Link Layer Discovery Protocol (LLDP) on a Catalyst 3560

By stretch | Monday, October 4, 2010 at 1:27 a.m. UTC

Many network vendors have developed proprietary layer two discovery protocols (e.g. Cisco's CDP, Extreme's EDP, and so on) to help administrators document and troubleshoot physical links. As there is much overlap in the features these protocols provide, an effort was made to develop a standardized protocol in IEEE 802.1AB, dubbed Link Layer Discovery Protocol (LLDP).

Only relatively new switches such as the Catalyst 3560 support LLDP. This article provides a brief look at configuring LLDP on a Catalyst switch and what information can be ascertained from LLDP neighbors.

LLDP is not (at the time of this writing) enabled by default on Cisco Catalyst switches. So, our first step is to enable LLDP globally on the switch.

S1(config)# lldp run

Similar to CDP, we can use the command show lldp to view basic LLDP statistics, and LLDP neighbors are displayed with the command show lldp neighbors.

S1# show lldp

Global LLDP Information:
    Status: ACTIVE
    LLDP advertisements are sent every 30 seconds
    LLDP hold time advertised is 120 seconds
    LLDP interface reinitialisation delay is 2 seconds

S1# show lldp neighbors

Capability codes:
    (R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device
    (W) WLAN Access Point, (P) Repeater, (S) Station, (O) Other

Device ID           Local Intf     Hold-time  Capability      Port ID
S2                  Fa0/13         120        B               Gi0/13

Total entries displayed: 1

As you can see, the format of the LLDP neighbors display is very similar to that of CDP.

S1# show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
S2               Fas 0/13          142           S I      WS-C3560G Gig 0/13

We can obtain more detailed output by appending the detail command argument.

S1# show lldp neighbors detail

Chassis id: 0019.2fa7.b28d
Port id: Gi0/13
Port Description: GigabitEthernet0/13
System Name: S2.cisco.com

System Description: 
Cisco IOS Software, C3560 Software (C3560-ADVIPSERVICESK9-M), Version 12.2(44)SE, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Sat 05-Jan-08 00:15 by weiliu

Time remaining: 114 seconds
System Capabilities: B,R
Enabled Capabilities: B
Management Addresses - not advertised
Auto Negotiation - supported, enabled
Physical media capabilities:
    10base-T(HD)
    10base-T(FD)
    100base-TX(HD)
    100base-TX(FD)
    1000baseT(HD)
    1000baseT(FD)
Media Attachment Unit type: 16
---------------------------------------------

Total entries displayed: 1

One interesting feature of LLDP on IOS is that it will communicate the description assigned to an interface, if any. Although, it strikes me as odd that the administrative description is shown under port ID rather than port description. It seems like the values of the two attributes should be swapped.

S2(config)# interface g0/13
S2(config-if)# description Uplink to S1
S1# show lldp neighbors detail

Chassis id: 0019.2fa7.b28d
Port id: Uplink to S1
Port Description: GigabitEthernet0/13
System Name: S2.cisco.com
...

Finally, here's a packet capture of LLDP and CDP across a common link if you're interested in comparing and contrasting the two protocols.

About the Author

Jeremy Stretch is a network engineer living in the Raleigh-Durham, North Carolina area. He is known for his blog and cheat sheets here at Packet Life. You can reach him by email or follow him on Twitter.

Posted in Switching

Comments


deepakarora1984
October 4, 2010 at 7:29 a.m. UTC

In Short LLDP is a industry standard version of Cisco's CDP. Very helpful in situations like when you are playing around Non-Cisco IP phone and trying to setup QOS for those.

HTH... Deepak Arora

http://deepakarora1984.blogspot.com/


stuh84
October 4, 2010 at 7:34 a.m. UTC

I'd be interested to see how this works with equipment from other vendors (Juniper, Extreme, HP etc). Not that I think it won't work, far from it, I just am so used to using CDP to troubleshoot that having a similar protocol for standards is superb.

Now if only I could get my hands on a Cisco which supports LLDP and a Juniper cheap enough....


sonic (guest)
October 4, 2010 at 9:11 a.m. UTC

Hi, I have also found this command on 2960. Did aynone make any tests, if this one is the same implementation?

thanks


bxperts
October 4, 2010 at 11:57 a.m. UTC

Dears,

I tested this command on my 3560 but didn't applicable.

