Detailed introduction to vro discovery protocols

The Discovery protocol can use the Neighbor Discovery Protocol to discover a neighboring router and use it as its own default gateway. The node uses the Neighbor Discovery Protocol to actively track whether the neighbor is reachable and detect the change of the neighbor data link layer address.

When the router or the path to the router fails, the host actively searches for available routers or paths based on this protocol.

1. The Discovery protocol is used to discover all Cisco network devices directly connected to local devices. Each router running the Discovery Protocol will exchange protocol information with its neighbors, the information exchange result can be displayed on the console connected to the local router, this command can reflect the device ID, Local interface, connection retention time, function, platform, port ID, VTP management domain name, local Vlan, working mode, and other rich information. If this information is not enough, you can add the parameter detail after this command. In this case, you can display more detailed information.

Ii. By default, the Discovery protocol is globally enabled. However, if it is used together with older Cisco devices, you may need to manually start the Discovery protocol. You can RUN the cdp run Command, you need to enter the interface configuration mode and enable cdp on the interface using CDP enable. However, unlike the global mode, the Discovery Protocol on the interface is not enabled by default.

3. view the data frame transmission information. You need to know the data frame transmission information during network maintenance and optimization.

To understand this information, you can use this command to obtain CDP information for notifying and discovering data frame transmission. The information includes the retention time, the frequency of CDP Group Sending, the time of interface encapsulation, and the management and protocol of the street.

Iv. Although the CDP protocol can automatically discover new network devices, on the one hand, it increases the flexibility of the network, and on the other hand, it also brings great security risks to the network, for example, if an attacker breaks a vro or vswitch, the attacker can use the Discovery Protocol to learn information about the detours connected to the device, this provides important information for the next attack. If you want to disable CDP at the global level, you can use the no cdp run Command in global configuration mode.

5. Sometimes the Protocol may also go wrong. Pay attention to the status of cdp in the ISO7 layer architecture. The Discovery protocol is one of the Layer 2 protocols specified in ISO. Specifically, is located above the subnet access protocol. The second layer connects the underlying physical media and the network layer protocol of the upper layer. It is found that the Protocol is different from the TCP or Telnet protocol. It is the proprietary protocol of Cisco network equipment, it can only run on Cisco network devices.

6. Pay attention to the connection and difference between the CDP protocol in the global configuration mode and the interface configuration mode, that is, remember that the principle is big or small, that is, if the CDP protocol is in the global configuration mode, if the Discovery protocol is disabled, the CDP protocol cannot be enabled in interface mode.

The CDP protocol may leak some sensitive information in the network and provide convenience for attackers. Therefore, in some enterprises with high security requirements, financial enterprises such as banks often disable this protocol.