Imagine you've just connected two switches, but they don't seem to be sharing any information—no device IDs, no platform details, nothing. Cisco Discovery Protocol (CDP) and Link Layer Discovery Protocol (LLDP) are the network's way of introducing neighbors, and when they stop working, troubleshooting becomes a blind exercise. For the CCNA 200-301 exam (objective 2.6), you must be able to diagnose why CDP or LLDP isn't showing neighbor information. This skill is critical because these protocols underpin many other features like VoIP, network topology mapping, and automated configuration tools. In this chapter, you'll learn the exact steps to isolate the problem, from interface-level issues to global configuration and Layer 1 failures.
Jump to a section
Think of a large office building with many departments. Each department has a nameplate outside its door (like a device's hostname) and an intercom system to announce its presence to the hallway. CDP and LLDP are like those intercoms and nameplates—they let devices announce who they are, what they can do, and how to reach them. Now, suppose you're in a new wing of the building and you notice no nameplates are lit up. Why? Maybe the intercom system is globally disabled (like the 'no cdp run' command). Perhaps the hallway's power is out (Layer 1 issue—cable unplugged, bad port). Or maybe the specific door you're looking at has its own intercom turned off (interface-level disable). There could also be a security policy that forbids announcements on certain floors (VLAN mismatch or administrative filtering). To troubleshoot, you'd first check if the building's intercom system is on (global CDP/LLDP status). Then you'd walk to the specific door and test its intercom (interface status). You might also use a master list (show cdp neighbors) to see if any announcements are being heard. If a device is sending but not receiving, the problem could be a one-way audio issue (Layer 1 half-duplex or cable fault). The analogy holds: just as you can't rely on announcements to find someone's office if the intercom is broken, you can't rely on CDP/LLDP to discover neighbors if the protocol is misconfigured or the link is faulty.
CDP (Cisco Discovery Protocol) and LLDP (Link Layer Discovery Protocol) are Layer 2 protocols used by network devices to advertise their identity, capabilities, and neighbors to other directly connected devices. CDP is Cisco proprietary, enabled by default on all Cisco devices (routers, switches, etc.). LLDP is an IEEE standard (802.1AB) that is vendor-neutral; on Cisco devices, it is disabled by default. Both protocols operate at Layer 2, sending multicast frames that are not forwarded by switches (they are consumed by the directly connected neighbor).
The primary purpose is automatic discovery: a switch can learn the hostname, platform, IOS version, and IP address of its neighbor without any manual configuration. This information is used by network management tools (e.g., Cisco Prime, DNA Center), VoIP phones (to get voice VLAN), and features like LLDP-MED (Media Endpoint Discovery) for power over Ethernet (PoE) negotiation. Without CDP/LLDP, network engineers would have to manually document every connection—a nightmare in large networks.
How CDP and LLDP Work Step by Step
Both protocols send periodic advertisements (multicast frames) out of all enabled interfaces. CDP uses multicast MAC address 01-00-0C-CC-CC-CC, and LLDP uses 01-80-C2-00-00-0E (or 01-80-C2-00-00-03 for some implementations). The frames contain Type-Length-Value (TLV) fields that carry information such as device ID (hostname), port ID (interface name), platform, software version, and capabilities (router, switch, etc.).
CDP Mechanism:
- CDP sends advertisements every 60 seconds by default (configurable with cdp timer).
- The holdtime is 180 seconds by default (configurable with cdp holdtime). If no advertisement is received from a neighbor within the holdtime, the neighbor entry is removed from the CDP table.
- CDP version 2 is the default and supports more TLVs (e.g., native VLAN, duplex).
- CDP is enabled globally with cdp run and on individual interfaces with cdp enable. By default, CDP is enabled globally and on all interfaces that support it (Ethernet, Fast Ethernet, Gigabit Ethernet, etc.; not on serial interfaces by default? Actually, CDP works on serial interfaces too, but less common).
LLDP Mechanism:
- LLDP sends advertisements every 30 seconds by default (configurable with lldp timer).
- The holdtime multiplier is 4 by default (meaning holdtime = timer * multiplier = 120 seconds). Configurable with lldp holdtime.
