LLDP vs. CDP: Key Differences in Network Discovery Protocols

Navigating a complex network is like navigating a sprawling city without a GPS. Each device and connection can seem like an unknown node, making it challenging to understand or document the network configuration. In today's fast-paced IT world, protocols like LLDP (Link Layer Discovery Protocol) and CDP (Cisco Discovery Protocol) act as essential GPS systems for network engineers. This article will compare LLDP vs. CDP.

While CDP is a proprietary protocol specific to Cisco devices, LLDP is an open standard that works with all vendors. Both operate at Layer 2, but LLDP offers more detailed device information, including model numbers, firmware versions, MAC addresses, and port IDs.

The decision between using LLDP vs. CDP depends on the particular needs of the network, the desire for vendor-specific compatibility, and the requirement for deeper control over Cisco equipment. Both protocols present unique benefits that may suit different networks and working conditions.

When network diagrams are missing or outdated, these protocols are a lifesaver, helping network engineers quickly identify and understand connected devices and making network management a breeze.

To better understand the nuances of LLDP vs. CDP protocols, let's dive into a side-by-side comparison of LLDP and CDP, highlighting their key differences and ideal use cases.

Understanding LLDP: The Universal Network Protocol

LLDP is an IEEE 802.1AB standard protocol. Link Layer Discovery Protocol (LLDP) is used to discover neighboring devices. The protocol is a vendor-neutral networking protocol that enables the network devices in a local area network (LAN) to advertise or discover information about each other.

LLDP works at the data link layer of the OSI model and enables the discovery of the neighboring devices and their details, such as their name, type, and link parameters. This protocol applies to network management activities like network discovery, monitoring, fault identification, and integration of devices from different vendors in the same network.

LLDP Monitoring and Maintenance Commands: The Essential Toolkit

Here is a table summarizing the LLDP commands and their descriptions:

As mentioned earlier, LLDP is disabled by default. You need to enable it.

Let’s enable it and see what information it exchanges.

We don’t see neighbors’ information in the above image. We must ensure LLDP is enabled on all devices (both routers and switches) involved in the topology. LLDP must be enabled on both ends of the connection to work properly. Also, all interfaces should be in an active state.

This Global LLDP information when you run “show lldp”

If I run the command show lldp neighbors it shows the Output below:

Now that we have LLDP enabled on all devices let's examine the output and understand what each field represents:

Device ID: The identifier of the neighboring device (usually the hostname or chassis ID).

Local Interface: The interface on the local device that receives the LLDP information from the neighbor.

Hold-time: The time in seconds that the local device will hold the LLDP information before discarding it unless refreshed by a new LLDP frame. If no announcements are received from a device for a period over the hold time, the device information is discarded and wiped out.

Capability: The capabilities of the neighboring device (e.g., Router, Bridge, etc.).

Port ID: The identifier of the port on the neighboring device that sent the LLDP frame.

Note:- If your switch (SW1 or SW2) is showing as a router (R), it likely means the device has routing capabilities

show lldp neighbors detail on R1 provides detailed information about the LLDP neighbor (SW1) connected to interface GigabitEthernet0/0

Detailed Output Explanation (LLDP): Deciphering the Data

Local Intf: Indicates the local interface on R1 where the LLDP information was received from the neighbor.

Chassis ID: Specifies the chassis identifier (MAC address) of the neighboring device (SW1).

Port id: Identifies the port on the neighboring device (SW1) connected to R1.

Port Description: Provides a description of the port on the neighboring device (SW1), often matching the local interface name.

System Name: Specifies the hostname or system name of the neighboring device (SW1).

System Description: Detailed information about the neighboring device's software version, platform, and capabilities.

Time remaining: Indicates the remaining time (in seconds) before the LLDP information from the neighboring device expires on R1.

System Capabilities: Lists the capabilities of the neighboring device (SW1). In this case, "B, R" indicates that SW1 is capable of acting as a bridge (switch) and a router.

Enabled Capabilities: Indicates which capabilities are currently enabled on the neighboring device (SW1). Here, "R" (Router) is enabled.

Management Addresses: Specifies the management addresses of the neighboring device (SW1), which may include IP addresses used for network management purposes.

Auto Negotiation: Indicates whether auto-negotiation is supported on the interface.

Physical media capabilities: Specifies the physical media capabilities of the interface.

Media Attachment Unit type: Specifies the type of Media Attachment Unit (MAU) used on the interface.

VLAN ID: Indicates the VLAN ID associated with the port on the neighboring device (SW1).

Exploring CDP: Cisco's Proprietary Protocol

It's time to learn something about CDP (Cisco Discovery Protocol). Cisco Discovery Protocol (CDP) is a proprietary Layer 2 network protocol developed by Cisco Systems.

