CDP Discovery Protocol maintenance and troubleshooting (1)

When a vro or vswitch is added to the network, how does the existing network device automatically discover this "new neighbor? For Cisco, the CDP Discovery protocol works. In short, CDP discovery protocols are used to obtain information about neighboring devices. The information includes the type (vswitch or vro) of the connected device, the interface of the connected vro, the interface of the local connection, and the number of devices. In this article, I mainly want to introduce the maintenance of the CPD protocol and how to eliminate the faults related to this Protocol.

1. Obtain information about a neighbor Device

The CDP Discovery protocol is used to discover all Cisco network devices that are directly connected to local devices. Note that the attribute "Direct Connection" is critical to this sentence. If the two devices are connected to other devices, they cannot be found.

Each vro running the CDP Discovery Protocol will exchange protocol information with its neighbors. If necessary, the network administrator can display the CDP information exchange result on the console connected to the local router. As shown in, run the show cdp neighbors command on any vro or vswitch device, the information about the device that is directly connected to the vro or vswitch is displayed.

From the figure above, we can draw the following conclusion.

First, most of the CDP maintenance tasks must be performed in the privileged mode. As shown in, at the beginning, I used the Enable command to enter the privileged mode. Only in this mode can the information of the neighbor device be viewed. Note that you must operate in privileged mode.

Second, the command input skills. This command is relatively long. It is time-consuming and labor-consuming to input characters one by one. Moreover, the word neighbors is prone to spelling errors. In this case, you need to use the History commands of IOS software. In actual work, you only need to enter the nei three characters, and then press the Tab key, the system will automatically complete the subsequent payment, without losing the full. This is a good news for users who are not very good at English.

Third, the information reflected by this command. As shown in, this command can reflect the device ID, Local interface, connection retention time, function, platform, port ID, VTP management domain name, local Vlan, working mode (full or half duplex) and so on. If the information does not meet the requirements of the network administrator, you can add the detail parameter to the command. In this case, more detailed information can be displayed.

This information is very helpful for routine network maintenance. For example, the administrator can understand all the information about the relevant devices on the network and help the Administrator better understand the topology of the existing network. It also has great value for subsequent network maintenance and optimization.

Ii. Maintain and monitor CDP Information

1. enable or disable CDP.

By default, CDP discovery protocols are globally enabled. However, if it is used together with older Cisco devices, you may need to manually start the Discovery protocol. For example, when a vro is connected to a vswitch of the 1900 Series, you must manually enable the protocol on the vswitch. If you want to enable the CDP Discovery Protocol globally on the vro, RUN the cdp run Command. In Versions later than IOS 10.3, CDP Discovery protocol is also supported in interface mode. To enable this feature, you need to enter the interface configuration mode, and then enable cdp on the interface using CDP enable. However, unlike the global mode, CDP discovery protocols on interfaces are not enabled by default.

2. view the data frame transmission information. During network maintenance and optimization, you need to know the information about data frame transmission. The network administrator can use the show cdp interface command to view the information. The result is as follows:

You can use this command to obtain the information that CDP uses to advertise and discover data frame transmission. The information includes the retention time, the frequency of CDP Group Sending, the time of interface encapsulation, and the management and protocol of the street. Undoubtedly, this information will be of great reference value for subsequent maintenance, especially for optimization of CDP performance.

3. disable CDP Discovery protocol.

Although CDP can automatically discover new network devices, it is a double-edged sword in the eyes of network administrators. On the one hand, it increases the flexibility of the network, and on the other hand, it also brings a lot of security risks to the network. If an attacker breaks a vro or vswitch, the attacker can use the CDP Discovery Protocol to learn information about the detour devices connected to the attacker. This provides important information for the next attack. For this reason, if you do not like the information of a certain device for security purposes, you must disable the CDP Discovery protocol for this specific device. If you want to disable CDP at the global level, you can use the no cdp run Command in global configuration mode.

However, before taking this operation, I think managers need to first understand the relationship between global configuration and interface configuration. As mentioned above, in Versions later than IOS10.3, CDP supports both global and interface modes. Under what circumstances, if the CDP Discovery Protocol in global configuration mode is disabled, what is the impact on the CDP Discovery Protocol in interface mode? Note that if the CDP Discovery protocol is disabled in global configuration mode, the CDP Discovery Protocol cannot be enabled on the interface.