 |
| CISCO Layer 2 Protocols |
CISCO Layer 2 Protocols
Link
Layer Discovery Protocol (LLDP)
LLDP is a standardized communication
protocol that operates at Layer 2 (Data Link Layer) of the OSI model. It
enables network devices to advertise and discover information about each other
on the same local area network (LAN). LLDP broadcasts details such as device
identity, capabilities, interface name, and management addresses.
This protocol assists network
administrators in mapping out the physical network topology and identifying
neighboring devices efficiently. Supported across a wide range of vendors—including
Cisco, Juniper, HP, and others—LLDP ensures cross-platform interoperability.
It's often deployed alongside Cisco’s proprietary CDP and other similar
protocols to enhance visibility and diagnostics.
Cisco
Discovery Protocol (CDP)
CDP is Cisco’s own proprietary Layer
2 discovery protocol, designed specifically for communication between Cisco
devices. It enables network hardware to automatically exchange information like
IP addresses, platform type, and interface details with directly connected
neighbors.
Primarily used for network
inventory, monitoring, and troubleshooting, CDP plays a crucial role in
maintaining a clear view of the network's physical topology. Though it doesn’t
work with non-Cisco equipment, equivalent protocols like LLDP-MED (Juniper) and
EDP (HP) offer similar functionality for their respective platforms. Network
management systems often leverage SNMP to extract similar data when working
with mixed environments.
Point-to-Point
Protocol (PPP)
PPP is a Layer 2 protocol that
provides a direct communication link between two network nodes, commonly over
serial connections like telephone or leased lines. It is widely used to connect
remote users or branch offices to central networks, especially in dial-up
environments.
PPP encapsulates network layer
protocols such as IP, enabling data transmission over serial interfaces. It
includes features like authentication (via PAP or CHAP), compression, and
error-checking, making it a versatile choice for legacy WAN connections.
Although newer technologies have surpassed PPP in modern environments, it
remains foundational for understanding traditional network connectivity.
Multi-Link
Trunking (MLT)
Multi-Link Trunking is a method used
to aggregate multiple physical links between two devices into one logical
channel, enhancing both bandwidth and redundancy. MLT helps distribute traffic
evenly across all member links and ensures network resilience in case one link
fails.
This concept is typically
implemented using the Link Aggregation Control Protocol (LACP), which manages
the creation and maintenance of link bundles. MLT simplifies configuration and
management while increasing throughput and fault tolerance—key benefits in
high-availability network designs.
Address
Resolution Protocol (ARP)
ARP operates at the boundary/edge of
Layer 2 and Layer 3, serving as a bridge between IP addresses and MAC addresses
on a local network. When a device needs to communicate with another using its
IP address, it uses ARP to find the corresponding MAC address.
If the MAC address isn’t already
stored in the ARP cache, the device sends out a broadcast ARP request across
the local subnet. The target device replies with its MAC address, allowing
communication to proceed. ARP is fundamental to IPv4 networking and ensures
devices can discover each other’s hardware addresses for local delivery of
packets.
IP
Route Configuration
The ip
route command is used to manually
configure static routes on a router or host device. A routing table holds the
instructions for how packets should be forwarded to reach specific networks or
hosts.
This command requires key details
such as the destination IP network, subnet mask, and the next-hop IP address
(or exit interface). For example, setting a route to 192.168.1.0/24 via a next-hop gateway ensures that traffic destined for
that network is properly directed. Static routes are essential in small
networks or in scenarios where dynamic routing is not preferred.
UDLD (Unidirectional Link Detection)
UDLD (Unidirectional Link Detection) is a network protocol used to detect and prevent unidirectional links on network connections between two network devices, such as switches or routers. A unidirectional link occurs if one device can transmit data to the other device, but cannot receive data back from the other device.
UDLD works by sending periodic messages between the two devices over the link, and checking that each device is receiving the messages from the other device. If one device stops receiving messages from the other device, it will assume that the link is unidirectional and take corrective action, such as disabling the affected port or alerting network administrators.
