Module 46

CDP and LLDP

← Previous Module

Next Module →

# 📘 CCNA 200-301 - Video 46: CDP and LLDP
## Deep Study Notes

---

## 📌 Learning Objectives

By the end of this video, you should understand:
- What CDP (Cisco Discovery Protocol) is and how it works
- What LLDP (Link Layer Discovery Protocol) is and how it works
- CDP vs. LLDP comparison
- CDP configuration and verification
- LLDP configuration and verification
- Security considerations for discovery protocols

---

## 🧠 Core Concepts

### 1. What is CDP?

**Definition:** Cisco Discovery Protocol (CDP) is a Cisco-proprietary Layer 2 protocol that allows network devices to discover neighboring devices and their capabilities, regardless of network layer protocol.

**Analogy:** Think of CDP like a neighbor introduction system. Each device periodically announces "Hello, I'm Router A, I'm a Cisco device, and here's what I can do." Neighbors listen and learn about each other.

```
┌─────────────────────────────────────────────────────────────────────────────┐
│                    CDP OPERATION                                            │
├─────────────────────────────────────────────────────────────────────────────┤
│                                                                             │
│   CDP Advertisement (Multicast MAC 01:00:0C:CC:CC:CC):                     │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │                                                                      │   │
│   │   Router A                          Router B                        │   │
│   │   ┌─────────┐                       ┌─────────┐                     │   │
│   │   │         │                       │         │                     │   │
│   │   │ CDP     │  "Hello! I'm Router A│ CDP     │                     │   │
│   │   │ Agent   │   Device ID: Router A│ Agent   │                     │   │
│   │   │         │   Platform: 2911     │         │                     │   │
│   │   │         │   Interface: Gi0/0   │         │                     │   │
│   │   │         │   IP Address: 10.1.1.1│         │                     │   │
│   │   │         │   Capabilities: Router"│        │                     │   │
│   │   └─────────┘ ─────────────────────► └─────────┘                     │   │
│   │                                                                      │   │
│   │   Router A                          Router B                        │   │
│   │   ┌─────────┐                       ┌─────────┐                     │   │
│   │   │ CDP     │                       │ CDP     │                     │   │
│   │   │ Agent   │ ◄─────────────────────│ Agent   │                     │   │
│   │   │         │  "Hello! I'm Router B│         │                     │   │
│   │   │         │   Device ID: Router B│         │                     │   │
│   │   │         │   Platform: 3750     │         │                     │   │
│   │   │         │   Interface: Gi0/0   │         │                     │   │
│   │   │         │   IP Address: 10.1.1.2│         │                     │   │
│   │   └─────────┘                       └─────────┘                     │   │
│   │                                                                      │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
│   CDP Information:                                                          │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │ • Device ID (hostname)                                              │   │
│   │ • Platform (hardware model)                                         │   │
│   │ • Local interface                                                   │   │
│   │ • Remote interface                                                  │   │
│   │ • IP address (management)                                           │   │
│   │ • Capabilities (Router, Switch, Phone, etc.)                        │   │
│   │ • IOS version                                                       │   │
│   │ • VTP domain                                                        │   │
│   │ • Native VLAN                                                       │   │
│   │ • Duplex mode                                                       │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
└─────────────────────────────────────────────────────────────────────────────┘
```

