1LLDPD(8) BSD System Manager's Manual LLDPD(8)
2
4 lldpd — LLDP daemon
5
7 lldpd [-dxcseiklrv] [-D debug] [-p pidfile] [-S description]
8 [-P platform] [-X socket] [-m management] [-u file] [-I interfaces]
9 [-C interfaces] [-M class] [-H hide] [-L lldpcli] [-O configfile]
10
12 lldpd is a daemon able to receive and send LLDP frames. The Link Layer
13 Discovery Protocol is a vendor-neutral Layer 2 protocol that allows a
14 network device to advertise its identity and capabilities on the local
15 network.
16 lldpd also implements an SNMP subagent using AgentX protocol to interface
18 to a regular SNMP agent like Net-SNMP. To enable this subagent, you need
19 something like that in your snmpd.conf(5):
20 master agentx
22 This daemon implements both reception and sending. It will collect vari‐
24 ous information to send LLDP frames to all Ethernet interfaces, including
25 management address, speed and VLAN names.
26 The options are as follows:
28 -d Do not daemonize. If this option is specified, lldpd will run in
30 the foreground. When specified one more time, lldpd will not log
31 to syslog but only to stderr. Then, this option can be specified
32 many times to increase verbosity. When specified four times, de‐
33 bug logs will be enabled. They can be filtered with -D flag.
34 -D debug
36 This option allows the user to filter out debugging information
37 by specifying allowed tokens. This option can be repeated several
38 times to allow several tokens. This option must be combined with
39 the -d flag to have some effect. Only debugging logs can be fil‐
40 tered. Here is a list of allowed tokens with their description:
41 main Main daemon.
42 interfaces Discovery of local interfaces.
43 lldp LLDP PDU encoding/decoding.
44 edp EDP PDU encoding/decoding.
45 cdp CDP/FDP PDU encoding/decoding.
46 sonmp SONMP PDU encoding/decoding.
47 event Events management.
48 libevent Events management but for logs generated by
49 libevent.
50 privsep Privilege separation.
51 localchassis
52 Retrieval of information related to the local
53 chassis.
54 rpc Client communication.
55 control Management of the Unix control socket.
56 snmp SNMP subagent.
57 libsnmp SNMP subagent but for logs generated by NetSNMP.
58 decode Generic PDU decoding.
59 marshal Low-level serialization mechanisms.
60 alloc Low-level allocation mechanisms.
61 send Sending PDU to some interface.
62 receive Receiving PDU from some interface.
63 loop Main loop.
64 smartfilter
65 Smart filtering of different protocols on the
66 same port.
67 netlink Netlink subsystem.
68 -p pidfile
70 Use the provided PID file to record lldpd PID instead of
71 /run/lldpd.pid.
72 -k Disable advertising of kernel release, version and machine. Ker‐
74 nel name (ie: Linux) will still be shared, and Inventory software
75 version will be set to 'Unknown'.
76 -S description
78 Override system description with the provided description. The
79 default description is the kernel name, the node name, the kernel
80 version, the build date and the architecture (except if you use
81 the -k flag described above).
82 -P platform
84 Override the CDP platform name with the provided value. The de‐
85 fault description is the kernel name (Linux).
86 -x Enable SNMP subagent. With this option, lldpd will enable an
88 SNMP subagent using AgentX protocol. This allows you to get in‐
89 formation about local system and remote systems through SNMP.
90 -X socket
92 Enable SNMP subagent using the specified socket. lldpd will en‐
93 able an SNMP subagent using AgentX protocol for the given socket.
94 This option implies the previous one. The default socket is usu‐
95 ally /var/agentx/master. You can specify a socket like
96 tcp:127.0.0.1:705 for example. Since the process that will open
97 this socket is enclosed in a chroot, you need to specify an IP
98 address (not a hostname) when using a TCP or UDP socket.
99 -c Enable the support of CDP protocol to deal with Cisco routers
101 that do not speak LLDP. If repeated, CDPv1 packets will be sent
102 even when there is no CDP peer detected. If repeated once again,
103 CDPv2 packets will be sent even when there is no CDP peer de‐
104 tected. If repeated once again (i.e. -cccc), CDPv1 will be dis‐
105 abled and CDPv2 will be enabled. If repeated once again (i.e.
