What is CDP? – Explained 

what is cdp

What is CDP in Networking?

The Cisco Discovery Protocol (CDP) is a network protocol developed by Cisco Systems, which operates at the data link layer (Layer 2) of the OSI model. It is a Cisco proprietary protocol. CDP is used to collect information about nearby Cisco devices within a local network. CDP is used for network management.   

Cisco discovery protocol provides information about the following parameter: – 

  • Topology Discovery 

CDP helps Cisco devices to discover their directly connected neighbours and obtain information about adjacent devices. This helps the network administrator to map out the network topology i.e., to map the network.  

  • Neighbour Information 

CDP advertisements provide details about the neighbouring Cisco devices which include the information of the type of device connected i.e., switch, router, multilayer switch, etc., the software version of the connected device, VLAN information, IP Address, and even the interface it is using for the connectivity.  

  • Network Monitoring 

CDP helps in network monitoring and troubleshooting by providing real-time information about the status of the device.  

  • Automatic Device Detection 

CDP helps to automatically detect and recognize devices even when a new device is connected to the network. 

All this information is helpful to create the network map, document the network, and troubleshoot in case of outages. Cisco Discovery protocol is enabled by default. 

How does the Cisco discovery protocol work?

All Cisco devices transmit CDP Packets periodically. Receiving devices process the packet and make a cache of the information received. If receiving packet has information different from already cached information, the new information is cached and the older cache is removed. CDP uses various timers to control the CDP advertisements and the expiration of outdated information. This timer helps to manage the frequency of CDP packets.  

Timers are as follows: –  

  • Advertisement Timer 

This timer controls how often a Cisco device sends out CDP advertisements to its directly connected neighbours. By default, the advertisement timer is set to 60 seconds on most Cisco devices. This means that every 60 seconds, the device will multicast a CDP advertisement packet to inform its neighbours about its presence and current status.  

  • Hold Time Timer 

The hold time timer is the duration of time that a receiving device considers CDP information valid before discarding it if no new updates are received. The default hold time is 180 seconds (3 times the advertisement timer). When a device receives a CDP advertisement, it sets its hold time to the received hold time value. If no new updates are received from the same neighbour before the hold time expires, the information about that neighbour is removed from the CDP table.  

  • TTL (Time to Live) Timer 

The TTL timer is used to control the maximum time that a CDP advertisement can live in the network before it expires. Each CDP advertisement packet contains a Time to Live (TTL) value, which is set to a default of 180 seconds (3 minutes). This TTL value is decremented by one as the packet is forwarded through each network hop. When the TTL reaches zero, the packet is discarded, preventing old CDP information from circulating indefinitely. 

What are the drawbacks of CDP?

The drawbacks of CDP are as follows-  

  • CDP is a Cisco proprietary protocol, so it cannot be used to discover devices other than Cisco or devices of different vendors.  
  • In large networks, excessive CDP advertisement can create additional traffic and network congestion resulting in an impact on network performance.
  • CDP Spoofing 

CDP is also prone to spoofing. In CDP spoofing, the attacker sends out a packet with a multicast address the same as that of the destination address of CDP i.e., 01:00:0C:CC:CC:CC, and fake MAC Address as source address. When devices receive these large number of frames, it will add CDP information to the table. The device may not be able to handle this large number of frames and eventually crashes. 

  •  Configuration 

CDP

S1#show cdp neighbors  

Capability Codes:

R – Router, T – Trans Bridge, B – Source Route Bridge 

S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone 

Device ID         Local Interface            Holdtime           Capability            Platform           Port ID 

       R1                     Fas 0/2                         162                        R                     ISR4300            Gig 0/0/0 

       S2                     Fas 0/1                         139                        S                         2960               Fas 0/1 

As we can see that there are 2 directly connected devices with S1.  

  • Device ID 

The hostname of the directly connected devices  

  • Local Interface 

The interface of S1 on which CDP messages are received. In our case R1 is sending messages to Fas0/2 and S2 is sending messages to Fas0/1, which also tells about the interface on S1 through which R1 and S2 are connected.  

  • Holdtime 

Amount of time S1 holds the information if no more packets are received.  

  • Capability 

It shows the type of device connected. In our example, R1 is a router, hence capability is denoted as R. Similarly, S2 is a switch hence it is denoted as S.  

  • Platform

It tells about the OS and the device model.  

