CNC Logo

Discovering Cisco Discovery Protocol

Peter J. Welcher

What Is Cisco Discovery Protocol?

Cisco Discovery Protocol, also known as CDP, is something Cisco has quietly added to its entire product line. If you haven't read your release notes carefully, you might not have noticed this feature. It's quietly there on your links, consuming a very small amount of bandwidth for a pretty good purpose.

The CDP protocol is media and network protocol independent. It works with Cisco bridges and switches. (Review question: what layer must it be operating at?) It provides a mechanism for two neighboring devices to learn about each other, even if they don't both speak the same network protocol. At the end of this article, we'll see what that might be useful for.

Technical Details

CDP uses SNAP frames at the data layer. Media that allow this: all LAN media, Frame Relay, and ATM.

The CDP information is sent periodically to a multicast address. The default period is 60 seconds. Using multicast is kinder and gentler than broadcasting it. It gives non-participants a chance to ignore the traffic, depending on how smart their NIC cards and drivers are.

The CDP announcement contains one or more addresses which can receive SNMP messages. There is also holdtime information in the announcement as well. This means that the information will be discarded if not refreshed before the holdtime expires.

Configuring CDP

Configuring CDP is easy: it's on by default on routers and interfaces (despite what some versions of the documentation may say). Other configuration commands: Some EXEC commands related to CDP:

Show Commands

There's the usual complement of show commands. These include: The options in square brackets allow greater specificity in what's displayed. Here's some sample show command output.

rome#show cdp ?

entry Information for specific neighbor entry

interface CDP interface status and configuration

neighbors CDP neighbor entries

traffic CDP statistics

<cr>

rome#show cdp entry paris

Note that nothing displayed -- the device name here is (currently) case-sensitive. So we need:

rome#sho cdp entry Paris

-------------------------

Device ID: Paris

Entry address(es):

IP address: 145.4.0.1

Novell address: A4.aa00.0400.0228

DECnet address: 10.2

Appletalk address: 1007.185

Platform: cisco 2500, Capabilities: Router

Interface: Ethernet0, Port ID (outgoing port): Ethernet0

Holdtime : 145 sec

Version :

Cisco Internetwork Operating System Software

IOS (tm) 3000 Software (IGS-J-L), Version 11.0(4), RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1995 by cisco Systems, Inc.

Compiled Mon 18-Dec-95 17:21 by alanyu

That's a lot of information about Paris! We can also pull out just parts of this:

rome#sho cdp entry Paris protocol

Protocol information for Paris :

IP address: 145.4.0.1

Novell address: A4.aa00.0400.0228

DECnet address: 10.2

Appletalk address: 1007.185

rome#sho cdp entry Paris version

Version information for Paris :

Cisco Internetwork Operating System Software

IOS (tm) 3000 Software (IGS-J-L), Version 11.0(4), RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1995 by cisco Systems, Inc.

Compiled Mon 18-Dec-95 17:21 by alanyu

If we want to check how CDP is configured on an interface:

rome#show cdp int e 0

Ethernet0 is up, line protocol is up, encapsulation is ARPA

Sending CDP packets every 60 seconds

Holdtime is 180 seconds

To see which neighboring routers CDP has learned about:

rome#show cdp neighbor

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

S - Switch, H - Host, I - IGMP

Device ID Local Intrfce Holdtme Capability Platform Port ID

york Ser 0 146 R 2500 Ser 0

Paris Eth 0 149 R 2500 Eth 0

kyoto Eth 1 132 R 2500 Eth 1

That's the short form. To get the full details:

rome#show cdp neighbor detail

-------------------------

Device ID: york

Entry address(es):

IP address: 145.3.0.1

Novell address: A3.0000.0c34.692c

Platform: cisco 2500, Capabilities: Router

Interface: Serial0, Port ID (outgoing port): Serial0

Holdtime : 139 sec

Version :

Cisco Internetwork Operating System Software

IOS (tm) 3000 Software (IGS-J-L), Version 11.0(4), RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1995 by cisco Systems, Inc.

Compiled Mon 18-Dec-95 17:21 by alanyu

-------------------------

Device ID: Paris

Entry address(es):

IP address: 145.4.0.1

Novell address: A4.aa00.0400.0228

DECnet address: 10.2

Appletalk address: 1007.185

Platform: cisco 2500, Capabilities: Router

Interface: Ethernet0, Port ID (outgoing port): Ethernet0

Holdtime : 140 sec

Version :

Cisco Internetwork Operating System Software

IOS (tm) 3000 Software (IGS-J-L), Version 11.0(4), RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1995 by cisco Systems, Inc.

Compiled Mon 18-Dec-95 17:21 by alanyu

-------------------------

Device ID: kyoto

Entry address(es):

IP address: 145.5.0.1

Novell address: A5.0000.0c7e.f635

Platform: cisco 2500, Capabilities: Router

Interface: Ethernet1, Port ID (outgoing port): Ethernet1

Holdtime : 123 sec

Version :

Cisco Internetwork Operating System Software

IOS (tm) 3000 Software (IGS-J-L), Version 11.0(4), RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1995 by cisco Systems, Inc.

Compiled Mon 18-Dec-95 17:21 by alanyu

And finally, we can use a show command to find out how much CDP traffic we've been processing:

rome#sho cdp traffic

CDP counters :

Packets output: 49, Input: 44

Hdr syntax: 0, Chksum error: 0, Encaps failed: 0

No memory: 0, Invalid packet: 0, Fragmented: 0

Debugging CDP

If you want to, you can use debug to watch the CDP activity. There are three variants available:

So What's In It For Me?

That may all look nifty but rather technical. Why should we care about CDP?

Cisco is not hiding anything here: the documentation states that a SNMP management application can learn protocol addresses and device types of neighboring devices, by retrieving the CDP tables from an SNMP agent in a Cisco device. That means a full multi-protocol network discovery engine could be built using CDP.

The original intent might have been to get at vLAN's to manage switches. But think about the potential: Cisco or a third party can now build an HP OpenView or IBM NetView add-on that does discovery and generates topology maps, one for each network protocol. The HP OpenView architecture seems to be intended to support precisely this sort of third-party functionality. In addition, DEC's new NT-based network management architecture should accomodate this.

Come to think of it, the Netsys Baseliner product already generates topology maps from configuration files. The user can look at a map showing one of several IP views, an IPX view, an Appletalk view, or a RSRB view. Wouldn't it be nice to be able to do network discovery using CDP, then pull back router configuration files (with a little help as to the read-write SNMP community string perhaps), then do the syntax and other configuration validation processes Netsys does?

This is all pure speculation on my part, of course. I'd just like to see this marvelous functionality put to good use. And maybe standardized, so other vendors can tie into the scheme. (Remember Cisco's CITI common topology initiative?)

All in all, that's a lot of mileage from a very simple little protocol!

Dr. Peter J. Welcher (CCIE #1773, CCSI #94014) is a Senior Consultant with Chesapeake NetCraftsmen. NetCraftsmen is a high-end consulting firm and Cisco Premier Partner dedicated to quality consulting and knowledge transfer. NetCraftsmen has nine CCIE's, with expertise including large network high-availability routing/switching and design, VoIP, QoS, MPLS, network management, security, IP multicast, and other areas. See http://www.netcraftsmen.net for more information about NetCraftsmen. Pete's links start at http://www.netcraftsmen.net/welcher . New articles will be posted under the Articles link. Questions, suggestions for articles, etc. can be sent to pjw@netcraftsmen.net . 


4/96
Copyright 1996, Peter J. Welcher