1LLDPD(8) BSD System Manager's Manual LLDPD(8)
2
4 lldpd — LLDP daemon
5
7 lldpd [-dxcseiklrv] [-D debug] [-p pidfile] [-S description]
8 [-P platform] [-X socket] [-m management] [-u file] [-I interfaces]
9 [-C interfaces] [-M class] [-H hide] [-L lldpcli] [-O configfile]
10
12 lldpd is a daemon able to receive and send LLDP frames. The Link Layer
13 Discovery Protocol is a vendor-neutral Layer 2 protocol that allows a
14 network device to advertise its identity and capabilities on the local
15 network.
16 lldpd also implements an SNMP subagent using AgentX protocol to interface
18 to a regular SNMP agent like Net-SNMP. To enable this subagent, you need
19 something like that in your snmpd.conf(5):
20 master agentx
22 This daemon implements both reception and sending. It will collect vari‐
24 ous information to send LLDP frames to all Ethernet interfaces, including
25 management address, speed and VLAN names.
26 The options are as follows:
28 -d Do not daemonize. If this option is specified, lldpd will run in
30 the foreground. When specified one more time, lldpd will not log
31 to syslog but only to stderr. Then, this option can be specified
32 many times to increase verbosity. When specified four times,
33 debug logs will be enabled. They can be filtered with -D flag.
34 -D debug
36 This option allows the user to filter out debugging information
37 by specifying allowed tokens. This option can be repeated several
38 times to allow several tokens. This option must be combined with
39 the -d flag to have some effect. Only debugging logs can be fil‐
40 tered. Here is a list of allowed tokens with their description:
41 main Main daemon.
42 interfaces Discovery of local interfaces.
43 lldp LLDP PDU encoding/decoding.
44 edp EDP PDU encoding/decoding.
45 cdp CDP/FDP PDU encoding/decoding.
46 sonmp SONMP PDU encoding/decoding.
47 event Events management.
48 libevent Events management but for logs generated by
49 libevent.
50 privsep Privilege separation.
51 localchassis
52 Retrieval of information related to the local
53 chassis.
54 rpc Client communication.
55 control Management of the Unix control socket.
56 snmp SNMP subagent.
57 libsnmp SNMP subagent but for logs generated by NetSNMP.
58 decode Generic PDU decoding.
59 marshal Low-level serialization mechanisms.
60 alloc Low-level allocation mechanisms.
61 send Sending PDU to some interface.
62 receive Receiving PDU from some interface.
63 loop Main loop.
64 smartfilter
65 Smart filtering of different protocols on the
66 same port.
67 netlink Netlink subsystem.
68 -p pidfile
70 Use the provided PID file to record lldpd PID instead of
71 /var/run/lldpd.pid.
72 -k Disable advertising of kernel release, version and machine. Ker‐
74 nel name (ie: Linux) will still be shared, and Inventory software
75 version will be set to 'Unknown'.
76 -S description
78 Override system description with the provided description. The
79 default description is the kernel name, the node name, the kernel
80 version, the build date and the architecture (except if you use
81 the -k flag described above).
82 -P platform
84 Override the CDP platform name with the provided value. The
85 default description is the kernel name (Linux).
86 -x Enable SNMP subagent. With this option, lldpd will enable an
88 SNMP subagent using AgentX protocol. This allows you to get
89 information about local system and remote systems through SNMP.
90 -X socket
92 Enable SNMP subagent using the specified socket. lldpd will
93 enable an SNMP subagent using AgentX protocol for the given
94 socket. This option implies the previous one. The default socket
95 is usually /var/agentx/master. You can specify a socket like
96 tcp:127.0.0.1:705 for example. Since the process that will open
97 this socket is enclosed in a chroot, you need to specify an IP
98 address (not a hostname) when using a TCP or UDP socket.
99 -c Enable the support of CDP protocol to deal with Cisco routers
101 that do not speak LLDP. If repeated, CDPv1 packets will be sent
102 even when there is no CDP peer detected. If repeated once again,
103 CDPv2 packets will be sent even when there is no CDP peer
104 detected. If repeated once again (i.e. -cccc), CDPv1 will be
105 disabled and CDPv2 will be enabled. If repeated once again (i.e.