- LLDP reinitialization delay is 2 seconds by default.
- LLDP must be enabled globally with lldp run and on interfaces with lldp transmit and lldp receive (or lldp enable on some platforms). By default, LLDP is disabled globally.
Key States, Timers, and Defaults
- CDP:
- Global: cdp run (enabled), no cdp run (disabled)
- Interface: cdp enable (enabled by default on all interfaces that support CDP)
- Timer: cdp timer seconds (default 60)
- Holdtime: cdp holdtime seconds (default 180)
- Version: cdp version 2 (default)
- LLDP:
- Global: lldp run (disabled), lldp run to enable
- Interface: lldp transmit and lldp receive (both must be enabled for full discovery; default on interface after global enable? Actually, on Cisco switches, LLDP is globally disabled; when enabled, it is enabled on all interfaces by default. But you can disable per interface with no lldp transmit or no lldp receive.)
- Timer: lldp timer seconds (default 30)
- Holdtime multiplier: lldp holdtime multiplier (default 4, so holdtime = 120 sec)
- Reinit delay: lldp reinit seconds (default 2)
IOS CLI Verification Commands with Real Example Output
To verify CDP/LLDP neighbors and status, use the following commands. Below is example output from a Cisco switch.
CDP Commands:
Switch# show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
Router1 Gig 0/1 172 R S I ISR4321 Gig 0/0/0
Switch2 Gig 0/2 152 S I WS-C2960 Gig 0/1Switch# show cdp neighbors detail
-------------------------
Device ID: Router1
Entry address(es):
IP address: 192.168.1.1
Platform: Cisco ISR4321, Capabilities: Router Switch IGMP
Interface: GigabitEthernet0/1, Port ID (outgoing port): GigabitEthernet0/0/0
Holdtime : 172 sec
Version :
Cisco IOS Software, C800 Software (C800-UNIVERSALK9-M), Version 15.7(3)M, RELEASE SOFTWARE (fc2)
...Switch# show cdp interface gigabitEthernet 0/1
GigabitEthernet0/1 is up, line protocol is up
Encapsulation ARPA
Sending CDP packets every 60 seconds
Holdtime is 180 secondsLLDP Commands:
Switch# show lldp neighbors
Capability codes:
(R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device
(W) WLAN Access Point, (P) Repeater, (S) Station, (O) Other
Device ID Local Intf Hold-time Capability Port ID
Router1 Gi0/1 120 R Gi0/0/0
Switch2 Gi0/2 100 B Gi0/1Switch# show lldp neighbors detail
Local Intf: Gi0/1
Chassis id: aaaa.bbbb.cccc
Port id: Gi0/0/0
Port Description: GigabitEthernet0/0/0
System Name: Router1
System Description: Cisco IOS Software, C800 Software (C800-UNIVERSALK9-M), Version 15.7(3)M, RELEASE SOFTWARE (fc2)
Time remaining: 110 seconds
...Switch# show lldp interface gigabitEthernet 0/1
GigabitEthernet0/1:
Tx enabled
Rx enabled
Tx state: IDLE
Rx state: WAIT_FOR_FRAMEHow CDP/LLDP Interact with Related Protocols
CDP and LLDP are foundational for many other features. For example: - Voice VLAN: When a Cisco IP phone is connected to a switch port, CDP or LLDP (with LLDP-MED) can advertise the voice VLAN ID to the phone, allowing the phone to tag its traffic appropriately. - PoE: LLDP-MED (a standard extension of LLDP) allows devices to negotiate power requirements, enabling efficient power allocation. - Topology Discovery: Network management protocols like SNMP can query the CDP/LLDP tables to build a network topology map. - STP and PortFast: CDP can be used to detect if a device is a phone or a switch, influencing STP behavior (e.g., enabling PortFast for access ports).
If CDP/LLDP is not working, these dependent features may fail. For instance, a phone might not receive the voice VLAN ID and thus might not work correctly.
