Fujitsu BX600 SB9 manual Cisco Discovery Protocol, Configuration of CDP, Check the configuration

Page 46

White Paper Issue: October 2006 Integration of BX600 SB9 Switches in Cisco Networks

Page 46 / 47

View the passed authentications

4.5Cisco Discovery Protocol

4.5.1 Introduction

The Cisco Discovery Protocol (CDP) is intended to provide a way of finding out about the physical cabling of a switch environment. It is often implemented in data center networks to give the administrator additional help with troubleshooting and documentation.

In some situations CDP will be a security issue, since it would also give a hacker interesting information about the network.

4.5.2 Recommended Solution

In normal solutions CDP will not represent a security risk. In high security areas or hosted environments, the administrator may decide to disable CDP. In this case we recommend you to disable CDP at the access ports to the server.

4.5.3 Configuration of CDP

The following steps are necessary to disable CDP at the access ports.

Step 1: Configure the SB9

Step 2: Check the configuration

Step 1: Configure the SB9

!SB9 CDP configuration

!Disable CDP

interface range 0/1 - 0/10 no cdp run

!

Step 2: Check the configuration

(bx6-sb9-a) #show cdp

 

Global CDP information

Enable

CDP Admin mode

CDP Hold Time (sec)

180

CDP Transmit Interval (sec)

60

Port

CDP

 

0/1------

-------

 

Disable

 

0/2

Disable

 

0/3

Disable

 

0/4

Disable

 

0/5

Disable

 

0/6

Disable

 

0/7

Disable

 

0/8

Disable

 

0/9

Disable

 

0/10

Disable

 

Page 45 Page 47
Image 46
Page 45 Page 47
Contents Basic Multicast Services Contents Introduction Switch ConnectivitySwitch Management Page Introduction Configuration Recommended SolutionAuto Negotiation Network problems Port AggregationSet up the port-channel Shut down the affected ports to avoid loopsBring up the affected ports Verify the operation of the port-channelsVlan Trunk between SB9 and Cisco Switch VLANs and TrunksConfigure Vlan trunk Configure the port-channelsDefine the VLANs Verify the Vlan trunk GvrpSpanning Tree Protocol Running ST P 802.1D with PVST+ on Vlan TrunksSB9 Running PVST+ on Vlan Trunks while disabling STP at the SB9Combining RAPID-PVST and 802.1w Rapid Spanning TreeCombining RAPID-PVST and 802.1w after failure of Po1 Configure the switches SB9 SwitchConfiguration with Vlan Trunks Network loopsPage Page Verify the configuration STPPage Configuration example Rstp without Vlan trunks Configuration without Vlan TrunksPage Mode Type State Role Enabled Forwarding Designated Disabled Enabled Disabled PC Mbr Manual forwarding Interface Access Port and NIC Configuration BX600 port mappingTypical access port configuration Configure the access ports of the switchesConfigure the Broadcom NIC Page Configure the Intel Adapter Page Select Switch Fault Tolerance and press Next Press Finish Configure a Link State Group Link StateEnable multicast routing and Igmp at the layer 3 switch Recommended solutionConfiguration Enable Igmp snooping at all Layer 2 switchesVlan Page Configure the SB9 for broadcast Sntp Configuration of syslog and SntpConfigure the SB9 for unicast Sntp Configure the SB9 for logging and syslogTest the configuration Configure SNMPv3 authentication Configuration of SnmpConfigure Snmp for SNMPv1 and SNMPv2c SnmpConfigure the SB9 Remote Console AccessConfiguration of SSH Test the loginIntegration into Radius and TACACS+ Configuration of RadiusPrepare the ACS Page Specify the user’s password and press Submit Test the login Configuration of Tacacs Page Configure the SB9 Check the configuration Configuration of CDPCisco Discovery Protocol Port Monitoring Configuration of Port MonitoringFurther information in the Internet
Top Page Image Contents