UDLD is particularly useful in network environments where redundant links are used to improve network availability and performance. In these environments, a unidirectional link can cause network problems, as traffic may flow in only one direction, leading to network congestion and performance issues.
UDLD
is often used in conjunction with other network protocols, such as Spanning
Tree Protocol (STP) and Link Aggregation Control Protocol (LACP), to provide a
robust and highly available network infrastructure. By detecting and preventing
unidirectional links, UDLD helps ensure that network traffic flows smoothly and
reliably across the network.
LAPD (Link Access Procedure for the D channel)
LAPD (Link Access Procedure for the D channel) is a protocol used in ISDN (Integrated Services Digital Network) networks to provide a reliable communication link between two network devices over the D channel, which is the data channel used for signaling and control information.
LAPD is responsible for establishing, maintaining, and releasing connections between ISDN devices, as well as detecting and correcting errors that may occur during transmission. LAPD uses a combination of error detection and correction techniques, such as cyclic redundancy check (CRC) and retransmission, to ensure that data is transmitted reliably and efficiently.
LAPD is designed to work with various ISDN services, such as voice, data, and video, and supports multiple data transfer rates. LAPD also includes features such as flow control, congestion control, and priority handling, which help ensure that network traffic is handled efficiently and reliably.
LAPD
is just one of several link access procedures used in ISDN networks, and is
typically used in conjunction with other protocols, such as Q.931 for call
control and B channel protocols for data transfer. By providing a reliable and
efficient communication link between ISDN devices, LAPD helps ensure that ISDN
networks operate smoothly and reliably, and can support a wide range of
applications and services.
HDLC (High-level Data Link Control)
HDLC (High-level Data Link Control) is a bit-oriented data link protocol used to transmit data over synchronous serial communication links, such as those found in wide area networks (WANs) and point-to-point links. HDLC is widely used in telecommunications networks and is a precursor to other protocols such as PPP (Point-to-Point Protocol) and Frame Relay.
HDLC provides a reliable, full-duplex data link layer protocol for transmitting frames of data over a communication link. It includes features such as error detection and correction, flow control, and sequence numbering to ensure that data is transmitted accurately and efficiently. HDLC frames consist of a header, data field, and a trailer, with control information included in the header and trailer to manage the flow of data.
HDLC supports several different operating modes, including asynchronous balanced mode (ABM), which is used for point-to-point communication, and normal response mode (NRM) and asynchronous response mode (ARM), which are used for multipoint communication.
HDLC
is a widely used and well-established protocol, and is used in a variety of
applications, including WAN connectivity, satellite communication, and
industrial automation. While HDLC is not commonly used in local area networks
(LANs), it is still used in some specialized applications where reliable serial
communication is required.
PAgP (Port Aggregation Protocol)
PAgP (Port Aggregation Protocol) is a Cisco proprietary protocol that is used to dynamically group multiple physical ports on a switch into a single logical channel or link, known as an EtherChannel. EtherChannel provides increased bandwidth and redundancy, and can be used to improve network performance and reliability.
PAgP operates in a similar manner to Link Aggregation Control Protocol (LACP), which is an industry standard protocol. Both PAgP and LACP allow multiple physical ports on a switch to be combined into a single logical channel, and provide automatic detection and correction of link failures.
PAgP uses a negotiation process between switches to determine which ports should be combined into an EtherChannel, and which protocol should be used for the EtherChannel. PAgP can operate in two modes: auto and desirable. In auto mode, the switch will only form an EtherChannel if the other switch requests it using PAgP. In desirable mode, the switch will actively seek to form an EtherChannel with the other switch using PAgP.
PAgP
is used primarily in Cisco networking environments and is supported on a range
of Cisco switches and routers. While it is a proprietary protocol, it can be
used with non-Cisco devices that support EtherChannel, provided that they are
configured to use the same protocol.
CGMP (Cisco Group Management Protocol)
CGMP (Cisco Group Management Protocol) is a Cisco proprietary protocol that is used to manage multicast traffic in a network. Multicast is a method of sending data from a single source to multiple recipients simultaneously, and is commonly used in video and audio streaming, as well as in other applications that require efficient distribution of data to multiple destinations.
