1
00:00:00,000 --> 00:00:05,000
Sometimes you believe the network is cabled in a certain way

2
00:00:05,000 --> 00:00:09,000
whereas in reality it's cabled  differently

3
00:00:09,000 --> 00:00:12,000
so you may think that 1  device is connected to another device

4
00:00:12,000 --> 00:00:15,000
but that’s not actually how it's cabled.

5
00:00:15,000 --> 00:00:18,000
Cisco discovery protocol or CDP

6
00:00:18,000 --> 00:00:21,000
and the industry standard version Link Layer Discovery Protocol or LLDP

7
00:00:21,000 --> 00:00:27,000
are protocols that run at layer 2 in the OSI model

8
00:00:27,000 --> 00:00:30,000
and allow you to discover how devices  are connected to each other

9
00:00:30,000 --> 00:00:36,000
this runs independently of protocol such as IPv4 and IPv6

10
00:00:36,000 --> 00:00:41,000
CDP and LLDP are a great way to discover how devices are connected

11
00:00:41,000 --> 00:00:47,000
and allow you to verify documentation as well as great new documentation.

12
00:00:47,000 --> 00:00:54,000
CDP is Cisco propriety and well typical only discover other Cisco devices.

13
00:00:54,000 --> 00:01:00,000
please be aware that some vendors such as HPE do not send CDP messages

14
00:01:00,000 --> 00:01:03,000
but will receive CDP messages

15
00:01:03,000 --> 00:01:07,000
and hence they can see which Cisco devices are connected directly to them

16
00:01:07,000 --> 00:01:11,000
but a Cisco devices will not be able to see the switches

17
00:01:11,000 --> 00:01:13,000
and routers from other vendors

18
00:01:13,000 --> 00:01:17,000
such as HPE unless the Cisco devices are enabled for LLDP.

19
00:01:17,000 --> 00:01:22,000
CDP uses multicast frames which I'll demonstrate in a moment

20
00:01:22,000 --> 00:01:26,000
but once again doesn’t rely on higher layer protocols.

21
00:01:26,000 --> 00:01:29,000
We'll start with the simple GNS3 topology

22
00:01:29,000 --> 00:01:33,000
and then I’ll show you a more complex 1 in a different video.

23
00:01:33,000 --> 00:01:36,000
In this GNS3 topology, I’ve got 3 Cisco routers.

24
00:01:36,000 --> 00:01:41,000
one of them is connected to a hub which is bridge to my Local Area Network

25
00:01:41,000 --> 00:01:45,000
which will allow me to see physical devices in the network.

26
00:01:45,000 --> 00:01:49,000
Router 1 and router 2 are configured with IP addresses

27
00:01:49,000 --> 00:01:57,000
on their FastEthernet 0 interfaces, router 2 is using DHCP on this interface

28
00:01:57,000 --> 00:02:00,000
but this network hasn’t been configured.

29
00:02:00,000 --> 00:02:03,000
So let’s see how that affects CDP.

30
00:02:03,000 --> 00:02:06,000
Firstly on router 1,  sh cdp neighbors

31
00:02:06,000 --> 00:02:12,000
What you'll notice is it sees the directly connected neighbor router 2

32
00:02:12,000 --> 00:02:14,000
but no others neighbors.

33
00:02:14,000 --> 00:02:16,000
I could also use the details command

34
00:02:16,000 --> 00:02:20,000
to see detailed information about that neighboring router.

35
00:02:20,000 --> 00:02:23,000
you can see as an example the IP address of the neighbor

36
00:02:23,000 --> 00:02:29,000
the platform, the capabilities, in other words, this supports routing

37
00:02:29,000 --> 00:02:32,000
it supports switching and it supports IGMP

38
00:02:32,000 --> 00:02:36,000
IGMP is used in multicast applications.

39
00:02:36,000 --> 00:02:41,000
We could see the version of operating system that that router is using.

40
00:02:41,000 --> 00:02:49,000
on router 2 sh cdp neighbors this shows a lot more detail

41
00:02:49,000 --> 00:02:55,000
we can see router 1 once again, connected via FastEthernet 0/0

42
00:02:55,000 --> 00:02:57,000
we can see its a 3725 router

43
00:02:57,000 --> 00:03:02,000
but in addition, we can see a Cisco Unified Communication Manager

44
00:03:02,000 --> 00:03:08,000
this is a Linux server that runs the Cisco Unified Communication Manager software

45
00:03:08,000 --> 00:03:12,000
that’s running within the VMware and is using Ethernet 0

46
00:03:12,000 --> 00:03:17,000
somewhere in the cloud here to connect back through the hub to router 2.

