Cisco Discovery Protocol (CDP)

Cisco Discovery Protocol (CDP) uses Layer 2 inquiries to find information about neighboring devices. CDP, enabled by default on IOS versions 11 and later, is extremely useful for both managing and troubleshooting devices. However, CDP has an inherent flaw: it will answer any device that sends the proper request. Because CDP information contains such items as the IOS version number, the name of the device, the network address of the device, and how that device is connected, the administrator should limit on which interfaces CDP packets are answered and sent.

If CDP is not being used internally on the network, it can be disabled with the following global command:

no cdp run

If CDP is required on the interior of the network, the administrator should still disable CDP on all external interfaces. To disable CDP on any given interface, enter the following interface command:

no cdp enable