1
00:00:00,150 --> 00:00:02,750
Okay so let's see if we can answer these questions.

2
00:00:02,760 --> 00:00:05,910
First question is, Is CDP enabled on the switches?

3
00:00:06,030 --> 00:00:14,050
What I'll do is do a search for CDP and in CDP we can see that there are three switches sending messages.

4
00:00:14,130 --> 00:00:18,720
So I would say the switches have CDP enabled on them.

5
00:00:18,780 --> 00:00:21,510
I mean we can look at say the first switch.

6
00:00:21,510 --> 00:00:30,190
Look at the details and we can see this switch has this name SharkS1, here's another switch Shark

7
00:00:30,210 --> 00:00:32,729
S2 and here's a third switch

8
00:00:32,759 --> 00:00:34,420
SharkS3.

9
00:00:34,470 --> 00:00:37,810
So I would say these three switches have CDP enabled on them.

10
00:00:37,830 --> 00:00:42,070
Another hint is notice the interface number, gigabit 03.

11
00:00:42,300 --> 00:00:47,440
That's this interface, that's shark3.

12
00:00:47,610 --> 00:00:53,560
This switch Shark2 is connected via gigabit 02.

13
00:00:53,680 --> 00:01:03,100
That's this interface and this switch Shark1 is connected via this interface to the hub gigabit

14
00:01:03,190 --> 00:01:04,700
01.

15
00:01:04,720 --> 00:01:07,150
So I would say it's this switch.

16
00:01:07,690 --> 00:01:12,910
So I would be inclined to say we can confirm this, that this switch is called Shark

17
00:01:12,970 --> 00:01:26,930
S1, this switch is called SharkS2 and this switch is called SharkS3 and let's be consistent

18
00:01:26,930 --> 00:01:36,970
where I put the names. So those are our three switches and once again I was able to determine that by looking

19
00:01:36,970 --> 00:01:40,750
at the Wireshark captures. I'll make these a bit smaller

20
00:01:43,490 --> 00:01:46,070
so that we can have them all on the screen at the same time.

21
00:01:46,070 --> 00:01:49,180
So once again SharkS1, so Cisco switch

22
00:01:49,310 --> 00:01:53,030
it's connected to the network on gigabit 01.

23
00:01:53,030 --> 00:01:54,710
Remember this is a hub.

24
00:01:54,710 --> 00:02:00,640
So we're seeing all these messages on this interface over here.

25
00:02:00,670 --> 00:02:06,280
In other words, if I was running Wireshark directly on this Ubuntu device I would see all of these messages

26
00:02:06,280 --> 00:02:11,940
in the same way that I'm seeing them now. Switch 2, SharkS2

27
00:02:15,730 --> 00:02:17,340
interface is gigabit 0

28
00:02:17,350 --> 00:02:26,830
2 see that over there and then if we go back to the third switch gigabit 03 that is switch

29
00:02:26,890 --> 00:02:29,030
SharkS3.

30
00:02:29,030 --> 00:02:31,030
Okay, so first question, is CDP enabled?

31
00:02:31,030 --> 00:02:32,110
I would say yes it is

32
00:02:35,320 --> 00:02:45,110
So answer here would be yes.

33
00:02:45,170 --> 00:02:49,950
What about LLDP? Just search for a LLDP.

34
00:02:50,100 --> 00:02:51,800
Notice LLDP is enabled.

35
00:02:51,890 --> 00:02:54,890
We see first switch, second switch, third switch

36
00:02:54,890 --> 00:02:57,050
and if we look at the LLDP messages.

37
00:02:57,110 --> 00:03:08,360
Notice Shark1 gigabit 01, Shark2 gigabit 02, Shark3 gigabit 03.

38
00:03:08,790 --> 00:03:12,360
So I would say LLDP is enabled on those three switches.

39
00:03:12,510 --> 00:03:13,560
Can we name the switches?

40
00:03:13,560 --> 00:03:15,270
Yes, we can.

41
00:03:15,270 --> 00:03:26,370
We've got SharkS1, SharkS2, SharkS3 and I've already shown you the names in the topology.

42
00:03:26,370 --> 00:03:28,080
What type of devices are these?

43
00:03:28,080 --> 00:03:31,630
So looking at say LLDP we can see the Cisco

44
00:03:31,620 --> 00:03:36,890
IOSv IOS layer 2 switches and there's the version of operating system.

45
00:03:37,000 --> 00:03:40,710
So I won't bother writing them running it out but V

46
00:03:43,260 --> 00:03:55,670
IOSv layer2 switches and we can specify the version over there, notice vIOS layer 2 or IOSv

47
00:03:55,680 --> 00:03:58,410
layer 2 is the type of switch.

