Layer 2 protocols

1.1.b i CDP, LLDP

CDP

Cisco Discovery Protocol

General information on “CDP”:

• Cisco proprietary protocol
• Current version is 2
• Used to discover and gather information about directly connected devices
• Also used for other communication like PoE negotiation
• Advertisements are multicast, sent to MAC address 01-00-0C-CC-CC-CC
• Can be enabled/disabled globally or per port
• Advertisements are sent with no reply required
• Includes rapid error tracking, eg. shows mismatched native VLAN, etc.

CDP best practice:

• Disable on host ports and ports facing towards public networks

CDP default configuration:

• Enabled by default

CDP timers default values:

• Send time: 60 seconds
• Hold time: 180 seconds

“CDP” CLI configuration commands:

## Disabling/Enabling CDP globally
Switch(config)# [no] cdp run

## Modifying the CDP send timer
Switch(config)# cdp timer <seconds>

## Modifying the CDP hold timer
Switch(config)# cdp holdtime <seconds>

## Disabling/Enabling CDP per interface
Switch(config)# [no] cdp enable

“CDP” CLI show commands:

## Showing the current CDP parameters
Switch# show cdp

## Showing all current CDP neighbors
Switch# show cdp neighbor

## Showing all current CDP neighbors in detail
Switch# show cdp neighbor detail

## Showing the details for a specific CDP neighbor
Switch# show cdp entry <device-name>

LLDP

Link Layer Discovery Protocol

General information about “LLDP”:

• Open standard, defined under 802.1AB
• A vendor-neutral protocol to discover and gather information about directly connected devices
• Advertisements are multicast, sent to MAC address 01-80-C2-00-00-0E
• Uses attributes to discover neighbor devices which contain type, length and value descriptions (TLVs)
• LLDP-MED (Media Endpoint Device) used for audio-visual devices like VoIP phones
• LLDP TLVs and LLDP-MED TLVs can’t be sent at the same time on the same switch port
• If a switch receives basic LLDP TLVs it also answers with basic LLDP TLVs
• If a switch receives LLDP-MED TLVs it also answers with LLDP-MED TLVs
• Can be enabled/disabled globally or per port

LLDP default configuration:

• Disabled by default

LLDP TLVs (mandatory):

• Port description
• System name
• System description
• System capabilities
• Management address

LLDP timers default values:

• Re-Initialize: 2 seconds
• Timer (Updates): 30 seconds
• Hold time: 120 seconds

“LLDP” CLI configuration commands:

## Disabling/Enabling LLDP globally
Switch(config)# [no] lldp run

## Modifying the LLDP re-initialization timer
Switch(config)# lldp reinit <seconds>

## Modifying the LLDP timer (updates)
Switch(config)# lldp timer <seconds>

## Modifying the LLDP hold timer
Switch(config)# lldp holdtime <seconds>

## Disabling/Enabling LLDP per interface
Switch(config-if)# [no] lldp transmit
Switch(config-if)# [no] lldp receive

“LLDP” CLI show commands:

## Showing the current LLDP parameters
Switch# show lldp

## Showing all current LLDP neighbors
Switch# show lldp neighbor

## Showing all current LLDP neighbors in detail
Switch# show lldp neighbor detail

## Showing the details for a specific LLDP neighbor
Switch# show lldp entry <device-name>

1.1.b ii UDLD

UniDirectional Link Detection

General Information on “UDLD”:

• Cisco proprietary protocol
• Used to monitor the physical configuration of cables and to detect unidirectional links
• Complements the STP
• Designed for fiber optics
• Both switches must support and have UDLD enabled on the respective ports
• UDLD works by exchanging protocol packets between the neighboring devices
• Link is considered unidirectional when the port doesn’t see its own device/port ID in the incoming UDLD packets
• If UDLD gets detected, the respective port will be shutdown (manual or automatic error-recovery possible)
• Can be enabled globally (apples only to fiber optic ports) or per interface
• When enabled globally, it can be disabled per interface
• Interface settings override global settings

UDLD packet:

• Contains own device/port ID
• Contains neighbors device/port ID
• Neighboring ports should see their own device/port ID (echo) in the packets received from the other side

UDLD operation modes:

• Normal:
  • Pure informational mode
  • Syslog message will be shown
  • Port gets marked as undetermined
• Aggressive:
  • Active detection mode
  • After 3 missed UDLD packets, the respective port will be put into err-disabled state
  • On a link loss UDLD packets are sent out once a second for 8 seconds

UDLD timers default values:

• Message Interval: 15 seconds
• Timeout Interval: 5 seconds

“UDLD” CLI configuration commands:

## Disabling/Enabling UDLD normal mode globally
Switch(config)# [no] udld enable

## Disabling/Enabling UDLD aggressive mode globally
Switch(config)# [no] udld aggressive

## Disabling/Enabling UDLD normal mode on a specific interface
Switch(config-if)# [no] udld port

## Disabling/Enabling UDLD aggressive mode on a specific interface
Switch(config-if)# [no] udld port aggressive

## Modifying the UDLD message interval
Switch(config)# udld message time <interval-in-sec>

## Resetting all interfaces which have been shutdown by UDLD
Switch# udld reset

“UDLD” CLI show commands:

## Showing UDLD information/configuration for all interfaces
Switch# show udld

## Showing UDLD information/configuration for a specific interface
Switch# show udld <if>

## Showing all current UDLD neighbors
Switch# show udld neighbors