47
00:03:17,000 --> 00:03:24,000
Now CDP only shows you directly connected devices that are running CDP

48
00:03:24,000 --> 00:03:29,000
so as an example, router 1 doesn’t see these devices

49
00:03:29,000 --> 00:03:32,000
because router 1 is separated from them by router 2

50
00:03:32,000 --> 00:03:35,000
but CDP messages are sent through a hub

51
00:03:35,000 --> 00:03:40,000
and any other layer 2 switches in the topology that are not running CDP

52
00:03:40,000 --> 00:03:44,000
so there are actually some Cisco switches in this cloud

53
00:03:44,000 --> 00:03:50,000
that connect router 2 to some of these devices such as the IP phones

54
00:03:50,000 --> 00:03:53,000
but those Cisco switches are not running CDP

55
00:03:53,000 --> 00:03:55,000
and hence are not seen in the topology.

56
00:03:55,000 --> 00:04:02,000
So be careful CDP shows you directly connected devices that are running CDP.

57
00:04:02,000 --> 00:04:05,000
This hub as an example is not running CDP

58
00:04:05,000 --> 00:04:09,000
it's layer 1 device so CDP messages are transparently sent through it

59
00:04:09,000 --> 00:04:12,000
to devices in the cloud

60
00:04:12,000 --> 00:04:15,000
and they transparently send CDP messages back to router 2.

61
00:04:15,000 --> 00:04:21,000
In addition, there are layer 2 Cisco switches

62
00:04:21,000 --> 00:04:25,000
these are small personal switches that are not running CDP

63
00:04:25,000 --> 00:04:27,000
and they don’t show up in the topology

64
00:04:27,000 --> 00:04:31,000
these 2 phones as an example are powered by Cisco switch.

65
00:04:31,000 --> 00:04:35,000
So CDP does show you directly connected neighbors

66
00:04:35,000 --> 00:04:39,000
that would be the exam answer, in the real world, it’s not as simple as that.

67
00:04:39,000 --> 00:04:43,000
Let’s look at some details so sh cdp neighbor detail

68
00:04:43,000 --> 00:04:50,000
We can see some information about the Cisco Unified Communication Manager server

69
00:04:50,000 --> 00:04:52,000
you can see as an example that it’s running on Linux

70
00:04:52,000 --> 00:04:56,000
we can see a Cisco 3750 switch here

71
00:04:56,000 --> 00:05:01,000
scrolling down, we can see a Cisco IP phone

72
00:05:01,000 --> 00:05:05,000
notice it's Cisco DX650 that’s it's IP address.

73
00:05:05,000 --> 00:05:11,000
We could as an example, open up a web browser to that phone.

74
00:05:11,000 --> 00:05:14,000
In this case, the phone is supporting a web browser

75
00:05:14,000 --> 00:05:18,000
so we can see details about the phone including its telephone number.

76
00:05:18,000 --> 00:05:25,000
CDP is great for discovering devices on the network

77
00:05:25,000 --> 00:05:29,000
but also is a security risk because you can discover the devices on the network.

78
00:05:29,000 --> 00:05:34,000
That may be good for you but maybe bad if you have a hacker

79
00:05:34,000 --> 00:05:37,000
or someone inquisitive to find out what you’re running.

80
00:05:37,000 --> 00:05:44,000
So as an example, I can connect to the Cisco Communication Manager

81
00:05:44,000 --> 00:05:47,000
and if I knew the username and password or hack it

82
00:05:47,000 --> 00:05:54,000
I could then discover other devices in the topology.

83
00:05:54,000 --> 00:06:00,000
So back on router 2, there’s a CUCM, there’s a 3750

84
00:06:00,000 --> 00:06:07,000
here’s my Cisco phone DX650, I can see as an example

85
00:06:07,000 --> 00:06:10,000
the power that's drawn by that phone

86
00:06:10,000 --> 00:06:13,000
I can see the operating system that it's running

87
00:06:13,000 --> 00:06:17,000
I can see which port it's using to connect back to router 2

88
00:06:17,000 --> 00:06:23,000
so router 2 is using F0/1 that phone is using port 1.