  • Port ID

It is the interface of the neighbouring device through which the CDP packet is sent. In our example, the Port ID of R1 is Gig 0/0/0, hence S1 is connected to R1 with Gig 0/0/0 interface. 

To get further information on the connected devices we can use the following command- 

S1#show cdp neighbors detail  

Device ID: R1 

Entry address(es):  

IP address : 192.168.12.1 

Platform: cisco ISR4300, Capabilities: Router 

Interface: FastEthernet0/2, Port ID (outgoing port): GigabitEthernet0/0/0 

Holdtime: 140 

Version : 

Cisco IOS Software [Everest], ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 16.6.4,RELEASE SOFTWARE (fc3) 

Technical Support: http://www.cisco.com/techsupport 

Copyright (c) 1986-2018 by Cisco Systems, Inc. 

Compiled Sun 08-Jul-18 04:33 by mcpre 

advertisement version: 2 

Duplex: full 

————————— 

Device ID: S2 

Entry address(es):  

Platform: cisco 2960, Capabilities: Switch 

Interface: FastEthernet0/1, Port ID (outgoing port): FastEthernet0/1 

Holdtime: 176 

Version : 

Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 15.0(2)SE4, RELEASE SOFTWARE (fc1) 

Technical Support: http://www.cisco.com/techsupport 

Copyright (c) 1986-2013 by Cisco Systems, Inc. 

Compiled Wed 26-Jun-13 02:49 by mnguyen 

advertisement version: 2 

Duplex: full 

What is LLDP?

LLDP (Link Layer Discovery Protocol) is an industry-standard network protocol defined by the IEEE 802.1AB standard. It operates at the data link layer (Layer 2) of the OSI model and is used for discovering information about neighbouring network devices.   

The working mechanism of LLDP is similar to CDP but the major difference is that LLDP is an open-source protocol while CDP is Cisco Proprietary. Since LLDP is a vendor-neutral protocol, it allows devices from different vendors to exchange essential information. When a network device supports LLDP, it periodically sends out LLDP packets, known as LLDP advertisements, on each active network interface. These advertisements contain information about the sending device, such as its device type, capabilities, system name, management address, and port details. The receiving devices process these advertisements and store the information in their respective LLDP tables.   

LLDP packets are sent as multicast frames, which implies that they are received only by devices interested in LLDP information, hence minimizing network overhead.  

LLDP is used in cases where you have a network with devices from different vendors like Cisco, Juniper, HP, Aruba, etc. For example, if a Juniper switch is connected to an HP router, LLDP will allow the Juniper switch to discover the neighbour HP router and exchange essential information. 

Let’s use the same topology as we used in the case of CDP- 

LLDP

To enable LLDP-  

Switch#configure terminal 

S2(config)#lldp run 

S2(config)#exit  

S2#show lldp neighbors  

Capability codes: 

(R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device 

(W) WLAN Access Point, (P) Repeater, (S) Station, (O) Other 

Device ID          Local Interface          Hold-time             Capability               Port ID 

Total entries displayed: 0 

Since I have enabled LLDP only on S2, hence no other devices are transmitting LLDP packets, hence total entries are 0.  

Let us enable LLDP on devices one at a time. 

S2#show lldp neighbors  

Capability codes: 

(R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device 

(W) WLAN Access Point, (P) Repeater, (S) Station, (O) Other 

Device ID         Local Interface          Hold-time             Capability              Port ID 

        S1                        Fa0/1                      120                              B                     Fa0/1 

Total entries displayed: 1 

Enabled LLDP on S1 and S2, hence S1 started transmitting LLDP packets and S2 can locate details of it. 

S2#show lldp neighbors  

Capability codes: 

(R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device 

(W) WLAN Access Point, (P) Repeater, (S) Station, (O) Other 

Device ID          Local Interface           Hold-time             Capability             Port ID 

      S1                          Fa0/1                         120                           B                        Fa0/1 

      R2                          Fa0/3                         120                           R                        Gig0/0/0 

Total entries displayed: 2 

Similarly enabled LLDP on R2 as well. 

To get further details of connected devices use: – 

S2#show lldp neighbors detail 

It is important to note that LLDP needs to be enabled on each Cisco device so that they start transmitting LLDP packets. Enabling LLDP becomes necessary when we have other vendor devices as well in our network. Else if we have only Cisco devices which are quite expensive, there is no need to enable LLDP and CDP can help us get the neighboring devices information. 

1 thought on “What is CDP? – Explained ”

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.