Tuesday, September 22, 2015

Cisco discovery protocol aka CDP


                  You would have heard of CDP (Cisco discovery protocol )  if you are working in a environment related to networking. This is one of the vital tool which is used to pull information from the neighboring device. If you are working in a environment that you are not familiar with, then CDP is of great help to discover the network. There are certain tools in the market which uses CDP to built a network topology which the users can use for troubleshooting. By now you should know the draw back is this works only on Cisco devices. 

 This article is written mainly to help people who are not into networking but still update diagrams.
                
Cisco discovery protocol (CDP) is a layer 2 protocol that is commonly used to obtain IP addresses of neighboring devices, interface information,discover platform etc. CDP is Cisco proprietary,media and protocol independent which Runs on all the devices manufactured by Cisco(router,switches etc. 

How CDP works in layer-2?
           By default,each device configured for CDP sends periodic  advertisements to a multicast address( 01-00-0c-cc-cc-cc) out of each connected network interface.Hold time,IP address etc are listed in the advertisement. Each device also listens to the periodic CDP messages sent by others in order to learn about neighboring devices and determine when their interfaces to the media go up or down. 
 Version-2 is the recent release of the protocol. The enhancement  includes error tracking which logs duplex mismatch,native VLAN mismatch on the console or the log buffer.The show commands show up more information which includes VTP domain,duplex settings, VLAN etc.

How does CDP information propagate to other switches? If you are aware every switch will have a default VLAN i.e VLAN 1 which is used for CDP and VTP messages. Note VLAN 1 can be shut but can not be removed from the switch. If tried you will get a error message as below.

Switch-1(config)#no int vlan 1
% Default interface VLAN 1 may not be deleted

Type-Length-Value fields (TLVs) are blocks of information embedded in CDP advertisements. Lets look at the TLV is version 2 which most of the recent devices have by default.


TLV

Definition

Device-ID TLV

Identifies the device name in the form of a character string.

Address TLV

Contains a list of network addresses of both receiving and sending devices.

Port-ID TLV

Identifies the port on which the CDP packet is sent.

Capabilities TLV

Describes the functional capability for the device in the form of a device type(switch,router etc)

Version TLV

Contains information about the software release version on which the device is running.

Platform TLV

Describes the hardware platform name of the device

IP Network Prefix TLV

Contains a list of network prefixes to which the sending device can forward IP packets. This information is in the form of the interface protocol and port number.

VTP Management Domain TLV

Advertises the system's configured VTP management domain name-string. Used by network operators to verify VTP domain configuration in adjacent network nodes.

Native VLAN TLV

Indicates, per interface, the assumed VLAN for untagged packets on the interface. CDP learns the native VLAN for an interface. This feature is implemented only for interfaces that support the IEEE 802.1Q protocol.

Full/Half Duplex TLV

Indicates status (duplex configuration) of CDP broadcast interface. Used by network operators to diagnose connectivity problems between adjacent network elements


 Let's take a look at the configuration, CDP can be enabled on the device or per interface in global configuration mode.
 Device: Switch-1(config)#cdp run
 Per interface: Switch-1(config-if)# cdp enable 

CDP transmission timer and hold down timer are the other parameters to be looked at. CDP transmission timer specifies frequency of transmission of CDP updates.
Switch-1(config)# cdp timer seconds       

CDP hold down timer Specifies the amount of time a receiving device should hold  the information sent by your device before discarding it.
Switch-1(config)# cdp holdtime seconds //

 show cdp can be used to verify if CDP is enabled/disabled.

Switch-1# show cdp

Global CDP information:
        Sending CDP packets every 60 seconds
        Sending a holdtime value of 180 seconds
        Sending CDPv2 advertisements is  enabled


 Show cdp neighbors detail is the command that list lot of information including VTP domain,duplex,platform of other device,


 interface, operating system etc.






