to fail and you constantly fill up the routers memory.

The CDP tool can be used in two different modi:

The flood mode is used to send garbage CDP messages to the wire, which has different
effects to the routers depending on their IOS version. It is not tested very well, which
version of IOS reacts in which way on which kind of Cisco hardware. So if you come across
somthing, please report it. IOS 11.1(1) was tested and the router could match even long
device id´s but rebooted after receiving three or four random device id names. Most other
IOS versions just store the message and fill up the memory. When you try to debug CDP
events, all IOS we tested crashed and reboot.

To use CDP, you have to specify the ethernet interface you will be working on: -i eth0

Everything else is optional.

-v verbose

-n x send x packets

-l x length of the device id string. Keep in mind, that the
whole ethernet frame has to be smaller the 1514 bytes.
The maximum length is therefore 1480 for the device id
(default is 1400)

-c c fills the device id with the char 'c' (default is 'A')

-r makes the device id a random string of characters, which
leads to no matching on the receiver Cisco and to memory fillup
or crash


Hint: if you want to flood the routers completly, start two processes of cdp with
different sizes. One of them running on full size (1480) to fill up the major part of the
memory and another to fill up the rest with a length of 10 octets.

The second mode for CDP is spoofing. You can enable this mode with the command line option
-m 1. It has no actuall use for attacking router and is mostly targeted fro social
engineering or just to confuse the local administrator. It is used to send out 100% valid
CDP infromation packets which look like generated by other Cisco routers. Here, you can
specify any part of a CDP message yourself.

-i <interface> ethernet interface

-v verbose

-D <string> device id string

-P <string> port id string

-L <string> platform string

-S <string> software string

-F <ip address> ip address of the interface

-C <capabilities> the capabilities of the device you are claiming to be:
R - Router, T - Trans Bridge, B - Source Route Bridge,
S - Switch, H - Host, I - IGMP, r - Repeater
Combine the letters to a string: RI means Router and IGMP


Which results on the cisco router in the following information:

cisco#sh cdp neig detail


Device ID: Linuxfirewall

Entry address(es):

IP address:

Platform: Intel, Capabilities: Router

Interface: Ethernet0, Port ID (outgoing port): Ethernet0

Holdtime : 238 sec

Version :

Linux vince 2.4.18-686 #1 Sun Apr 14 11:32:47 EST 2002 i686 unknown unknown GNU/Linux

Use cdp online using onworks.net services

Free Servers & Workstations

Download Windows & Linux apps

  • 1
    itop - ITSM  CMDB OpenSource
    itop - ITSM CMDB OpenSource
    IT Operations Portal: a complete open
    source, ITIL, web based service
    management tool including a fully
    customizable CMDB, a helpdesk system and
    a document man...
    Download itop - ITSM CMDB OpenSource
  • 2
    Clementine is a multi-platform music
    player and library organizer inspired by
    Amarok 1.4. It has a fast and
    easy-to-use interface, and allows you to
    search and ...
    Download Clementine
  • 3
    ATTENTION: Cumulative update 2.4.3 has
    been released!! The update works for any
    previous 2.x.x version. If upgrading
    from version v1.x.x, please download and
    Download XISMuS
  • 4
    Modular headtracking program that
    supports multiple face-trackers, filters
    and game-protocols. Among the trackers
    are the SM FaceAPI, AIC Inertial Head
    Tracker ...
    Download facetracknoir
  • 5
    PHP QR Code
    PHP QR Code
    PHP QR Code is open source (LGPL)
    library for generating QR Code,
    2-dimensional barcode. Based on
    libqrencode C library, provides API for
    creating QR Code barc...
    Download PHP QR Code
  • 6
    Cuckoo Sandbox
    Cuckoo Sandbox
    Cuckoo Sandbox uses components to
    monitor the behavior of malware in a
    Sandbox environment; isolated from the
    rest of the system. It offers automated
    analysis o...
    Download Cuckoo Sandbox
  • 7
    Play YouTube video on LMS (porting of
    Triode's to YouTbe API v3) This is
    an application that can also be fetched
    Download LMS-YouTube
  • More »

Linux commands