On 1/15/05 1:45 PM, "Gert Doering" <ge...@greenie.muc.de> wrote:
Hi,
On Sat, Jan 15, 2005 at 01:26:03PM -0800, Michael K. Smith wrote:
In a network with a lot of customer facing ports I find it is a bit too
chatty about topology.
So what are you customers going to do with the information "I'm connected
to a switch named $foo, on a port named 3/17, and the switch's IP address
is $bar"?
While I value security, the urge to switch off CDP is something I've never
fully understood - it's quite useful (think "customer has a box with two
serial ports and has hooked up the wrong one to his T1") in troubleshooting.
There are IOS releases with CDP bugs, of course, and you don't want to
run these with CDP enabled.
gert
I agree, it is certainly a matter of degrees of paranoia. It's just another
one of those automatic information technologies we've decided against
running because it releases information that may or may not be outside of
our obfuscation model. :-)
CDP bugs are not to be overlooked either, as you say. Rather than worry
about it, it's just easier to turn off. If CDP were able to tell me that a
customer had crossed their T-1's, what would my high-powered Electrical
Engineer have to do with his time?
Mike
31 messages in net.nether.puck.cisco-nsp[c-nsp] Deferred packets on 2950 10/f...
