In this Cisco CCNA tutorial, you’ll learn about Cisco Discovery Protocol (CDP) and Link Layer Discovery Protocol (LLDP). Scroll down for the video and also text tutorial.
Cisco CDP and LLDP Video Tutorial
Neil’s course was one of the best courses I have ever taken. His instructional style is extremely easy to follow and well laid out, and the labs really help to cement the concepts and really “know” what you are doing, not just entering commands. I passed with a 930/1000, and Neil’s course was my main study material.
CDP Cisco Discovery Protocol
Cisco Discovery Protocol (CDP) is a Cisco proprietary Layer 2 protocol. It is used to share information with other directly connected Cisco equipment, like the operating system and the IP address. That information will be shared between connected devices. It aids in troubleshooting by allowing administrators to map out how Cisco devices are connected to each other.
For example, say that you're in New York and there is a problem in Sydney and you don't know about the network topology in Sydney. As long as you can jump on one device in Sydney, then you could use show CDP neighbors to map out how all the other Cisco devices are connected to each other.
It's a very useful troubleshooting tool. Even if you know what the typologies should look like, you can use show CDP neighbor to check that the device is there and detected at Layer 2.
CDP is enabled by default on most Cisco equipment. Not just on routers and switches, but also on the firewalls and even in software, like Cisco Unified Communications Manager which is used to control IP Phones, and even the IP Phones will run CDP.
If you go onto your switch, which has got the Cisco Unified Communications Manager server and IP Phones plugged in there, you'll be able to get information about those devices. CDP works at Layer 2, therefore, it's not necessary for the device to have an IP address on it for it to be detected by its neighbors.
CDP Cisco Discovery Protocol Configuration
Since CDP is enabled by default, if you want to disable it, you can do:
no cdp run
To turn it back on again, the command is:
These commands are done at global configuration. A reason you would maybe want to disable CDP is it can be seen as a security concern. If you're in a highly secure environment, such as in a bank, you don't want people to be able to see what devices are plugged in there so you could disable CDP.
The ‘no cdp run’ command will disable it globally on the device. You can also disable at the interface level as well with the command:
no cdp enable
Let’s say you've got a switch on the edge of your network and you want CDP to be enabled on the internal facing interfaces. You want to disable it on the external facing interface, so you don't give up information to another organization. Therefore, you can do a ‘no cdp enable’ at the interface level.
CDP verification commands:
- show cdp – It shows if CDP is enabled or not, also the timers, etc.
- show cdp neighbors – It is used to verify the attached devices. It will give you a nice brief summary view.
- show cdp neighbors detail - It is used to verify the attached devices. It will give more detail, including the IP addresses of the neighbors.
CDP sends CDP packets every 60 seconds by default. If I do a ‘show cdp neighbor’, it will show all the Cisco devices that are plugged into the switch. It gives the hostname of the device. This is another reason why it's a good idea to set a hostname so that if you do a 'show cdp neighbor', it's going to give you a description of what that device actually is.
It will also show me the local interface that is connected on my side. Over on the right, the port ID is the interface that it is plugged into on the far side device. It also says what the platform of that device is.
To get more detail, I can do a ‘show cdp neighbor detail’ and this will give more verbose output. I can see here my router and its IP address. This again is very useful if you need to find out an IP address of a neighbor so that you can Telnet or SSH onto it for troubleshooting.
It also tells me the platform it's running on, the IOS version is running on there as well, and some other similar information. If I hit the space bar I can scroll through and I can see the information for the other devices as well.
With ‘no cdp enable’, the switch will now stop sending out CDP information on that particular interface. It's still going to do it on the other interfaces though, so usually, I would do that if this was facing an external entity.
If I'm in a highly secured environment and I just want to completely disable CDP on the switch, then I'll exit back down to global configuration, and do a ‘no cdp run’. If I now go down to the enable prompt and do a ‘show cdp’, you can see that CDP is not enabled.
LLDP Link Layer Discovery Protocol
LLDP is the Link Layer Discovery Protocol. This came out a lot later than CDP did, and where CDP is Cisco proprietary, LLDP is an open standard. So, it's supported on most vendors' devices, and it provides similar information to CDP.
It does have some differences though. CDP will always be enabled by default on Cisco routers and switches, but with LLDP, it depends on the switch and version, whether it will be enabled or disabled by default.
LLDP is only supported on physical interfaces, CDP is also supported on virtual sub-interfaces as well. With LLDP, it can only discover up to one device per port. CDP is able to discover multiple devices per physical port because it does support those virtual sub-interfaces. LLDP can also discover Linux servers, CDP cannot.
LLDP Link Layer Discovery Protocol Configuration
Our commands to configure LLDP on a Cisco router or switch, to turn it on, at global configuration we use the command:
To turn it off, we use the command:
no lldp run
To disable it at the interface level, we do it for both transmit and receive separately. To disable sending out information, we use the command:
no lldp transmit
To disable sending out information, we use the command:
no lldp receive
Our verification commands are again similar to CDP:
- show lldp - It will show if LLDP is enabled or not.
- show lldp neighbors - It will show a summary of our neighbors.
- show lldp neighbors detail - It will show more verbose output, including the IP addresses configured on those devices.
Cisco Discovery Protocol (CDP): https://learningnetwork.cisco.com/s/article/cisco-discovery-protocol-cdp-x
Text by Libby Teofilo, Technical Writer at www.flackbox.com
With a mission to spread network awareness through writing, Libby consistently immerses herself into the unrelenting process of knowledge acquisition and dissemination. If not engrossed in technology, you might see her with a book in one hand and a coffee in the other.