It was implemented in the early 1990s, well before LLDP was standardized. CDP is enabled by default on all Cisco devices. CDP is beneficial if you have a Cisco ecosystem because it provides extensive details about Cisco devices, such as device type, IP address, software version, and capabilities specific to Cisco hardware. CDP is especially effective in giving a simple method of obtaining information about connected Cisco devices, making it easier to perform various management activities such as drawing topologies, diagnosing problems, and monitoring the network.

CDP Monitoring and Maintenance Commands: The Cheat Sheet

Here is a table summarizing the CDP commands and their descriptions:

As mentioned earlier, CDP is already enabled by default on all Cisco devices. It sends CDP packets every 60 seconds and hold time value 180. You can see the comparison table above.

This Global CDP information when you run “show cdp”

show cdp neighbors

show cdp neighbors command displays information about neighboring devices discovered via Cisco Discovery Protocol (CDP) on router R1.

Explanation of Each Field: The Decoder Ring

Device ID: The hostname or system name of the neighboring device.

Local Interface: The local interface on router R1 through which each neighboring device was discovered.

Hold Time: The remaining time in seconds before the CDP information about the neighboring device is considered outdated or stale.

Capability: Indicates the device capabilities as identified by CDP. Common capabilities include Router (R), Switch (S), Bridge (B), and IGMP (I).

Platform: Specifies the hardware platform or model of the neighboring device.

Port ID: The port identifier or name on the neighboring device that is connected to the local interface of router R1.

SW1:

-Local Interface: Gig 0/0

-Hold Time: 150 seconds.

-Capabilities: R S I (Router, Switch, IGMP)

-Platform: Not specified in the provided output

-Port ID: Gig 0/0

R2:

-Local Interface: Gig 0/1

-Hold Time: 155 seconds

-Capabilities: R B (Router, Bridge)

-Platform: Not specified in the provided output

-Port ID: Gig 0/0

·       SW1: This device (SW1) is identified with multiple capabilities (R, S, I), indicating it functions as a Router and switch and supports IGMP.

·       R2: This device (R2) is identified as a Router (R) and Bridge (B), suggesting it has capabilities related to routing and bridging functions.

Also, one thing we need to notice in the CDP neighbor detail command is the Platform Details. The specific hardware platform or model (Platform) of each neighboring device was not provided in the output. In real-world scenarios, this information can be crucial for understanding the types of devices connected to your network.

If you run the command show cdp neighbors detail

Detailed Output Explanation (CDP): Unmasking the Data

Device Details: Device ID: SW1

Entry address(es): IP address: 192.168.2.2

Platform: Cisco

Capabilities: Router, Switch, IGMP

Interface: GigabitEthernet0/0

Port ID (outgoing port): GigabitEthernet0/0

Holdtime: 167 seconds

Version Information: Cisco IOS Software: vios_l2 Software (vios_l2-ADVENTERPRISEK9-M)

Version: Experimental Version 15.2(20200924:215240)

Copyright: 1986-2020 by Cisco Systems, Inc.

Advertisement version: 2

VTP Management Domain: Not specified ('')

Duplex: Full

Management address(es): IP address: 192.168.2.2

Device ID: R2

Entry address(es): IP address: 10.10.10.2

Platform: Cisco

Capabilities: Router, Source-Route-Bridge

Interface: GigabitEthernet0/1

Port ID (outgoing port): GigabitEthernet0/0

Holdtime: 176 seconds

Version Information: Cisco IOS Software: IOSv Software (VIOS-ADVENTERPRISEK9-M)

Version: 15.9(3)M6

Technical Support: http://www.cisco.com/techsupport

Copyright: 1986-2022 by Cisco Systems, Inc.

Advertisement version: 2

IP address: 10.10.10.2

SW1 is identified with IP address 192.168.2.2 and is described as having the capability of a router and switch and supporting IGMP. It runs Cisco IOS software (vios_l2) with a specific experimental version. It operates in full duplex mode and has a management IP address 192.168.2.2.

R2 is identified with the IP address 10.10.10.2 and is described as a Router with Source-Route-Bridge capabilities. It runs Cisco IOS software (IOSv) version 15.9(3)M6. It also provides a management IP address of 10.10.10.2.

The show cdp neighbors detail command on router R1 provides comprehensive information about neighboring devices, including their IP addresses, capabilities, platform details, software versions, and management addresses. This information is valuable for network administrators to understand the network topology, troubleshoot connectivity issues, and manage network devices effectively.

Choosing the Right Protocol

To sum up our comparison of LLDP vs. CDP, LLDP is open and vendor-neutral, so it is most suitable for use in a network with networking equipment from different vendors. It is used to ensure the compatibility of devices since it conveys core network information, such as the system's capabilities and the devices' identities.

On the other hand, CDP is developed solely for Cisco and is very efficient in Cisco-dominated networks. It offers a full range of information about the Cisco devices, such as the platform, address management, and integration with Cisco-specific features and protocols. It makes CDP very useful in offering the best management and troubleshooting functions in a Cisco network environment.