---

### 2. CDP Features

| Feature | Description |
|---------|-------------|
| **Layer** | Layer 2 (data link layer) |
| **Transport** | Ethernet, Frame Relay, ATM |
| **Multicast MAC** | 01:00:0C:CC:CC:CC |
| **Default Timer** | 60 seconds between advertisements |
| **Default Holdtime** | 180 seconds (3 × timer) |
| **Protocol** | Cisco proprietary |
| **Information** | Device ID, platform, IP, capabilities, interface, etc. |

```
┌─────────────────────────────────────────────────────────────────────────────┐
│                    CDP TIMERS                                               │
├─────────────────────────────────────────────────────────────────────────────┤
│                                                                             │
│   CDP Timers:                                                               │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │                                                                      │   │
│   │   Timer: 60 seconds                                                 │   │
│   │   │                                                                 │   │
│   │   │  CDP Advertisement                                             │   │
│   │   ▼                                                                 │   │
│   │   ┌─────────────────────────────────────────────────────────────────┐│   │
│   │   │    Device A sends CDP advertisement                            ││   │
│   │   └─────────────────────────────────────────────────────────────────┘│   │
│   │                                                                      │   │
│   │   │                                                                 │   │
│   │   │  Holdtime: 180 seconds                                         │   │
│   │   │                                                                 │   │
│   │   │  Device B holds information for 180 seconds                    │   │
│   │   │  If no new advertisement within 180 seconds, neighbor removed  │   │
│   │   │                                                                 │   │
│   │   └─────────────────────────────────────────────────────────────────┘   │
│   │                                                                      │   │
│   │   Timer can be adjusted (range: 5-254 seconds)                      │   │
│   │   Holdtime should be ≥ 3 × timer                                    │   │
│   │                                                                      │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
└─────────────────────────────────────────────────────────────────────────────┘
```

---

### 3. CDP Configuration

**Enable/Disable CDP Globally:**

```cisco
! Enable CDP globally (default is enabled)
Router(config)# cdp run

! Disable CDP globally
Router(config)# no cdp run
```

**Enable/Disable CDP on Interface:**

```cisco
! Enable CDP on interface (default is enabled)
Router(config)# interface gigabitEthernet 0/0
Router(config-if)# cdp enable

! Disable CDP on interface
Router(config-if)# no cdp enable
```

**Configure CDP Timers:**

```cisco
! Set CDP timer to 30 seconds (default 60)
Router(config)# cdp timer 30

! Set CDP holdtime to 90 seconds (default 180)
Router(config)# cdp holdtime 90

! Set CDP version (version 2 is default)
Router(config)# cdp version 2

! Enable CDP logging
Router(config)# cdp log
```

---

### 4. CDP Verification Commands

| Command | Purpose |
|---------|---------|
| `show cdp` | Display CDP global settings |
| `show cdp neighbors` | Display CDP neighbors summary |
| `show cdp neighbors detail` | Display detailed neighbor information |
| `show cdp entry [name]` | Display specific neighbor details |
| `show cdp interface` | Display CDP-enabled interfaces |
| `show cdp traffic` | Display CDP traffic statistics |

**Example Outputs:**

```cisco
Router# show cdp

Global CDP information:
        Sending CDP packets every 60 seconds
        Sending a holdtime value of 180 seconds
        Sending CDPv2 advertisements is enabled

Router# show cdp neighbors

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
RouterB          Gig 0/0           145        R          2911      Gig 0/0
SwitchA          Gig 0/1           152        S          WS-C3750  Gig 0/24
IPPhone          Gig 0/2           168        P          CP-7960   Port 1

Router# show cdp neighbors detail

-------------------------
Device ID: RouterB
Entry address(es):
  IP address: 10.1.1.2
Platform: Cisco 2911, Capabilities: Router
Interface: GigabitEthernet0/0, Port ID (outgoing port): GigabitEthernet0/0
Holdtime: 145 sec

Version :
Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.2(4)M5

-------------------------
Device ID: SwitchA
Entry address(es):
  IP address: 192.168.1.2
Platform: WS-C3750-48PS, Capabilities: Switch
Interface: GigabitEthernet0/1, Port ID (outgoing port): GigabitEthernet0/24
Holdtime: 152 sec

Version :
Cisco IOS Software, C3750 Software (C3750-IPSERVICESK9-M), Version 12.2(55)SE12

-------------------------
Device ID: IPPhone
Entry address(es):
  IP address: 192.168.1.100
Platform: CP-7960, Capabilities: Phone
Interface: GigabitEthernet0/2, Port ID (outgoing port): Port 1
Holdtime: 168 sec

Version :
Cisco IP Phone 7960
```

---

### 5. What is LLDP?

**Definition:** Link Layer Discovery Protocol (LLDP) is an IEEE standard (802.1AB) Layer 2 protocol that allows network devices to advertise their identity and capabilities to neighbors, similar to CDP but vendor-neutral.