Verify Global CDP/LLDP Status
Start by checking if the protocol is enabled globally on the device. For CDP, use `show cdp` (or `show cdp neighbors` to see if any neighbors are listed). If the output shows 'CDP is not enabled', then CDP is disabled globally. For LLDP, use `show lldp` (or `show lldp neighbors`). If it says 'LLDP is not enabled', then LLDP is disabled globally. To enable CDP globally, use `cdp run` in global configuration mode. For LLDP, use `lldp run`. Remember: CDP is enabled by default on Cisco devices; LLDP is not. So if you're troubleshooting LLDP not being seen, this is the most common cause.
Check Interface CDP/LLDP Status
Even if the protocol is enabled globally, it might be disabled on the specific interface. Use `show cdp interface [interface]` to see if CDP is enabled on that interface. Look for 'Sending CDP packets every 60 seconds'—if you see that, CDP is enabled. If you see 'CDP is not enabled on this interface', then it's disabled. For LLDP, use `show lldp interface [interface]` and look for 'Tx enabled' and 'Rx enabled'. If either is missing, LLDP advertisements are not being sent or received. To enable CDP on an interface, use `cdp enable` (under interface config). For LLDP, use `lldp transmit` and `lldp receive` (both needed for bidirectional discovery).
Verify Layer 1 and Layer 2 Connectivity
CDP and LLDP are Layer 2 protocols, so they require a working Layer 1 connection. Check the interface status with `show interfaces [interface]`. Look for 'up/up' (line protocol is up). If the interface is down/down, the cable is disconnected or the device is powered off. If it's up/down, there could be a Layer 1 issue like a speed/duplex mismatch. Use `show interfaces [interface]` to check speed and duplex settings. A mismatch can cause CDP/LLDP packets to be dropped. Also check if the interface is in a shutdown state (`shutdown` command). Ensure that both devices are using the same VLAN (if the interface is a trunk, CDP/LLDP work on native VLAN; if access, they work on that VLAN).
Inspect for ACLs or VACLs Blocking CDP/LLDP
CDP uses multicast MAC 01-00-0C-CC-CC-CC and LLDP uses 01-80-C2-00-00-0E. If there is an access control list (ACL) applied to the interface (either inbound or outbound) that filters Layer 2 traffic, it could block CDP/LLDP frames. Use `show running-config interface [interface]` to see if any `mac access-group` or `ip access-group` is applied. Also check for VLAN ACLs (VACLs) that might filter traffic on the VLAN. Even if the ACL is intended for IP traffic, a misconfigured ACL could inadvertently drop multicast frames. The fix is to modify the ACL to permit the CDP/LLDP multicast MAC addresses.
Check for Native VLAN Mismatch on Trunks
CDP and LLDP frames are sent untagged (native VLAN) on trunk ports. If the native VLAN is mismatched between the two ends of a trunk, the frames might be dropped or misdelivered. Use `show interfaces trunk` to verify the native VLAN on both sides. They must match. If they don't, CDP/LLDP might not work, and you'll see 'Native VLAN mismatch discovered' in the logs. Configure the same native VLAN on both ends using `switchport trunk native vlan <vlan>`.
Review Logs and Debug for Further Clues
If all above steps fail, enable debugging to see if CDP/LLDP packets are being sent or received. Use `debug cdp packets` (caution: can be CPU-intensive on production networks) or `debug lldp packets`. Then check the logs. For CDP, you might see 'CDP-PA: version 2 packet sent out ...' or 'CDP-PA: packet received from ...'. If you see packets being sent but none received, the problem is on the neighbor side. If you see packets received but `show cdp neighbors` shows nothing, the holdtime might have expired (check timers). Also check for any 'CDP-4-DUPLEX_MISMATCH' errors. Remember to turn off debugging with `undebug all`.
In a large enterprise campus network, CDP and LLDP are essential for automatic discovery and VoIP integration. Consider a scenario where you have hundreds of Cisco IP phones connected to Catalyst switches. Each phone uses CDP (or LLDP-MED) to learn the voice VLAN ID from the switch port. If CDP stops working on a particular port, the phone may fail to get the voice VLAN, resulting in the phone being stuck on the native VLAN and unable to communicate with the call manager. The network engineer would first check global CDP status, then interface status, and often find that the port is in a 'errdisable' state due to a spanning-tree BPDU guard violation, which also disables CDP. Resolving the errdisable state and ensuring CDP is re-enabled (by default, it comes back when the port comes up) fixes the issue.
