- Index
- Preface
- Product Overview
- Command-Line Interfaces
- Configuring the Switch for the First Time
- Administering the Switch
- Configuring Virtual Switching Systems
- Configuring the Cisco IOS In-Service Software Upgrade Process
- Configuring the Cisco IOS XE In Service Software Upgrade Process
- Configuring Interfaces
- Checking Port Status and Connectivity
- Configuring Supervisor Engine Redundancy Using RPR and SSO on Supervisor Engine 6-E and Supervisor Engine 6L-E
- Configuring Supervisor Engine Redundancy Using RPR and SSO on Supervisor Engine 7-E, Supervisor Engine 7L-E, and Supervisor Engine 8-E
- Configuring Cisco NSF with SSO Supervisor Engine Redundancy
- Environmental Monitoring and Power Management
- Configuring Power over Ethernet
- Configuring the Catalyst 4500 Series Switch with Cisco Network Assistant
- Configuring VLANs, VTP, and VMPS
- Configuring IP Unnumbered Interface
- Configuring Layer 2 Ethernet Interfaces
- Configuring EVC-Lite
- Configuring SmartPort Macros
- Configuring Cisco IOS Auto Smartport Macros
- Configuring STP and MST
- Configuring Flex Links and MAC Address-Table Move Update
- Configuring Resilient Ethernet Protocol
- Configuring Optional STP Features
- Configuring EtherChannel and Link State Tracking
- Configuring IGMP Snooping and Filtering, and MVR
- Configuring IPv6 Multicast Listener Discovery Snooping
- Configuring 802.1Q Tunneling, VLAN Mapping, and Layer 2 Protocol Tunneling
- Configuring Cisco Discovery Protocol
- Configuring LLDP, LLDP-MED, and Location Service
- Configuring UDLD
- Configuring Unidirectional Ethernet
- Configuring Layer 3 Interfaces
- Configuring Cisco Express Forwarding
- Configuring Unicast Reverse Path Forwarding
- Configuring IP Multicast
- Configuring ANCP Client
- Configuring Bidirectional Forwarding Detection
- Configuring Policy-Based Routing
- Configuring VRF-lite
- Configuring Quality of Service
- Configuring Voice Interfaces
- Configuring Private VLANs
- Configuring MACsec Encryption
- Configuring 802.1X Port-Based Authentication
- X.509v3 Certificates for SSH Authentication
- Configuring the PPPoE Intermediate Agent
- Configuring Web-Based Authentication
- Configuring Wired Guest Access
- Configuring Auto Identity
- Configuring Port Security
- Configuring Auto Security
- Configuring Control Plane Policing and Layer 2 Control Packet QoS
- Configuring Dynamic ARP Inspection
- Configuring DHCP Snooping, IP Source Guard, and IPSG for Static Hosts
- Configuring Network Security with ACLs
- Support for IPv6
- Port Unicast and Multicast Flood Blocking
- Configuring Storm Control
- Configuring SPAN and RSPAN
- Configuring ERSPAN
- Configuring Wireshark
- Configuring Enhanced Object Tracking
- Configuring System Message Logging
- Onboard Failure Logging (OBFL)
- Configuring SNMP
- Configuring NetFlow-lite
- Configuring Flexible NetFlow
- Configuring Ethernet OAM and CFM
- Configuring Y.1731 (AIS and RDI)
- Configuring Call Home
- Configuring Cisco IOS IP SLA Operations
- Configuring RMON
- Performing Diagnostics
- Configuring WCCP Version 2 Services
- Configuring MIB Support
- ROM Monitor
- Acronyms and Abbreviations
Configuring Cisco Discovery Protocol
This chapter describes how to configure Cisco Discovery Protocol and Cisco Discovery Protocol Bypass on the Catalyst 4500 Series Switches. It also provides guidelines, procedures, and configuration examples.
This chapter includes the following major sections:
- About Cisco Discovery Protocol
- Configuring Cisco Discovery Protocol
- About Cisco Discovery Protocol Bypass
- Configuring Cisco Discovery Protocol Bypass
Note For complete syntax and usage information for the Cisco IOS commands used in this chapter, refer to the
Cisco IOS Configuration Fundamentals Configuration Guide, Release 12.4:
http://www.cisco.com/en/US/docs/ios/fundamentals/configuration/guide/12_4/cf_12_4_book.html
and the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2:
http://www.cisco.com/en/US/docs/ios/12_2/configfun/command/reference/ffun_r.html
Note For complete syntax and usage information for the switch commands used in this chapter, see the Cisco Catalyst 4500 Series Switch Command Reference and related publications at this location:
http://www.cisco.com/en/US/products/hw/switches/ps4324/index.html
If a command is not in the Catalyst 4500 Series Switch Command Reference, you can locate it in the Cisco IOS library. See the Command Reference for the Catalyst 4006 Switch with Supervisor Engine III and related publications at this location:
http://www.cisco.com/en/US/products/ps6350/index.html
About Cisco Discovery Protocol
Cisco Discovery Protocol is a protocol that runs over Layer 2 (the data link layer) on all Cisco routers, bridges, access servers, and switches. Cisco Discovery Protocol allows network management applications to discover Cisco devices that are neighbors of already known devices, in particular, neighbors running lower-layer, transparent protocols.With Cisco Discovery Protocol, network management applications can learn the device type and the SNMP agent address of neighboring devices. Cisco Discovery Protocol enables applications to send SNMP queries to neighboring devices.