Switch-1#show cdp neighbors detail









-------------------------









Device ID: Switch-3









Entry address(es):









  IP address: 10.19.169.83









Platform: cisco 7206VXR,  Capabilities: Router









Interface: Ethernet0,  Port ID (outgoing port): FastEthernet0/0/0









Holdtime : 123 sec



















Version :









Cisco Internetwork Operating System Software









IOS (tm) 5800 Software (C5800-P4-M), Version 12.1(2)









Copyright (c) 1986-2002 by Cisco Systems, Inc.



















advertisement version: 2









Duplex: half 


 




  



Further Reading:



CDP commands



CDP behaviour 










Posted by



at





No comments:
  











































Understanding Interface Errors || CRC || Collisions || Input/Output rate || Giants || Runts || throttles || Discards troubleshooting














                         As a network engineer while troubleshooting the best practice to be used is  layered approach(layer 1 to 7). From what i have seen around and my experience most of them start looking at higher layer's and  ignore layer-1 which some times proves to be costly.





For example while troubleshooting a link flap or performance issue we look at all the parameters ignoring hard coding of speed/duplex which might resolve the issue. show interface Ethernet X/X on a Cisco IOS is a useful command which provides all the information related to the interface. In case of  packet drops/link flap etc the values of the interface counters provide a idea on what might be causing the issue.





RT1R#show interface FastEthernet6/1

    FastEthernet6/1 is up, line protocol is up (connected)

   Hardware is C6k 100Mb 802.3, address is 0009.11f3.8848 (bia 0009.11f3.8848)

   MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

   reliability 255/255, txload 1/255, rxload 1/255

   Encapsulation ARPA, loopback not set

   Full-duplex, 100Mb/s

   input flow-control is off, output flow-control is off

   ARP type: ARPA, ARP Timeout 04:00:00    

   Last input 00:00:14, output 00:00:36, output hang never

   Last clearing of "show interface" counters never

   Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0

   Queueing strategy: fifo

   Output queue :0/40 (size/max)

   5 minute input rate 0 bits/sec, 0 packets/sec

   5 minute output rate 0 bits/sec, 0 packets/sec

   1117058 packets input, 78283238 bytes, 0 no buffer

   Received 1117035 broadcasts, 0 runts, 0 giants, 0 throttles

   79 input errors, 5 CRC, 0 frame, 0 overrun, 0 ignored

   0 watchdog, 0 multicast, 0 pause input

   0 input packets with dribble condition detected

   285811 packets output, 27449284 bytes, 0 underruns

   6 output errors, 0 collisions, 2 interface resets

   0 babbles, 1 late collision, 0 deferred

   0 lost carrier, 0 no carrier

   1 output buffer failures, 0 output buffers swapped out



















 


  

Field


  

Description


 



  

FastEthernet6/1 is up, line protocol is up (connected)






  

The first "up" refers to the physical layer status of
  the interface. The "line protocol up" message shows the data link
  layer status of the interface and says that the interface can send and
  receive keepalives. If the status is administratively down then the interface
  has been disabled/admin down by administrator.






 



  

Hardware






  

Specifies the hardware type and address.






 



  

Internet address


  

Specifies the Internet address, followed by the subnet
  mask.


 



  

MTU


  

Maximum transmission unit of the interface. Default 1500
  bytes


 



  

BW


  

Bandwidth of the interface in kilobits per second.


 



  

DLY


  

Delay of the interface in microseconds.


 



  

Reliability


  

Reliability of the interface as a fraction of 255
  (255/255 is 100 percent reliability), calculated as an exponential average
  over 5 minutes.


 



  

Load


  

Load on the interface as a fraction of 255 (255/255 is
  completely saturated), calculated as an exponential average over 5 minutes.


 



  

Encapsulation


  

Encapsulation method assigned to interface.


 



  

ARP type


  

Type of Address Resolution Protocol assigned.


 



  

Loopback


  

Indicates whether loopback is set.


 



  

Keepalive


  

Indicates whether keepalives are
  set.


 



  

Last input


  

Gives the number of hours, minutes, and seconds since
  the last packet was successfully received by an interface. This is useful for
  knowing when a dead interface failed.


 



  

Last output


  

Gives the number of hours, minutes, and seconds since
  the last packet was successfully transmitted by an interface.