Another common scenario is during network migrations. When replacing a Cisco switch with a non-Cisco device, LLDP must be enabled on the Cisco switch to discover the new neighbor. If LLDP is not enabled globally, the engineer will see no LLDP neighbors. After enabling lldp run, the neighbors appear within 30 seconds. However, if the engineer forgets to enable lldp transmit and lldp receive on the specific interfaces (on some platforms, global enable does not automatically enable per interface), the discovery may still fail.
A third scenario involves security hardening. Some organizations disable CDP globally because of security concerns (information leakage). But then features like VoIP and topology mapping break. Engineers must then rely on LLDP (which can be enabled selectively) or manually configure voice VLANs. This trade-off is common in high-security environments. Misconfiguration here means either a security hole or a non-functional phone system.
Scalability: CDP and LLDP are lightweight, but in very large networks with thousands of devices, the periodic advertisements can consume bandwidth. Typically, the overhead is negligible (a few bytes per second per interface). However, if timers are set too low (e.g., CDP timer 5 seconds), the CPU load can increase. Default timers are safe for most networks.
The CCNA 200-301 exam objective 2.6 specifically tests your ability to 'Troubleshoot: CDP/LLDP not seen'. This means you must be able to identify why a device does not appear in the output of show cdp neighbors or show lldp neighbors. The exam will present scenario-based questions, often with a topology diagram and partial outputs.
Common Wrong Answers and Why Candidates Choose Them: 1. 'The neighbor device is not running CDP/LLDP' – While this is a possible cause, candidates often jump to this without checking the local device first. The exam expects you to verify local configuration first (global and interface). 2. 'The interface is in a different VLAN' – CDP/LLDP work across VLANs? Actually, they are Layer 2 and work within the same broadcast domain. If the two devices are on different VLANs (without a router), they cannot communicate at Layer 2, so CDP/LLDP won't work. But candidates often think VLAN mismatch only affects trunk native VLAN, not access ports. 3. 'CDP/LLDP is disabled globally' – This is a correct cause, but candidates sometimes forget that LLDP is disabled by default on Cisco devices. They might assume it's enabled. 4. 'The cable is faulty' – This is a Layer 1 issue, but candidates often overlook the interface status check.
Specific Values and Commands to Memorize:
- CDP default timer: 60 seconds, holdtime: 180 seconds.
- LLDP default timer: 30 seconds, holdtime multiplier: 4 (so holdtime 120 seconds).
- CDP multicast MAC: 01-00-0C-CC-CC-CC.
- LLDP multicast MAC: 01-80-C2-00-00-0E.
- Commands: show cdp neighbors, show cdp neighbors detail, show cdp interface, show cdp, show lldp neighbors, show lldp neighbors detail, show lldp interface, show lldp.
Decision Rule for Scenario Questions: When asked why a device is not seen, follow this order: 1. Check if the protocol is globally enabled on both devices. 2. Check if the protocol is enabled on the specific interfaces. 3. Check interface status (up/up). 4. Check for ACLs or VACLs. 5. Check for native VLAN mismatch on trunks. 6. Consider duplex mismatch or other Layer 1 issues.
The exam often gives you a show cdp neighbors output that is empty, and you must select the most likely cause from a list.
CDP is Cisco proprietary and enabled by default; LLDP is IEEE standard and disabled by default on Cisco devices.
CDP default timer: 60 seconds; holdtime: 180 seconds.
LLDP default timer: 30 seconds; holdtime multiplier: 4 (holdtime 120 seconds).
CDP uses multicast MAC 01-00-0C-CC-CC-CC; LLDP uses 01-80-C2-00-00-0E.
To enable CDP globally: `cdp run`; to disable: `no cdp run`.
To enable LLDP globally: `lldp run`; to disable: `no lldp run`.
Interface-level CDP: `cdp enable`; LLDP: `lldp transmit` and `lldp receive`.
Always verify interface status (up/up) and check for ACLs or native VLAN mismatch.
