oracular (8) lldpd.8.gz

Provided by: lldpd_1.0.18-1build3_amd64 bug

NAME

     lldpd — LLDP daemon

SYNOPSIS

     lldpd [-dxcseiklrv] [-D debug] [-p pidfile] [-S description] [-P platform] [-X socket]
           [-m management] [-u file] [-I interfaces] [-C interfaces] [-M class] [-H hide]
           [-L lldpcli] [-O configfile]

DESCRIPTION

     lldpd is a daemon able to receive and send LLDP frames. The Link Layer Discovery Protocol is
     a vendor-neutral Layer 2 protocol that allows a network device to advertise its identity and
     capabilities on the local network.

     lldpd also implements an SNMP subagent using AgentX protocol to interface to a regular SNMP
     agent like Net-SNMP. To enable this subagent, you need something like that in your
     snmpd.conf(5):

           master agentx

     This daemon implements both reception and sending. It will collect various information to
     send LLDP frames to all Ethernet interfaces, including management address, speed and VLAN
     names.

     The options are as follows:

     -d      Do not daemonize.  If this option is specified, lldpd will run in the foreground.
             When specified one more time, lldpd will not log to syslog but only to stderr. Then,
             this option can be specified many times to increase verbosity. When specified four
             times, debug logs will be enabled. They can be filtered with -D flag.

     -D debug
             This option allows the user to filter out debugging information by specifying
             allowed tokens. This option can be repeated several times to allow several tokens.
             This option must be combined with the -d flag to have some effect. Only debugging
             logs can be filtered. Here is a list of allowed tokens with their description:
                 main        Main daemon.
                 interfaces  Discovery of local interfaces.
                 lldp        LLDP PDU encoding/decoding.
                 edp         EDP PDU encoding/decoding.
                 cdp         CDP/FDP PDU encoding/decoding.
                 sonmp       SONMP PDU encoding/decoding.
                 event       Events management.
                 libevent    Events management but for logs generated by libevent.
                 privsep     Privilege separation.
                 localchassis
                             Retrieval of information related to the local chassis.
                 rpc         Client communication.
                 control     Management of the Unix control socket.
                 snmp        SNMP subagent.
                 libsnmp     SNMP subagent but for logs generated by NetSNMP.
                 decode      Generic PDU decoding.
                 marshal     Low-level serialization mechanisms.
                 alloc       Low-level allocation mechanisms.
                 send        Sending PDU to some interface.
                 receive     Receiving PDU from some interface.
                 loop        Main loop.
                 smartfilter
                             Smart filtering of different protocols on the same port.
                 netlink     Netlink subsystem.

     -p pidfile
             Use the provided PID file to record lldpd PID instead of /run/lldpd.pid.

     -k      Disable advertising of kernel release, version and machine. Kernel name (ie: Linux)
             will still be shared, and Inventory software version will be set to 'Unknown'.

     -S description
             Override system description with the provided description. The default description
             is the kernel name, the node name, the kernel version, the build date and the
             architecture (except if you use the -k flag described above).

     -P platform
             Override the CDP platform name with the provided value. The default description is
             the kernel name (Linux).

     -x      Enable SNMP subagent.  With this option, lldpd will enable an SNMP subagent using
             AgentX protocol. This allows you to get information about local system and remote
             systems through SNMP.

     -X socket
             Enable SNMP subagent using the specified socket.  lldpd will enable an SNMP subagent
             using AgentX protocol for the given socket. This option implies the previous one.
             The default socket is usually /var/agentx/master.  You can specify a socket like
             tcp:127.0.0.1:705 for example. Since the process that will open this socket is
             enclosed in a chroot, you need to specify an IP address (not a hostname) when using
             a TCP or UDP socket.