48
00:03:58,410 --> 00:04:06,140
These are VIRL images running within gns3 and there's the operating system. I mean we could also

49
00:04:06,140 --> 00:04:13,960
go look at the capabilities and see more capabilities of the device such as it's capable of being

50
00:04:13,960 --> 00:04:14,560
a router

51
00:04:19,290 --> 00:04:21,089
it's capable of being a bridge.

52
00:04:21,149 --> 00:04:31,400
In other words, it's a router and a switch, layer 2, layer 3 switch. Okay, so which VTP domain

53
00:04:31,410 --> 00:04:34,710
is it part of? Now in LLDP.

54
00:04:34,710 --> 00:04:39,480
You may not see VTP because VTP is a Cisco proprietary protocol.

55
00:04:40,080 --> 00:04:46,050
So let's have a look at CDP, in CDP we see

56
00:04:50,990 --> 00:04:52,130
address information.

57
00:04:52,160 --> 00:04:55,050
There was also one other question, so I'll answer that in a moment.

58
00:04:55,160 --> 00:05:07,180
But notice the VTP domain is Sharks. So VTP domain here Sharks, IP address switches and I won't bother

59
00:05:07,180 --> 00:05:08,440
writing that all out.

60
00:05:08,440 --> 00:05:09,910
We can simply work it out together,

61
00:05:12,530 --> 00:05:18,410
first switch IP address 192 168 1.1, second switch

62
00:05:18,410 --> 00:05:31,120
192 168 1.2 and third switch 192 168 1.3.
So let's confirm that through the console, just

63
00:05:31,120 --> 00:05:34,970
to show you that what we have been looking at is correct.

64
00:05:35,040 --> 00:05:45,900
So here's switch 1, called SharkS1 show IP interface brief IP address is that

65
00:05:49,760 --> 00:05:53,330
switch 2 show IP interface brief

66
00:05:57,880 --> 00:06:06,820
IP address is that as we worked out and switch 3 show IP interface brief

67
00:06:09,410 --> 00:06:10,870
there's the IP address.

68
00:06:11,540 --> 00:06:19,310
Okay, so show CDP neighbors we can see both switch 1 and switch 2 in other words CDP is running on this

69
00:06:19,310 --> 00:06:25,730
switch and the other switches and show LLDP neighbors shows us something similar we can see the other

70
00:06:25,730 --> 00:06:33,590
switches. So we have proven this through Wireshark and I've shown you this through the CLI that CDP is

71
00:06:33,590 --> 00:06:41,550
enabled LLDP is enabled there are the switch names, operating system is this, you could do show version

72
00:06:41,550 --> 00:06:43,540
here just to prove it.

73
00:06:43,620 --> 00:06:47,960
Notice there is what we're seeing through the CDP messages.

74
00:06:48,210 --> 00:06:50,400
In other words through the Wireshark captures.

75
00:06:50,460 --> 00:06:53,510
Okay, so on switch one show VTP status.

76
00:06:53,580 --> 00:07:01,310
Notice domain is sharks but actually looking at the other switches

77
00:07:01,440 --> 00:07:02,880
was that correct? Show

78
00:07:02,880 --> 00:07:04,250
CDP status

79
00:07:04,610 --> 00:07:16,510
so notice there's no domain name set on switch 2 and there's no domain name set on switch 3.

80
00:07:16,660 --> 00:07:24,280
That was a mistake that I made I should have said that manually, so VTP domain is sharks on switch one

81
00:07:25,060 --> 00:07:32,420
but is null on switch 2 and switch 3.

82
00:07:32,650 --> 00:07:38,650
Let's go back to the Wireshark capture. So on switch 2 do we see a VTP domain.

83
00:07:38,680 --> 00:07:45,270
Notice it's blank but on switch 1, it's sharks, switch 2 it's blank, switch 3 it's blank or null.

84
00:07:45,280 --> 00:07:48,400
Now the reason the other switches didn't learn

85
00:07:51,180 --> 00:07:56,430
about the VTP domain is there are no trunks on the switches, so switch 1 as an example doesn't have

86
00:07:56,430 --> 00:08:04,350
trucking enabled on its ports and the same is true on switch 2 these ports have to be trunk ports for

87
00:08:04,350 --> 00:08:06,360
VTP messages to be advertised.

88
00:08:07,930 --> 00:08:10,640
Okay so but of a trick there.

89
00:08:10,800 --> 00:08:15,340
I made that mistake of not looking carefully at the Wireshark messages.

90
00:08:15,340 --> 00:08:16,560
How did you get on?

91
00:08:16,570 --> 00:08:19,360
Were you able to work this out?

92
00:08:19,360 --> 00:08:21,220
Did you get similar answers?

93
00:08:21,220 --> 00:08:26,950
It's important as always to be able to read Wireshark messages and don't make the mistake that I made

94
00:08:26,950 --> 00:08:32,559
here of assuming that because something goes in one message that it's the same for others.