Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,000 --> 00:00:05,000 align:middle line:84%
So let’s do a capture on this link between router 1 and router 2
2
00:00:05,000 --> 00:00:15,000 align:middle line:84%
we can see some loop messages which are used to ensure that the interface is up
3
00:00:15,000 --> 00:00:20,000 align:middle line:84%
and we may have to wait a while for CDP message to be sent.
4
00:00:20,000 --> 00:00:25,000 align:middle line:84%
We can see that by typing sh cdp and pressing enter.
5
00:00:25,000 --> 00:00:28,000 align:middle line:84%
CDP only sends packets every 60 seconds
6
00:00:28,000 --> 00:00:31,000 align:middle line:84%
so we may have to wait a while as you can see in the output here
7
00:00:31,000 --> 00:00:35,000 align:middle line:84%
CDP packets are sent every 60 seconds
8
00:00:35,000 --> 00:00:39,000 align:middle line:84%
and an entry in the table is held for 180 seconds
9
00:00:39,000 --> 00:00:41,000 align:middle line:84%
I’ll show you more about that later but scrolling down
10
00:00:41,000 --> 00:00:43,000 align:middle line:84%
here’s a CDP message
11
00:00:43,000 --> 00:00:47,000 align:middle line:84%
we can see that it's using 802.3 Ethernet
12
00:00:47,000 --> 00:00:53,000 align:middle line:84%
and is using a specific Cisco address which I'll talk about in more detail later.
13
00:00:53,000 --> 00:01:01,000 align:middle line:84%
It's using logical link control with the organizational or unit of Cisco
14
00:01:01,000 --> 00:01:05,000 align:middle line:84%
in other words, the protocol used at a high layer is CDP
15
00:01:05,000 --> 00:01:09,000 align:middle line:84%
and here’s the CDP information version 2
16
00:01:09,000 --> 00:01:13,000 align:middle line:84%
we can see that it's router 2 advertising itself
17
00:01:13,000 --> 00:01:17,000 align:middle line:84%
with it's platform, port number and other details
18
00:01:17,000 --> 00:01:22,000 align:middle line:84%
what’s interesting is you can get a lot of detail through a CDP message
19
00:01:22,000 --> 00:01:26,000 align:middle line:84%
which is great for discovering the network
20
00:01:26,000 --> 00:01:29,000 align:middle line:84%
but is bad from a security point of view
21
00:01:29,000 --> 00:01:33,000 align:middle line:84%
you can see version of software, you can see platform
22
00:01:33,000 --> 00:01:41,000 align:middle line:84%
you can see IP addresses configured, so IP address port number
23
00:01:41,000 --> 00:01:45,000 align:middle line:84%
you can see its capabilities and so forth
24
00:01:45,000 --> 00:01:52,000 align:middle line:84%
here's router 1, so you can see the device ID is router 1, as an example
25
00:01:52,000 --> 00:01:57,000 align:middle line:84%
So the important thing to remember is the CDP does not rely
26
00:01:57,000 --> 00:02:03,000 align:middle line:84%
on higher layer protocols, messages are sent every 60 seconds by default.
27
00:02:03,000 --> 00:02:08,000 align:middle line:84%
You can use CDP to map an entire network
28
00:02:08,000 --> 00:02:13,000 align:middle line:84%
so as an example, if you were connected to router 1
29
00:02:13,000 --> 00:02:16,000 align:middle line:84%
and you use the command sh cdp neighbors
30
00:02:16,000 --> 00:02:19,000 align:middle line:84%
you could discover which device you directly connected to
31
00:02:19,000 --> 00:02:21,000 align:middle line:84%
and then you could use details
32
00:02:21,000 --> 00:02:23,000 align:middle line:84%
so show CDP neighbor details
33
00:02:23,000 --> 00:02:28,000 align:middle line:84%
to see detailed information about that neighbor including its IP address
34
00:02:28,000 --> 00:02:30,000 align:middle line:84%
and then if telnet is enabled on your network
35
00:02:30,000 --> 00:02:34,000 align:middle line:84%
you could telnet from router 1 to router 2
36
00:02:34,000 --> 00:02:38,000 align:middle line:84%
and then use the command CDP neighbors
37
00:02:38,000 --> 00:02:43,000 align:middle line:84%
to discover what devices are connected to that router.
38
00:02:43,000 --> 00:02:47,000 align:middle line:84%
So as an example, here’s a core 3750 router
39
00:02:47,000 --> 00:02:50,000 align:middle line:84%
let’s see what's connected to that switch.
