03-24-2006 06:18 AM - edited 03-03-2019 02:27 AM
I enabled CDP globally and on the interfaces on both router and switch. Both router and switch are using CDP V2. I can see CDP information from the switch side but not from the router side. Keepalive is enabled only on the switch side.
I did debugging on both router and switch. On the switch side, I see cdp packets from router coming in, but I don't see the same thing happen on the router side. Input counters on the router side confirm this result. Can anyone help?
Switch#sh cdp traffic
CDP counters :
Total packets output: 104775, Input: 73896
Hdr syntax: 0, Chksum error: 0, Encaps failed: 0
No memory: 0, Invalid packet: 1, Fragmented: 0
CDP version 1 advertisements output: 0, Input: 0
CDP version 2 advertisements output: 104775, Input: 73896
Switch#sh cdp
Global CDP information:
Sending CDP packets every 60 seconds
Sending a holdtime value of 180 seconds
Sending CDPv2 advertisements is enabled
Switch#sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
Router Gig 1/0/19 125 R 3640 Fas 3/0
Router Gig 1/0/21 125 R 3640 Fas 1/1
Router Gig 1/0/5 124 R 3640 Fas 1/0
Router#sh cdp traffic
CDP counters :
Total packets output: 142722, Input: 0
Hdr syntax: 0, Chksum error: 0, Encaps failed: 1
No memory: 0, Invalid packet: 0, Fragmented: 0
CDP version 1 advertisements output: 0, Input: 0
CDP version 2 advertisements output: 142722, Input: 0
Router#sh cdp
Global CDP information:
Sending CDP packets every 60 seconds
Sending a holdtime value of 180 seconds
Sending CDPv2 advertisements is enabled
Router#sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
Regards,
Santi
03-24-2006 06:21 AM
Hi,
It shows router is sending the CDP info but not receving the CDP info. Do you have any ACL on the router interface.
Config of the router and switch ports will help.
regards,
-amit singh
03-24-2006 06:27 AM
Router#
!
interface FastEthernet1/0
description Interface to Gecko
ip address 208.4.61.129 255.255.255.192
ip access-group in-from-corp in
ip access-group out-to-corp out
no ip redirects
no ip unreachables
no ip proxy-arp
service-policy input drop-inbound-http-hacks
ip route-cache flow
load-interval 30
no keepalive
speed 100
full-duplex
interface FastEthernet1/1
description VPN Network
ip address 208.4.63.1 255.255.255.240
ip access-group in-from-vpn in
ip access-group out-to-vpn out
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
load-interval 30
no keepalive
speed 100
full-duplex
end
interface FastEthernet3/0
description HATS/HOD, Fedline and PSCU
ip address 208.4.63.129 255.255.255.192 secondary
ip address 208.4.63.33 255.255.255.240
ip access-group in-from-hod in
ip access-group out-to-hod out
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no keepalive
speed 100
full-duplex
end
Switch#
!
interface GigabitEthernet1/0/5
description C-Gate (208.4.61.129)
switchport access vlan 61
switchport mode access
switchport nonegotiate
duplex full
speed 100
spanning-tree portfast
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
spanning-tree link-type point-to-point
spanning-tree guard root
end
interface GigabitEthernet1/0/19
description C-GATE HOD-HATS/Fedline/PSCU (208.4.63.33)
switchport access vlan 63
switchport mode access
switchport nonegotiate
duplex full
speed 100
spanning-tree portfast
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
spanning-tree link-type point-to-point
spanning-tree guard root
end
interface GigabitEthernet1/0/21
description C-Gate VPN Interface - Fa1/1 (208.4.63.1)
switchport access vlan 25
switchport mode access
switchport nonegotiate
duplex full
speed 100
spanning-tree portfast
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
spanning-tree link-type point-to-point
spanning-tree guard root
end
03-24-2006 06:27 AM
Router#
!
interface FastEthernet1/0
description Interface to Gecko
ip address 208.4.61.129 255.255.255.192
ip access-group in-from-corp in
ip access-group out-to-corp out
no ip redirects
no ip unreachables
no ip proxy-arp
service-policy input drop-inbound-http-hacks
ip route-cache flow
load-interval 30
no keepalive
speed 100
full-duplex
interface FastEthernet1/1
description VPN Network
ip address 208.4.63.1 255.255.255.240
ip access-group in-from-vpn in
ip access-group out-to-vpn out
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
load-interval 30
no keepalive
speed 100
full-duplex
end
interface FastEthernet3/0
description HATS/HOD, Fedline and PSCU
ip address 208.4.63.129 255.255.255.192 secondary
ip address 208.4.63.33 255.255.255.240
ip access-group in-from-hod in
ip access-group out-to-hod out
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no keepalive
speed 100
full-duplex
end
Switch#
!
