|
xdxml12
Member
2012-Nov-13 12:32 pm
CDPHello there,
I had a question regarding CDP. I was trying to draw a diagram for my network, when the following problem occurs.
When using "show cdp neighbor" command on my primary core switch i see the proper name and interface # of the attached secondary core switch. However, upon using the "show cdp neigh fa1/1 detail" command (fa1/1 is the port i get that is attached directly to the secondary core switch and is the correct int that is connected to it) i get the wrong ip!!! The ip it gives me is not that of the secondary core switch but is that of the asa firewall!! When i go on the secondary core switch and do the same thing i get the same result but it gives me the ip of the 2nd asa firewall instead.
Notes: I am logged in to the management vlan. Firewall vlan is separate as well. asa is also connected to the switches but on different ports.
Why is cdp giving me the wrong ip address? |
|
|
You could have a bug in the IOS. I never played with cdp since everywhere I worked so far was disabled for security purposes. |
|
cramer Premium Member join:2007-04-10 Raleigh, NC |
cramer
Premium Member
2012-Nov-13 3:15 pm
I disable it because a) it's pretty much useless, and b) it's a Cisco proprietary thing noone else is allowed to implement.
(If you're building a cisco voice+data network, CDP is what tells the ip phone which vlans are which.) |
|
|
PaulgDisplaced Yooper Premium Member join:2004-03-15 Neenah, WI |
Paulg
Premium Member
2012-Nov-13 7:38 pm
CDP/LLDP is also used for auto smart port configuration. To say its useless is nuts. As a networking consultant, CDP can save a lot of time when it comes to troubleshooting and mapping a client's network. |
|
|
to xdxml12
Please post the commands. |
|
Da Geek Kid |
to cramer
i do disagree from considering it useless. However, By default all non-cisco ports ought to be in "no cdp enable" mode. |
|
cramer Premium Member join:2007-04-10 Raleigh, NC Westell 6100 Cisco PIX 501
|
to Paulg
CDP will only tell you about CISCO equipment. Non-cisco devices will not show up in your map if all you look at is CDP neighbors. I've never working with a 100% Pure Cisco(tm) network; there's always pieces of other vendor gear in the mix.
LLDP is a different zoo of monkeys. Yet, it will not paint a complete picture of your network either -- you're at the mercy of the devices participating. (most of the gear I've used doesn't have LLDP enabled by default)
[BTW, cdp can also create an administrative headache when setting up or changing vlan configurations.] |
|
|
meta
Member
2012-Nov-14 8:20 am
CDP is highly useful if you have a datacenter loaded with VMware boxes. vsphere does understand CDP and can be used for basic network troubleshooting by the systems guys. It is also important for offices loaded with Cisco phones. There is plenty value leaving it enabled, and no harm. It is not the open LLDP standard, but until everything supports that there is no point in changing. |
|
cramer Premium Member join:2007-04-10 Raleigh, NC Westell 6100 Cisco PIX 501
|
cramer
Premium Member
2012-Nov-14 10:35 am
Do I have to copy my post? "MOSTLY USELESS" It's only value is in Cisco Proprietary setups... telling a CISCO ip phone what it's voice vlan is, CISCO smartport configuration, etc. Despite VMware's support of CDP, none (Z-E-R-O) of the dozens of ESX/ESXi hosts in my network are visible -- the nexus 1000V's do, as does an ancient 2950.
*I* turn it off -- and have for 20 years. It's one less source of broadcast noise in the network. It's one less resource drain on the switch / router (both CPU and memory) -- those little vampires add up. It has never had a meaningful use in any network I have managed; it can only tell you about cisco devices attached to cisco devices. |
|
·Frontier FiberOp..
|
to xdxml12
If it's a Cisco shop, CDP could be useful in a topology where the previous network guy didn't bother keeping an updated Visio diagram somewhere, if at all.
Of course one would still want to physically spot-check what IOS is saying at the prompt, but it's still a good place to start. |
|
4 edits |
meta
Member
2012-Nov-15 9:10 am
Im not arguing with you cramer, im saying that your experience in the past 20 years does not match the experience of others. Attached is a picture from vmware vsphere 5 running the standard vswitch with CDP information. CDP is not only useful in a pure cisco network either, plenty of systems have been configured to add value through use of CDP: C3750-A#show cdp nei g1/0/17 detail
-------------------------
Device ID: NEMESIS(SYSTEM)
Entry address(es):
IP address: 3.1.0.50
Platform: MEM: All=16382M, Capabilities: Host
Interface: GigabitEthernet1/0/17, Port ID (outgoing port): Intel(R) PRO/1000 EB Network
Holdtime : 29 sec
Version :
CPU:8*586 Intel(R) Xeon(R) CPU E5410 @ 2.33GHz
Microsoft Windows Server 2003 R2, Enterprise x64 Edition Service Pack 2 (build 3790)
DISK INFORMATION:
C:\ : Fixed Disk
D:\ : CDROM Disk
W:\ : Fixed Disk
advertisement version: 2
Management address(es):
In a datacenter with 7000+ hosts you dont have to worry about shutting down a port or tracing a cable to figure out which host and interface its plugged into. Link layer discovery can be worth its weight in gold from an operational support perspective. Also, CDP is only locally significant traffic. A CDP frame from a host is not flooded throughout an entire VLAN, so no need to slay another little broadcast "vampire". |
|
|
to xdxml12
a bit way OT you guys... we still have not found out the CDP issue of the OP. |
|
PaulgDisplaced Yooper Premium Member join:2004-03-15 Neenah, WI |
Paulg to meta
Premium Member
2012-Nov-15 11:43 am
to meta
What software are you using for a windows box to speak CDP?
As a VMWare guy, CDP is incredibly useful. |
|
cramer Premium Member join:2007-04-10 Raleigh, NC Westell 6100 Cisco PIX 501
|
to meta
All I can say is none of my VMware servers appear in the switch's CDP neighbors. (they've all been boxed for an office move)
Actually, it's multicast -- broadcast for dumber swithces. And it does, indeed, flood through a network that doesn't understand what it is. (esp. for any network set to flood unknown multicast.) |
|
PaulgDisplaced Yooper Premium Member join:2004-03-15 Neenah, WI |
Paulg
Premium Member
2012-Nov-15 5:08 pm
esxcfg-vswitch -B both [VSWITCHNAME] |
|
|
to xdxml12
What make / model of switches are you running, and version of IOS is loaded, xdxml12?
Bug is a possibility, though I'm not aware of any CDP bugs off the top of my head.
Just to make sure you're not crazy, walk down to the device and trace out the cables. Pretty sure we can all agree we get that "once in a blue moon" thing when you find out what you document and what is actually cabled doesn't quite match.
Regards |
|