B-11thF(config)#lldp ? % Unrecognized command

B-11thF#show version

Switch Ports Model SW Version SW Image

  • 1 52 WS-C3560G-48PS 12.2(25)SEE3 C3560-IPBASE-M

Regards,

Shahid (Bxperts)


dps218
October 4, 2010 at 1:16 p.m. UTC

It would be nice if Cisco would make CDP code open source so that other vendors could incorporate it in their hardware. We tried using a switch here in our Cisco only phone environment and the switch only supported lldp and the phones did not. Apparantly, the phones could have learned their voice vlans easier if they had the capability of lldp, or if the switch could run cdp.

Dano


J (guest)
October 4, 2010 at 5:12 p.m. UTC

Shahid,

According to the cisco feature navigator is available on IOS release 12.2(37)SE for the 3560 platform


Nick (guest)
October 5, 2010 at 9:23 a.m. UTC

I recently had to look at LLDP, and found it is enabled by default on the 2960 switches:

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_37_se/configuration/guide/swlldp.html#wp1066710


tearl42
October 5, 2010 at 4:47 p.m. UTC

Found it supported in in Version 12.2(46)SE. It's running on my 3750G...


joshobrien77
October 5, 2010 at 6:32 p.m. UTC

dps218, Cisco offers most of their proprietary protocols to other vendors as a lic. HP used to support CDP. HP switches I purchased 2 years ago started shipping with a warning card that future revs of code would only support LLDP due to no longer licensing the CDP code.

Considering that LLDP was ratified in 2005 this is another case where Cisco (or any other vendor) saw a need for a protocol and created a proprietary one until a standard was created. This is how our industry innovates around protocols.

It is also worth mentioning that there are several CDP compatible OSS projects out there that have reversed CDP for use with other devices.


jsicuran
October 6, 2010 at 6:40 p.m. UTC

Works on my older 3750

Switch Ports Model              SW Version            SW Image
------ ----- -----              ----------            ----------
*    1 26    WS-C3750-24P       12.2(44)SE1           C3750-ADVIPSERVICESK9-M

Configuration register is 0xF

SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#lldp ?
  holdtime    Specify the holdtime (in sec) to be sent in packets
  reinit      Delay (in sec) for LLDP initialization on any interface
  run         Enable LLDP
  timer       Specify the rate at which LLDP packets are sent (in sec)
  tlv-select  Selection of LLDP TLVs to send

SW1(config)#lldp run

SW1(config)#do sh lldp

Global LLDP Information:
    Status: ACTIVE
    LLDP advertisements are sent every 30 seconds
    LLDP hold time advertised is 120 seconds
    LLDP interface reinitialisation delay is 2 seconds
SW1(config)#

jsicuran
October 7, 2010 at 2:56 p.m. UTC

LLDP spoofing

I haven't tried this yet. Back in the old days I used to spoof and generate RIP v1 packets onto the local network so the routers would have routs in their tables that did not really exist.

I did this with CDP, late 90s IOS code, so neighboring routers would see devices that did not exists. It is harder to spoof cdp today but I am curious if LLDP is open enough to get away with an exploit. Oh the fun in the old days.


jsicuran
October 7, 2010 at 2:59 p.m. UTC

The "discovery protocols" CDP LLDP or MS LLTD are great for the admins and troubleshooters to walk their networks and assist in documenting but there is a trend to turn these protocols off for security reasons too.


TursoSouth
October 13, 2010 at 1:38 p.m. UTC

Def works on 2960's. HP's see the Cisco 2960 without turning on LLDP on the Cisco, but the 2960 will not see the HP without turning on LLDP. Turn them both on the Cisco (CDP and LLDP)and the HP returns two lines of info per Cisco device; in my experience anyway. Thanks for the great article and site!


Michael T Binturong (guest)
June 30, 2014 at 4:51 p.m. UTC

I think I am having a serious stupid moment.

Our shop has several check point firewalls. I cannot seem to figure out how to pass LLDP.

What did I miss or forget?


AJ (guest)
June 18, 2016 at 10:38 a.m. UTC

Very nice description

Comments have closed for this article due to its age.