Provided by: lldpd_0.7.19-1_i386 bug

NAME

     lldpd — LLDP daemon

SYNOPSIS

     lldpd [-dxcseiklrv] [-D debug] [-S description] [-P platform] [-X socket]
           [-m management] [-u file] [-I interfaces] [-C interfaces]
           [-M class] [-H hide] [-L lldpcli]

DESCRIPTION

     lldpd is a daemon able to receive and send LLDP frames. The Link Layer
     Discovery Protocol is a vendor-neutral Layer 2 protocol that allows a
     network device to advertise its identity and capabilities on the local
     network.

     lldpd also implements an SNMP subagent using AgentX protocol to interface
     to a regular SNMP agent like Net-SNMP. To enable this subagent, you need
     something like that in your snmpd.conf(5):

           master agentx

     This daemon implements both reception and sending. It will collect
     various information to send LLDP frames to all Ethernet interfaces,
     including management address, speed and VLAN names.

     The options are as follows:

     -d      Do not daemonize.  If this option is specified, lldpd will run in
             the foreground and log to stderr.  This option can be specified
             many times to increase verbosity. When specified three times,
             debug logs will be enabled. They can be filtered with -D flag.

     -D debug
             This option allows the user to filter out debugging information
             by specifying allowed tokens. This option can be repeated several
             times to allow several tokens. This option must be combined with
             the -d flag to have some effect. Only debugging logs can be
             filtered. Here is a list of allowed tokens with their
             description:
                 main        Main daemon.
                 interfaces  Discovery of local interfaces.
                 lldp        LLDP PDU encoding/decoding.
                 edp         EDP PDU encoding/decoding.
                 cdp         CDP/FDP PDU encoding/decoding.
                 sonmp       SONMP PDU encoding/decoding.
                 event       Events management.
                 libevent    Events management but for logs generated by
                             libevent.
                 privsep     Privilege separation.
                 localchassis
                             Retrieval of information related to the local
                             chassis.
                 rpc         Client communication.
                 control     Management of the Unix control socket.
                 snmp        SNMP subagent.
                 libsnmp     SNMP subagent but for logs generated by NetSNMP.
                 decode      Generic PDU decoding.
                 marshal     Low-level serialization mechanisms.
                 alloc       Low-level allocation mechanisms.
                 send        Sending PDU to some interface.
                 receive     Receiving PDU from some interface.
                 loop        Main loop.
                 smartfilter
                             Smart filtering of different protocols on the
                             same port.
                 netlink     Netlink subsystem.

     -k      Disable advertising of kernel release, version and machine.
             Kernel name (ie: Linux) will still be shared, and Inventory
             software version will be set to 'Unknown'.

     -S description
             Override system description with the provided description. The
             default description is the kernel name, the node name, the kernel
             version, the build date and the architecture (except if you use
             the -k flag described above).

     -P platform
             Override the CDP platform name with the provided value. The
             default description is the kernel name (Linux).

     -x      Enable SNMP subagent.  With this option, lldpd will enable an
             SNMP subagent using AgentX protocol. This allows you to get
             information about local system and remote systems through SNMP.

     -X socket
             Enable SNMP subagent using the specified socket.  lldpd will
             enable an SNMP subagent using AgentX protocol for the given
             socket. This option implies the previous one. The default socket
             is usally /var/agentx/master.  You can specify a socket like
             tcp:127.0.0.1:705 for example. Since the process that will open
             this socket is enclosed in a chroot, you need to specify an IP
             address (not a hostname) when using a TCP or UDP socket.

     -c      Enable the support of CDP protocol to deal with Cisco routers
             that do not speak LLDP. If repeated, CDPv1 packets will be sent
             even when there is no CDP peer detected. If repeated once again,
             CDPv2 packets will be sent even when there is no CDP peer
             detected. If repeated once again (i.e.  -cccc), CDPv1 will be
             disabled and CDPv2 will be enabled. If repeated once again (i.e.
             -ccccc), CDPv1 will be disabled and CDPv2 will be forced.

     -f      Enable the support of FDP protocol to deal with Foundry routers
             that do not speak LLDP. If repeated, FDP packets will be sent
             even when there is no FDP peer detected.

     -s      Enable the support of SONMP protocol to deal with Nortel routers
             and switches that do not speak LLDP. If repeated, SONMP packets
             will be sent even when there is no SONMP peer detected.

     -e      Enable the support of EDP protocol to deal with Extreme routers
             and switches that do not speak LLDP. If repeated, EDP packets
             will be sent even when there is no EDP peer detected.

     -l      Force to send LLDP packets even when there is no LLDP peer
             detected but there is a peer speaking another protocol detected.
             By default, LLDP packets are sent when there is a peer speaking
             LLDP detected or when there is no peer at all. If repeated, LLDP
             is disabled.

     -r      Receive-only mode. With this switch, lldpd will not send any
             frame. It will only listen to neighbors.

     -m management
             Specify the management addresses of this system. As for
             interfaces (described below), this option can use wildcards and
             inversions.  Without this option, the first IPv4 and the first
             IPv6 are used. If an exact IP address is provided, it is used as
             a management address without any check. If only negative patterns
             are provided, only one IPv4 and one IPv6 addresses are chosen.
             Otherwise, many of them can be selected. If you want to blacklist
             IPv6 addresses, you can use !*:*.

     -u file
             Specify the Unix-domain socket used for communication with
             lldpctl(8).