106 -ccccc), CDPv1 will be disabled and CDPv2 will be forced.
107 -f Enable the support of FDP protocol to deal with Foundry routers
109 that do not speak LLDP. If repeated, FDP packets will be sent
110 even when there is no FDP peer detected.
111 -s Enable the support of SONMP protocol to deal with Nortel routers
113 and switches that do not speak LLDP. If repeated, SONMP packets
114 will be sent even when there is no SONMP peer detected.
115 -e Enable the support of EDP protocol to deal with Extreme routers
117 and switches that do not speak LLDP. If repeated, EDP packets
118 will be sent even when there is no EDP peer detected.
119 -l Force to send LLDP packets even when there is no LLDP peer de‐
121 tected but there is a peer speaking another protocol detected. By
122 default, LLDP packets are sent when there is a peer speaking LLDP
123 detected or when there is no peer at all. If repeated, LLDP is
124 disabled.
125 -r Receive-only mode. With this switch, lldpd will not send any
127 frame. It will only listen to neighbors.
128 -m management
130 Specify the management addresses of this system. As for inter‐
131 faces (described below), this option can use wildcards and inver‐
132 sions. Without this option, the first IPv4 and the first IPv6
133 are used. If an exact IP address is provided, it is used as a
134 management address without any check. If only negative patterns
135 are provided, only one IPv4 and one IPv6 addresses are chosen.
136 Otherwise, many of them can be selected. If you want to remove
137 IPv6 addresses, you can use !*:*. If an interface name is
138 matched, the first IPv4 address and the first IPv6 address asso‐
139 ciated to this interface will be chosen.
140 -u file
142 Specify the Unix-domain socket used for communication with
143 lldpctl(8).
144 -I interfaces
146 Specify which interface to listen and send LLDPDU to. Without
147 this option, lldpd will use all available physical interfaces.
148 This option can use wildcards. Several interfaces can be speci‐
149 fied separated by commas. It is also possible to remove an in‐
150 terface by prefixing it with an exclamation mark. It is possible
151 to allow an interface by prefixing it with two exclamation marks.
152 An allowed interface beats a forbidden interface which beats a
153 simple matched interface. For example, with eth*,!eth1,!eth2
154 lldpd will only use interfaces starting by eth with the exception
155 of eth1 and eth2. While with *,!eth*,!!eth1 lldpd will use all
156 interfaces, except interfaces starting by eth with the exception
157 of eth1. When an exact match is found, it will circumvent some
158 tests. For example, if eth0.12 is specified, it will be accepted
159 even if this is a VLAN interface.
160 -C interfaces
162 Specify which interfaces to use for computing chassis ID. Without
163 this option, all interfaces are considered. lldpd will take the
164 first MAC address from all the considered interfaces to compute
165 the chassis ID. The logic of this option is the same as for -I
166 flag: you can exclude interfaces with an exclamation mark and use
167 globbing to specify several interfaces. If all interfaces are re‐
168 moved (with !*), the system name is used as a chassis ID instead.
169 -M class
171 Enable emission of LLDP-MED frame. Depending on the selected
172 class, the standard defines which set of TLV should be transmit‐
173 ted. See section 10.2.1. Some devices may be strict about this
174 aspect. The class should be one of the following value:
175 1 Generic Endpoint (Class I)
176 2 Media Endpoint (Class II). In this case, the standard re‐
177 quires to define at least one network policy through
178 lldpcli.
179 3 Communication Device Endpoints (Class III). In this case,
180 the standard requires to define at least one network policy
181 through lldpcli.
182 4 Network Connectivity Device
183 -i Disable LLDP-MED inventory TLV transmission. lldpd will still
185 receive (and publish using SNMP if enabled) those LLDP-MED TLV
186 but will not send them. Use this option if you don't want to
187 transmit sensible information like serial numbers.
188 -H hide
190 Filter neighbors. See section FILTERING NEIGHBORS for details.
191 -L lldpcli
193 Provide an alternative path to lldpcli for configuration. If
194 empty, does not use lldpcli for configuration.
