NetFlow enables you to gather more statistical information than RMON with fewer resources. It provides greater detail on the collected data, with date- and timestamping. NetFlow has greater scalability and does not require network probes. NetFlow reports on traffic statistics and is push based, whereas SNMP reports primarily on device statistics and is pull based.
NetFlow can be configured on individual Layer 3 interfaces on routers and Layer 3 switches. NetFlow provides detailed information on the following:
- Source and destination IP addresses
- Source and destination interface identifiers
- TCP/UDP source and destination port numbers
- Number of bytes and packets per flow
- Source and destination autonomous system numbers
- IP type of service (ToS)
CDP
Cisco Discovery Protocol (CDP) is a Cisco-proprietary protocol that can be used to discover only Cisco network devices. CDP is media and protocol independent, so it works over Ethernet, Frame Relay, ATM, and other media. The requirement is that the media support Subnetwork Access Protocol (SNAP) encapsulation. CDP runs at the data link layer of the OSI model. CDP uses Hello messages; packets are exchanged between neighbors, but CDP information is not forwarded. In addition to routers and switches, Cisco IP Phones and Cisco Unified Communications Manager (CUCM) servers advertise CDP information.
Being protocol and media independent is CDP’s biggest advantage over other network management technologies. CDP provides key information about neighbors, including platforms, capabilities, and IP addresses, which is significant for network discovery. It is useful when SNMP community strings are unknown when performing network discovery.
When displaying CDP neighbors, you can obtain the following information:
- Local interface: The local interface that is connected to the discovered neighbor
- Device ID: The name of the neighbor device and its MAC address or serial number
- Device IP address: The IP address of the neighbor
- Hold time: How long (in seconds) to hold the neighbor information
- Device capabilities: The type of device discovered: router, switch, transparent bridge, host, IGMP, or repeater
- Version: The IOS or switch OS version
- Platform: The router or switch model number
- Port ID: The interface of the neighboring device
Network management devices can obtain CDP information for data gathering. CDP should be disabled on untrusted interfaces, such as those that face the Internet, third-party networks, and other secure networks. CDP works only on Cisco devices.
Note
Disable CDP on interfaces for which you do not want devices to be discovered, such as Internet connections.