The Cisco Discovery Protocol (CDP) is tremendously helpful when configuring a wide variety of Cisco equipment. It allows you to see what the adjacent routers or switches are, as well as their configured protocols and addresses.

CDP is enabled by default on most available interfaces. (There are a few exceptions, such as ATM interfaces.) This protocol automatically detects neighbor Cisco devices that are directly connected. The following command enables CDP globally:

cdp run

To disable CDP, use the no form of the command:

no cdp run

You can disable CDP on particular interfaces by using the no cdp enable command in interface configuration mode.

CDP can display useful information about other routers or switches that are directly connected:

Router>show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
switch1             Eth 0          162         T S        1900      AUI
router2             Eth 0          176          R         4000      Eth 0

Disable CDP on any router that is directly connected to the Internet or to another site that you don’t trust (e.g., a customer site). CDP can be considered a security risk because it provides information to outside devices. It doesn’t provide much information, but there’s no reason to give any information away to potential intruders.