195 -O configfile
197 Override default configuration locations processed by lldpcli at
198 start. If a directory is provided, each file contained in it will
199 be read if ending by .conf. Order is alphabetical.
200 -v Show lldpd version. When repeated, show more build information.
202
204 In a heterogeneous network, you may see several different hosts on the
205 same port, even if there is only one physically plugged to this port. For
206 example, if you have a Nortel switch running LLDP which is plugged to a
207 Cisco switch running CDP and your host is plugged to the Cisco switch,
208 you will see the Nortel switch as well because LLDP frames are forwarded
209 by the Cisco switch. This may not be what you want. The -H hide parameter
210 will allow you to tell lldpd to discard some frames that it receives and
211 to avoid to send some other frames.
212 Incoming filtering and outgoing filtering are unrelated. Incoming filter‐
214 ing will hide some remote ports to get you a chance to know exactly what
215 equipment is on the other side of the network cable. Outgoing filtering
216 will avoid to use some protocols to avoid flooding your network with a
217 protocol that is not handled by the nearest equipment. Keep in mind that
218 even without filtering, lldpd will speak protocols for which at least one
219 frame has been received and LLDP otherwise (there are other options to
220 change this behaviour, for example -cc, -ss, -ee, -ll and -ff ).
221 When enabling incoming filtering, lldpd will try to select one protocol
223 and filter out neighbors using other protocols. To select this protocol,
224 the rule is to take the less used protocol. If on one port, you get 12
225 CDP neighbors and 1 LLDP neighbor, this mean that the remote switch
226 speaks LLDP and does not filter CDP. Therefore, we select LLDP. When en‐
227 abling outgoing filtering, lldpd will also try to select one protocol and
228 only speaks this protocol. The filtering is done per port. Each port may
229 select a different protocol.
230 There are two additional criteria when enabling filtering: allowing one
232 or several protocols to be selected (in case of a tie) and allowing one
233 or several neighbors to be selected. Even when allowing several proto‐
234 cols, the rule of selecting the protocols with the less neighbors still
235 apply. If lldpd selects LLDP and CDP, this means they have the same num‐
236 ber of neighbors. The selection of the neighbor is random. Incoming fil‐
237 tering will select a set of neighbors to be displayed while outgoing fil‐
238 tering will use the selected set of neighbors to decide which protocols
239 to use: if a selected neighbor speaks LLDP and another one CDP, lldpd
240 will speak both CDP and LLDP on this port.
241 There are some corner cases. A typical example is a switch speaking two
243 protocols (CDP and LLDP for example). You want to get the information
244 from the best protocol but you want to speak both protocols because some
245 tools use the CDP table and some other the LLDP table.
246 The table below summarize all accepted values for the -H hide parameter.
248 The default value is 15 which corresponds to the corner case described
249 above. The filter column means that filtering is enabled. The 1proto col‐
250 umn tells that only one protocol will be kept. The 1neigh column tells
251 that only one neighbor will be kept.
252 incoming outgoing
254 filter 1proto 1neigh filter 1proto 1neigh
255 0
256 1 x x x x
257 2 x x
258 3 x x
259 4 x x
260 5 x
261 6 x
262 7 x x x x x
263 8 x x x
264 9 x x x x
265 10 x x
266 11 x x
267 12 x x x x
268 13 x x x
269 14 x x x x
270 15 x x x
271 16 x x x x x
272 17 x x x x
273 18 x x x
274 19 x x x
275
277 /run/lldpd/lldpd.socket Unix-domain socket used for communication with
278 lldpctl(8).
279 /etc/lldpd.conf Configuration file for lldpd. Commands in
280 this files are executed by lldpcli(8) at
281 start.
282 /etc/lldpd.d Directory containing configuration files whose
283 commands are executed by lldpcli(8) at start.
284
286 lldpctl(8), lldpcli(8), snmpd(8)
287
289 The lldpd program is inspired from a preliminary work of Reyk Floeter.
290
292 The lldpd program was written by Pierre-Yves Ritschard <pyr@openbsd.org>,
293 and Vincent Bernat <bernat@luffy.cx>.
294BSD August 21, 2008 BSD