Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

The host MAC address data block has a block type of 95 in the series 1 group of blocks. The block 
includes the time-to-live value for the host data, as well as the MAC address, the primary subnet of the 
host, and the last seen value for the host. 

The following diagram shows the format of a host MAC address data block in 4.9+.

Port

uint16

If the identity is a server identity, indicates the port used by the packet 
containing the server data. 

Protocol

uint16

If the identity is a server identity, indicates the IANA number of the 
network protocol or Ethertype used by the packet containing the 
server data. This is handled differently for Transport and Network 
layer protocols.

Transport layer protocols are identified by the IANA protocol 
number. For example: 

6

 - TCP

7

 - UDP

Network layer protocols are identified by the decimal form of the 
IEEE Registration Authority Ethertype. For example:

2048

 - IP

Server Map ID

uint32

If the identity is a server identity, indicates the server map ID, 
representing the combination of ID, vendor, and version for the 
server. 

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Host MAC Address Block Type (95)

Host MAC Address Block Length

TTL

MAC Address

MAC Address, cont.

Primary

Last Seen