Step:1
The snapshot provided below is Wireshark capture of IEEE1905.1 control packet.
- The EtherType value assigned to 1905.1 Control Message Data Unit (CMDU) is 0x893a.
- The EtherType is the Protocol value shown in the below snapshot.
- The following are the 4 different types of IEEE1905.1 topology messages
- Discovery: Message Type is 0x0000, to detect Direct Neighbors
- Notification: Message Type is 0x0001, to inform network devices about a topology change.
- The following 2 are used to get the topology database of another IEEE1905.1 device
- Query: Message Type is 0x0002
- Response:Message Type is 0x0003
- Vendor Specific Message: Message Type is 0x0004
- The Group Address used for Discovery and Notification messages is 01:80:c2:00:00:13.
- This means that the MAC address 01:80:c2:00:00:13 is used as the destination address while sending the Discovery/Notification messages.
- To analyze all the Discovery/Notification messages add the filter (eth.dst==01:80:c2:00:00:13) in Wireshark as shown in the below snapshot.
- Wireshark tool understands the Group MAC Address 01:80:c2:00:00:13 is IEEE-1905.1-Control message.
Step:2
Let's go further to understand the header information in the IEEE1905.1 Discovery message.
The generic CMDU frame format is,
Analyzing the CMDU frame received in Ethernet captured in Wireshark.
That's it.