106 -ccccc), CDPv1 will be disabled and CDPv2 will be forced.
107 -f Enable the support of FDP protocol to deal with Foundry routers
109 that do not speak LLDP. If repeated, FDP packets will be sent
110 even when there is no FDP peer detected.
111 -s Enable the support of SONMP protocol to deal with Nortel routers
113 and switches that do not speak LLDP. If repeated, SONMP packets
114 will be sent even when there is no SONMP peer detected.
115 -e Enable the support of EDP protocol to deal with Extreme routers
117 and switches that do not speak LLDP. If repeated, EDP packets
118 will be sent even when there is no EDP peer detected.
119 -l Force to send LLDP packets even when there is no LLDP peer
121 detected but there is a peer speaking another protocol detected.
122 By default, LLDP packets are sent when there is a peer speaking
123 LLDP detected or when there is no peer at all. If repeated, LLDP
124 is disabled.
125 -r Receive-only mode. With this switch, lldpd will not send any
127 frame. It will only listen to neighbors.
128 -m management
130 Specify the management addresses of this system. As for inter‐
131 faces (described below), this option can use wildcards and inver‐
132 sions. Without this option, the first IPv4 and the first IPv6
133 are used. If an exact IP address is provided, it is used as a
134 management address without any check. If only negative patterns
135 are provided, only one IPv4 and one IPv6 addresses are chosen.
136 Otherwise, many of them can be selected. If you want to blacklist
137 IPv6 addresses, you can use !*:*.
138 -u file
140 Specify the Unix-domain socket used for communication with
141 lldpctl(8).
142 -I interfaces
144 Specify which interface to listen and send LLDPDU to. Without
145 this option, lldpd will use all available physical interfaces.
146 This option can use wildcards. Several interfaces can be speci‐
147 fied separated by commas. It is also possible to blacklist an
148 interface by suffixing it with an exclamation mark. It is possi‐
149 ble to whitelist an interface by suffixing it with two exclama‐
150 tion marks. A whitelisted interface beats a blacklisted interface
151 which beats a simple matched interface. For example, with
152 eth*,!eth1,!eth2 lldpd will only use interfaces starting by eth
153 with the exception of eth1 and eth2. While with *,!eth*,!!eth1
154 lldpd will use all interfaces, except interfaces starting by eth
155 with the exception of eth1. When an exact match is found, it
156 will circumvent some tests. For example, if eth0.12 is specified,
157 it will be accepted even if this is a VLAN interface.
158 -C interfaces
160 Specify which interfaces to use for computing chassis ID. Without
161 this option, all interfaces are considered. lldpd will take the
162 first MAC address from all the considered interfaces to compute
163 the chassis ID. The logic of this option is the same as for -I
164 flag: you can exclude interfaces with an exclamation mark and use
165 globbing to specify several interfaces. If all interfaces are
166 blacklisted (with !*), the system name is used as a chassis ID
167 instead.
168 -M class
170 Enable emission of LLDP-MED frame. Depending on the selected
171 class, the standard defines which set of TLV should be transmit‐
172 ted. See section 10.2.1. Some devices may be strict about this
173 aspect. The class should be one of the following value:
174 1 Generic Endpoint (Class I)
175 2 Media Endpoint (Class II). In this case, the standard
176 requires to define at least one network policy through
177 lldpcli.
178 3 Communication Device Endpoints (Class III). In this case,
179 the standard requires to define at least one network policy
180 through lldpcli.
181 4 Network Connectivity Device
182 -i Disable LLDP-MED inventory TLV transmission. lldpd will still
184 receive (and publish using SNMP if enabled) those LLDP-MED TLV
185 but will not send them. Use this option if you don't want to
186 transmit sensible information like serial numbers.
187 -H hide
189 Filter neighbors. See section FILTERING NEIGHBORS for details.
190 -L lldpcli
192 Provide an alternative path to lldpcli for configuration. If
193 empty, does not use lldpcli for configuration.