 



  

Output


  

Gives the number of hours, minutes, and seconds since
  the last packet was successfully transmitted by the interface. This is useful
  for knowing when a dead interface failed.


 



  

Output hang


  

Number of hours, minutes, and seconds (or never) since
  the interface was last reset because of a transmission that took too long.
  When the number of hours in any of the "last" fields exceeds 24
  hours, the number of days and hours is printed. If that field overflows,
  asterisks are printed


 



  

Output queue, input queue, drops


  

Gives the number of packets in output and input queues.
  Each number is followed by a slash, the maximum size of the queue, and the
  number of packets dropped due to a full queue.


 



  

Five minute input rate, Five
  minute output rate


  

Gives the average number of bits and packets
  transmitted/received per second in the past 5 minutes. 


 



  

Packets input


  

Gives the total number of error-free packets received by
  the system


 



  

Bytes input


  

Gives the total number of bytes, including data and MAC
  encapsulation, in the error-free packets received by the system.


 



  

No buffers


  

Number of input packets dropped because of no buffers.
  Compare with ignored.


 



  

Broadcasts/Multicasts


  

Number of broadcast or multicast packets received by the
  interface.


 



  

Runts


  

Frames received shorter than 64 bytes


 



  

Giants


  

Frames received that were greater than 1518 bytes


 



  

Throttles


  

Number of times the interface requested another
  interface within the router to slow down, possibly because of buffer or
  processor overload.


 



  

Input error


  

A total of no buffer, runts, giants, CRCs, frame,
  overrun, ignored, and aborts. This may not balance with the other counts.


 



  

CRC


  

Cyclic Redundancy Check failed on a input packet.


 



  

Frame


  

Number of frames received that did not end on a 8-bit
  byte boundary


 



  

Overrun


  

The number of times the receiver hardware was unable to
  hand received data to a hardware buffer because the input rate exceeded the
  receiver's ability to handle the data.


 



  

Ignored


  

Packets dropped because the interface hardware buffers
  ran low on internal buffers. These buffers are different from the system
  buffers mentioned previously.


 



  

Input packets with dribble
  condition detected


  

Gives the dribble bit error, which indicates that a
  frame is slightly too long. This frame error counter is incremented just for
  informational purposes; the router accepts the frame.


 



  

Packets output


  

Shows the total number of messages
  transmitted by the system.


 



  

Bytes


  

Shows the total number of bytes, including data and MAC
  encapsulation, transmitted by the system.


 



  

Under runs


  

The number of times the transmitter has been running
  faster than the router can handle. This may never be reported on some
  interfaces.


 



  

Dribble condition detected


  

Dribble bit error indicates that a frame is slightly too
  long. This frame error counter is incremented just for informational
  purposes; the router accepts the frame.


 



  

Output errors


  

A sum of all output errors. This may not tally with the
  output error


 



  

Collisions


  

The count of frames that were transmitted successfully
  after one collision. (Transmitted on the second attempt.)


 



  

Interface resets


  

the number of times the interface had a reset. Normally
  a result of missed keepalives.


 



  

Output buffer failures


  

The number of times a packet was not output from the
  output hold queue because of a shortage of MEMD shared memory.


 



  

Output buffers swapped out


  

The number of packets stored in main memory when the
  output queue is full; swapping buffers to main memory prevents packets from
  being dropped when output is congested. The number is high when traffic is busty.


 



  

Babbles


  

Count of frames transmitted greater than 1518 bytes


 



  

Deferred


  

 The number of
  frames that have been transmitted successfully after they wait because the
  media was busy. 


 



  

Late collision


  

A collision that occurs after the interface has started
  transmitting its frame


 



  

No carrier


  

The number of times the carrier was not present during
  the transmission.


 



  

Lost carrier


  

The number of times the carrier was lost in
  transmission.


 









Common causes for increments in any of the counters of the interface can be looked in the below mentioned  references



 Further Reading

Troubleshooting Switch Port and Interface Problems



 Understanding Discards














Posted by



at





No comments:
  


































        

      









Subscribe to:
Posts (Atom)