Introduction to CDP (Cisco Discovery Protocol)

This topic is to discuss the following lesson:

Rene,

It’s always so good read your articles! I can understand them and make me feeling smarter :smiley: Thanks!!!

Hug

Good to hear you like them Gabriel! :slight_smile:

Hi Rene,

I work as technical support in Internet Services & Communications company and we don’t use Cisco products only, we also use other network products from different vendors like Ubiquiti, mikrotik, Exalt, etc. and we connect all these different products with each other!!
so when I use CDP to show which devices connected to cisco switch or router I noticed that information of different vendors products also appears to me!!
My question is why I show this info ? I know that CDP is Cisco proprietary so how it’s able to identify the products from other vendors???

Hi Hussein,

Some other vendors also support(ed) CDP. Some older HP procurve switches also had it.

I think Ubiquiti and Mikrotik also have some support for it. Nowadays we also use LLDP, it is similar to CDP:

https://networklessons.com/network-management/link-layer-discovery-protocol-lldp/

Rene

Rene,

Cisco ASA doesn’t seem to have CDP available. Is it maybe configured a different way?

Chris

Hi Chris,

The ASA doesn’t support CDP…not sure why but it doesn’t :slight_smile:

Rene

Hello @ReneMolenaar ,

I work with Cisco ASRs devices running cisco XR OS, and they don’t have CDP enabled by default. You have to enable it globally withcdp run command and that’s not enough to make it work. You still have to enable it per interface as well with cdp enable command.

Regards.

1 Like

@chris.m.chavez,

ASAs don’t have CDP feature and it make sense since they are firewall devices. :slight_smile: but there is a trick way to do this, I will lab it and show you the commands.

1 Like

Hello sales2161

Thanks for sharing that information. It’s important because it shows how much detail Cisco goes into in choosing what features are enabled by default and which are not. ASRs are used in larger enterprise networks, and as such may be susceptible to security issues. Because CDP can open doors to attacks, it is disabled by default to improve security, but as you mention, can be enabled by administrators only if required and only on interfaces where it is needed.

Thanks for sharing!

Laz

The link for the topic “2.1a: Implement and troubleshoot switch administration is not working.” Does it exist?

Hi Lukas,

I added this menu item but didn’t add any lessons to it yet. I’ll see if I already have any material that I can add to it.

Rene

A post was merged into an existing topic: Link Layer Discovery Protocol (LLDP)

Can I use cdp on routers? If I have two switches that have a routed port between them, will show cdp neighbors give me info about the router on the other side or any switches on the other side?

David

Hello David

You can use CDP to to find information about any directly connected Cisco device, even if they are connected via a routed port or a Layer 2 port. So yes, you can have a switch connected to a router and CDP will show you information about that device, assuming CDP is correctly configured.

Even if you have multiple devices in a network and they are not directly connected to each other, if they are on the same VLAN (like a management VLAN for example) you will see them in the show CDP neighbor output. This is because they are considered directly connected on Layer 2 so they share this information between them.

The only time you won’t see information about the directly connected device is if you are using a QinQ VLAN arrangement, where multiple VLANs are tunnelled through a single VLAN. In this case, you will only see the “neighbors” that are on the tunnelled VLAN and not on the tunnelling VLAN.

For more info about QinQ, take a look at the relevant lesson.

I hope this has been helpful!

Laz

1 Like

Sir,

Can you talk about little about the CDP versions and TLV’s,CDP Messages,Timers as these are very important ??

Hello Narad

There are two versions of CDP. Version 1 was the initial version introduced way back in 1994 that was only able to collect device information from neighbors. Since then version 2 has come out and is the current version in all modern devices. I’ve never encountered CDP version 1, so I’m assuming that it is old enough to be non-existent today.

CDP uses what is known as a type-length-value or TLV frame format as you mention, in order to make its contents easily extendible. TLV is an encoding scheme used to add optional information elements. More info about the TLVs for CDP can be found here:

Additional detailed information can also be found at this Cisco learning network post:
https://learningnetwork.cisco.com/s/article/cisco-discovery-protocol-cdp-x

In general, you don’t typically have to adjust transmission and hold timers of CDP, unless you have some very stringent bandwidth limitations. Info about timers is also found in the above links.

I hope this has been helpful!

Laz

Hi Renne
I have one question, if CDP works in layer 2 how it does for show us the IP adrress?

Hello Ronny

When we say that CDP operates at Layer 2, we mean that the communication between the devices themselves takes place at Layer 2. That means that the header of the CDP frame needs only the MAC addresses of the communicating devices to exchange information. However, the actual information that is exchanged is contained within the payload of the CDP messages. In the payload you will find information including:

  • IP addresses
  • interfaces
  • platform information

and a whole series of other information. These pieces of info are stored in what are known as Type Length Values (TLVs), and various TLVs can be shared depending on the device.

For example, IP phones can also share their voice VLAN configuration, as well as their QoS parameters with the connected switch.

So the communication takes place at Layer 2, but the information exchanged can be anything, including IP addresses.

I hope this has been helpful!

Laz

Can you comment on some scenarios in an enterprise network where having CDP enabled in not advisable?