interface GigabitEthernet1/0/5
description C-Gate (208.4.61.129)
switchport access vlan 61
switchport mode access
switchport nonegotiate
duplex full
speed 100
spanning-tree portfast
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
spanning-tree link-type point-to-point
spanning-tree guard root
end
interface GigabitEthernet1/0/19
description C-GATE HOD-HATS/Fedline/PSCU (208.4.63.33)
switchport access vlan 63
switchport mode access
switchport nonegotiate
duplex full
speed 100
spanning-tree portfast
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
spanning-tree link-type point-to-point
spanning-tree guard root
end
interface GigabitEthernet1/0/21
description C-Gate VPN Interface - Fa1/1 (208.4.63.1)
switchport access vlan 25
switchport mode access
switchport nonegotiate
duplex full
speed 100
spanning-tree portfast
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
spanning-tree link-type point-to-point
spanning-tree guard root
end
03-24-2006 06:30 AM
Hi Amit:
What type of ACL statement should I be looking for?
Regards,
Santi
03-24-2006 06:50 AM
Amit,
From sylog messages, I am not seeing any specific deny messages regarding CDP message in both directions between router and switch.
Regards,
Santi
03-24-2006 06:59 AM
Do a sh cdp interface on both devices and verify tha all 6 interfaces/ports have cdp enabled.
That is Giga 1/0/5, 1/0/19 and 1/0/21 on the switch and Fast 1/0, 1/1 and 3/0 on the router.
03-24-2006 07:12 AM
Router#sh cdp interface
FastEthernet1/0 is up, line protocol is up
Encapsulation ARPA
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
FastEthernet1/1 is up, line protocol is up
Encapsulation ARPA
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
FastEthernet3/0 is up, line protocol is up
Encapsulation ARPA
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Switch#sh cdp interface
GigabitEthernet1/0/5 is up, line protocol is up
Encapsulation ARPA
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
GigabitEthernet1/0/19 is up, line protocol is up
Encapsulation ARPA
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
GigabitEthernet1/0/21 is up, line protocol is up
Encapsulation ARPA
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
03-24-2006 11:30 AM
Well that looks OK.
What do you get when debugging cdp adjacency, events, ip and packets?
Remember to do a "clear cdp table" after turning the debug on.
You should see something like this on the router.
"CDP-PA: version 2 packet sent out on FastEthernet1/0"
And.
"CDP-PA: Packet received from Switch on interface FastEthernet1/0
**Entry NOT found in cache**"
03-24-2006 11:42 AM
I am not seeing any received packets from the switch side.
Router#sh debug
CDP:
CDP packet info debugging is on
CDP events debugging is on
CDP neighbor info debugging is on
CDP IP info debugging is on
Router#
Mar 24 15:38:07.821: CDP-PA: version 2 packet sent out on FastEthernet1/0
Mar 24 15:38:07.821: CDP-PA: version 2 packet sent out on FastEthernet1/1
Mar 24 15:38:07.821: CDP-PA: version 2 packet sent out on FastEthernet3/0CDP
Router#sh cdp traffic
counters :
Total packets output: 9, Input: 0
Hdr syntax: 0, Chksum error: 0, Encaps failed: 0
No memory: 0, Invalid packet: 0, Fragmented: 0
CDP version 1 advertisements output: 0, Input: 0
CDP version 2 advertisements output: 9, Input: 0
03-24-2006 04:22 PM
Sounds like a bug in the software in either the router or Switch.
What IOS are you using?
03-24-2006 06:33 PM
Router#
IOS (tm) 3600 Software (C3640-I-M), Version 12.2(24a), RELEASE SOFTWARE (fc3)
Switch#
Cisco IOS Software, C3750 Software (C3750-IPSERVICES-M), Version 12.2(25)SEB4, RELEASE SOFTWARE (fc1)
03-25-2006 07:40 AM
OK, I would start by upgrading the router IOS, it's fairly old, and there is a ton of bugs in it. I don't see any about CDP though.
Another thing you could try out, if you have the time. Is to install CDP on a laptop, and try and plug it into the switch and then try the router. The device that is able to see the laptop through CDP, is the one working, so the other one must have a defect.
03-27-2006 07:04 AM
I installed CDP monitor on my laptop and Switch is the only device that was able to see the laptop.
Other than upgrading IOS on the router, do you have other possible solutions?
Regards,
Santi
03-28-2006 06:05 AM
No, I think its fairly safe to say that there is a CDP bug in the current IOS on the 3640 router.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide