The Cisco Discovery Protocol (CDP) is tremendously helpful when configuring a wide variety of Cisco equipment. It allows you to see what the adjacent routers or switches are, as well as their configured protocols and addresses.
CDP is enabled by default on most available interfaces. (There are a few exceptions, such as ATM interfaces.) This protocol automatically detects neighbor Cisco devices that are directly connected. The following command enables CDP globally:
To disable CDP, use the no form of the command:
no cdp run
You can disable CDP on particular interfaces by using the no cdp enable command in interface configuration mode.
CDP can display useful information about other routers or switches that are directly connected:
Router>show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP Device ID Local Intrfce Holdtme Capability Platform Port ID switch1 Eth 0 162 T S 1900 AUI router2 Eth 0 176 R 4000 Eth 0
To learn even more about your neighbor device, use the command show cdp neighbors detail, which will give you much more information, such as the IP addresses of the interfaces.
Disable CDP on any router that is directly connected to the Internet or to another site that you don't trust (e.g., a customer site). CDP can be considered a security risk because it provides information to outside devices. It doesn't provide much information, but there's no reason to give any information to potential intruders.