Cisco Discovery Protocol runs on all LAN and WAN media that support Subnetwork Access Protocol (SNAP).
Each Cisco Discovery Protocol-configured device sends periodic messages to a multi-cast address. Each device advertises at least one address at which it can receive SNMP messages. The advertisements also contain the time-to-live, or holdtime information, which indicates the length of time a receiving device should hold Cisco Discovery Protocol information before discarding it.
Configuring Cisco Discovery Protocol
The following sections describe how to configure Cisco Discovery Protocol:
- Enabling Cisco Discovery Protocol Globally
- Displaying the Cisco Discovery Protocol Global Configuration
- Enabling Cisco Discovery Protocol on an Interface
- Displaying the Cisco Discovery Protocol Interface Configuration
- Monitoring and Maintaining Cisco Discovery Protocol
Enabling Cisco Discovery Protocol Globally
To enable Cisco Discovery Protocol globally, use this command:
|
|
---|---|
|
Enables Cisco Discovery Protocol globally. Use the no keyword to disable Cisco Discovery Protocol globally. |
This example shows how to enable Cisco Discovery Protocol globally:
Displaying the Cisco Discovery Protocol Global Configuration
To display the Cisco Discovery Protocol configuration, use this command:
|
|
---|---|
|
This example shows how to display the Cisco Discovery Protocol configuration:
For additional Cisco Discovery Protocol show commands, see the “Monitoring and Maintaining Cisco Discovery Protocol” section.
Enabling Cisco Discovery Protocol on an Interface
To enable Cisco Discovery Protocol on an interface, use this command:
|
|
---|---|
|
Enables Cisco Discovery Protocol on an interface. Use the no keyword to disable Cisco Discovery Protocol on an interface. |
This example shows how to enable Cisco Discovery Protocol on Fast Ethernet interface 5/1:
This example shows how to disable Cisco Discovery Protocol on Fast Ethernet interface 5/1:
Displaying the Cisco Discovery Protocol Interface Configuration
To display the Cisco Discovery Protocol configuration for an interface, use this command:
|
|
---|---|
|
Displays information about interfaces where Cisco Discovery Protocol is enabled. |
This example shows how to display the Cisco Discovery Protocol configuration of Fast Ethernet interface 5/1:
Monitoring and Maintaining Cisco Discovery Protocol
To monitor and maintain Cisco Discovery Protocol on your device, enter one or more of the following commands:
This example shows how to clear the Cisco Discovery Protocol counter configuration on your switch:
This example shows how to display information about the neighboring equipment:
About Cisco Discovery Protocol Bypass
When a Cisco IP Phone is plugged into a port that is configured with a Voice VLAN and single-host mode, the phone will be silently allowed onto the network by way of a feature known as Cisco Discovery Protocol Bypass. The phone (or any device) that sends the appropriate Type Length Value (TLV) in a Cisco Discovery Protocol message will be allowed access to the voice VLAN.
In Cisco Discovery Protocol Bypass mode, Cisco Discovery Protocol packets are received and transmitted unchanged. Received packets are not processed. No packets are generated. In this mode, 'bump-in-the-wire' behavior is applied to Cisco Discovery Protocol packets. This is a backward compatible mode, equivalent to not having Cisco Discovery Protocol support.
In Cisco Discovery Protocol Bypass mode authentication sessions are established in single and multi-host modes for IP Phones. However, if voice VLAN and 802.1x on an interface port is enabled, then Cisco Discovery Protocol Bypass is enabled when the host mode is set to single or multi-host mode.
It is possible to use the Multi-Domain Authentication (MDA) feature instead of Cisco Discovery Protocol Bypass feature as it provides better Access Control, Visibility and Authorization.
Note By default the host mode is set to single mode in legacy mode and multi-authentication in the edge mode.
Cisco Discovery Protocol Enhancement for Second Port Disconnect—Allows a Cisco IP phone to send a Cisco Discovery Protocol message to the switch when a host unplugs from behind the phone. The switch is then able to clear any authenticated session for the indirectly connected host, the same as if the host had been directly connected and the switch had detected a link down event. This is supported in latest IP telephones.
Cisco Discovery Protocol Bypass provides no support for third-party phones—Cisco Discovery Protocol Bypass works only with Cisco phones.
Configuring Cisco Discovery Protocol Bypass
The following sections describe how to configure Cisco Discovery Protocol Bypass
- Enabling Cisco Discovery Protocol Bypass
- Displaying Cisco Discovery Protocol Neighbors
- Disabling Cisco Discovery Protocol Bypass
Enabling Cisco Discovery Protocol Bypass
To enable Cisco Discovery Protocol Bypass, use these commands:
Cisco Discovery Protocol Bypass is enabled by default once authentication port-control auto is configured with dot1x or MAB or if voice vlan is configured on the interface along with single/multiple host mode.
Displaying Cisco Discovery Protocol Neighbors
The following configuration example displays Cisco Discovery Protocol neighbors.
Disabling Cisco Discovery Protocol Bypass
To disable Cisco Discovery Protocol Bypass, enter the no authentication port-control auto command in interface configuration mode.