CDP Fundamentals
CCENT5

CDP Fundamentals

The Cisco Discovery Protocol (CDP) is super-helpful in the right circumstances. We’ve used it here and there to view info about directly connected Cisco devices, and we’re using it again now to see which Cisco devices are directly connected to this Cisco switch.

Let’s go ahead though and bring our switch back up and we will start with the classic (show cdp neighbor)

Lot of helpful information here because when it comes to troubleshooting, you have to start at the physical layer…  Is this thing cabled the way I think it’s cabled?

‘show cdp neighbor’ gives you all the information you need to verify your layer one settings.

Device ID  is the hostname that someone gave the device that we are directly connected to. So right now the switch is directly connected to a device called R3 and the other one called R4. No surprise there.

Local interface is exactly that! It is the local interface on the device we’re on.

Whenever we say local We mean the device that we’re on. And that means a switch.

So that means that fast internet 0/4 is connected to R3 and fast ethernet 0/3 is connected to the device called R4. So far so good.

Now this Hold time is the only one that’s not really self-explanatory. When we go and run the command again, you’ll see that the values there have changed.

This is the amount of time that this device will hold the contents of a cdp pack at the recipient before dumping it, and the hold times are slightly different because they were connected slightly different times but you’ll also notice that they keep decrementing here

The default there is 180 seconds so we’re looking at three minutes and we should be getting a CDP advertisement from these devices every minute. So if we see that hold time go below 120 for some reason (somebody just turned CDP off) it does let you know exactly what’s going on.

capabilities are also self-explanatory stuff here with some of the capability codes (R for router, S for switch,…)

You’re not going to see too many repeaters, but I do notice the letter “I” which is IGMP (Not IGRP which is long gone) and it’s a management protocol which we will get into in future studies.

You’ll also get some helpful information about the hardware platform of those devices.

Port ID  is the port on the remote device to which we are directly connected. So if I gave you the output of ‘show cdp neighbor’ and asked you which devices are connected directly to each other, and by what ports on each end, you could say: “hey the device called R3 is connected to  this switches (fast ethernet 0/4 interface) and on R3 it is connected to fast ethernet 0/0.

Now is this cabled correctly?  

If layers 1 and 2 are not working correctly, layer 3 is NOT going to work correctly. If layer 1 is not happy nobody’s happy. So this is a great place to get started with your physical troubleshooting and you can tell exactly who is connected to who, and by which port.

The only little problem is not getting the IP address of that particular device (or the two devices we see here).

For that information, we can add detail to the end of this command and you’ll get a field for each device.

The only odd thing though with detail is that you don’t have an option to say shows CTP neighbor detail and then name the neighbor.  If you want to do that, you can run ‘shows cdp entry’ and your options here are to specify the name of the cdp neighbor (not the IP address but the name).

Or if you wanted to see all of them you could put an asterisk there and that would really be the same as running ‘show cdp neighbor detail’.

But let’s run that just for R3 and you’ll see exactly what I’m talking about.

This is the cdp command I was hinting at that it is lesser known than the others and the neighbor commands, but again this can be very helpful, and is filtering show CDP neighbors detail.

The Cisco Discovery Protocol (CDP) is super-helpful in the right circumstances. We’ve used it here and there to view info about directly connected Cisco devices, and we’re using it again now to see which Cisco devices are directly connected to this Cisco switch.

If there are right circumstances, there must be wrong circumstances. CTP does present a security vulnerability when it’s left on, so most production networks you encounter will have CDP turned off.   If you it’s off at a client site, just be sure you turn it back off when you’re done. (That goes for anything that you turn on that wasn’t on as far as a service or a protocol or feature.)  Be clear on which command enables CDP at the interface level and which one enables it globally, as explained by this handy-dandy chart:

Let’s run ‘show cdp interface’. This is another one that doesn’t get a lot of attention.

It does give you the up/down information as far as the physical state of the interface and the logical state of the interface.

Let’s see what happens when I actually turn CDP off on interface 3.

Now I run ‘show CDP interface’ again…

And you notice that interface 3 is actually gone!!

When you run ‘show CDP interface’ just like that and you don’t specify an interface, If CDP is not running on a particular interface, it just won’t be in the list. Now that’s pretty easy to overlook when you’re looking at an entire list.

But if we run ‘shows cdp interface’ and then specify the interface, we’ll get a little information on it.

So if I were running one of those two commands and I needed information on one interface I would run the more specific one, because you will get more specific information.

Now the command for global status or verifying global status is ‘show cdp’

Notice that this command doesn’t give you any information about it being turned off on such and such interface. This is the global information only. So I disabled cdp on interface 3.

I ran ‘show cdp interface fast 0/3’… That gave me specific information about what just happened. But ‘show cdp’ doesn’t give me anything like that at all.

So first off let’s go to interface fast 3 and do a ‘cdp enable’ and we’ll just verify that with ‘show cdp int fast 0/3’

And you can see now we get the information it’s up and up … CDP packets every 60 seconds… holdtime 180 seconds… We like it.

Now as far as disabling globally goes:

A couple of options here… But you’ll also notice the one we really want is run (which is right in the middle) and now all I’ve disabled it period on the switch.

Now let me show you something:

Actually  ‘show cdp neighbore’ does take the table away (didn’t used to do that.

So we’re glad we saw that) CDP is not enabled!

So what happens if I just run show CDP?  What about ‘show cdp int fast 0/3’ ?

For all of them it says : CDP is not enabled!!

So it’s just going to throw it at you it used to be a little bit different I’m glad they changed that because now we can see the period you’re going to get this message.

Leave feedback about this

  • Quality
  • Price
  • Service

PROS

+
Add Field

CONS

+
Add Field
Choose Image
Choose Video