How To Enable LLDP on Linux Servers for Link Discovery
Recommended by 0 users
LLDP is a network layer 2 protocol, called “Link Layer Discovery Protocol”. It transmits much information about the device and ports to all network neighbors. Link Layer Discovery Protocol (LLDP) is one of the most under-utilized yet extremely useful networking protocols you may never have heard of. Ever unplug the wrong server from a switch because of out-of-date documentation or spaghetti wiring? Yeah, me either…but now you can know exactly which port a server is plugged into with confidence! You just need to enable LLDP on your switch and install lldpd.
It is important to note that there are other Link Layer protocols that have been implemented by multiple network equipment vendors over the years. LLDP was defined by IEEE 802.1AB to provide a vendor-neutral specification. This is an important step, as of now cross-vendor devices could finally exchange information, and network engineers were pleased. Now it’s time to spread the information out to a broader audience.
While the inner working of LLDP is beyond the scope of this paper, the basics are quite simple. A device, be it a server, switch, router, or anything else, sends information about itself at regular intervals out of all the connected network interfaces. This information typically includes the system name, name of the interface the data was sent on, and the system management IP address.
The receiving device, then collects that data, adds what interface it saw that data is coming from, and stores it for a specific amount of time. The data is only exchanged between devices directly connected over Ethernet, so you now can be certain of which neighbor is really on a specific interface.
|Capability Codes: R||– Router,||T – Trans Bridge,|
|Device ID||S – Switch, H – Host, I – IGMP, r – Repeater|
|Local Intrfce||Capability||Platform||Port ID|
In this example, from an old Cisco switch, we have two Linux hosts connected. So if I need to disconnect the eth0 interface from rpi-1, I know that it is plugged into the local port FastEthernet 0/2 of the switch. I can also tell that rpi-2 is not another switch, as the Capability column identifies it as H, which means it is a host.
There are a few implementations of LLDP for Linux: Open-LLDP, ladvd, and lldpd. I prefer lldpd for its simplicity of configuration, it’s ability to speak other proprietary discovery protocols like Cisco Discovery Protocol, and multiple output formats of the client utility.
Depending on what distribution you are running, lldpd might not be available as a package, but compilation and installation is standard. Once you have the package installed, there really isn’t much to the configuration. For example, when using the Rasbian package for installation, all you need to do is start the daemon to get up and running. Enabling CDP requires a slight modification to the configuration, as follows:
# Start SNMP subagent and enable CDP
Once you have lldpd installed and running, it only takes a few seconds for the data to start coming in from your neighboring devices. The command to view the current LLDP information is lldpctl, and by default it prints out some very verbose information. In the following example, you can see that we are actually using CDP to communicate with a very old Cisco 2924 Switch:
Interface: eth0, via: CDPv2, RID: 4, Time: 8 days, 00:58:39
ChassisID: local switch.example.com
SysDescr: cisco WS-C2924-XL
Capability: Bridge, on
PortID: ifname FastEthernet0/2
VLAN: 1, pvid: yes VLAN #1
So far, all of this has been useful information for humans to parse, but that’s not really the scale I want to work at. lldpdctl helps us out by providing multiple output formats including key-value and XML. Here is the same example in key-value format for comparison:
$ lldpctl -f keyvalue
lldp.eth0.rid=4 lldp.eth0.age=8 days, 01:00:23
lldp.eth0.chassis.name=switch.example.com lldp.eth0.chassis.descr=cisco WS-C2924-XL lldp.eth0.chassis.mgmt-ip=192.168.1.2 lldp.eth0.chassis.Bridge.enabled=on lldp.eth0.port.ifname=FastEthernet0/2 lldp.eth0.port.descr=FastEthernet0/2 lldp.eth0.vlan.vlan-id=1 lldp.eth0.vlan.pvid=yes lldp.eth0.vlan=VLAN #1
Now that, we have information on the server about how it’s connected to the rest of the world, in a parsable format, that with a little work we could pass to our configuration management software. One reason for its importance, is that it allows for automatic discovery of parent-child relationships between servers and the network equipment they’re attached to. With some simple wrapping — perhaps a custom fact, if you are a Puppet user — you have the hostname of the switch you’re attached to (your parent). Now when you dynamically generate your monitoring configuration, you can pass along that you are connected to Switch.example.com.