CDP & LLDP

Done

Operate at Layer 2

Both discover and share information about neighbor devices
- Hostname
- IP Address
- Device Type
- Interface
- Etc.

🚨

IMPORTANT: They are a security risk outside of a controlled environment like a lab.

🚨

IMPORTANT: CDP and LLDP messages are not forwarded! The device can only see its neighbors.

CDP

It is a Cisco`s proprietary technology. The devices share information by sending cdp messages through the Multicast MAC Address of 0100.0CCC.CCCC.

It is globally enabled by default. Also, all interfaces have it enabled by default.

These messages are sent every 60 seconds. When a Cisco`s device receive a CDP message, it will add it to its CDP Neighbor Table.

Timer: 60 seconds

Holdtime: 180 seconds

💡

NOTE: CDPv2 is used by default.

💡

NOTE: The Multicast MAC Addres of 0100.0CCC.CCCC is used by multiple Cisco`s proprietary protocols like VTP, DTP, PAgP and UDLD.

CDP Show commands

CDP

CDP message sending times

CDP “dead timer”

CDP Version

show cdp

Traffic

Shows basically the statistics of the sent and received CDP messages

show cdp traffic

Interface

Shows information about all the interfaces or the specified ones

show cdp interface [interface-id]

Neighbors

Probably the most important command, it shows information about the connected Cisco devices.

show cdp neighbors [detail]

Device ID → Hostname used on the neighboring device / MAC Address / Serial Number

Local Interface → What physical interface is connected to that neighbor

Holdtime → Tracks the time to delete a CDP neighbor

Capability → What that device is capable of

Platform → Neighbor`s model

Port ID → What is the neighbor`s physical interface

💡

NOTE: CDP is capable of seeing the VTP domain of the neighboring device, since VTP is a Cisco`s proprietary protocol.

See details about a specific neighbor

show cdp entry {neighbor-name}

Configure CDP

Enable/Disable

configure terminal
[no] cdp run

Enable/Disable per-interface

configure terminal
interface g0/0   // Interface used as an example
[no] cdp enable

Set CDP Timer

configure terminal
cdp timer {seconds}

Set CDP Holdtime

configure terminal 
cdp holdtime {seconds}

Select version of CDP

configure terminal

LLDP

It is a industry standard IEEE 802.1AB

It is disabled by default on Cisco`s devices globally and in all interfaces, meaning that to use it you have:

Enabled it globally

Enable it in each interface to transmit LLDP messages

Enable it in each interface to receive LLDP messages

Multicast MAC Address → 0180.C200.000E

Timer: 30 seconds

Holdtime: 120 seconds

💡

NOTE: LLDP will not be immediately enabled when the command is issued, it will waits its “reinitialization delay” to start, which is 2 seconds by default.

Configure LLDP

Enable/Disable

configure terminal
[no] lldp run

Enable it in an interface

Transmit

configure terminal
interface g0/0 //Random Interface
lldp transmit

Receive
```
lldp receive
```

Change Timer

configure terminal
lldp timer {seconds}

Change Holdtime

configure terminal
lldp holdtime {seconds}

Change the Reinitialization Delay

configure terminal
lldp reinit {seconds}

Show Commands

LLDP

Status / Timer / Holdtime / Reinitialization delay

show lldp

Traffic

Statistics

show lldp traffic

Interface

Show information about all the interfaces or only one

show lldp interface [interface-id]

Neighbors

show lldp neighbors [detail]

💡

NOTE: There is no model information.

💡

NOTE: B is used for switches instead of S.

🚨

IMPORTANT: In the detailed version, you can see again the device`s capabilites and what is enabled in it in system capabilities and enabled capabilites, respectivel.

View details about a specific neighbor

show lldp entry {neighbor-name}