1 00:00:00,000 --> 00:00:05,000 So let’s do a capture on this link between router 1 and router 2 2 00:00:05,000 --> 00:00:15,000 we can see some loop messages which are used to ensure that the interface is up 3 00:00:15,000 --> 00:00:20,000 and we may have to wait a while for CDP message to be sent. 4 00:00:20,000 --> 00:00:25,000 We can see that by typing sh cdp and pressing enter. 5 00:00:25,000 --> 00:00:28,000 CDP only sends packets every 60 seconds 6 00:00:28,000 --> 00:00:31,000 so we may have to wait a while as you can see in the output here 7 00:00:31,000 --> 00:00:35,000 CDP packets are sent every 60 seconds 8 00:00:35,000 --> 00:00:39,000 and an entry in the table is held for 180 seconds 9 00:00:39,000 --> 00:00:41,000 I’ll show you more about that later but scrolling down 10 00:00:41,000 --> 00:00:43,000 here’s a CDP message 11 00:00:43,000 --> 00:00:47,000 we can see that it's using 802.3 Ethernet 12 00:00:47,000 --> 00:00:53,000 and is using a specific Cisco address which I'll talk about in more detail later. 13 00:00:53,000 --> 00:01:01,000 It's using logical link control with the organizational or unit of Cisco 14 00:01:01,000 --> 00:01:05,000 in other words, the protocol used at a high layer is CDP 15 00:01:05,000 --> 00:01:09,000 and here’s the CDP information version 2 16 00:01:09,000 --> 00:01:13,000 we can see that it's router 2 advertising itself 17 00:01:13,000 --> 00:01:17,000 with it's platform, port number and other details 18 00:01:17,000 --> 00:01:22,000 what’s interesting is you can get a lot of detail through a CDP message 19 00:01:22,000 --> 00:01:26,000 which is great for discovering the network 20 00:01:26,000 --> 00:01:29,000 but is bad from a security point of view 21 00:01:29,000 --> 00:01:33,000 you can see version of software, you can see platform 22 00:01:33,000 --> 00:01:41,000 you can see IP addresses configured, so IP address port number 23 00:01:41,000 --> 00:01:45,000 you can see its capabilities and so forth 24 00:01:45,000 --> 00:01:52,000 here's router 1, so you can see the device ID is router 1, as an example 25 00:01:52,000 --> 00:01:57,000 So the important thing to remember is the CDP does not rely 26 00:01:57,000 --> 00:02:03,000 on higher layer protocols, messages are sent every 60 seconds by default. 27 00:02:03,000 --> 00:02:08,000 You can use CDP to map an entire network 28 00:02:08,000 --> 00:02:13,000 so as an example, if you were connected to router 1 29 00:02:13,000 --> 00:02:16,000 and you use the command sh cdp neighbors 30 00:02:16,000 --> 00:02:19,000 you could discover which device you directly connected to 31 00:02:19,000 --> 00:02:21,000 and then you could use details 32 00:02:21,000 --> 00:02:23,000 so show CDP neighbor details 33 00:02:23,000 --> 00:02:28,000 to see detailed information about that neighbor including its IP address 34 00:02:28,000 --> 00:02:30,000 and then if telnet is enabled on your network 35 00:02:30,000 --> 00:02:34,000 you could telnet from router 1 to router 2 36 00:02:34,000 --> 00:02:38,000 and then use the command CDP neighbors 37 00:02:38,000 --> 00:02:43,000 to discover what devices are connected to that router. 38 00:02:43,000 --> 00:02:47,000 So as an example, here’s a core 3750 router 39 00:02:47,000 --> 00:02:50,000 let’s see what's connected to that switch. 