**Analogy:** LLDP is like a universal introduction protocol. Unlike CDP (which only Cisco devices understand), LLDP works across all vendors, like a common language everyone speaks.

```
┌─────────────────────────────────────────────────────────────────────────────┐
│                    LLDP OPERATION                                           │
├─────────────────────────────────────────────────────────────────────────────┤
│                                                                             │
│   LLDP Advertisement (Multicast MAC 01:80:C2:00:00:0E):                    │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │                                                                      │   │
│   │   Cisco Router                    HP Switch                         │   │
│   │   ┌─────────┐                    ┌─────────┐                        │   │
│   │   │ LLDP    │                    │ LLDP    │                        │   │
│   │   │ Agent   │  "Hello! I'm Router│ Agent   │                        │   │
│   │   │         │   Chassis ID: MAC │         │                        │   │
│   │   │         │   Port ID: Gi0/0  │         │                        │   │
│   │   │         │   System Name: Router│       │                        │   │
│   │   │         │   System Desc: Cisco│        │                        │   │
│   │   │         │   Capabilities: Router"│     │                        │   │
│   │   └─────────┘ ──────────────────► └─────────┘                        │   │
│   │                                                                      │   │
│   │   Cisco Router                    HP Switch                         │   │
│   │   ┌─────────┐                    ┌─────────┐                        │   │
│   │   │ LLDP    │                    │ LLDP    │                        │   │
│   │   │ Agent   │ ◄──────────────────│ Agent   │                        │   │
│   │   │         │  "Hello! I'm Switch│         │                        │   │
│   │   │         │   Chassis ID: MAC │         │                        │   │
│   │   │         │   Port ID: Gi0/24 │         │                        │   │
│   │   │         │   System Name: Switch│       │                        │   │
│   │   │         │   Capabilities: Switch"│     │                        │   │
│   │   └─────────┘                    └─────────┘                        │   │
│   │                                                                      │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
│   LLDP Information:                                                         │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │ • Chassis ID (MAC address)                                          │   │
│   │ • Port ID (interface name)                                          │   │
│   │ • System Name (hostname)                                            │   │
│   │ • System Description (hardware/software)                            │   │
│   │ • Management IP address                                             │   │
│   │ • Capabilities (Router, Switch, etc.)                               │   │
│   │ • VLAN ID (802.1)                                                   │   │
│   │ • PoE (Power over Ethernet)                                         │   │
│   │ • Link aggregation                                                  │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
└─────────────────────────────────────────────────────────────────────────────┘
```

---

### 6. LLDP Features

| Feature | Description |
|---------|-------------|
| **Layer** | Layer 2 (data link layer) |
| **Transport** | Ethernet |
| **Multicast MAC** | 01:80:C2:00:00:0E |
| **Default Timer** | 30 seconds between advertisements |
| **Default Holdtime** | 120 seconds (4 × timer) |
| **Protocol** | IEEE 802.1AB (vendor-neutral) |
| **Information** | Chassis ID, port ID, system name, capabilities, management address |

