Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

CDP Strageness 1

Status
Not open for further replies.
Dinkytoy

Dinkytoy

IS-IT--Management
Jun 14, 2007
147
0
0
GB
Wasn't sure whether to post this in the Switch or Routers section but I picked here.

I'm currently seeing something really weird via CDP on our switch and routers.

We have 2 Cisco routers on the edge of our network these connect via a non Cisco switch and then to a non Cisco firewall then via another non Cisco switch to a 3560G.

Running show cdp neighbors on both switch and routers show each other. They are not even remotely close to be directly connected so how can this be?

I'm a little concerned that there is some massive security hole in our network at the moment does this sound likely?
 
Sort by date Sort by votes
CDP tcp port 7999. Run wire shark a free analyzer and monitor for cdp activity.


[americanflag] Go Army!
Tek-TIP Member 19,650
 
Upvote 0 Downvote
I've seen that non-Cisco switches tend to just pass CDP messages on, so two Cisco devices appear to be neighbours despite there being anon-Cisco switch in-between.
 
Upvote 0 Downvote
If its a just a dumb switch between them then it probably would get passed on because cdp just uses a mulicast address to talk to other cisco devices.
 
Upvote 0 Downvote
I have seen this when we had a 3com switch in between cisco switches/Routers
 
Upvote 0 Downvote
In cmd, you'll want to be in the directory where Cdp2.exe is...

cd C:\Documents and Settings\Administrator\Desktop
Cdp2.exe

Burt
 
Upvote 0 Downvote
thanks for the tips, I'll give that cdp2.exe a go when I'm in work on Tuesday. The other switches are 3Com so maybe that's why, but it's still getting through the firewall as well. I don't remember having that port open but I'll check it.
 
Upvote 0 Downvote
I would expect to see cdp traffic passing though Hubs but it shouldn't pass through a switch as the mac table should stop it passing any further, a hub is such a dumb bit of kit it just forwards what it see's for that reason it would just see the cdp and forward it to all ports.
 
Upvote 0 Downvote
TJ, they definitely do get passed-on by (at least some) non-Cisco switches.
Just like any other L3 broadcast or multicast traffic.
 
Upvote 0 Downvote
There are some that will catch CDP, that support CDP, like some phones (Polycom) and some other switches (Adtran, and maybe HP ProCurve?)...

Burt
 
Upvote 0 Downvote
Looks like we accidentally bridged two vlans around the firewall that combined with the 3Com switches seems to explain the weirdness. Fortunately it's not a big security concern as it's only affected by multicasts and broadcasts from the lan side of a dmz and wan side of the firewall (lan side of the routers). None-the-less it's been sorted, phew.
 
Upvote 0 Downvote
Yeah, maybe T.J.

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\TIMMAY!!!>cd C:\

C:\>Cdp2.exe
Cisco Discovery Protocol Capture
Complied By T.J.Bradford

1. \Device\NPF_GenericDialupAdapter (Adapter for generic dialup and VPN capture)

2. \Device\NPF_{C0E0A4F7-3FC7-4526-BC93-F75A0BD4405E} (NVIDIA nForce MCP Network
ing Adapter Driver (Microsoft's Packet Scheduler) )
Enter the interface number (1-2):2
Using Device: \Device\NPF_{C0E0A4F7-3FC7-4526-BC93-F75A0BD4405E}
Waiting for CDP advertisement:
(default config is to transmit CDP packets every 60 seconds)
Device ID
value: Switch
Addresses
value: 10.68.68.7
Port ID
value: FastEthernet0/18

C:\>

See how it captures one packet, then stops? I was just running the app (double click), and minimizing it, and even just not minimizing it, come back 10 minutes later, and it is gone. The output I pasted obviously is from when I did it from CMD...

Any way you can share the source code? I'm actually a hardware guy and network support engineer, so not so good with programming. I imagine it's VB6?

/
 
Upvote 0 Downvote
it's vb.net based and Yeah Agreed if needs a pause once the command has completed so it doesn't vanish, I will see if i can get the time to add that to it.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

xdxml12
  • Locked
  • Question
CDP
Replies
2
Views
39
tphethai
tphethai
vaneess
  • Locked
  • Question
CDP Neighbors via SNMP
Replies
0
Views
26
vaneess
vaneess
Kawdude
  • Locked
  • Question
CDP showing two of each neighbor 1
Replies
14
Views
168
Kawdude
Kawdude
Flyers01
  • Locked
  • Question
Turn off cdp
Replies
9
Views
55
ADB100
ADB100
TNGPicard
  • Locked
  • Question
CDP across frame relay 1
Replies
3
Views
49
burtsbees
burtsbees

Part and Inventory Search

Sponsor

Back
Top