Linux CISCO Discovery Protocol
Welcome to the Linux CDP home page.
The CISCO Discovery Protocol is implemented as a module for the Linux kernel.
At this stage only 2.4.x (where x >= 15) kernels are supported.
Sources
are distributed as a patch against the linux kernel.
In general, it is tested against the latest available kernel.
The data becomes available through the /proc interface as /proc/net/cdp_neighbors.
The format is very similar to the CISCO equivalent enable command "show cdp neighbors detail".
Of course this means that the proc filesystem has to be enabled for it to work (which is usually the case for most distributions).
Details of the CDP protocol have been collated from several sources:
Please note that when documentation obtained differed from actual output obtained from a CISCO device, the device's output was assumed to be authoritative.
Issues/BUGS
- Only IP, IPX and appletalk addresses have been tested and the correct information is printed.
- The address handling section needs redesigning (see item above). Currently, the design is rather clumsy, doesn't scale well and is incomplete. This is due to the fact that the authors do not have access to some of the antiquated protocols that are supported by CISCO.
- If you can provide debug output (default is 2 which prints unhandled stuff) for anything that is not handled or improperly handled (possibly with correct examples) would be greatly appreciated.
- If many entries are in the linked list and the total space taken in the proc file system printing routine is greater than 64k, the entire thing does not work properly (hasn't been tested fully and so we don't know what actually happens). Also noted by Joerg Mayer.
- The code is vulnerable to the CDP DOS that has been published recently by CISCO. Contributed by Joerg Mayer. One option here is to include a sanity limit of how many entries will be kept - Any opinions/comments please?
TODO
- Add lots more boundary checks (at the moment the "I trust you" attitude prevails).
- Parser for the data that does some of the checks before storing the data.
- Add spinlocks instead of disabling interrupts (for access to data structures).
- Have a sanity limit on how many distinct CDP packets will be stored (to avoid the CDP DOS issue).
- Fix the procfs printing routine for large amounts of output (>64k).
Summary