MKguy, I belive you are right.  I have seen this problem multiple times.  I think that the way ESXi is implmenting what it calls CDP is different than the way a Cisco switch implements it.  It is pulling information from packets somehow, but not the same way that a Cisco switch does.  I don't think ESXi is reliable as a source of all information that could be derived from CDP advertisements.  There definitely needs to be a fuller explanation from VMware on this.

As far as broadcast packets, CDP as a protocol is not supposed to have to rely on broadcast packets.  It is supposed to be able to get its information from CDP advertisements, which are in Cisco's customized format.  ESXi is either getting its information without reading the CDP advertisement packet, or it is getting incomplete information from the CDP advertisement.  Or perhaps since CDP advertisements only come at certain intervals such as 60 seconds, it isn't retaining the information long enough to give you accurate output.

As mentioned earlier, the script that you are running is pulling in the "Observed IP Ranges" field from the NIC, which is next to worthless for getting an accurate read on a NIC. It will only show information when traffic is on the wire.

The only real value here is the fact that you can pull the CDP info off the switch (such as name, IP, MTU, etc.).

If using vSphere 5.1 with a VDS 5.1  you can use the Network Health Check to confirm that the upstream switch is configured properly.

http://wahlnetwork.com/2012/08/27/new-5-1-distributed-switch-features-part-1-network-health-check/

This is disappointing.  VMware specifically calls this "CDP".  Yet it does not in fact implement the true cisco discovery protocol either in the network health check or through any of the command line options available to ESXi.  I think this is misleading.  ESXi is not in fact capable of inspecting a CDP advertisement and pulling all the information from it.  Yet it says you have 3 options, "listen, advertise or both".  It makes it look just like a Cisco switch implmentation of CDP.  Yet it really is not.  It can't tell you all the information coming in on the switch advertisement packets.  If you come to the ESXi command line expecting ESXi "CDP" to give you the info that the CDP protocol is designed to, you will come away with an incomplete or wrong impression of how things are configured.

I'm not sure what exact kind of info CDP really provides, like if it contains a list of enabled VLANs in the link, but ESXi distributed vSwitches do in fact handle CDP/LLDP in both directions and can extract some information out of it. This is not implemented in the network health check function but separately from that.

You can see that in the esxcfg-info of my example above and in the network configuration section on the respective vmnic:

The vim-cmd networkhints command is just a misunderstood stepchild of the "observed IP ranges" which has been around since ages in that regard.

Looking further at the Cisco implmentation, perhaps I'm incorrect about it actually displaying a list of all of the vlans that are trunked on that link.  At first glance at the cisco command reference for NS-OX is appears not to:

http://www.cisco.com/web/techdoc/dc/reference/cli/nxos/commands/l2/show_cdp_neighbors.html

Here it seems to indicate that it will tell me what the native vlan is, but I don't see anywhere where it lists the vlans trunked on that link.

I may have gotten

"show cdp neighbors detail"

mixed up with

"show vlan":

http://www.cisco.com/en/US/docs/ios/lanswitch/command/reference/lsw_s2.html#wp1108095

and ESXi is giving more info than "show cdp neighbors detail" - ESXi is giving network hints, which aren't part of CDP anyway, and giving CDP info, which doesn't show the vlans trunked.

Perhaps the problem is that neither CDP nor network hints gives you all of the information about vlans truned on a link. 
When I ran esxcfg-info, it doesn't give you that information either.  There really is no mechanism to look into ESXi and know whether all the vlans that need to be trunked to the ESXi host have actually been trunked - you have to look at the physical switch.

For example here is esxcfg-info - but it doesn't list the vlans. Network hints had 4 networks which I took out for security but we actually have more than 8 trunked - and it only tells you the subnet range not the vlan ID for them:

|----Name...............................................vmnic0

            |----PCI Bus............................................4

            |----PCI Slot...........................................0

            |----PCI function.......................................0

            |----MAC Address........................................e8:39:35:28:d9:30

            |----Virtual MAC Address................................00:50:56:58:d9:30

            |----Driver.............................................be2net

            |----Network Hint.......................................

            |----MTU................................................1500

            |----Configured Speed...................................1000

            |----Actual Speed.......................................1000

            |----Configured Duplex..................................1

            |----Actual Duplex......................................1

            |----Link Up............................................true

            |----enabled............................................true

            |----Wake on LAN supported .............................false

            |----Wake on LAN enabled ...............................false

            |----Resource scheduler allowed  .......................true

            |----Resource scheduler supported ......................true

            |----CDP Network........................................true

            \==+CDP Summary :

               |----Cdp Version.....................................2

               |----Timeout.........................................0

               |----Time-to-live....................................143

               |----Samples.........................................41713

               |----Device Id.......................................

               |----Ip Address......................................

               |----Ip Prefix.......................................0.0.0.0/0

               |----Port Id.........................................GigabitEthernet1/0/16

               |----Capabilities....................................40

               |----Version.........................................unknown

               |----Platform........................................cisco WS-CBS3120X-S

               |----Vlan............................................1

               |----Duplex..........................................true

               |----MTU.............................................0

               |----System Name.....................................

               |----System OID......................................

               |----Mgmt Ip Address.................................

               |----Location........................................

            |----LLDP Network.......................................false

            \==+Hardware Capabilities :

               |----Vlan Tag........................................true

               |----Vlan Untag......................................true

               |----Checksum Offload................................true

               |----Tcp Segmentation Offload........................true

               |----Scatter Gather Tx...............................true

This is brilliant and works perfectly.  VMware needs to get this esxcli option better advertised.  I had never heard of it.  Thanks!