40
00:02:50,000 --> 00:02:55,000 align:middle line:84%
So I could use this command sh cdp entry
41
00:02:55,000 --> 00:03:00,000 align:middle line:84%
and the name of the device, to just see the output for the specific device
42
00:03:00,000 --> 00:03:04,000 align:middle line:84%
here’s its IP address, so I'll telnet to that IP address
43
00:03:04,000 --> 00:03:09,000 align:middle line:84%
I can log in assuming that I know the username and password
44
00:03:09,000 --> 00:03:12,000 align:middle line:84%
and once again I could use the command
45
00:03:12,000 --> 00:03:14,000 align:middle line:84%
sh cdp neighbors
46
00:03:14,000 --> 00:03:17,000 align:middle line:84%
to discover what's connected to that device.
47
00:03:17,000 --> 00:03:20,000 align:middle line:84%
And here as an example, we can see some other devices
48
00:03:20,000 --> 00:03:25,000 align:middle line:84%
which we weren't seeing previously, such as the Cisco 1841 router.
49
00:03:25,000 --> 00:03:34,000 align:middle line:84%
So you could map out the entire network by simply using CDP on 1 device
50
00:03:34,000 --> 00:03:37,000 align:middle line:84%
and telnetting to the next device using CDP
51
00:03:37,000 --> 00:03:41,000 align:middle line:84%
to discover what’s connected to that and then telnetting to the next device
52
00:03:41,000 --> 00:03:44,000 align:middle line:84%
and discovering what’s connected to that device.
53
00:03:44,000 --> 00:03:49,000 align:middle line:84%
Now the Cisco APIC-EM SDN software does a lot of this for you
54
00:03:49,000 --> 00:03:54,000 align:middle line:84%
and so does othersSCNMP or Simple Network Management Protocol
55
00:03:54,000 --> 00:03:57,000 align:middle line:84%
management software such as software from Solarwinds
56
00:03:57,000 --> 00:04:00,000 align:middle line:84%
you could do this manually but there is software out there
57
00:04:00,000 --> 00:04:03,000 align:middle line:84%
that can help you automate this process.
58
00:04:03,000 --> 00:04:07,000 align:middle line:84%
You could also use a combination of protocols.
59
00:04:07,000 --> 00:04:10,000 align:middle line:84%
So as an example, here’s router 2
60
00:04:10,000 --> 00:04:13,000 align:middle line:84%
sh cdp neighbors
61
00:04:13,000 --> 00:04:18,000 align:middle line:84%
shows me that I have this core 3750 switch
62
00:04:18,000 --> 00:04:22,000 align:middle line:84%
I could then discover the IP address of that switch
63
00:04:22,000 --> 00:04:28,000 align:middle line:84%
which in this example is this and then I could simply telnet to that switch
64
00:04:28,000 --> 00:04:37,000 align:middle line:84%
and then use a protocol such as LLDP to discover devices connected to that switch.
65
00:04:37,000 --> 00:04:45,000 align:middle line:84%
In this example, you can see the 2 Cisco IP phones, and an Ubuntu hypervisor
66
00:04:45,000 --> 00:04:48,000 align:middle line:84%
I could look at details.
67
00:04:48,000 --> 00:04:51,000 align:middle line:84%
So sh lldp neighbors detail
68
00:04:51,000 --> 00:04:53,000 align:middle line:84%
and here I can see the IP address
69
00:04:53,000 --> 00:04:59,000 align:middle line:84%
and model of phone as well as the firmware being used by that phone
70
00:04:59,000 --> 00:05:01,000 align:middle line:84%
and other information about it.
71
00:05:01,000 --> 00:05:08,000 align:middle line:84%
Scrolling down, lot of detail notice firmware revision
72
00:05:08,000 --> 00:05:12,000 align:middle line:84%
serial number and quite a bit of other information
73
00:05:12,000 --> 00:05:17,000 align:middle line:84%
such as the layer 2 quality of service and layer 3 quality of service
74
00:05:17,000 --> 00:05:22,000 align:middle line:84%
set on that phone, we'll talk more about quality of service later.
75
00:05:22,000 --> 00:05:31,000 align:middle line:84%
Here's the Cisco DX650, so we can see its system name
76
00:05:31,000 --> 00:05:39,000 align:middle line:84%
we can see an IP address we can see a firmware version
77
00:05:39,000 --> 00:05:41,000 align:middle line:84%
we can see quality of service information
78
00:05:41,000 --> 00:05:45,000 align:middle line:84%
we can see once again that it's a Cisco phone
79
00:05:45,000 --> 00:05:49,000 align:middle line:84%
we can see how much power is being used a lot of detail
80
00:05:49,000 --> 00:05:56,000 align:middle line:84%
here’s Linux so we can see Ubuntu server running Ubuntu 14.04 LTS
81
00:05:56,000 --> 00:06:03,000 align:middle line:84%
you can see the name of the server and it's IP address.
82
00:06:03,000 --> 00:06:11,000 align:middle line:84%
So once again CDP and LLDP allows you to discover devices in your network
83
00:06:11,000 --> 00:06:14,000 align:middle line:84%
and also allow you to see how the devices
84
00:06:14,000 --> 00:06:19,000 align:middle line:84%
are connected to each other in your network.
9798
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.