194 -O configfile
196 Override default configuration locations processed by lldpcli at
197 start. If a directory is provided, each file contained in it will
198 be read if ending by .conf. Order is alphabetical.
199 -v Show lldpd version. When repeated, show more build information.
201
203 In a heterogeneous network, you may see several different hosts on the
204 same port, even if there is only one physically plugged to this port. For
205 example, if you have a Nortel switch running LLDP which is plugged to a
206 Cisco switch running CDP and your host is plugged to the Cisco switch,
207 you will see the Nortel switch as well because LLDP frames are forwarded
208 by the Cisco switch. This may not be what you want. The -H hide parameter
209 will allow you to tell lldpd to discard some frames that it receives and
210 to avoid to send some other frames.
211 Incoming filtering and outgoing filtering are unrelated. Incoming filter‐
213 ing will hide some remote ports to get you a chance to know exactly what
214 equipment is on the other side of the network cable. Outgoing filtering
215 will avoid to use some protocols to avoid flooding your network with a
216 protocol that is not handled by the nearest equipment. Keep in mind that
217 even without filtering, lldpd will speak protocols for which at least one
218 frame has been received and LLDP otherwise (there are other options to
219 change this behaviour, for example -cc, -ss, -ee, -ll and -ff ).
220 When enabling incoming filtering, lldpd will try to select one protocol
222 and filter out neighbors using other protocols. To select this protocol,
223 the rule is to take the less used protocol. If on one port, you get 12
224 CDP neighbors and 1 LLDP neighbor, this mean that the remote switch
225 speaks LLDP and does not filter CDP. Therefore, we select LLDP. When
226 enabling outgoing filtering, lldpd will also try to select one protocol
227 and only speaks this protocol. The filtering is done per port. Each port
228 may select a different protocol.
229 There are two additional criteria when enabling filtering: allowing one
231 or several protocols to be selected (in case of a tie) and allowing one
232 or several neighbors to be selected. Even when allowing several proto‐
233 cols, the rule of selecting the protocols with the less neighbors still
234 apply. If lldpd selects LLDP and CDP, this means they have the same num‐
235 ber of neighbors. The selection of the neighbor is random. Incoming fil‐
236 tering will select a set of neighbors to be displayed while outgoing fil‐
237 tering will use the selected set of neighbors to decide which protocols
238 to use: if a selected neighbor speaks LLDP and another one CDP, lldpd
239 will speak both CDP and LLDP on this port.
240 There are some corner cases. A typical example is a switch speaking two
242 protocols (CDP and LLDP for example). You want to get the information
243 from the best protocol but you want to speak both protocols because some
244 tools use the CDP table and some other the LLDP table.
245 The table below summarize all accepted values for the -H hide parameter.
247 The default value is 15 which corresponds to the corner case described
248 above. The filter column means that filtering is enabled. The 1proto col‐
249 umn tells that only one protocol will be kept. The 1neigh column tells
250 that only one neighbor will be kept.
251 incoming outgoing
253 filter 1proto 1neigh filter 1proto 1neigh
254 0
255 1 x x x x
256 2 x x
257 3 x x
258 4 x x
259 5 x
260 6 x
261 7 x x x x x
262 8 x x x
263 9 x x x x
264 10 x x
265 11 x x
266 12 x x x x
267 13 x x x
268 14 x x x x
269 15 x x x
270 16 x x x x x
271 17 x x x x
272 18 x x x
273 19 x x x
274
276 /run/lldpd/lldpd.socket Unix-domain socket used for communication with
277 lldpctl(8).
278 /etc/lldpd.conf Configuration file for lldpd. Commands in
279 this files are executed by lldpcli(8) at
280 start.
281 /etc/lldpd.d Directory containing configuration files whose
282 commands are executed by lldpcli(8) at start.
283
285 lldpctl(8), lldpcli(8), snmpd(8)
286
288 The lldpd program is inspired from a preliminary work of Reyk Floeter.
289
291 The lldpd program was written by Pierre-Yves Ritschard <pyr@openbsd.org>,
292 and Vincent Bernat <bernat@luffy.cx>.
293BSD December 31, 2019 BSD