     -I interfaces
             Specify which interface to listen and send LLDPDU to. Without
             this option, lldpd will use all available physical interfaces.
             This option can use wildcards. Several interfaces can be
             specified separated by commas.  It is also possible to blacklist
             an interface by suffixing it with an exclamation mark. It is
             possible to whitelist an interface by suffixing it with two
             exclamation marks. A whitelisted interface beats a blacklisted
             interfaces which beats a simple matched interface. For example,
             with eth*,!eth1,!eth2 lldpd will only use interfaces starting by
             eth with the exception of eth1 and eth2.  While with
             *,!eth*,!!eth1 lldpd will use all interfaces, except interfaces
             starting by eth with the exception of eth1.  When an exact match
             is found, it will circumvent some tests. For example, if eth0.12
             is specified, it will be accepted even if this is a VLAN
             interface.

     -C interfaces
             Specify which interfaces to use for computing chassis ID. Without
             this option, all interfaces are considered.  lldpd will take the
             first MAC address from all the considered interfaces to compute
             the chassis ID. The logic of this option is the same as for -I
             flag: you can exclude interfaces with an exclamation mark and use
             globbing to specify several interfaces. If all interfaces are
             blacklisted (with !*), the system name is used as a chassis ID
             instead.

     -M class
             Enable emission of LLDP-MED frame. The class should be one of the
             following value:
             1     Generic Endpoint (Class I)
             2     Media Endpoint (Class II)
             3     Communication Device Endpoints (Class III)
             4     Network Connectivity Device

     -i      Disable LLDP-MED inventory TLV transmission.  lldpd will still
             receive (and publish using SNMP if enabled) those LLDP-MED TLV
             but will not send them. Use this option if you don't want to
             transmit sensible information like serial numbers.

     -H hide
             Filter neighbors. See section FILTERING NEIGHBORS for details.

     -L lldpcli
             Provide an alternative path to lldpcli for configuration. If
             empty, does not use lldpcli for configuration.

     -v      Show lldpd version.

FILTERING NEIGHBORS

     In a heterogeneous network, you may see several different hosts on the
     same port, even if there is only one physically plugged to this port. For
     example, if you have a Nortel switch running LLDP which is plugged to a
     Cisco switch running CDP and your host is plugged to the Cisco switch,
     you will see the Nortel switch as well because LLDP frames are forwarded
     by the Cisco switch. This may not be what you want. The -H hide parameter
     will allow you to tell lldpd to discard some frames that it receives and
     to avoid to send some other frames.

     Incoming filtering and outgoing filtering are unrelated. Incoming
     filtering will hide some remote ports to get you a chance to know exactly
     what equipment is on the other side of the network cable. Outgoing
     filtering will avoid to use some protocols to avoid flooding your network
     with a protocol that is not handled by the nearest equipment. Keep in
     mind that even without filtering, lldpd will speak protocols for which at
     least one frame has been received and LLDP otherwise (there are other
     options to change this behaviour, for example -cc, -ss, -ee, -ll and -ff
     ).

     When enabling incoming filtering, lldpd will try to select one protocol
     and filter out neighbors using other protocols. To select this protocol,
     the rule is to take the less used protocol. If on one port, you get 12
     CDP neighbors and 1 LLDP neighbor, this mean that the remote switch
     speaks LLDP and does not filter CDP. Therefore, we select LLDP. When
     enabling outgoing filtering, lldpd will also try to select one protocol
     and only speaks this protocol. The filtering is done per port. Each port
     may select a different protocol.

     There are two additional criteria when enabling filtering: allowing one
     or several protocols to be selected (in case of a tie) and allowing one
     or several neighbors to be selected. Even when allowing several
     protocols, the rule of selecting the protocols with the less neighbors
     still apply. If lldpd selects LLDP and CDP, this means they have the same
     number of neighbors. The selection of the neighbor is random. Incoming
     filtering will select a set of neighbors to be displayed while outgoing
     filtering will use the selected set of neighbors to decide which
     protocols to use: if a selected neighbor speaks LLDP and another one CDP,
     lldpd will speak both CDP and LLDP on this port.

     There are some corner cases. A typical example is a switch speaking two
     protocols (CDP and LLDP for example). You want to get the information
     from the best protocol but you want to speak both protocols because some
     tools use the CDP table and some other the LLDP table.

     The table below summarize all accepted values for the -H hide parameter.
     The default value is 15 which corresponds to the corner case described
     above. The filter column means that filtering is enabled. The 1proto
     column tells that only one protocol will be kept. The 1neigh column tells
     that only one neighbor will be kept.

                        incoming                outgoing
                filter  1proto  1neigh  filter  1proto  1neigh
           0
           1    x       x               x       x
           2    x       x
           3                            x       x
           4    x                       x
           5    x
           6                            x
           7    x       x       x       x       x
           8    x       x       x
           9    x               x       x       x
           10                           x               x
           11   x               x
           12   x               x       x               x
           13   x               x       x
           14   x       x               x               x
           15   x       x               x
           16   x       x       x       x               x
           17   x       x       x       x
           18   x                       x               x
           19   x                       x       x

FILES

     /var/run/lldpd.socket    Unix-domain socket used for communication with
                              lldpctl(8).
     /etc/lldpd.conf          Configuration file for lldpd.  Commands in this
                              files are executed by lldpcli(8) at start.
     /etc/lldpd.d             Directory containing configuration files whose
                              commands are executed by lldpcli(8) at start.

SEE ALSO

     lldpctl(8), lldpcli(8), snmpd(8)

HISTORY

     The lldpd program is inspired from a preliminary work of Reyk Floeter.

AUTHORS

     The lldpd program was written by Pierre-Yves Ritschard ⟨pyr@openbsd.org⟩,
     and Vincent Bernat ⟨bernat@luffy.cx⟩.