**LLDP-MED (Media Endpoint Discovery):** Extension for IP phones and other endpoints

```
┌─────────────────────────────────────────────────────────────────────────────┐
│                    LLDP-MED                                                 │
├─────────────────────────────────────────────────────────────────────────────┤
│                                                                             │
│   LLDP-MED Extensions for IP Phones:                                       │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │ • Capabilities (phone, switch)                                      │   │
│   │ • Network Policy (VLAN ID, DSCP, etc.)                              │   │
│   │ • Power over Ethernet (power requirements)                          │   │
│   │ • Inventory (hardware/software version)                             │   │
│   │ • Location (emergency services)                                     │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
│   LLDP-MED for IP Phone:                                                   │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │                                                                      │   │
│   │   Switch                              IP Phone                      │   │
│   │   ┌─────────┐                        ┌─────────┐                    │   │
│   │   │ LLDP    │                        │ LLDP-MED│                    │   │
│   │   │ Agent   │  "Voice VLAN: 10       │ Agent   │                    │   │
│   │   │         │   DSCP: 46             │         │                    │   │
│   │   │         │   Power: 802.3af"      │         │                    │   │
│   │   └─────────┘ ─────────────────────► └─────────┘                    │   │
│   │                                                                      │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
└─────────────────────────────────────────────────────────────────────────────┘
```

---

### 7. LLDP Configuration

**Enable/Disable LLDP Globally:**

```cisco
! Enable LLDP globally (default is disabled)
Router(config)# lldp run

! Disable LLDP globally
Router(config)# no lldp run
```

**Enable/Disable LLDP on Interface:**

```cisco
! Enable LLDP on interface
Router(config)# interface gigabitEthernet 0/0
Router(config-if)# lldp transmit
Router(config-if)# lldp receive

! Disable LLDP on interface
Router(config-if)# no lldp transmit
Router(config-if)# no lldp receive
```

**Configure LLDP Timers:**

```cisco
! Set LLDP timer to 30 seconds (default 30)
Router(config)# lldp timer 30

! Set LLDP holdtime to 120 seconds (default 120)
Router(config)# lldp holdtime 120

! Set LLDP reinit delay (time before reinitialization)
Router(config)# lldp reinit 2
```

**Configure LLDP-MED:**

```cisco
! Enable LLDP-MED on interface
interface GigabitEthernet0/1
 lldp med-tlv-select inventory
 lldp med-tlv-select network-policy
 lldp med-tlv-select power-management
```

---

### 8. LLDP Verification Commands

| Command | Purpose |
|---------|---------|
| `show lldp` | Display LLDP global settings |
| `show lldp neighbors` | Display LLDP neighbors summary |
| `show lldp neighbors detail` | Display detailed neighbor information |
| `show lldp entry [name]` | Display specific neighbor details |
| `show lldp interface` | Display LLDP-enabled interfaces |
| `show lldp traffic` | Display LLDP traffic statistics |
| `show lldp local` | Display local LLDP information |

**Example Outputs:**

```cisco
Router# show lldp

Global LLDP Information:
    Status: ACTIVE
    LLDP advertisements are sent every 30 seconds
    LLDP hold time advertised is 120 seconds
    LLDP interface reinitialization delay is 2 seconds

Router# show lldp neighbors

Capability codes:
    (R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device
    (W) WLAN Access Point, (P) Repeater, (S) Station, (O) Other

Device ID           Local Intf     Hold-time  Capability      Port ID
00:1a:2b:3c:4d:5e  Gi0/0          110        B                Gi0/24
00:1a:2b:3c:4d:5f  Gi0/1          115        T                Port 1
00:1a:2b:3c:4d:60  Gi0/2          120        R                Gi0/0

Router# show lldp neighbors detail

------------------------------------------------
Local Intf: Gi0/0
Chassis id: 00:1a:2b:3c:4d:5e
Port id: Gi0/24
Port Description: GigabitEthernet0/24
System Name: SwitchA
System Description:
  Cisco IOS Software, C3750 Software (C3750-IPSERVICESK9-M), Version 12.2(55)SE12
Time remaining: 110 seconds
System Capabilities: B, T
Enabled Capabilities: B
Management Addresses:
    IP: 192.168.1.2
Auto Negotiation - supported, enabled
Physical media capabilities:
    1000baseT(FD)
    100baseTX(FD)
    100baseTX(HD)
    10baseT(FD)
    10baseT(HD)
Media Attachment Unit type: 16
Vlan ID: 1
------------------------------------------------
Local Intf: Gi0/1
Chassis id: 00:1a:2b:3c:4d:5f
Port id: Port 1
Port Description: Port 1
System Name: IPPhone
System Description:
  Cisco IP Phone 7960
Time remaining: 115 seconds
System Capabilities: T
Enabled Capabilities: T
Management Addresses:
    IP: 192.168.1.100
Power via MDI - Supported
    Power pairs: Signal
    Power class: 3
Media Policy:
    Network Policy for Application: Voice
    VLAN ID: 10
    DSCP Value: 46
    Priority Value: 5
```

