How to configure CDP – Cisco Discovery Protocol

In this article we will see how you can easilly configure and tune router CDP capabilities. If you are more interested in what CDP really means and how it works, visit “about CDP” article.

Cisco config

To see simple CD operation and use information that CDP can give you first thing to doo is learn how is possible to turn CDP on and off. If you, for example, want to list the summary information about what devices are connected to your router you can either selectively enable or disable Cisco Discovery Protocol on the entire router, or on individual interfaces. This is done by next couple of commands:

R1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#cdp run
R1(config)#interface Serial0/0
R1(config-if)#cdp enable
R1(config-if)#exit
R1(config)#interface FastEthernet0/0
R1(config-if)#no cdp enable
R1(config-if)#exit
R1(config)#interface FastEthernet1/0
R1(config-if)#cdp enable
R1(config-if)#end
R1#

Remember that CDP is enabled by default on all Cisco routers and Switches and on all interfaces. In the case that you don’t think CDP is enabled, you can enable it by typing:

R1(config)#cdp run

Sometimes you don’t want that CDP is enabled on some particular interface because of security or some other reason. In that case, on that interface, you can turn CDP off  by typing the following command:

R1(config)#interface Serial0/0
R1(config-if)#no cdp enable

Note that CDP works only with Cisco Routers and Switches and you will not be able tu use it on other equipment. This is because CDP is a Cisco proprietary protocol. If in your case your are using Cisco equipment then you are sure that you can use CDP for gathering different information from your network. First thing that CDP will help you to see is the list of devices in your network. This list will be a list of adjacent devices that also happen to be running CDP

show cdp neighbors command is the command to show this list:

R1#show cdp neighbors 
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
Router2          Ser 0/0            179          R        2621      Ser 0/1
Switch1          Fas 1/0            152         T S       WS-C2924  2/2
R1#

This list of neighboring devices contains the name, type and model number of each neighbor. It also includes interfaces on our router and neighboring router with which we are connected.

Last device on the list is Cisco switch. This maybe does not seem at first like a big deal but it points out the most useful features of CDP. While all other mechanisms can tell you who are your Layer 3 neighbors, CDP will gives you information about the Layer 2 neighbors. This will work even when the Layer 2 neighbor like switch does not have an IP addresses configured.

With “detail” keyword you can see more info about every neighboring device:

R1#show cdp neighbors detail
-------------------------
Device ID: Router2
Entry address(es):
  IP address: 10.1.1.2
Platform: cisco 2621,  Capabilities: Router
Interface: Serial0/0,  Port ID (outgoing port): Serial0/1
Holdtime : 136 sec

Version :
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-IK9O3S-M), Version 12.2(13), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Tue 19-Nov-02 22:27 by pwade

advertisement version: 2

Device ID: Switch1
Entry address(es):
  IP address: 172.25.1.4
Platform: WS-C2924,  Capabilities: Trans-Bridge Switch
Interface: FastEthernet1/0,  Port ID (outgoing port): FastEthernet0/12
Holdtime : 116 sec

Version :
Cisco Internetwork Operating System Software
IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5)WC3b, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Fri 15-Feb-02 10:14 by antonino

advertisement version: 2
Duplex: full

CDP can tell you whole bunch of info about neighbors. It will show:

  • IP addresses of the adjacent interfaces
  • details about the Cisco IOS version

In the new version of CDP (Version 2) that is available from IOS Version 12.0(3)T it can show three new things that are useful on LANs:

  • VTP Domain Name
  • 802.1Q Native VLAN
  • Duplex

Duplex option in CDP is now enabling routers and switches to automatically detect adn solve duplex mismatches.

CDP Version 2 is enabled by default. If you don’t like that, you can globally disable Version 2 support with this command:

R1(config)#no cdp advertise-v2

If you are not sure what Version of CDP is running and maybe you need some other info about CDP protocol on your device show cdp command will tell you all:

R1#show cdp
Global CDP information:
        Sending CDP packets every 60 seconds
        Sending a holdtime value of 180 seconds
        Sending CDPv2 advertisements is  enabled
R1#

You can see some default timers value on the R1 router. CDP advertisement packets are sent every 60 seconds. The holdtime parameter is the length of time the router will wait to hear the next CDP advertisement from one of its neighbors before flushing the corresponding entry from its CDP neighbor table.

Of course, sometimes you want that CDP on your network to responds faster. You can tune these parameters globally for the entire router and in this way modify the ratio between more bandwidth for faster response of the networks CDP or less bandwidth with slower CDP response:
To clear this up. Faster CDP response means that CDP timer and holdtime is tuned to less seconds. This means more CDP advertisement in the same period of time that will take more bandwidth. More advertisements and less holdtime will make detection of missing neighbor faster.

R1(config)#cdp timer 30
R1(config)#cdp holdtime 240

The advertisement timer can have any value between 5 and 254 seconds, while the hold timer must be between 10 and 255 seconds.

Disabling the Cisco Discovery Protocol

The main reason for witch you don’t want to allow adjacent devices to gain information about this router and switches is for security reasons. If you are interested in different ways that CDP can be used as a security threat to your network visit our CDP protocol Layer 2 attacks article – CDP attacks.

You can disable CDP on a single interface by using the command:

R1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#cdp run
R1(config)#interface FastEthernet0/0
R1(config-if)#no cdp enable
R1(config-if)#end
R1#

Or you can disable CDP on the whole router:

R1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#no cdp run
R1(config)#end
R1#

 

Juniper configuration
CDP – Cisco Discovery protocol is Cisco proprietary protocol that can’t be configured or activated on other vendors products. However, there is a solution in LLDP – Link Layer Discovery Protocol that is industry standard technology. It can be easily configured of Juniper devices and if you are interested how is this done just visit Configuring LLDP

Check other CDP and LLDP articles:

 

 

 

 

 


Leave a Reply