Welcome to my CCNA journey, And we're going to continue with section 2 network access, Focusing on CDP v, Cisco discovery protocol and lldp the link layer discovery protocol. Now it's worth noting. This is a bit of a snippet that was taken from the icnd1, So it just kind of goes over kind of those topics as a review, But I do mention DTP, The dynamic trunk and protocol. Now, That's not on the new CCNA blueprint.
I mention it. A few times in here, If you're interested in learning about DDP, Which I would recommend you should I'll link your article in the description, But since it's not on the actual blueprint, I've tooken it out this article. So again, This article is just primarily focusing on CDP lldp, Which are on the new CCNA topic for 2020 exam code, 200 301. For those who don't know, You can contact me here on EveDumps, LinkedIn, Twitter or Facebook, , So moving on to CDP and lldp.
So, First of all, CDP stands for the cisco discovery. Protocol and lldp stands for the link layer, Discovery protocol notice that the lldp add an 802 number which is given by the I Triple E. So we know that this is open standard and, Since CDP has the word cisco in it, You can make an assumption that this is a proprietary protocol. So, Let's see the difference between these two protocols and what t're actually used for so starting with CDP.
As I said, It's Cisco, - its Cisco proprietary. What does CVP and lldp actually do well, There's a layer, 2 network discovery or neighbor discovery protocol, Meaning if we go back to our switches. Let's say we have a switch in deployment and has a bunch of switches configured for out, And you want to know. Let's say you're on this switch via ssh and CVP is turned on.
You then look at the CDP neighbors. What happened is this switch will actually identify that there's a nother Cisco switch connected upstream it tell you what port number what's the IP address? What's the iOS version of the switch upstream, It essentially is able to discover the directly connected devices and you can use this to actually map out the network. So if you're an admin and you logged in to a device and CDP, Was enabled on the links between the devices, You would be able to map out the layer 2 network throughout and we identify what devices are connected to. Where and what capabilities those devices have.
Actually got so from the switch you'd be identify that this is a switch we've laid to all layer, Freaking abilities. So it's a handy protocol, But it's also one. That's opens up a ton of security concerns, As you can imagine so. As I said, It provides a bunch of information, Including interface, IP addresses and the OS version now moving on to lldp. So this is our CDP at the top.
These Cisco discovery protocol and down here is our ll dB. So it's open standard. We know this because it's over standard it can work between vendors. Now, It's not always straightforward and it certainly depends on the vendor, But it does have an open standard and if both lenders support it, It can work between vendors.
Now, Unlike CDP, CDP, Is enabled on all ports by default. Lldp is disabled by default. Now remember, Just a moment ago, We talked about these security concerns around the default switch port configuration well. This is another concern the ports on the no shut state. The port wants to become a trunk through DTP.
The port is sending out CDP information, So these are the sort of things that's really important that we disable all. We shut down ports that are not being used in our network, So the thing you need to remember with CDP and lldp is the cisco certification is going to be keen on making sure that you know the difference between them. The fact that one is proprietary and one is open standard and it's going to test your knowledge on most likely small things like the timers. So I would recommend that you know that CDP are sent out every 60 seconds and if a neighbor doesn't hear from the switch or device within 180 seconds, Which is obviously three times the timer, That three times a , It will consider the neighbor down, And it Will be removed from its CDP. Neighbors same is true, With lldp t're sent out every 30 seconds and the whole damn timer is a hundred and twenty seconds now.
I'Ve also got a comment down the bottom here that says CDP uses and I've got this address. Hopefully, By looking at that address you able to identify what address that is and what layer of the OSI model you would expect to see that so that we at layer, Two, Which is the data link layer - and this is a MAC address and essentially CDP - will Use this MAC address, But this MAC address is also used for a bunch of other protocols, Some of which that are not included in the c7 CCNA, Some which are so DTP. We talked about that well, DTP messages are sent using the same, Well-known MAC address and inside that we've also got VTP the port aggregation control protocol and you dld the uni-directional link detection. Now how about configuration? Cdp and lldp are configured similar but kind of different commands to configure CDP under the global process.
We simply pop see the CDP run that turns on CVP on all ports and again that's normally a default state. We can set our timers for CDP. Remember, We've got these defaults already set up and we can change the whole timer. We can turn it off globally or we can turn off per interface. So a good practice with CDP is, If you do want to utilize, It make sure that you're only running CVP between trusted devices.
If you have a link on a switch or a device going to another vendor or supplier turn off CDP, T don't need the noise on the link and you're, Giving information away about your network information that you particularly don't want to give away. If both sides are actually running CDP, You can look at the neighbors, And this will give you a brief summary of what port and what devices are on each port. And then you can look at each neighbor in more detail, And this will give you maybe the iOS and the IP addressing and detail pair interfaces.
You can check the timers using the show CDP all information about a particular CDP entry lldp similar again. You can configure it to run globally, But to turn off on a per interface. You have to use the null lldp transmitted to not send CDP and sorry lldp and the no lldp receive to not accept lldp. So again, A little bit different to the conflict. That's done up here and something that you may want to keep in mind is part of the C sent exam and then verifying is also very similar.
