Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,000 --> 00:00:05,000 align:middle line:84%
So let’s do a capture on this link between router 1 and router 2
2
00:00:05,000 --> 00:00:15,000 align:middle line:84%
we can see some loop messages which are used to ensure that the interface is up
3
00:00:15,000 --> 00:00:20,000 align:middle line:84%
and we may have to wait a while for CDP message to be sent.
4
00:00:20,000 --> 00:00:25,000 align:middle line:84%
We can see that by typing sh cdp and pressing enter.
5
00:00:25,000 --> 00:00:28,000 align:middle line:84%
CDP only sends packets every 60 seconds
6
00:00:28,000 --> 00:00:31,000 align:middle line:84%
so we may have to wait a while as you can see in the output here
7
00:00:31,000 --> 00:00:35,000 align:middle line:84%
CDP packets are sent every 60 seconds
8
00:00:35,000 --> 00:00:39,000 align:middle line:84%
and an entry in the table is held for 180 seconds
9
00:00:39,000 --> 00:00:41,000 align:middle line:84%
I’ll show you more about that later but scrolling down
10
00:00:41,000 --> 00:00:43,000 align:middle line:84%
here’s a CDP message
11
00:00:43,000 --> 00:00:47,000 align:middle line:84%
we can see that it's using 802.3 Ethernet
12
00:00:47,000 --> 00:00:53,000 align:middle line:84%
and is using a specific Cisco address which I'll talk about in more detail later.
13
00:00:53,000 --> 00:01:01,000 align:middle line:84%
It's using logical link control with the organizational or unit of Cisco
14
00:01:01,000 --> 00:01:05,000 align:middle line:84%
in other words, the protocol used at a high layer is CDP
15
00:01:05,000 --> 00:01:09,000 align:middle line:84%
and here’s the CDP information version 2
16
00:01:09,000 --> 00:01:13,000 align:middle line:84%
we can see that it's router 2 advertising itself
17
00:01:13,000 --> 00:01:17,000 align:middle line:84%
with it's platform, port number and other details
18
00:01:17,000 --> 00:01:22,000 align:middle line:84%
what’s interesting is you can get a lot of detail through a CDP message
19
00:01:22,000 --> 00:01:26,000 align:middle line:84%
which is great for discovering the network
20
00:01:26,000 --> 00:01:29,000 align:middle line:84%
but is bad from a security point of view
21
00:01:29,000 --> 00:01:33,000 align:middle line:84%
you can see version of software, you can see platform
22
00:01:33,000 --> 00:01:41,000 align:middle line:84%
you can see IP addresses configured, so IP address port number
23
00:01:41,000 --> 00:01:45,000 align:middle line:84%
you can see its capabilities and so forth
24
00:01:45,000 --> 00:01:52,000 align:middle line:84%
here's router 1, so you can see the device ID is router 1, as an example
25
00:01:52,000 --> 00:01:57,000 align:middle line:84%
So the important thing to remember is the CDP does not rely
26
00:01:57,000 --> 00:02:03,000 align:middle line:84%
on higher layer protocols, messages are sent every 60 seconds by default.
27
00:02:03,000 --> 00:02:08,000 align:middle line:84%
You can use CDP to map an entire network
28
00:02:08,000 --> 00:02:13,000 align:middle line:84%
so as an example, if you were connected to router 1
29
00:02:13,000 --> 00:02:16,000 align:middle line:84%
and you use the command sh cdp neighbors
30
00:02:16,000 --> 00:02:19,000 align:middle line:84%
you could discover which device you directly connected to
31
00:02:19,000 --> 00:02:21,000 align:middle line:84%
and then you could use details
32
00:02:21,000 --> 00:02:23,000 align:middle line:84%
so show CDP neighbor details
33
00:02:23,000 --> 00:02:28,000 align:middle line:84%
to see detailed information about that neighbor including its IP address
34
00:02:28,000 --> 00:02:30,000 align:middle line:84%
and then if telnet is enabled on your network
35
00:02:30,000 --> 00:02:34,000 align:middle line:84%
you could telnet from router 1 to router 2
36
00:02:34,000 --> 00:02:38,000 align:middle line:84%
and then use the command CDP neighbors
37
00:02:38,000 --> 00:02:43,000 align:middle line:84%
to discover what devices are connected to that router.
38
00:02:43,000 --> 00:02:47,000 align:middle line:84%
So as an example, here’s a core 3750 router
39
00:02:47,000 --> 00:02:50,000 align:middle line:84%
let’s see what's connected to that switch.
40
00:02:50,000 --> 00:02:55,000 align:middle line:84%
So I could use this command sh cdp entry
41
00:02:55,000 --> 00:03:00,000 align:middle line:84%
and the name of the device, to just see the output for the specific device
42
00:03:00,000 --> 00:03:04,000 align:middle line:84%
here’s its IP address, so I'll telnet to that IP address
43
00:03:04,000 --> 00:03:09,000 align:middle line:84%
I can log in assuming that I know the username and password
44
00:03:09,000 --> 00:03:12,000 align:middle line:84%
and once again I could use the command
45
00:03:12,000 --> 00:03:14,000 align:middle line:84%
sh cdp neighbors
46
00:03:14,000 --> 00:03:17,000 align:middle line:84%
to discover what's connected to that device.