---

### 9. CDP vs. LLDP Comparison

| Feature | CDP | LLDP |
|---------|-----|------|
| **Standard** | Cisco proprietary | IEEE 802.1AB (vendor-neutral) |
| **Multicast MAC** | 01:00:0C:CC:CC:CC | 01:80:C2:00:00:0E |
| **Default Timer** | 60 seconds | 30 seconds |
| **Default Holdtime** | 180 seconds | 120 seconds |
| **Enabled by Default** | Yes | No |
| **Information** | Device ID, platform, IP, IOS | Chassis ID, port ID, system name, description |
| **Voice Support** | CDP (Cisco phones) | LLDP-MED (multi-vendor) |
| **Security** | Can be disabled | Can be disabled |
| **Use Case** | Cisco-only networks | Multi-vendor networks |

```
┌─────────────────────────────────────────────────────────────────────────────┐
│                    CDP vs. LLDP COMPARISON                                  │
├─────────────────────────────────────────────────────────────────────────────┤
│                                                                             │
│   CDP (Cisco):                                                              │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │ Pros:                                                                │   │
│   │ • Enabled by default on Cisco devices                               │   │
│   │ • More detailed Cisco-specific information                          │   │
│   │ • Better integration with Cisco features (Voice VLAN, etc.)         │   │
│   │ • Works with Cisco phones out-of-box                                │   │
│   │                                                                      │   │
│   │ Cons:                                                                │   │
│   │ • Only works with Cisco devices                                     │   │
│   │ • Security risk (information disclosure)                            │   │
│   │ • Not standardized                                                  │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
│   LLDP (IEEE):                                                              │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │ Pros:                                                                │   │
│   │ • Vendor-neutral (works with all devices)                           │   │
│   │ • Standardized (IEEE 802.1AB)                                       │   │
│   │ • LLDP-MED for IP phones (multi-vendor)                             │   │
│   │ • More secure (disabled by default)                                 │   │
│   │                                                                      │   │
│   │ Cons:                                                                │   │
│   │ • Disabled by default on Cisco devices                              │   │
│   │ • Less detailed information than CDP                                │   │
│   │ • May not support all Cisco-specific features                       │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
└─────────────────────────────────────────────────────────────────────────────┘
```

---

### 10. CDP and LLDP Security

**Security Considerations:**

```
┌─────────────────────────────────────────────────────────────────────────────┐
│                    CDP/LLDP SECURITY                                        │
├─────────────────────────────────────────────────────────────────────────────┤
│                                                                             │
│   RISKS:                                                                    │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │ • Information disclosure (device types, IP addresses, IOS versions) │   │
│   │ • Attackers can map network topology                               │   │
│   │ • Potential for DoS attacks via flooding                            │   │
│   │ • CDP/LLDP can be used for network reconnaissance                   │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
│   BEST PRACTICES:                                                           │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │ • Disable CDP/LLDP on interfaces facing untrusted networks         │   │
│   │ • Disable CDP/LLDP on customer-facing ports (service provider)     │   │
│   │ • Use CDP/LLDP only where needed (for discovery, phones)           │   │
│   │ • Consider using LLDP instead of CDP for multi-vendor networks     │   │
│   │ • Regularly audit CDP/LLDP configuration                           │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
│   SECURITY CONFIGURATION:                                                   │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │ ! Disable CDP on WAN interfaces                                    │   │
│   │ interface Serial0/0/0                                              │   │
│   │  no cdp enable                                                      │   │
│   │                                                                      │   │
│   │ ! Disable CDP on customer-facing interfaces                         │   │
│   │ interface GigabitEthernet0/1                                        │   │
│   │  no cdp enable                                                      │   │
│   │                                                                      │   │
│   │ ! Disable LLDP globally (if not needed)                             │   │
│   │ no lldp run                                                         │   │
│   │                                                                      │   │
│   │ ! Disable LLDP on untrusted interfaces                              │   │
│   │ interface GigabitEthernet0/2                                        │   │
│   │  no lldp transmit                                                   │   │
│   │  no lldp receive                                                    │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
└─────────────────────────────────────────────────────────────────────────────┘
```

