What is LLDP and CDP?

What is LLDP & CDP?

The identification and set up of data networks is simplified by the protocols that have been developed. However, when things go wrong, identifying the fault can be difficult without the right tools and equipment. Physically tracing a network is difficult, and if it’s spread over several buildings, it’s almost impossible. Fortunately, two network discovery protocols have been developed that can simplify this task. These are the Cisco Discovery Protocol (CDP) and the Link Layer Discovery Protocol (LLDP). When using suitable software or testing devices in conjunction with these protocols, it is possible to generate a network map and find out what’s wrong.

Neighbor Discovery Protocols

Both CDP and LLDP are neighbor discovery protocols. These protocols enable devices in a network to broadcast information such as their IP address and configuration into the network. This broadcast information is read by neighboring devices and stored in their Management Information Database (MIB).

The broadcast of information is controlled so that this process does not overwhelm large or complex networks, and crucially provides a facility for recognizing when devices are disconnected. CDP and LLDP protocols can be enabled or disabled during device configuration, so if a particular device is not broadcasting its information it’s probable the discovery protocol has been disabled on that device.


The Cisco Discovery Protocol (CDP) is a data link layer protocol that was created by Cisco. It shares information with Cisco devices or with devices that are licensed to use the protocol. CDP messages are transmitted approximately every minute using software that supports the Subnetwork Access Protocol (SNAP) headers such as Ethernet. This information is held by neighboring devices for 180 seconds, and if not renewed, it’s assumed the device has disconnected.

The message contains information that includes the Device ID, its network address, port ID, VLAN information and hardware platform. The size of each packet is less than 500 bytes so transmission doesn’t cause network congestion.


Link Layer Discovery Protocol (LLDP) is a later, vendor-neutral protocol that is designed to run on IEEE 802 local area networks. It performs a similar function as CDP, but is not restricted to any one type of device or manufacturer.

The information broadcast by LLDP is similar and can be read using the Simple Network Management Protocol (SNMP). The broadcast frequency is adjustable as is the time the neighboring devices will hold this information. The data packets include the chassis ID, Port ID and the time the information is to be treated as valid. Additional optional information may also be sent. A version of LLDP, known as LLDP-MED, allows the identification of IP phones and media devices.

Use of Neighbor Discovery in Testing

Using CDP and LLDP networks, technicians can create a picture or map of a network including identifying VLANs. It’s a very fast method of identifying network components and isolating configuration issues.

Although LLDP is the later and more universal protocol, it’s always best to query both CDP and LLDP as some devices only support one or the other.

Testing Networks

Provided CDP and LLDP are enabled, it’s possible to connect to a network and establish the network devices and their configuration. Devices that are ideal for identifying network characteristics are the Net Chaser™ Ethernet Speed Certifier and Net Prowler™. Net Chaser and Net Prowler™ can discover CDP and LLDP protocols as well as establish any VLAN configurations on a network. They can ping IP addresses and trace the route to a particular device. They can also measure network data carrying capabilities and line speed. Should there be a cable fault, these devices will identify the fault and measure the distance to the fault.