Which Layer 2 discovery protocol is Cisco-proprietary and enabled by default?

CDP. CDP (Cisco Discovery Protocol) is Cisco-proprietary and enabled by default on all Cisco devices. LLDP (Link Layer Discovery Protocol) is the vendor-neutral IEEE 802.1AB standard but is disabled by default on Cisco devices. STP is Spanning Tree Protocol, and DTP is Dynamic Trunking Protocol—neither are discovery protocols.

Which command displays detailed information about CDP neighbors, including their IP addresses?

show cdp neighbors detail. "show cdp neighbors detail" displays detailed information about all CDP neighbors including their IP addresses, platform, capabilities, and interface details. The basic "show cdp neighbors" command shows only a summary without IP addresses. To see IP addresses, you must use the "detail" keyword.

LLDP is disabled by default on Cisco devices. Which command enables it globally?

lldp run. The command "lldp run" enables LLDP globally on a Cisco device. Unlike CDP (which is enabled by default with "cdp run"), LLDP must be explicitly enabled. You can also control LLDP per-interface using "lldp transmit" and "lldp receive" commands.

Layer 2 Discovery Protocols

Layer 2 discovery protocols allow network devices to learn about their directly connected neighbors without requiring IP connectivity. This is invaluable for network documentation, troubleshooting, and topology discovery.

CDP (Cisco Discovery Protocol)

CDP is a Cisco-proprietary Layer 2 protocol that discovers directly connected Cisco devices.

Key Characteristics:

Enabled by default on all Cisco devices
Sends advertisements every 60 seconds
Hold time: 180 seconds (3x the advertisement interval)
Operates at Layer 2 (does not require IP addresses)
Discovers only directly connected devices (does not cross routers)

Information Discovered by CDP

Field	Description
Device ID	Hostname of the neighbor
Local Interface	The port on your device connected to the neighbor
Port ID	The port on the neighbor connected to you
Platform	Hardware model (e.g., WS-C3850-48T)
IP Address	Management IP address of the neighbor
Capabilities	Router, Switch, Trans Bridge, etc.
Native VLAN	Detects native VLAN mismatches on trunk links
Duplex	Detects duplex mismatches
VTP Management Domain	VTP domain name

CDP Commands

Switch# show cdp neighbors              ! Summary of all neighbors
Switch# show cdp neighbors detail       ! Detailed info (including IP addresses)
Switch# show cdp entry *                ! Same as neighbors detail
Switch# show cdp interface              ! CDP status per interface

Switch(config)# no cdp run              ! Disable CDP globally
Switch(config)# cdp run                 ! Enable CDP globally

Switch(config-if)# no cdp enable        ! Disable CDP on a specific interface
Switch(config-if)# cdp enable           ! Enable CDP on a specific interface

Sample "show cdp neighbors" Output

Device ID   Local Intrfce   Holdtme    Capability  Platform      Port ID
Switch2     Gig 0/24        155             S I     WS-C3850     Gig 0/24
Router1     Gig 0/1         167             R S I   ISR4331      Gig 0/0/0
AP-Floor2   Gig 0/12        140             T       AIR-AP2802   Gig 0

LLDP (Link Layer Discovery Protocol)

LLDP is the IEEE 802.1AB standard for Layer 2 neighbor discovery. It is vendor-neutral and works across different manufacturers' equipment.

Key Characteristics:

Disabled by default on Cisco devices (must be enabled)
Sends advertisements every 30 seconds
Hold time: 120 seconds
Operates at Layer 2
Uses multicast address 01:80:C2:00:00:0E

LLDP vs. CDP Comparison

Feature	CDP	LLDP
Standard	Cisco proprietary	IEEE 802.1AB (open)
Default state	Enabled	Disabled
Timer	60 seconds	30 seconds
Hold time	180 seconds	120 seconds
Vendor support	Cisco only	Multi-vendor
Med extension	No	LLDP-MED (for VoIP)

LLDP Commands

Switch(config)# lldp run                            ! Enable LLDP globally
Switch(config)# no lldp run                          ! Disable LLDP globally

Switch(config-if)# lldp transmit                     ! Enable sending LLDP on interface
Switch(config-if)# lldp receive                      ! Enable receiving LLDP on interface
Switch(config-if)# no lldp transmit                  ! Disable sending LLDP on interface

Switch# show lldp neighbors                          ! Summary of neighbors
Switch# show lldp neighbors detail                   ! Detailed info

Security Considerations

Both CDP and LLDP share sensitive information about your network devices. An attacker connected to a switch port could learn:

Device hostnames and IP addresses
Hardware models and software versions
Network topology information

Best practices:

Disable CDP/LLDP on external-facing interfaces (internet edge, guest ports)
Disable CDP/LLDP on access ports where not needed
Consider running LLDP instead of CDP in multi-vendor environments
Leave CDP/LLDP enabled on inter-switch links for troubleshooting

On the Exam: Know that CDP is enabled by default and LLDP is disabled by default on Cisco devices. Questions may ask about the commands to verify neighbors or the information that can be discovered.

Cisco Certified Network Associate

2.3 Layer 2 Discovery Protocols (CDP and LLDP)

Key Takeaways

Layer 2 Discovery Protocols

CDP (Cisco Discovery Protocol)

Information Discovered by CDP

CDP Commands

Sample "show cdp neighbors" Output

LLDP (Link Layer Discovery Protocol)

LLDP vs. CDP Comparison

LLDP Commands

Security Considerations

Cisco Certified Network Associate

1Introduction

2Chapter 1: Network Fundamentals (20%)

3Chapter 2: Network Access (20%)

4Chapter 3: IP Connectivity (25%)

5Chapter 4: IP Services (10%)

6Chapter 5: Security Fundamentals (15%)

7Chapter 6: Automation and Programmability (10%)

2.3 Layer 2 Discovery Protocols (CDP and LLDP)

Key Takeaways

Layer 2 Discovery Protocols

CDP (Cisco Discovery Protocol)

Information Discovered by CDP

CDP Commands

Sample "show cdp neighbors" Output

LLDP (Link Layer Discovery Protocol)

LLDP vs. CDP Comparison

LLDP Commands

Security Considerations