---

### 11. Use Cases for CDP/LLDP

```
┌─────────────────────────────────────────────────────────────────────────────┐
│                    CDP/LLDP USE CASES                                       │
├─────────────────────────────────────────────────────────────────────────────┤
│                                                                             │
│   USE CASE 1: Network Discovery                                            │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │ • Map network topology                                              │   │
│   │ • Identify neighboring devices                                      │   │
│   │ • Verify physical connections                                       │   │
│   │ • Troubleshoot connectivity issues                                  │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
│   USE CASE 2: Voice Deployment (IP Phones)                                 │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │ • Auto-detect IP phones (CDP or LLDP-MED)                          │   │
│   │ • Dynamically assign voice VLAN                                     │   │
│   │ • Apply QoS policies                                                │   │
│   │ • Provide PoE information                                           │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
│   USE CASE 3: Network Management                                           │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │ • Automatically discover devices in NMS                            │   │
│   │ • Update network topology maps                                      │   │
│   │ • Track device inventory                                            │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
│   USE CASE 4: Troubleshooting                                              │
│   ┌─────────────────────────────────────────────────────────────────────┐   │
│   │ • Verify neighbor connectivity                                      │   │
│   │ • Identify mismatched configurations                                │   │
│   │ • Find connected devices                                            │   │
│   │ • Determine device types and capabilities                           │   │
│   └─────────────────────────────────────────────────────────────────────┘   │
│                                                                             │
└─────────────────────────────────────────────────────────────────────────────┘
```

---

## 🔧 Complete Configuration Examples

### Lab 1: CDP Configuration

```cisco
! Enable CDP globally
cdp run

! Configure CDP timers
cdp timer 60
cdp holdtime 180

! Configure interface-specific CDP
interface GigabitEthernet0/0
 cdp enable

interface GigabitEthernet0/1
 no cdp enable   ! Disable on untrusted interface

! Verify
show cdp
show cdp neighbors
show cdp interface
```

---

### Lab 2: LLDP Configuration

```cisco
! Enable LLDP globally
lldp run

! Configure LLDP timers
lldp timer 30
lldp holdtime 120

! Configure interface-specific LLDP
interface GigabitEthernet0/0
 lldp transmit
 lldp receive

interface GigabitEthernet0/1
 no lldp transmit
 no lldp receive

! Verify
show lldp
show lldp neighbors
show lldp interface
```

---

### Lab 3: LLDP-MED for IP Phones

```cisco
! Enable LLDP globally
lldp run

! Configure LLDP-MED on interface
interface GigabitEthernet0/2
 switchport mode access
 switchport voice vlan 10
 switchport access vlan 20
 lldp transmit
 lldp receive
 lldp med-tlv-select network-policy
 lldp med-tlv-select power-management
 lldp med-tlv-select inventory

! Verify
show lldp neighbors detail
show lldp interface gigabitEthernet 0/2
```

