I came across a situation today where I had to find out the switch details to which a particular server is connected. Often we come across such kind of cases where your network administrator is unavailable to tell you which switch/port it is or data center engineer not around to help you with this information.
After thinking about this problem for sometime, one thing clicked in my mind. I remember in VMWare ESX environment, I used CDP(Cisco Discovery protocol) abilities from Virtual center to find out to which switch a NIC is connected. That means all I need to do is, get this CDP information from the switch to which my server NIC/network connection is connected to. So, the question remained is, how do we send the CDP request to the switch, and how to analyze that data.
I did some googling and realized that I am not alone in this world and there are several people who are having similar requirements for different purposes. Then I started looking for CDP utilities for windows operating system and located one — CDP Monitor from TellSoft. I have seen a few people recommended using this in some forums. I didn’t try it personally but you may want to look at this tool. You can get it from http://www.tallsoft.com/cdpmonitor.htm
I didn’t try this tool directly but while going through the information about this tool, I saw somewhere it is mentioned that this uses WinPCAP and fetches the CDP information from that. Then I thought, if it is using WinPCAP why not use Wireshark to get this information? This tool is already available on my server(because it is a much have tool for any deep dives). I captured the network traffic on the server for sometime using Wireshark and looked for the filters that can show only the CDP information and I am successful. I have got the switch details I needed.
Below is the brief procedure:
- Download and install Wireshark from http://www.wireshark.org/download.html
- Launch Wireshark and start capturing the traffic on interface for which you need to find the swtich and port details.
- Let the capture run for few minutes and then in Filter section type CDP and click on Apply.
- This will show the CDP traffic flow through the server
- Now select the CDP traffic and expand Cisco Discovery Protocol section in packet details pane.
- Here the the Device ID represents the switch name to which your server connected
- And the Port ID represents the ethernet port on switch to which your server is connected
Hmm… I found what I need. I thought documenting this will help other as well and hence authored this port. Feel free to comment.
Thanks Sitaram for the information. This is definitely useful for many including me. Appreciated.
You are welcome, Ananth.
Thanks for sharing this vital detail. However screen capture would be great addition.
Preetam, which screen capture you are referring?
Promising post, but it didn’t work for me — Device ID is always CVTA and Port is always 1 — that’s not my switchname or port.
Chris, is your computer connected directly to switch or you have some devices like Cisco IP phone in middle? If that is the case, you will get CDP information of the device acting as middle ware. CVTA sounds like some cisco hardware to me.
I’m getting CDP info from my phone as expected. Is there a way I can run a script from the computer and actually get the CDP from the switch. The only thing I could find that might pertain is the “span port” option on the Cisco phone. Does anyone know a way to get past the phone and get CDP from the switch? Thanks
This is very helpful. Not only CDP Monitor. I’m a regular Wireshark user and was oblivious to it’s ability to do CDP. Thank you. The info that your closest neighbour switch (i.e VOIP/IP Phone if one is in the chain back to the main switch) will be the CDP info received also makes sense as these devices have their own little two or three port switch built in, also makes sence …. but only after stated as in your articls. Brilliant. Well done and thank you.