47
00:03:17,000 --> 00:03:20,000 align:middle line:84%
And here as an example, we can see some other devices
48
00:03:20,000 --> 00:03:25,000 align:middle line:84%
which we weren't seeing previously, such as the Cisco 1841 router.
49
00:03:25,000 --> 00:03:34,000 align:middle line:84%
So you could map out the entire network by simply using CDP on 1 device
50
00:03:34,000 --> 00:03:37,000 align:middle line:84%
and telnetting to the next device using CDP
51
00:03:37,000 --> 00:03:41,000 align:middle line:84%
to discover what’s connected to that and then telnetting to the next device
52
00:03:41,000 --> 00:03:44,000 align:middle line:84%
and discovering what’s connected to that device.
53
00:03:44,000 --> 00:03:49,000 align:middle line:84%
Now the Cisco APIC-EM SDN software does a lot of this for you
54
00:03:49,000 --> 00:03:54,000 align:middle line:84%
and so does othersSCNMP or Simple Network Management Protocol
55
00:03:54,000 --> 00:03:57,000 align:middle line:84%
management software such as software from Solarwinds
56
00:03:57,000 --> 00:04:00,000 align:middle line:84%
you could do this manually but there is software out there
57
00:04:00,000 --> 00:04:03,000 align:middle line:84%
that can help you automate this process.
58
00:04:03,000 --> 00:04:07,000 align:middle line:84%
You could also use a combination of protocols.
59
00:04:07,000 --> 00:04:10,000 align:middle line:84%
So as an example, here’s router 2
60
00:04:10,000 --> 00:04:13,000 align:middle line:84%
sh cdp neighbors
61
00:04:13,000 --> 00:04:18,000 align:middle line:84%
shows me that I have this core 3750 switch
62
00:04:18,000 --> 00:04:22,000 align:middle line:84%
I could then discover the IP address of that switch
63
00:04:22,000 --> 00:04:28,000 align:middle line:84%
which in this example is this and then I could simply telnet to that switch
64
00:04:28,000 --> 00:04:37,000 align:middle line:84%
and then use a protocol such as LLDP to discover devices connected to that switch.
65
00:04:37,000 --> 00:04:45,000 align:middle line:84%
In this example, you can see the 2 Cisco IP phones, and an Ubuntu hypervisor
66
00:04:45,000 --> 00:04:48,000 align:middle line:84%
I could look at details.
67
00:04:48,000 --> 00:04:51,000 align:middle line:84%
So sh lldp neighbors detail
68
00:04:51,000 --> 00:04:53,000 align:middle line:84%
and here I can see the IP address
69
00:04:53,000 --> 00:04:59,000 align:middle line:84%
and model of phone as well as the firmware being used by that phone
70
00:04:59,000 --> 00:05:01,000 align:middle line:84%
and other information about it.
71
00:05:01,000 --> 00:05:08,000 align:middle line:84%
Scrolling down, lot of detail notice firmware revision
72
00:05:08,000 --> 00:05:12,000 align:middle line:84%
serial number and quite a bit of other information
73
00:05:12,000 --> 00:05:17,000 align:middle line:84%
such as the layer 2 quality of service and layer 3 quality of service
74
00:05:17,000 --> 00:05:22,000 align:middle line:84%
set on that phone, we'll talk more about quality of service later.
75
00:05:22,000 --> 00:05:31,000 align:middle line:84%
Here's the Cisco DX650, so we can see its system name
76
00:05:31,000 --> 00:05:39,000 align:middle line:84%
we can see an IP address we can see a firmware version
77
00:05:39,000 --> 00:05:41,000 align:middle line:84%
we can see quality of service information
78
00:05:41,000 --> 00:05:45,000 align:middle line:84%
we can see once again that it's a Cisco phone
79
00:05:45,000 --> 00:05:49,000 align:middle line:84%
we can see how much power is being used a lot of detail
80
00:05:49,000 --> 00:05:56,000 align:middle line:84%
here’s Linux so we can see Ubuntu server running Ubuntu 14.04 LTS
81
00:05:56,000 --> 00:06:03,000 align:middle line:84%
you can see the name of the server and it's IP address.
82
00:06:03,000 --> 00:06:11,000 align:middle line:84%
So once again CDP and LLDP allows you to discover devices in your network
83
00:06:11,000 --> 00:06:14,000 align:middle line:84%
and also allow you to see how the devices
84
00:06:14,000 --> 00:06:19,000 align:middle line:84%
are connected to each other in your network.
9798
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.
Afrikaans
Albanian
Amharic
Arabic
Armenian
Azerbaijani
Basque
Belarusian
Bengali
Bosnian
Bulgarian
Catalan
Cebuano
Chichewa
Chinese (Simplified)
Chinese (Traditional)
Corsican
Croatian
Czech
Danish
Dutch
English
Esperanto
Estonian
Finnish
French
Frisian
Galician
Georgian
German
Greek
Gujarati
Haitian Creole
Hawaiian
Hungarian
Icelandic
Indonesian
Irish
Italian
Japanese
Kazakh
Khmer
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latvian
Lithuanian
Luxembourgish
Macedonian
Malagasy
Malay
Maltese
Maori
Mongolian
Myanmar (Burmese)
Nepali
Norwegian
Pashto
Polish
Romanian
Russian
Samoan
Serbian
Sesotho
Shona
Sinhala
Slovak
Slovenian
Somali
Spanish
Swahili
Swedish
Tajik
Thai
Turkish
Ukrainian
Urdu
Uzbek
Vietnamese
