LLDP
1. Introduction to LLDP
🔍 What is LLDP?
Imagine you’re working in a network with devices from multiple vendors, and you need to identify the topology but don’t have a detailed diagram. This is where LLDP (Link Layer Discovery Protocol) becomes your best ally! Unlike CDP (Cisco Discovery Protocol), which is proprietary to Cisco, LLDP is an open-standard protocol that allows devices from different manufacturers to exchange information seamlessly.
LLDP operates at Layer 2 (Data Link Layer) of the OSI model. It helps network devices share details about their identity, capabilities, and connectivity. This makes it an essential tool for mapping, monitoring, and troubleshooting networks.
For example, using LLDP, a Cisco router can discover an HP switch or an Avaya IP phone as a neighbor, allowing for improved interoperability in multi-vendor environments.
🔍 Why Use LLDP?
Here’s why LLDP is valuable in any network:
✅ Vendor-Neutral Discovery: Ideal for networks with devices from multiple manufacturers where CDP is not supported.
✅ Efficient Network Mapping: Helps create an accurate network topology, reducing manual effort.
✅ Simplified Troubleshooting: Provides detailed neighbor information, including device name, IP address, and interface details.
✅ Enhanced Security Monitoring: Allows verification of device connections and ensures correct configurations.
📢 A quick comparison:
- CDP: Cisco-specific and works only with Cisco devices.
- LLDP: An industry-standard protocol that works with various vendors!
2. How LLDP Works
🔍 LLDP Operation
You might wonder, how does LLDP share so much useful information?
LLDP relies on LLDP Data Units (LLDPDUs), which are sent periodically over active interfaces. These LLDPDUs contain crucial details, including:
- Device ID: The hostname of the device.
- Port ID: The interface sending the LLDPDU.
- System Capabilities: The role of the device (router, switch, IP phone, etc.).
- Management Address: If configured, this provides a management access point.
Neighboring devices collect and store this information in their LLDP tables. You can retrieve this data using commands like:
✅ This allows administrators to easily verify and understand network connections.
🔍 LLDP Timers
LLDP manages advertisements and neighbor information using specific timers:
✅ Timers in LLDP:
- Transmission Timer: Defines how often LLDPDUs are sent. The default value is 30 seconds.
- Hold Timer: Specifies how long neighbor information is retained after the last received update. The default is 120 seconds.
These timers help maintain an up-to-date view of network devices while minimizing unnecessary traffic.
3. Configuring LLDP
Enabling LLDP Globally
By default, LLDP may be disabled on your Cisco devices. To enable it globally, use the following command in configuration mode:
R1(config)# lldp run
✅ What this does:
- Activates LLDP on all active interfaces.
- Allows the device to send and receive LLDP information.
Once enabled, your device will start discovering directly connected neighbors.
🔹 Viewing LLDP Neighbors
After enabling LLDP, you can verify connected devices using:
R1# show lldp neighbors Capability codes: (R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device (W) WLAN Access Point, (P) Repeater, (S) Station, (O) Other Device ID Local Intf Hold-time Capability Port ID SW1 Gig0/1 120 B Gig0/1 R2 Gig0/0 120 R Gig0/0 Total entries displayed: 2
✅ What you’re seeing:
- Device ID: The hostname of the connected device.
- Local Interface: Where the neighbor is connected on your device.
- Hold-time: The time (in seconds) before the LLDP entry is removed if no updates are received.
- Capability: Indicates what type of device is connected (e.g.,
Bfor Bridge/Switch,Rfor Router). - Port ID: The interface on the neighbor’s side.
📝 Key takeaway:
You can now identify directly connected devices and their interfaces, which helps with troubleshooting and documentation.
🔹 Getting Detailed Neighbor Information
To dive deeper into LLDP details, use:
R1# show lldp neighbors detail
------------------------------------------------
Chassis id: 0000.0C85.B119
Port id: Gig0/1
Port Description: GigabitEthernet0/1
System Name: SW1
System Description:
Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 15.0(2)SE4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Wed 26-Jun-13 02:49 by mnguyen
Time remaining: 90 seconds
System Capabilities: B
Enabled Capabilities:B
Management Addresses: not advertised
Auto Negotiation: supported, enabled
Physical media capabilities:
100baseT(HD)
1000baseT(FD)
1000baseT(HD)
Media Attachment Unit type: 10
Vlan ID: 1
------------------------------------------------
Chassis id: 00D0.D3D8.4201
Port id: Gig0/0
Port Description: GigabitEthernet0/0
System Name: R2
System Description:
Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Thurs 5-Jan-12 15:41 by pt_team
Time remaining: 90 seconds
System Capabilities: R
Enabled Capabilities:R
Management Addresses: not advertised
Auto Negotiation: supported, enabled
Physical media capabilities:
1000baseT(FD)
Media Attachment Unit type: 10
Vlan ID: 1
Total entries displayed: 2
✅ Breaking it down:
- Chassis ID: A unique hardware identifier (often a MAC address).
- System Name: The hostname of the neighbor device.
- Port Description: The port on the neighbor device, useful for documentation.
- System Capabilities: The device’s function (
Bfor switch,Rfor router, etc.). - Management Address: IP address for remote management (if configured).
- Auto-Negotiation: Indicates if speed and duplex settings are negotiated.
🛠️ Use Case:
If you suspect a misconfigured port or an incorrect device connection, this command gives you clarity on what’s actually connected.
🔹 Disable LLDP Globally
To disable LLDP globally (useful if you want to limit visibility of devices in sensitive areas):
R1(config)# no lldp run R1(config)# end
✅ Verification:
R1# show lldp neighbors % LLDP is not enabled
This ensures that your device no longer sends or receives LLDP information.
4. Enable/Disable LLDP on Specific Interfaces
🔹 Enable LLDP on an Interface
By default, enabling LLDP globally activates it on all interfaces. However, in some cases, you may want to enable LLDP only on specific ports, such as an uplink to another switch or router.
To enable LLDP on a specific interface:
SW1(config)# interface gigabitethernet 0/0 SW1(config-if)# lldp transmit SW1(config-if)# lldp receive
✅ Explanation:
- lldp transmit: Sends LLDP information to the directly connected neighbor.
- lldp receive: Accepts LLDP information from the neighbor.
This approach is useful when you want LLDP enabled only on critical infrastructure links.
🔹 Disable LLDP on an Interface
In some situations, it’s best to disable LLDP on certain interfaces—especially those connected to end-user devices, like PCs or printers. This prevents unnecessary LLDP advertisements and minimizes exposure of network details.
To disable LLDP on a specific interface:
SW1(config)# interface gigabitethernet 0/1 SW1(config-if)# no lldp transmit SW1(config-if)# no lldp receive
This configuration prevents the interface from sending or receiving LLDP information, ensuring that only essential network links participate in LLDP discovery.
5. Conclusion
📢 Final Thoughts on LLDP
LLDP is a powerful tool for network visibility, especially in multi-vendor environments. By enabling LLDP selectively, you can:
✅ Optimize network discovery by ensuring that only relevant devices share LLDP information.
✅ Enhance security by preventing unnecessary LLDP data exposure.
✅ Simplify troubleshooting by making it easier to identify connections between devices.
Whether you’re mapping your network, validating configurations, or troubleshooting connectivity, LLDP provides valuable insights into your infrastructure. Be strategic in its deployment to maximize efficiency and security.