Link Layer Discovery Protocol (LLDP) on a Catalyst 3560
By stretch | Monday, October 4, 2010 at 1:27 a.m. UTC
Many network vendors have developed proprietary layer two discovery protocols (e.g. Cisco's CDP, Extreme's EDP, and so on) to help administrators document and troubleshoot physical links. As there is much overlap in the features these protocols provide, an effort was made to develop a standardized protocol in IEEE 802.1AB, dubbed Link Layer Discovery Protocol (LLDP).
Only relatively new switches such as the Catalyst 3560 support LLDP. This article provides a brief look at configuring LLDP on a Catalyst switch and what information can be ascertained from LLDP neighbors.
LLDP is not (at the time of this writing) enabled by default on Cisco Catalyst switches. So, our first step is to enable LLDP globally on the switch.
S1(config)# lldp run
Similar to CDP, we can use the command show lldp
to view basic LLDP statistics, and LLDP neighbors are displayed with the command show lldp neighbors
.
S1# show lldp Global LLDP Information: Status: ACTIVE LLDP advertisements are sent every 30 seconds LLDP hold time advertised is 120 seconds LLDP interface reinitialisation delay is 2 seconds S1# show lldp neighbors Capability codes: (R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device (W) WLAN Access Point, (P) Repeater, (S) Station, (O) Other Device ID Local Intf Hold-time Capability Port ID S2 Fa0/13 120 B Gi0/13 Total entries displayed: 1
As you can see, the format of the LLDP neighbors display is very similar to that of CDP.
S1# show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Intrfce Holdtme Capability Platform Port ID S2 Fas 0/13 142 S I WS-C3560G Gig 0/13
We can obtain more detailed output by appending the detail
command argument.
S1# show lldp neighbors detail Chassis id: 0019.2fa7.b28d Port id: Gi0/13 Port Description: GigabitEthernet0/13 System Name: S2.cisco.com System Description: Cisco IOS Software, C3560 Software (C3560-ADVIPSERVICESK9-M), Version 12.2(44)SE, RELEASE SOFTWARE (fc1) Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Sat 05-Jan-08 00:15 by weiliu Time remaining: 114 seconds System Capabilities: B,R Enabled Capabilities: B Management Addresses - not advertised Auto Negotiation - supported, enabled Physical media capabilities: 10base-T(HD) 10base-T(FD) 100base-TX(HD) 100base-TX(FD) 1000baseT(HD) 1000baseT(FD) Media Attachment Unit type: 16 --------------------------------------------- Total entries displayed: 1
One interesting feature of LLDP on IOS is that it will communicate the description assigned to an interface, if any. Although, it strikes me as odd that the administrative description is shown under port ID rather than port description. It seems like the values of the two attributes should be swapped.
S2(config)# interface g0/13 S2(config-if)# description Uplink to S1
S1# show lldp neighbors detail Chassis id: 0019.2fa7.b28d Port id: Uplink to S1 Port Description: GigabitEthernet0/13 System Name: S2.cisco.com ...
Finally, here's a packet capture of LLDP and CDP across a common link if you're interested in comparing and contrasting the two protocols.
Posted in Switching
Comments
October 4, 2010 at 7:29 a.m. UTC
In Short LLDP is a industry standard version of Cisco's CDP. Very helpful in situations like when you are playing around Non-Cisco IP phone and trying to setup QOS for those.
HTH... Deepak Arora
http://deepakarora1984.blogspot.com/
October 4, 2010 at 7:34 a.m. UTC
I'd be interested to see how this works with equipment from other vendors (Juniper, Extreme, HP etc). Not that I think it won't work, far from it, I just am so used to using CDP to troubleshoot that having a similar protocol for standards is superb.
Now if only I could get my hands on a Cisco which supports LLDP and a Juniper cheap enough....
