How to use the CDP feature on VMware vSwitches with HP Procurve physical switches.
In this blog post we looked at the new support for vendor neutral discovery protocol LLDP in vSphere 5. Unfortunately LLDP is only available on the Distributed Virtal Switches and not for ordinary vSwitch.
However, for a long time we had CDP (Cisco Discovery Protocol) in the vSwitches, but as the name implies is a Cisco proprietary method. If running Cisco devices this is no problem, but for example HP Procurve has no full support for CDP. This means that they cannot send any CDP data, but is actually allowed to read CDP sent to them. By enabling CDP in the virtual vSwitches we could help the network administrators a lot and will ease both setup and later troubleshooting.
Enabling CDP is not hard, but must be done from the command line. Access each host through local ESXi Shell or SSH and make a note of the names of all vSwitches by running:
esxcfg-vswitch -l | grep vSwitch
This creates an easy-to-read list of the vSwitches. Now use the -B parameter to turn on CDP in both listen and send mode:
esxcfg-vswitch vSwitch0 -B both
Attach the name of the vSwitch (note that the name is case sensitive). The command returns no feedback if successful, so no news is good news.
You could use lowercase -b to see the actual CDP state of the vSwitch. Default is to only listen, but not send. If having HP switches this default means no information will be sent in any direction, but the -B will enable CDP frames to travel from the virtual switches to the physical network.
This must be done once on all vSwitches on all hosts. Some seconds later the vSwitches will start sending CDP discovery messages to the physical switches and even on systems like HP Procurve without full CDP this information could still be viewed.
The same command could be used to discover both LLDP and CDP neighbors:
show lldp info remote-device
(Could also be abbreviated to “sh lldp i r“)
We can see that the physical switch now have a very good visibility into the virtual environment. Note on the output above that two ESXi hosts are connected to the switch and that the host names and VMNIC number are very clearly displayed together with the local switch ports.
This means that vSwitch CDP is very useful on sites with either Cisco or HP switches and is a good practice to enable on all vSwitches.
Using the esxcli command name space the same thing can be set by typing:
“esxcli network vswitch standard set -c both -v vSwitch0”
/Rubeck
Thanks for the tip, Kim. This seems to be new since vSphere 4.1 and I guess this is a step against the goal of removing most of the esxcfg-* commands and moving the functionality into esxcli.
Maybe it is good to mention, that CDP can be disabled globally or per port. So if you only use CDP to discover all devices, you could miss some. At least, that’s what happened to me a while ago. I forgot some switches, because CDP was disabled on the uplink ports. CDP is propriatery to Cisco, just like Extreme Discovery Protocol is propriatery to Extreme Networks and Nortel Discovery Protocol to Nortel components. A vendor-neutral protocol is LLDP (Link Layer Discovery Protocol)
We are mostly Procurve and I’ve used this functionality in the past for years. It appears to be broken on ESXi 5.5, I can’t see my vmnics.
Has anyone else noticed this?
Hello Todd,
thanks for your interesting comment. I am doing an 5.5 installation at a customer site this week with HP switches and will verify the functionality of CDP send with HP.
Regards, Rickard
Checked today: At least with ESXi 5.5 and HP 2530 switches the CDP send messages from the VMware hosts worked just as expected. What specific switch are you using Todd?