---

### Lab 4: Security Hardening - Disable Discovery Protocols on Untrusted Ports

```cisco
! Global disable CDP
no cdp run

! Or disable only on untrusted ports
interface GigabitEthernet0/0
 no cdp enable

! Global disable LLDP
no lldp run

! Or disable on untrusted ports
interface GigabitEthernet0/1
 no lldp transmit
 no lldp receive

! Keep CDP/LLDP only where needed
interface GigabitEthernet0/24   ! Uplink to core
 cdp enable
 lldp transmit
 lldp receive
```

---

## ✅ Exam Tips (For CCNA 200-301)

| Topic | What Cisco Tests |
|-------|------------------|
| **CDP** | Cisco proprietary, enabled by default, multicast MAC 01:00:0C:CC:CC:CC |
| **LLDP** | IEEE standard, disabled by default, multicast MAC 01:80:C2:00:00:0E |
| **CDP Timers** | 60 sec (timer), 180 sec (holdtime) |
| **LLDP Timers** | 30 sec (timer), 120 sec (holdtime) |
| **CDP Show Commands** | `show cdp neighbors`, `show cdp neighbors detail` |
| **LLDP Show Commands** | `show lldp neighbors`, `show lldp neighbors detail` |
| **LLDP-MED** | Extension for IP phones and endpoints |

### Common Exam Scenarios:

**Scenario 1:** "A network administrator needs to discover neighboring Cisco devices. Which protocol should be used?"
- **Answer:** CDP (Cisco Discovery Protocol)

**Scenario 2:** "A network has both Cisco and HP switches. Which discovery protocol should be used for interoperability?"
- **Answer:** LLDP (Link Layer Discovery Protocol)

**Scenario 3:** "What is the default CDP holdtime?"
- **Answer:** 180 seconds

### Mnemonics:

**CDP/LLDP Multicast MACs:**
**"Cisco CDP: 01:00:0C:CC:CC:CC"**
**"LLDP: 01:80:C2:00:00:0E"**

**CDP Timers:**
**"60 and 180"**
- Timer: 60 seconds
- Holdtime: 180 seconds

**LLDP Timers:**
**"30 and 120"**
- Timer: 30 seconds
- Holdtime: 120 seconds

---

## 📝 Summary (1-Minute Revision)

```
CDP (Cisco Discovery Protocol):

FEATURES:
├── Cisco proprietary
├── Enabled by default
├── Multicast MAC: 01:00:0C:CC:CC:CC
├── Timer: 60 sec, Holdtime: 180 sec
└── Information: Device ID, platform, IP, IOS, interface

COMMANDS:
├── cdp run / no cdp run (global)
├── cdp enable / no cdp enable (interface)
├── cdp timer [seconds]
├── cdp holdtime [seconds]
└── show cdp neighbors

LLDP (Link Layer Discovery Protocol):

FEATURES:
├── IEEE 802.1AB (vendor-neutral)
├── Disabled by default
├── Multicast MAC: 01:80:C2:00:00:0E
├── Timer: 30 sec, Holdtime: 120 sec
└── Information: Chassis ID, port ID, system name, capabilities

COMMANDS:
├── lldp run / no lldp run (global)
├── lldp transmit / lldp receive (interface)
├── lldp timer [seconds]
├── lldp holdtime [seconds]
└── show lldp neighbors

LLDP-MED:
├── Extension for IP phones
├── Voice VLAN, DSCP, PoE information
└── Used for multi-vendor voice deployments

SECURITY:
├── Disable on untrusted interfaces
├── Disable on customer-facing ports
└── Use only where needed

VERIFICATION:
├── show cdp neighbors
├── show cdp neighbors detail
├── show lldp neighbors
└── show lldp neighbors detail
```

---

## 🧪 Practice Questions

**1. Which multicast MAC address does CDP use?**
- A) 01:00:0C:CC:CC:CC
- B) 01:80:C2:00:00:0E
- C) 01:00:5E:00:00:01
- D) FF:FF:FF:FF:FF:FF

<details>
<summary>Answer</summary>
A) 01:00:0C:CC:CC:CC - CDP uses multicast MAC address 01:00:0C:CC:CC:CC.
</details>

