Documenting Your Cisco Network Configuration with CDP

Documenting a Cisco network configuration sometimes without Cisco Discovery Protocol (CDP) can involve hours in wiring closets tracing cables and documenting ports. In some cases, the wiring closet is a real rat's nest of cables, and it can take hours of navigating to find out what switches are connected to which switches, to which routers, and on and on, ad infinitum.

Even a small network of a dozen switches with four WAN connections from different routers can take a long time to decipher. But with Cisco Discovery Protocol (CDP), in a few minutes, you can have a network diagram — without the need of tracing cables through a network closet with a rat's nest of cables.

This exercise is also good for determining whether any Cisco switches you may not be aware of are kicking around your network. This is possible because you are going to build a table of all connections between devices. This means you will learn about all connected Cisco devices on your network, not just the ones you know are there.

The other nice piece of this puzzle is that, although I suggested that these devices are all in one wiring closet, you could obtain the same information if they were in wiring closets on the fourth and seventeenth floors, or in an office four blocks away connected with a LAN extension.

A small data network to be discovered via CDP.
A small data network to be discovered via CDP.
  1. Choose a starting point, in this case, Switch2.

    It does not matter where that starting point is, just that you have one.

  2. Connect to the starting point device and run the command to see the CDP neighbors:

    Switch2>enable
    Switch2#show cdp neighbors
    Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                      S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
    Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
    Switch1          Gig 0/1            155          S I      WS-C2960-1Gig 0/1
    Switch3          Gig 0/2            120          S I      WS-C2960-1Gig 0/2

    From this output, you know

    • There are two other switches named Switch1 and Switch3.

    • These 3 switches are connected through the two Gigabit ports on the front of the switches, rather than through any of the 24 FastEthernet ports.

    • This company probably does not have other Cisco equipment on this portion of the network because you do not see that they have any access points or IP phones.

  3. On Switch3, view the show cdp neighbors command to see what it has connected:

    Switch3>enable
    Switch3#show cdp neighbors
    Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                      S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
    Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
    Switch2          Gig 0/2            145          S I      WS-C2960-1Gig 0/2

    You see that Switch3 is alone. The client computer that is connected to the switch does not send CDP data, so you do not need to worry about it.

  4. Run show cdp neighbors on Switch1.

    Switch1>enable
    Switch1#show cdp neighbors
    Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                      S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
    Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
    Switch2          Gig 0/1            155          S I      WS-C2960-1Gig 0/1
    Router1          Gig 0/2            154          R I      2611      Fas 0/1

    Switch1 offers no real surprises. It confirms the connection to Switch2 that you documented on the connection at Switch 2 and shows the connection you have with Router 1.

  5. Connect to Router 1 and run the show cdp neighbors command.

    If you (or your service provider) are on the ball, you will not see the service provider equipment listed in the show cdp neighbors command.

    To complete the exercise, it would be wise to run the show cdp neighbors command on your router. You do not expect to see information about your ISP’s devices, but there is a possibility that your router has interfaces that are not listed in your documentation, such as a Demilitarized Zone (DMZ) supporting publicly accessible Internet resources.

blog comments powered by Disqus
Advertisement

Inside Dummies.com