Check out my first novel, midnight's simulacra!

Topology Discovery

From dankwiki

Topology discovery refers to the determination of a network's nodes and links. Explicit topology discovery typically works via either expanding enumeration of broadcast domains or successive queries of authorities. The former requires that broadcasts/multicasts be routed beyond the immediate broadcast domain; the latter requires a system of authorities. Implicit topology discovery has no particular protocol support, but makes use of a combination of techniques to expand knowledge of topology. This tends not to proceed as quickly, nor be as locally complete, as explicit methods, but can be applied more generally than explicit discovery. The two can be combined, as performed by tools such as omphalos.

Explicit Protocols

Cisco Discovery Protocol (CDP)

Link-Local Topology Discovery (LLTD) Protocol

A Microsoft protocol native to Windows Vista and supported on Windows XP via add-on. It operates directly atop Ethernet, using protocol number 0x88D9.

LLTD Packet Format

  • Ethernet header (14 bytes):
Field Size
Destination MAC 6 bytes
Source MAC 6 bytes
Protocol

(0x88d9 in NBO)

2 bytes

Inferring Topology