Neighbour Discovery Protocol (NDP)

Our wireless controller needs a way of collecting metrics in the RF environment from our APs, but how does it do this? In this lesson we’re going to be taking a look at how this is achieved using the Neighbour Discovery Protocol (NDP).

Exam Topic

2.0 Wired and Wireless Infrastructure 
 2.3 Design radio management

Neighbour Discovery Protocol Overview

Following on from our previous lesson, we’ve already learned that our wireless controllers automatically makes decisions based on the RF environment.

There’s one problem… Our controller don’t have a map or topology of how our APs have been deployed. From the perspective of the WLC, it just sees that we’ve got 10 APs associated.

NDP Overview

Before the controller can perform any of the RRM algorithms we discussed here, it needs to understand the RF environment. As such, NDP is fundamental for RRM to operate. 

The NDP advertisements are sent and received by every AP. This is done over the air using the highest power level supported by the antenna and channel. The figure below is used to outline this.

NDP Frame Overview

The NDP messages are also sent via the lowest data rate supported by the channel in use. This then allows APs at a greater distance and APs in noisy environments to understand the message.

You might think, how do the APs know the packet they’re recieving is an NDP announcement? Well, all NDP packets are sent to multicast address 01:0B:85:00:00:00 on every channel.

This action is completed every 180 seconds so that the controller always has an up-to-date status of the RF environment.

But what information do the NDP announcements include? Let’s take a look:

  • Radio ID.
  • Group ID.
  • Hash.
  • IP Address.
  • Encryption.
  • NDP Version.
  • APs Channel
  • Message Channel.
  • Message Power.
  • Antenna Pattern.

We’ll break each one of these down to help us understand what information we get from each.

Radio ID:

This indicates which radio sent the NDP frame. For example, either 2.4GHz or 5GHz.

Group ID:

The group ID identifies the local RF group the AP that sent the frame is a member of.


The RF group name used for the Group ID is converted to a hash. This is then used for authentication.


NDP announcements can be sent as clear-text or encrypted frames. As such, this will indicate which of the two is in use.

NDP Version:

This is used to outline the NDP version in use.

APs Channel:

Our AP sending the NDP frame will indicate which channel it’s currently operating on. This is the channel it’s using to serve clients.

Message Channel:

As the NDP announcement is sent on every channel, the NDP frame will contain the channel the frame was sent on.

This won’t necessarily match channel the AP is currently using to serve clients.

Message Power:

When the APs tranmit the NDP frames, they will indicate the transmit power that was used to send the frame. This is listed in dBm.

Antenna Pattern:

There are hundreds of antennas available that are designed for different requirements. The antenna pattern will indicate which is in use by the AP sending the NDP frame.


It’s not recommended to change the NDP configuration unless you’ve got a specific requirement to do so. In addition to this, the configuration can only be applied globally.

As NDP messages are sent on each frequency band (2.4GHz and 5GHz), the configuration is applied in one of two locations:

WIRELESS > 802.11a/n/ac > RRM > General

WIRELESS > 802.11b/g/n > RRM > General

NDP Configuration

There are three NDP configuration options available:

  • Channel Scan Interval.
  • Neighbour Packet Frequency.
  • Neighbour Timeout Factor.

Channel Scan Interval:

This configuration setting is used to outline the sum of time between each scan on each channel. The default is 180 seconds, thus meaning that the NDP scan must be completed within 180 seconds.

Neighbour Packet Frequency:

On the other hand, this configuration setting is used to determine how often the NDP messages are sent. The default is 180 seconds.

Neighbour Timeout Factor

The final configuration parameter is used to determine when to prune APs from the neighbour list. These are APs that have stopped responded to NDP messages once the timeout timer expires.

The neighbour timeout factor is used as a multiplier. By default the multiplier is set to 5. The equation is then:

Neighbour Packet Frequency X 5 = NDP Prune Timer

Let’s look at an example. We’ll use the defaults for our example.

180 (Neighbour Packet Frequency) x 5 (Neighbour Timeout Factor) = 900 seconds.

This means that if a NDP message is not for 900 seconds, the AP is pruned from the APs neighbour list.