You would do the show lldp interfaces to look at the interfaces and neighbors look at the neighborhood's detail and then query a particular entry to find out more information about that neighbor. So briefly, Let's go back to our switches and start off by querying the CDP. So these switches are, In the default state, Sorry to expect t're able to identify with other switches that I've got configured inside this network. Now we're only working on three and four, But there are essentially a couple of switches as part of this lab. We can see that t're actually switch. Four has two links to switch to its local gig 19 and its local gig 20.
Both go to switch -, You can see the hold down, Timer or CDP. So remember this will decrement and then every 60 seconds you would expect this to be refreshed. It tells you the capabilities of the remote device.
So here it says the key mobility is s and the capability is I, And if we look up the top at the table, It gives us an understanding of what that actually means, So the switch or the device I should say at the other end of this Supports IGMP and it has switching capabilities, So we can tell that it's a switch. We know what platform is. We know it's a thirty five, Sixty E and what port on their side were plugged into? The same is true with the entry at the bottom. We can see that there are two ports between switch 3 and locally switch for the local switch.
Four ports are here. New remote switch three ports here. Well, If we have the detail on the end of it, We can see a lot more of information about our neighbors, So we know that switch 2 is a neighbor. Well now we can see a lot more about the actual platform we knew previously.
There was a thirty five sixty e, But now we know it's a forty eight poor version. We can see what iOS is running and what image. So it's the IP based image we can see what native VLAN it's got. We can see what duplex ins being set.
So there's a lot of information here that if you were pairing up with a third party, Particularly you may not want them to know about what iOS version you have because then t could potentially find some vulnerability regarding that iOS and then attack you with it. If we're interested in just a particular neighbor, We can say the show, CDP, Neighbors question mark it, And then we can pop it on a particular interface, Let's say 19, And then we can hit the detail to just filter out it. So you can see that only this comes back by default because, As you can imagine, This pull this switch has 48 ports. If it connect to 48 devices that supported CDP there be a lot of information so make sure you know how to filter it down. So what about lldp? Let's go ahead and type in the show, Lldp neighbors and it comes back telling us lldp, Is not enabled. So let's go in to convict II and get the lldp enabled, And now I would expect to see no neighbors because it's off by default on all the other switches, So we're going to do is jump across the switch for and enable lldp on this side.
And now what start to happen is the interval of LD be packets will be sent out and once those packets have been sent and received on both sides, T will form the neighbors and then essentially, It will show in the neighbor table. So you can see at the moment t've not formed the already not discovered each other. Essentially so, Let's give it a few more moments and then eventually, When we click it now there you go. It's actually got two entries so just like CDP you're.
Looking at the same information, Kind of what's different here is obviously the whole downtime is different, Because we've got different timers for LOD P, And the capability is showing a little bit different. So here the capability to show that self is B but just like before we've got this table at the top. That gives us an output of what the table actually means, And in this case t use the terminology of bridge instead of switch.
So what about the details o to do that? We do the show lldp neighbor and then we use the details command and in this case it's going to come back with a bunch of details about the neighbors. In this case our only neighbor, Which is switch 3. So we know it's switch 3, Because I've put switch 3 as the host name. On the other side, We can see what ports and the base MAC address.
We can see any information relating to the iOS and what capabilities so before. We said that the B represents that it's a switching capability, The R means that it has to be can do routing, Because this switch can be actually layer 3 as an switch 3, But only has the layer, 2 capabilities enabled we can also see what physical media Capabilities or what Ethernet standard is actually supported, So we can see, For example, 10 base T which is 10 Meg over twittered path is supported or even a thousand base T, Which is one gig of a twisted pair, VLAN IDs and a lot more information, But ultimately Cdp and lldp are achieving the same goal: t're finding neighbors on the links, Their query in those neighbors and giving you information to help with network discovery. You need to make sure you know the difference between CDP and lldp and how to configure and verify both of the protocols. That's all got time for this article. Just to recap, We went over the CDP, The Cisco discovery protocol and allow DP the link layer, Discovery cool.
So these are two kind of network discovery protocols that we need to be aware of at the CCNA and we need to know the differences between them. How to configure and verify that, And in this article we've gone over and we've ticked those boxes, We understand why t're needed, We saw the configuration and then we saw the verification of it. Now, As I mentioned the beginning of the article, I did talk about something called DTP, The dynamic trunk and protocol, And that's a protocol that allows Cisco devices to formulate trunks and access ports between devices and that's covered in the CCENT icnd1 series. I'll link it in the description, But it's outside the scope for the CCNA. However, It's a simple scope: if you understand chunks and access and it's worth knowing, Because no doubt you will run into a problem with DTP as a network engineer, So I hope this articles been informative.
We would be discussing the ways for clearing. I would suggest you focus on the below-mentioned resources and also check out the CCNA 200-301 Questions offered at the EveDumps, they are the best when it comes to Certifications Vendor.