Common exam trap: assuming LLDP is enabled by default; it is not.
CDP/LLDP frames are untagged on trunk ports; native VLAN mismatch can block them.
These come up on the exam all the time. Here's how to tell them apart.
CDP
Cisco proprietary
Enabled by default on Cisco devices
Multicast MAC: 01-00-0C-CC-CC-CC
Default timer: 60 seconds
Default holdtime: 180 seconds
Interface command: `cdp enable`
LLDP
IEEE 802.1AB standard
Disabled by default on Cisco devices
Multicast MAC: 01-80-C2-00-00-0E
Default timer: 30 seconds
Default holdtime: 120 seconds (timer * multiplier)
Interface commands: `lldp transmit` and `lldp receive`
Mistake
CDP and LLDP are the same protocol and can be used interchangeably.
Correct
CDP is Cisco proprietary; LLDP is IEEE 802.1AB standard. They are not compatible. A Cisco device using CDP cannot discover a non-Cisco device that only uses LLDP, and vice versa.
Candidates often think 'discovery protocol' is one thing, but the exam tests the difference.
Mistake
If CDP is enabled globally, it automatically works on all interfaces.
Correct
On most Cisco platforms, CDP is enabled globally and on all interfaces by default. However, you can disable it on individual interfaces with `no cdp enable`. So it's possible to have global enabled but interface disabled.
Candidates forget that interface-level configuration overrides global.
Mistake
LLDP is enabled by default on Cisco switches.
Correct
LLDP is disabled by default on Cisco IOS devices. You must explicitly enable it with `lldp run`.
Candidates confuse CDP (enabled by default) with LLDP (disabled by default).
Mistake
CDP/LLDP only works on Ethernet interfaces.
Correct
CDP works on many interface types including serial, ATM, and Frame Relay (though less common now). LLDP is defined for IEEE 802 LANs but can be used on other media. For CCNA, focus on Ethernet.
Candidates may think it's Ethernet-only because that's what they see in labs.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
To enable CDP on a specific interface, enter interface configuration mode and use the `cdp enable` command. For example: `interface gigabitEthernet 0/1` then `cdp enable`. To disable it, use `no cdp enable`. Note that CDP is enabled by default on all interfaces that support it, so you only need this if it was previously disabled.
After enabling LLDP globally with `lldp run`, you must also ensure that LLDP is enabled on the specific interfaces. On most Cisco platforms, global enable automatically enables LLDP on all interfaces, but you can verify with `show lldp interface`. If an interface shows 'Tx enabled' and 'Rx enabled', it's working. Also check that the neighbor device supports LLDP and has it enabled. Finally, verify Layer 1 connectivity and that the interface is up/up.
CDP sends advertisements every 60 seconds by default, and the holdtime is 180 seconds (three times the timer). LLDP sends advertisements every 30 seconds by default, and the holdtime is calculated as timer * multiplier (default multiplier is 4, so holdtime = 120 seconds). You can change both timers with the `cdp timer`/`cdp holdtime` and `lldp timer`/`lldp holdtime` commands.
Yes, CDP and LLDP can coexist on the same interface. They are independent protocols. A device can run both simultaneously, sending and receiving both types of advertisements. This is common in multi-vendor environments where some neighbors use CDP and others use LLDP.
No, switches do not forward CDP or LLDP frames. These frames are sent to a specific multicast MAC address that is not forwarded by a switch (unless configured to do so, but by default they are consumed by the directly connected device). This is why CDP/LLDP only discovers directly connected neighbors.
This error message indicates that the duplex settings on the two ends of a link do not match. For example, one side is set to full duplex and the other to half duplex. This can cause packet loss and performance issues, and it can also prevent CDP from working properly. To fix, configure both sides to the same duplex setting, preferably using auto-negotiation.
Use the `show cdp neighbors detail` command. This displays extensive information about each neighbor, including IP address, platform, IOS version, interface, and holdtime. For LLDP, use `show lldp neighbors detail`.
You've just covered Troubleshoot: CDP/LLDP Not Seen — now see how well it sticks with free CCNA 200-301 practice questions. Full explanations included, no account needed.
Done with this chapter?