40 00:02:50,000 --> 00:02:55,000 So I could use this command sh cdp entry 41 00:02:55,000 --> 00:03:00,000 and the name of the device, to just see the output for the specific device 42 00:03:00,000 --> 00:03:04,000 here’s its IP address, so I'll telnet to that IP address 43 00:03:04,000 --> 00:03:09,000 I can log in assuming that I know the username and password 44 00:03:09,000 --> 00:03:12,000 and once again I could use the command 45 00:03:12,000 --> 00:03:14,000 sh cdp neighbors 46 00:03:14,000 --> 00:03:17,000 to discover what's connected to that device. 47 00:03:17,000 --> 00:03:20,000 And here as an example, we can see some other devices 48 00:03:20,000 --> 00:03:25,000 which we weren't seeing previously, such as the Cisco 1841 router. 49 00:03:25,000 --> 00:03:34,000 So you could map out the entire network by simply using CDP on 1 device 50 00:03:34,000 --> 00:03:37,000 and telnetting to the next device using CDP 51 00:03:37,000 --> 00:03:41,000 to discover what’s connected to that and then telnetting to the next device 52 00:03:41,000 --> 00:03:44,000 and discovering what’s connected to that device. 53 00:03:44,000 --> 00:03:49,000 Now the Cisco APIC-EM SDN software does a lot of this for you 54 00:03:49,000 --> 00:03:54,000 and so does othersSCNMP or Simple Network Management Protocol 55 00:03:54,000 --> 00:03:57,000 management software such as software from Solarwinds 56 00:03:57,000 --> 00:04:00,000 you could do this manually but there is software out there 57 00:04:00,000 --> 00:04:03,000 that can help you automate this process. 58 00:04:03,000 --> 00:04:07,000 You could also use a combination of protocols. 59 00:04:07,000 --> 00:04:10,000 So as an example, here’s router 2 60 00:04:10,000 --> 00:04:13,000 sh cdp neighbors 61 00:04:13,000 --> 00:04:18,000 shows me that I have this core 3750 switch 62 00:04:18,000 --> 00:04:22,000 I could then discover the IP address of that switch 63 00:04:22,000 --> 00:04:28,000 which in this example is this and then I could simply telnet to that switch 64 00:04:28,000 --> 00:04:37,000 and then use a protocol such as LLDP to discover devices connected to that switch. 65 00:04:37,000 --> 00:04:45,000 In this example, you can see the 2 Cisco IP phones, and an Ubuntu hypervisor 66 00:04:45,000 --> 00:04:48,000 I could look at details. 67 00:04:48,000 --> 00:04:51,000 So sh lldp neighbors detail 68 00:04:51,000 --> 00:04:53,000 and here I can see the IP address 69 00:04:53,000 --> 00:04:59,000 and model of phone as well as the firmware being used by that phone 70 00:04:59,000 --> 00:05:01,000 and other information about it. 71 00:05:01,000 --> 00:05:08,000 Scrolling down, lot of detail notice firmware revision 72 00:05:08,000 --> 00:05:12,000 serial number and quite a bit of other information 73 00:05:12,000 --> 00:05:17,000 such as the layer 2 quality of service and layer 3 quality of service 74 00:05:17,000 --> 00:05:22,000 set on that phone, we'll talk more about quality of service later. 75 00:05:22,000 --> 00:05:31,000 Here's the Cisco DX650, so we can see its system name 76 00:05:31,000 --> 00:05:39,000 we can see an IP address we can see a firmware version 77 00:05:39,000 --> 00:05:41,000 we can see quality of service information 78 00:05:41,000 --> 00:05:45,000 we can see once again that it's a Cisco phone 79 00:05:45,000 --> 00:05:49,000 we can see how much power is being used a lot of detail 80 00:05:49,000 --> 00:05:56,000 here’s Linux so we can see Ubuntu server running Ubuntu 14.04 LTS 81 00:05:56,000 --> 00:06:03,000 you can see the name of the server and it's IP address. 82 00:06:03,000 --> 00:06:11,000 So once again CDP and LLDP allows you to discover devices in your network 83 00:06:11,000 --> 00:06:14,000 and also allow you to see how the devices 84 00:06:14,000 --> 00:06:19,000 are connected to each other in your network.