LLDPD(8) | System Manager's Manual | LLDPD(8) |
lldpd
— LLDP
daemon
lldpd |
[-dxcseiklrv ] [-D
debug] [-p
pidfile] [-S
description] [-P
platform] [-X
socket] [-m
management] [-u
file] [-I
interfaces] [-C
interfaces] [-M
class] [-H
hide] [-L
lldpcli] [-O
configfile] |
lldpd
is a daemon able to receive and send
LLDP
frames. The Link Layer Discovery Protocol is a vendor-neutral Layer 2
protocol that allows a network device to advertise its identity and
capabilities on the local network.
lldpd
also implements an SNMP subagent
using AgentX protocol to interface to a regular SNMP agent like Net-SNMP. To
enable this subagent, you need something like that in your
snmpd.conf(5):
master agentx
This daemon implements both reception and sending. It will collect various information to send LLDP frames to all Ethernet interfaces, including management address, speed and VLAN names.
The options are as follows:
-d
lldpd
will run in the foreground. When specified
one more time, lldpd
will not log to syslog but
only to stderr. Then, this option can be specified many times to increase
verbosity. When specified four times, debug logs will be enabled. They can
be filtered with -D
flag.-D
debug-d
flag to have some effect. Only debugging logs
can be filtered. Here is a list of allowed tokens with their description:
-p
pidfilelldpd
PID
instead of /var/run/lldpd.pid.-k
-S
description-k
flag described above).-P
platform-x
lldpd
will
enable an SNMP subagent using AgentX protocol. This allows you to get
information about local system and remote systems through SNMP.-X
socketlldpd
will enable an SNMP subagent using AgentX
protocol for the given socket. This option implies the previous one. The
default socket is usually
/var/agentx/master.
You can specify a socket like
tcp:127.0.0.1:705
for example. Since the process that will open this socket is enclosed in a
chroot, you need to specify an IP address (not a hostname) when using a
TCP or UDP socket.-c
-cccc
), CDPv1 will be disabled and CDPv2 will be
enabled. If repeated once again (i.e. -ccccc
),
CDPv1 will be disabled and CDPv2 will be forced.-f
-s
-e
-l
-r
lldpd
will
not send any frame. It will only listen to neighbors.-m
management-u
file-I
interfaceslldpd
will use all available physical interfaces.
This option can use wildcards. Several interfaces can be specified
separated by commas. It is also possible to blacklist an interface by
suffixing it with an exclamation mark. It is possible to whitelist an
interface by suffixing it with two exclamation marks. A whitelisted
interface beats a blacklisted interface which beats a simple matched
interface. For example, with
eth*,!eth1,!eth2
lldpd
will only use interfaces starting by
eth with the exception of eth1 and
eth2.
While with
*,!eth*,!!eth1
lldpd
will use all interfaces, except interfaces
starting by eth with the exception of
eth1. When an exact match is found, it will circumvent
some tests. For example, if
eth0.12
is specified, it will be accepted even if this is a VLAN interface.-C
interfaceslldpd
will
take the first MAC address from all the considered interfaces to compute
the chassis ID. The logic of this option is the same as for
-I
flag: you can exclude interfaces with an
exclamation mark and use globbing to specify several interfaces. If all
interfaces are blacklisted (with
!*), the
system name is used as a chassis ID instead.-M
class-i
lldpd
will still receive (and publish using SNMP if enabled) those LLDP-MED TLV
but will not send them. Use this option if you don't want to transmit
sensible information like serial numbers.-H
hide-L
lldpclilldpcli
for
configuration. If empty, does not use lldpcli
for
configuration.-O
configfilelldpcli
at start. If a directory is provided, each
file contained in it will be read if ending by
.conf.
Order is alphabetical.-v
lldpd
version. When repeated, show more build
information.In a heterogeneous network, you may see several different hosts on
the same port, even if there is only one physically plugged to this port.
For example, if you have a Nortel switch running LLDP which is plugged to a
Cisco switch running CDP and your host is plugged to the Cisco switch, you
will see the Nortel switch as well because LLDP frames are forwarded by the
Cisco switch. This may not be what you want. The -H
hide parameter will allow you to tell
lldpd
to discard some frames that it receives and to
avoid to send some other frames.
Incoming filtering and outgoing filtering are unrelated. Incoming
filtering will hide some remote ports to get you a chance to know exactly
what equipment is on the other side of the network cable. Outgoing filtering
will avoid to use some protocols to avoid flooding your network with a
protocol that is not handled by the nearest equipment. Keep in mind that
even without filtering, lldpd
will speak protocols
for which at least one frame has been received and LLDP otherwise (there are
other options to change this behaviour, for example
-cc
, -ss
,
-ee
, -ll
and
-ff
).
When enabling incoming filtering, lldpd
will try to select one protocol and filter out neighbors using other
protocols. To select this protocol, the rule is to take the less used
protocol. If on one port, you get 12 CDP neighbors and 1 LLDP neighbor, this
mean that the remote switch speaks LLDP and does not filter CDP. Therefore,
we select LLDP. When enabling outgoing filtering,
lldpd
will also try to select one protocol and only
speaks this protocol. The filtering is done per port. Each port may select a
different protocol.
There are two additional criteria when enabling filtering:
allowing one or several protocols to be selected (in case of a tie) and
allowing one or several neighbors to be selected. Even when allowing several
protocols, the rule of selecting the protocols with the less neighbors still
apply. If lldpd
selects LLDP and CDP, this means
they have the same number of neighbors. The selection of the neighbor is
random. Incoming filtering will select a set of neighbors to be displayed
while outgoing filtering will use the selected set of neighbors to decide
which protocols to use: if a selected neighbor speaks LLDP and another one
CDP, lldpd
will speak both CDP and LLDP on this
port.
There are some corner cases. A typical example is a switch speaking two protocols (CDP and LLDP for example). You want to get the information from the best protocol but you want to speak both protocols because some tools use the CDP table and some other the LLDP table.
The table below summarize all accepted values for the
-H
hide parameter. The default
value is 15 which corresponds to the corner case described
above. The filter column means that filtering is enabled.
The 1proto column tells that only one protocol will be
kept. The 1neigh column tells that only one neighbor will
be kept.
incoming | outgoing | |||||
filter | 1proto | 1neigh | filter | 1proto | 1neigh | |
0 | ||||||
1 | x | x | x | x | ||
2 | x | x | ||||
3 | x | x | ||||
4 | x | x | ||||
5 | x | |||||
6 | x | |||||
7 | x | x | x | x | x | |
8 | x | x | x | |||
9 | x | x | x | x | ||
10 | x | x | ||||
11 | x | x | ||||
12 | x | x | x | x | ||
13 | x | x | x | |||
14 | x | x | x | x | ||
15 | x | x | x | |||
16 | x | x | x | x | x | |
17 | x | x | x | x | ||
18 | x | x | x | |||
19 | x | x | x |
lldpd
. Commands in this
files are executed by lldpcli(8) at start.The lldpd
program is inspired from a
preliminary work of Reyk Floeter.
The lldpd
program was written by
Pierre-Yves Ritschard
⟨pyr@openbsd.org⟩, and Vincent Bernat
⟨bernat@luffy.cx⟩.
August 21, 2008 | Debian |