CGMP is used to help prevent multicast flooding by limiting the forwarding of multicast traffic to only those ports that require it. CGMP allows a switch to identify which ports are members of a multicast group and to dynamically add or remove ports from the group as needed. This helps to reduce the amount of unnecessary multicast traffic on the network and to improve overall network performance.
CGMP operates by exchanging messages between switches in the network to maintain a table of which ports are members of which multicast groups. When a switch receives a multicast packet, it uses the multicast group table to determine which ports to forward the packet to, based on the membership of the multicast group.
CGMP
is typically used in combination with other multicast protocols, such as IGMP
(Internet Group Management Protocol) and PIM (Protocol Independent Multicast),
to provide efficient and scalable multicast traffic management in a network.
While CGMP is a Cisco proprietary protocol, it can be used in conjunction with
other multicast protocols that are supported on Cisco devices.
PVST (Per-VLAN Spanning Tree)
PVST (Per-VLAN Spanning Tree) is a Cisco proprietary protocol that extends the standard Spanning Tree Protocol (STP) to support multiple VLANs. Spanning Tree Protocol is a network protocol used to prevent loops in a bridged network topology.
PVST operates by creating a separate instance of STP for each VLAN, with a separate root bridge and set of forwarding and blocking ports for each instance. This allows for greater redundancy and faster convergence times in a switched network with multiple VLANs.
PVST also includes features such as Rapid PVST, which uses a faster convergence algorithm to reduce the amount of time required for the network to recover from a topology change, and PVST+ (Per-VLAN Spanning Tree Plus), which provides support for additional VLANs beyond the 802.1Q limit of 4094 VLANs.
PVST
is a widely used protocol in Cisco networking environments and is supported on
a range of Cisco switches and routers. While it is a proprietary protocol, it
is interoperable with other standard STP implementations, allowing for
multi-vendor network deployments.
DTP (Dynamic Trunking Protocol)
DTP (Dynamic Trunking Protocol) is a Cisco proprietary protocol that is used to negotiate and automatically configure trunk links between switches. Trunking is a method used to carry multiple VLANs over a single physical link between switches.
DTP allows switches to negotiate the mode of the link, whether it should be a trunk link or an access link, and to configure the VLANs that are allowed on the link. DTP can operate in several modes, including dynamic desirable, dynamic auto, and on or off.
In dynamic desirable mode, the switch actively tries to negotiate the creation of a trunk link with the neighboring switch. In dynamic auto mode, the switch will only create a trunk link if the neighboring switch requests it. In on mode, the link is forced to be a trunk link, and in off mode, the link is forced to be an access link.
DTP is a protocol for simplifying the configuration of trunk links between switches, as it allows switches to automatically configure trunk links without the need for manual configuration. However, it can also pose a security risk if not properly configured, as an attacker could potentially use DTP to gain unauthorized access to a network.
DTP is supported on a range of Cisco switches and routers, but is not commonly used in modern networks as it has been largely superseded by the industry standard Link Aggregation Control Protocol (LACP).
HNAP (Home Network Administration Protocol)
HNAP (Home Network Administration Protocol) is a protocol developed by the Home Gateway Initiative (HGI) for managing and administering home networks. HNAP is designed to provide a standardized way for devices on a home network to communicate with each other and with a management console, such as a web-based user interface.
HNAP is typically used by consumer networking devices, such as routers, gateways, and access points, to allow users to configure and manage their home networks from a web interface. HNAP provides a standard set of commands and responses that allow devices to discover each other and exchange information about network topology, device configuration, and network services.
HNAP operates over HTTP or HTTPS and uses XML-based messages to represent the data exchanged between devices. HNAP messages are typically sent as SOAP (Simple Object Access Protocol) messages, which are a widely used standard for web services.
HNAP has been widely adopted by consumer networking device manufacturers and is supported by a range of devices from vendors such as Cisco, D-Link, Linksys, and Netgear. However, HNAP has also been the subject of security vulnerabilities, and vendors are encouraged to implement best practices, such as secure communication protocols and message authentication, to protect against potential attacks.