October 4, 2010 at 9:11 a.m. UTC
Hi, I have also found this command on 2960. Did aynone make any tests, if this one is the same implementation?
thanks
October 4, 2010 at 11:57 a.m. UTC
Dears,
I tested this command on my 3560 but didn't applicable.
B-11thF(config)#lldp ? % Unrecognized command
B-11thF#show version
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 52 WS-C3560G-48PS 12.2(25)SEE3 C3560-IPBASE-M
Regards,
Shahid (Bxperts)
October 4, 2010 at 1:16 p.m. UTC
It would be nice if Cisco would make CDP code open source so that other vendors could incorporate it in their hardware. We tried using a switch here in our Cisco only phone environment and the switch only supported lldp and the phones did not. Apparantly, the phones could have learned their voice vlans easier if they had the capability of lldp, or if the switch could run cdp.
Dano
October 4, 2010 at 5:12 p.m. UTC
Shahid,
According to the cisco feature navigator is available on IOS release 12.2(37)SE for the 3560 platform
October 5, 2010 at 9:23 a.m. UTC
I recently had to look at LLDP, and found it is enabled by default on the 2960 switches:
October 5, 2010 at 4:47 p.m. UTC
Found it supported in in Version 12.2(46)SE. It's running on my 3750G...
October 5, 2010 at 6:32 p.m. UTC
dps218, Cisco offers most of their proprietary protocols to other vendors as a lic. HP used to support CDP. HP switches I purchased 2 years ago started shipping with a warning card that future revs of code would only support LLDP due to no longer licensing the CDP code.
Considering that LLDP was ratified in 2005 this is another case where Cisco (or any other vendor) saw a need for a protocol and created a proprietary one until a standard was created. This is how our industry innovates around protocols.
It is also worth mentioning that there are several CDP compatible OSS projects out there that have reversed CDP for use with other devices.
October 6, 2010 at 6:40 p.m. UTC
Works on my older 3750
Switch Ports Model SW Version SW Image ------ ----- ----- ---------- ---------- * 1 26 WS-C3750-24P 12.2(44)SE1 C3750-ADVIPSERVICESK9-M Configuration register is 0xF SW1#conf t Enter configuration commands, one per line. End with CNTL/Z. SW1(config)#lldp ? holdtime Specify the holdtime (in sec) to be sent in packets reinit Delay (in sec) for LLDP initialization on any interface run Enable LLDP timer Specify the rate at which LLDP packets are sent (in sec) tlv-select Selection of LLDP TLVs to send SW1(config)#lldp run SW1(config)#do sh lldp Global LLDP Information: Status: ACTIVE LLDP advertisements are sent every 30 seconds LLDP hold time advertised is 120 seconds LLDP interface reinitialisation delay is 2 seconds SW1(config)#
October 7, 2010 at 2:56 p.m. UTC
LLDP spoofing
I haven't tried this yet. Back in the old days I used to spoof and generate RIP v1 packets onto the local network so the routers would have routs in their tables that did not really exist.
I did this with CDP, late 90s IOS code, so neighboring routers would see devices that did not exists. It is harder to spoof cdp today but I am curious if LLDP is open enough to get away with an exploit. Oh the fun in the old days.
October 7, 2010 at 2:59 p.m. UTC
The "discovery protocols" CDP LLDP or MS LLTD are great for the admins and troubleshooters to walk their networks and assist in documenting but there is a trend to turn these protocols off for security reasons too.
October 13, 2010 at 1:38 p.m. UTC
Def works on 2960's. HP's see the Cisco 2960 without turning on LLDP on the Cisco, but the 2960 will not see the HP without turning on LLDP. Turn them both on the Cisco (CDP and LLDP)and the HP returns two lines of info per Cisco device; in my experience anyway. Thanks for the great article and site!
June 30, 2014 at 4:51 p.m. UTC
I think I am having a serious stupid moment.
Our shop has several check point firewalls. I cannot seem to figure out how to pass LLDP.
What did I miss or forget?
June 18, 2016 at 10:38 a.m. UTC
Very nice description