What is LLDP Protocol (Link Layer Discovery Protocol)?

Quick definition: LLDP, or Link Layer Discovery Protocol, is an open protocol that allows switches, routers, and other devices to advertise information about themselves to directly connected neighbor devices, aiding in network management and troubleshooting.

Maintaining order is a high priority in networking. Everyone who has seen a messy rack of switches loaded with cable spaghetti will agree: things definitely trend towards and not away from chaos. Even with the best cabling jobs, it's still difficult to keep track of which switch is connected to which across multiple floors or buildings, and where crucial connections are from switches to routers.

What if there was a way for your network gear to keep up with what's connected to where on its own? Well, you're in luck, because this is exactly what LLDP is for! Let's take a look at this protocol, learn how it simplifies mapping our networks, and figure out how to configure and troubleshoot it.

What is LLDP?

LLDP (Link Layer Discovery Protocol) is a protocol that allows devices to discover and share information with other devices (typically routers and switches, not servers, which use SNMP). The information traded can include device IDs, interface names, capabilities, VLANs, MAC addresses, link aggregation information, and more. 

When LLDP is enabled on devices, they advertise information about themselves to their directly connected neighbors at regular intervals. Each device captures and records what its neighbors are telling it, which you can then see through that device's CLI or web interface.

LLDP is an important layer 2 protocol. It works on the link layer of the OS model, meaning it works outside of the restrictions of TCP/IP or even IP addresses. LLDP traffic is sent over the wire by MAC addresses, the physical address used by every network interface.

The advantage of using layer 2 is that every device connected by a networking cable can talk LLDP to each other, even if the devices have no assigned IP address. They can also be physically connected but on separate VLANs (logical networks) and still trade LLDP details. This makes management via LLDP super easy.

One important detail about LLDP is that it is an open protocol and can be used by any hardware vendor. It's a common misconception that LLDP is proprietary to Cisco; this is not the case. Cisco has a proprietary protocol similar to LLDP but more powerful called the CDP. Most vendors (Cisco included) implement LLDP, making it suitable for mixed network environments.

Is LLDP Secure?

The openness of how LLDP communicates can cause security concerns. Are devices broadcasting freely on the network a problem? Is compromising information or configurations being sent to anyone who cares to listen? 

Generally, LLDP is not considered a security threat. One advantage of it being a layer 2 protocol is that LLDP traffic will never leave the LAN, so no LLDP traffic will leak out of your network to the internet. 

Someone could use LLDP for reconnaissance; learning what makes and models of devices are on the network is not useless information. When in doubt, such as for high-security networks, disable LLDP on all devices. In any other case, the risk is generally acceptable.

What are the Benefits of LLDP?

Implementing LLDP has many advantages for the network admin, making your life easier and bringing order to a complex network.

The first benefit of LLDP is greater network visibility. LLDP can help you gain a comprehensive view of your entire network topology by clearly seeing how switches and routers are interconnected. Since this includes both cable connections and VLANs, the picture is inclusive of both physical and logical networks.

The next benefit of LLDP is simpler device management. There is no configuration required for LLDP except to enable it on your devices; the devices then begin advertising their information to any device that is listening. We'll learn how to enable LLDP in a minute.

LLDP's third benefit is how it helps in troubleshooting. Seeing the network topology at a glance can help trace down misconfigurations, missing VLAN tags, and faulting uplinks much quicker than performing the same checks manually.

How to Configure LLDP on Network Devices

Each vendor has their own style when it comes to CLI commands, but for LLDP, the setup is similar across the board. To find the specific instructions for your device, a quick Google of "enable LLDP [manufacturer] [model number]" should help you find the information you need. 

We'll use Cisco as an example. SSH to the device, run en for EXEC mode, conf t for configuration mode, then lldp run to globally enable LLDP on the device and start advertising on all interfaces.

There are lots of customizable options, but the defaults are usually sufficient. You can set the advertisement interval (how often info is sent out), enable LLDP on only certain interfaces, enable and disable the specific types of info that are sent (type-length values, or TLVs), and many other options.

One other important command to know is show lldp neighbors. As it says on the tin, this will show the LLDP info coming in from every connected device in the form of a table with interfaces, MAC address, device type, etc.

How to Troubleshoot LLDP

While setting up LLDP is pretty straightforward, you may occasionally run into issues with missing neighbors. Here are some common troubleshooting steps.

• Make sure LLDP is enabled on all devices and interfaces. A missing neighbor simply might not be advertising or have exclusions on specific interfaces.

• Check the timer intervals. Timers that are too aggressive may cause problems with excessive traffic. Timers that are too long might leave you waiting around to see your neighbor list update.

• Verify connectivity. Double-check physical connections, look for blinking link lights, and confirm interfaces aren't disabled.

Final Thoughts on LLDP 

LLDP is an effective tool every network admin should keep in their back pocket. Its easy setup makes it an ideal choice for network administrators who want to improve network topologies and make troubleshooting easier. Implementing it will help ensure your network is efficient and reliable. 

Preparing for the Network+ exam? Get ready with the Network+ Exam from CBT Nuggets courses.