     -c      Enable the support of CDP protocol to deal with Cisco routers that do not speak
             LLDP. If repeated, CDPv1 packets will be sent even when there is no CDP peer
             detected. If repeated once again, CDPv2 packets will be sent even when there is no
             CDP peer detected. If repeated once again (i.e.  -cccc), CDPv1 will be disabled and
             CDPv2 will be enabled. If repeated once again (i.e.  -ccccc), CDPv1 will be disabled
             and CDPv2 will be forced.

     -f      Enable the support of FDP protocol to deal with Foundry routers that do not speak
             LLDP. If repeated, FDP packets will be sent even when there is no FDP peer detected.

     -s      Enable the support of SONMP protocol to deal with Nortel routers and switches that
             do not speak LLDP. If repeated, SONMP packets will be sent even when there is no
             SONMP peer detected.

     -e      Enable the support of EDP protocol to deal with Extreme routers and switches that do
             not speak LLDP. If repeated, EDP packets will be sent even when there is no EDP peer
             detected.

     -l      Force to send LLDP packets even when there is no LLDP peer detected but there is a
             peer speaking another protocol detected. By default, LLDP packets are sent when
             there is a peer speaking LLDP detected or when there is no peer at all. If repeated,
             LLDP is disabled.

     -r      Receive-only mode. With this switch, lldpd will not send any frame. It will only
             listen to neighbors.

     -m management
             Specify the management addresses of this system. As for interfaces (described
             below), this option can use wildcards and inversions.  Without this option, the
             first IPv4 and the first IPv6 are used. If an exact IP address is provided, it is
             used as a management address without any check. If only negative patterns are
             provided, only one IPv4 and one IPv6 addresses are chosen. Otherwise, many of them
             can be selected. If you want to remove IPv6 addresses, you can use !*:*.  If an
             interface name is matched, the first IPv4 address and the first IPv6 address
             associated to this interface will be chosen.

     -u file
             Specify the Unix-domain socket used for communication with lldpctl(8).

     -I interfaces
             Specify which interface to listen and send LLDPDU to. Without this option, lldpd
             will use all available physical interfaces. This option can use wildcards. Several
             interfaces can be specified separated by commas.  It is also possible to remove an
             interface by prefixing it with an exclamation mark. It is possible to allow an
             interface by prefixing it with two exclamation marks. An allowed interface beats a
             forbidden interface which beats a simple matched interface. For example, with
             eth*,!eth1,!eth2 lldpd will only use interfaces starting by eth with the exception
             of eth1 and eth2.  While with *,!eth*,!!eth1 lldpd will use all interfaces, except
             interfaces starting by eth with the exception of eth1.  When an exact match is
             found, it will circumvent some tests. For example, if eth0.12 is specified, it will
             be accepted even if this is a VLAN interface.

     -C interfaces
             Specify which interfaces to use for computing chassis ID. Without this option, all
             interfaces are considered.  lldpd will take the first MAC address from all the
             considered interfaces to compute the chassis ID. The logic of this option is the
             same as for -I flag: you can exclude interfaces with an exclamation mark and use
             globbing to specify several interfaces. If all interfaces are removed (with !*), the
             system name is used as a chassis ID instead.

     -M class
             Enable emission of LLDP-MED frame. Depending on the selected class, the standard
             defines which set of TLV should be transmitted. See section 10.2.1. Some devices may
             be strict about this aspect. The class should be one of the following value:
             1     Generic Endpoint (Class I)
             2     Media Endpoint (Class II). In this case, the standard requires to define at
                   least one network policy through lldpcli.
             3     Communication Device Endpoints (Class III). In this case, the standard
                   requires to define at least one network policy through lldpcli.
             4     Network Connectivity Device

     -i      Disable LLDP-MED inventory TLV transmission.  lldpd will still receive (and publish
             using SNMP if enabled) those LLDP-MED TLV but will not send them. Use this option if
             you don't want to transmit sensible information like serial numbers.

     -H hide
             Filter neighbors. See section FILTERING NEIGHBORS for details.

     -L lldpcli
             Provide an alternative path to lldpcli for configuration. If empty, does not use
             lldpcli for configuration.

