EDP is a vendor proprietary protocol from Extreme Networks. It is used to send information like system MAC, device name or VLAN information to neighboring Extreme devices. It is also used to transport "higher level" protocols like EAPS and ESRP.
SampleCaptures/edp.trace.gz General EDP traffic
SampleCaptures/edp.esrp.gz EDP/ESRP traffic
The EDP dissector is fully functional, but is lacking information on some fields / packet types as the vendors doesn't release this information.
A complete list of EDP display filter fields can be found in the display filter reference
Show only the EDP based traffic on Ethernet:
You can filter EDP protocols while capturing.
Capture only the EDP traffic:
ether[12:2] <= 1500 and ether[14:4] = 0xaaaa0300 and ether[18:4] = 0xe02b00bb
That filter checks for packets where the Ethernet type/length field is <= 1500, meaning that it's a length field, and then checks the 802.2 LLC header for a DSAP of 0xaa and an SSAP of 0xaa, meaning a SNAP packet, and for a type field of 0x03, meaning a UI frame, and checks the following SNAP header for an OUI of 0x00e02b and a protocol ID of 0x00bb.
- Information can be found at the Extreme Network support pages (login required).
Imported from https://wiki.wireshark.org/EDP on 2020-08-11 23:13:44 UTC