89
00:06:23,000 --> 00:06:29,000
Here’s another phone Cisco 7970, its port is 1

90
00:06:29,000 --> 00:06:33,000
the local interface on the router is FastEthernet 0/1

91
00:06:33,000 --> 00:06:41,000
here’s router 1 its outgoing port is FastEthernet 0/0

92
00:06:41,000 --> 00:06:44,000
and router 2 is local interface is FastEthernet 0/0.

93
00:06:44,000 --> 00:06:49,000
In this case, the router can see itself

94
00:06:49,000 --> 00:06:53,000
because CDP message is being loop back to the router in the cloud

95
00:06:53,000 --> 00:06:56,000
but once again sh cdp neighbors

96
00:06:56,000 --> 00:07:01,000
we can see the local interface that's receiving CDP messages

97
00:07:01,000 --> 00:07:03,000
and we can see devices

98
00:07:03,000 --> 00:07:09,000
and their local interfaces is used to connect back to this local router.

99
00:07:09,000 --> 00:07:14,000
now, what about R3? It’s not showing in the topology

100
00:07:14,000 --> 00:07:21,000
and that’s because the interface isn't up, this interface is shutdown

101
00:07:21,000 --> 00:07:24,000
so I’m gonna no shut that interface

102
00:07:24,000 --> 00:07:28,000
but I’m not going to enable an IP address on the interface.

103
00:07:28,000 --> 00:07:32,000
So we'll enable this link but configure no IP addresses.

104
00:07:32,000 --> 00:07:38,000
So interface f0/0 no shut but that’s all we’ve done.

105
00:07:38,000 --> 00:07:40,000
sh cdp neighbor

106
00:07:40,000 --> 00:07:42,000
no neighbors are shown yet

107
00:07:42,000 --> 00:07:47,000
it takes a while for CDP messages to be sent

108
00:07:47,000 --> 00:07:52,000
you might have to wait 30 seconds before you see any CDP messages.

109
00:07:52,000 --> 00:07:54,000
but sh ip int brief

110
00:07:54,000 --> 00:08:01,000
will allow us to see the state of the interface, FastEthernet 0/0 is up up

111
00:08:01,000 --> 00:08:07,000
on router 3, router 3 is connected and FastEthernet 0/0 to router 1

112
00:08:07,000 --> 00:08:10,000
and FastEthernet 0/1 to router 3

113
00:08:10,000 --> 00:08:13,000
router 3 is connected using FastEthernet 0/0

114
00:08:13,000 --> 00:08:18,000
to router 2 is fast Ethernet interface 1/0.

115
00:08:18,000 --> 00:08:21,000
sh cdp neighbors

116
00:08:21,000 --> 00:08:23,000
we can now see router 2

117
00:08:23,000 --> 00:08:27,000
the reason why the domain is showing up is I've configured

118
00:08:27,000 --> 00:08:30,000
a domain name of cisco.com on router 2

119
00:08:30,000 --> 00:08:39,000
so the local router interface is F0/0 and the interface of router 2 is F1/0

120
00:08:39,000 --> 00:08:44,000
but please be aware that there are no IP addresses configured on this router.

121
00:08:44,000 --> 00:08:53,000
so sh run int f0/0 sh ip int brief

122
00:08:53,000 --> 00:09:01,000
what you’ll see is no IP addresses are assigned to any interfaces on this router

123
00:09:01,000 --> 00:09:06,000
but CDP still works because CDP does not rely on IP.

124
00:09:06,000 --> 00:09:09,000
Let’s have a look at detail

125
00:09:09,000 --> 00:09:15,000
so on router 3 sh cdp neighbor detail

126
00:09:15,000 --> 00:09:18,000
we're seeing router 2, we're seeing it's IP address

127
00:09:18,000 --> 00:09:22,000
the local interface of router 3 is F0/0

128
00:09:22,000 --> 00:09:28,000
and the interface used on router 2 is F1/0

129
00:09:28,000 --> 00:09:32,000
the outgoing port is the port of the remote device in this output

130
00:09:32,000 --> 00:09:34,000
which can be very confusing

131
00:09:34,000 --> 00:09:39,000
That’s a basic example of CDP and the next video I'll do a Wireshark capture

132
00:09:39,000 --> 00:09:44,000
and then on subsequent videos, we'll look at a more complex topology.