**2. What is the default CDP timer value?**
- A) 30 seconds
- B) 60 seconds
- C) 90 seconds
- D) 120 seconds

<details>
<summary>Answer</summary>
B) 60 seconds - CDP advertisements are sent every 60 seconds by default.
</details>

**3. Which command displays detailed CDP neighbor information?**
- A) `show cdp`
- B) `show cdp neighbors`
- C) `show cdp neighbors detail`
- D) `show cdp entry`

<details>
<summary>Answer</summary>
C) `show cdp neighbors detail` - Displays detailed information about CDP neighbors.
</details>

**4. Is CDP enabled or disabled by default on Cisco devices?**
- A) Disabled
- B) Enabled
- C) Depends on the model
- D) Depends on the IOS version

<details>
<summary>Answer</summary>
B) Enabled - CDP is enabled by default on Cisco devices.
</details>

**5. Which protocol is vendor-neutral and defined by IEEE 802.1AB?**
- A) CDP
- B) LLDP
- C) VTP
- D) STP

<details>
<summary>Answer</summary>
B) LLDP - Link Layer Discovery Protocol is defined by IEEE 802.1AB.
</details>

**6. What is the default LLDP timer value?**
- A) 30 seconds
- B) 60 seconds
- C) 90 seconds
- D) 120 seconds

<details>
<summary>Answer</summary>
A) 30 seconds - LLDP advertisements are sent every 30 seconds by default.
</details>

**7. Which command enables LLDP globally?**
- A) `lldp enable`
- B) `lldp run`
- C) `cdp run`
- D) `lldp start`

<details>
<summary>Answer</summary>
B) `lldp run` - This command enables LLDP globally on Cisco devices.
</details>

**8. What does LLDP-MED provide that standard LLDP does not?**
- A) Device ID
- B) Port ID
- C) Voice VLAN and PoE information
- D) System name

<details>
<summary>Answer</summary>
C) Voice VLAN and PoE information - LLDP-MED adds extensions for IP phones and endpoints.
</details>

**9. Which command displays LLDP neighbors?**
- A) `show lldp`
- B) `show lldp neighbors`
- C) `show lldp info`
- D) `show lldp entries`

<details>
<summary>Answer</summary>
B) `show lldp neighbors` - Displays summary of LLDP neighbors.
</details>

**10. What is a security risk of leaving CDP enabled on untrusted interfaces?**
- A) Denial of service
- B) Information disclosure (network topology)
- C) Authentication bypass
- D) Encryption failure

<details>
<summary>Answer</summary>
B) Information disclosure (network topology) - CDP reveals device information that attackers can use for reconnaissance.
</details>

**11. Which command disables CDP on an interface?**
- A) `no cdp run`
- B) `no cdp enable`
- C) `cdp disable`
- D) `no cdp`

<details>
<summary>Answer</summary>
B) `no cdp enable` - Disables CDP on a specific interface.
</details>

**12. What is the default CDP holdtime?**
- A) 60 seconds
- B) 120 seconds
- C) 180 seconds
- D) 240 seconds

<details>
<summary>Answer</summary>
C) 180 seconds - CDP holdtime is 180 seconds (3 × timer).
</details>

---

## 📌 Next Steps

After completing Video 46, you should be ready for:
- **Video 47:** NTP and SNMP (Advanced)
- **Video 48:** NetFlow and IPFIX

**Lab Practice:**
1. Configure CDP on a router and switch
2. Verify neighbors with `show cdp neighbors`
3. Configure LLDP on a router
4. Verify LLDP neighbors with `show lldp neighbors`
5. Disable CDP on untrusted interfaces
6. Configure LLDP-MED for IP phones
7. Compare CDP and LLDP information

---

**Ready for Video 47?** Share the link or say "next" and I'll continue with NTP and SNMP (Advanced).

I'll continue with **Video 47: NTP and SNMP (Advanced)** based on the standard CCNA 200-301 curriculum.

---