     -O configfile
             Override default configuration locations processed by lldpcli at start. If a
             directory is provided, each file contained in it will be read if ending by .conf.
             Order is alphabetical.

     -v      Show lldpd version. When repeated, show more build information.

FILTERING NEIGHBORS

     In a heterogeneous network, you may see several different hosts on the same port, even if
     there is only one physically plugged to this port. For example, if you have a Nortel switch
     running LLDP which is plugged to a Cisco switch running CDP and your host is plugged to the
     Cisco switch, you will see the Nortel switch as well because LLDP frames are forwarded by
     the Cisco switch. This may not be what you want. The -H hide parameter will allow you to
     tell lldpd to discard some frames that it receives and to avoid to send some other frames.

     Incoming filtering and outgoing filtering are unrelated. Incoming filtering will hide some
     remote ports to get you a chance to know exactly what equipment is on the other side of the
     network cable. Outgoing filtering will avoid to use some protocols to avoid flooding your
     network with a protocol that is not handled by the nearest equipment. Keep in mind that even
     without filtering, lldpd will speak protocols for which at least one frame has been received
     and LLDP otherwise (there are other options to change this behaviour, for example -cc, -ss,
     -ee, -ll and -ff ).

     When enabling incoming filtering, lldpd will try to select one protocol and filter out
     neighbors using other protocols. To select this protocol, the rule is to take the less used
     protocol. If on one port, you get 12 CDP neighbors and 1 LLDP neighbor, this mean that the
     remote switch speaks LLDP and does not filter CDP. Therefore, we select LLDP. When enabling
     outgoing filtering, lldpd will also try to select one protocol and only speaks this
     protocol. The filtering is done per port. Each port may select a different protocol.

     There are two additional criteria when enabling filtering: allowing one or several protocols
     to be selected (in case of a tie) and allowing one or several neighbors to be selected. Even
     when allowing several protocols, the rule of selecting the protocols with the less neighbors
     still apply. If lldpd selects LLDP and CDP, this means they have the same number of
     neighbors. The selection of the neighbor is random. Incoming filtering will select a set of
     neighbors to be displayed while outgoing filtering will use the selected set of neighbors to
     decide which protocols to use: if a selected neighbor speaks LLDP and another one CDP, lldpd
     will speak both CDP and LLDP on this port.

     There are some corner cases. A typical example is a switch speaking two protocols (CDP and
     LLDP for example). You want to get the information from the best protocol but you want to
     speak both protocols because some tools use the CDP table and some other the LLDP table.

     The table below summarize all accepted values for the -H hide parameter. The default value
     is 15 which corresponds to the corner case described above. The filter column means that
     filtering is enabled. The 1proto column tells that only one protocol will be kept. The
     1neigh column tells that only one neighbor will be kept.

                        incoming                outgoing
                filter  1proto  1neigh  filter  1proto  1neigh
           0
           1    x       x               x       x
           2    x       x
           3                            x       x
           4    x                       x
           5    x
           6                            x
           7    x       x       x       x       x
           8    x       x       x
           9    x               x       x       x
           10                           x               x
           11   x               x
           12   x               x       x               x
           13   x               x       x
           14   x       x               x               x
           15   x       x               x
           16   x       x       x       x               x
           17   x       x       x       x
           18   x                       x               x
           19   x                       x       x

FILES

     /run/lldpd.socket    Unix-domain socket used for communication with lldpctl(8).
     /etc/lldpd.conf      Configuration file for lldpd.  Commands in this files are executed by
                          lldpcli(8) at start.
     /etc/lldpd.d         Directory containing configuration files whose commands are executed by
                          lldpcli(8) at start.

SEE ALSO

     lldpctl(8), lldpcli(8), snmpd(8)

HISTORY

     The lldpd program is inspired from a preliminary work of Reyk Floeter.

AUTHORS

     The lldpd program was written by Pierre-Yves Ritschard <pyr@openbsd.org>, and Vincent Bernat
     <bernat@luffy.cx>.