CDP is a very useful protocol. It is a fantastic tool for searching the details about the directly connected devices. However, being Cisco propriety, it only works if the connected device is a Cisco device. It sends messages to the directly connected devices, those messages contain details about the host, devices, network, IOS, ports, etc. It is enabled by default on all cisco devices.
CDP protocol generates messages every 60 seconds, these messages are received by the neighbor device and then the information is stored in the database.
CDP provides us with very important information that is quite useful if we do not have a complete diagram or have incomplete documentation about the network.
By using CDP we can find out the following information:
Hostname of the remote devices
Local and remote interfaces on which the devices are connected
Type of device and the platform
IP address of the connected devices
Version of IOS running
Although CDP provides good information about the directly connected devices however it can also pose security threat to the network as hackers can identify and gather information very easily if one device in the network is compromised so it is the best practice to use this protocol very carefully and disable this protocol on devices which are highly secure. For e.g we should not send CDP messages on the interface that is connecting outside of our network.
If we do not have the cisco device on the other end then CDP protocol will not work however we can use the LLDP (Link Layer Discovery Protocol) as an alternative since it is a non propetiary protocol so most of the vendors support this protocol. It is an industry standard protocol with the same functionality.
In this lab, you will be required to find information about directly connected devices. To find complete information and details of all the devices, you have to use telnet because CDP can only provide information about directly connected devices. In the below lab, ‘device0’ does not have a direct link to all Cisco devices. And finally, we have to disable the CDP on fast Ethernet 0/5 interface of the router 5 – which is connected with the ISP router – because we do not want to pass our internal network information to the internet service provider (ISP).
CDP in packet tracer
1. Use CDP commands to find out Cisco devices 1 to 5
2. Find out their IPs and interfaces on which they are connected.
3. Disable CDP on interface FastEthernet 0/1 of device 5
(YOU ARE ONLY ALLOWED TO ACCESS SWITCH 0 THROUGH CONSOLE CONNECTION)
(USE TELNET TO ACCESS DEVICE 1)
(TELNET PASSWORD – cisco)
(Privileged mode password – cisco)
Router#show cdp neighbors
Router#show cdp neighbors detail
From Switch 0
local interface – Remote interface and IP address
1. FastEthernet 0/1 FastEthernet 0/1- 192.168.1.100
2. FastEthernet 0/2 FastEthernet 0/0- 192.168.1.3
3. FastEthernet 0/3 FastEthernet 0/0- 192.168.1.4
From Switch 1
4. FastEthernet 0/2 FastEthernet 0/0- 192.168.1.45/24
5. FastEthernet 0/3 FastEthernet 0/0- 192.168.1.43/24
Router(config)#interface fastethernet 0/1
Router(config-if)#no cdp enable