Recently I needed to renew my Cisco CCNPs, that is both CCNP Routing and Switching as well as CCNP Security. While working with Cisco products (well now they own SourceFire, so exclude these) is not within my daily duties, I still thought it was important for me to maintain these two credentials. As a result, I've put together my notes below focusing on the key points I used to study. I believe that someone else may find them useful.
LLDP
- IEEE 802.1AB
- Allows for multi-vendor interoperability
- LLDP Unicast address 01-80-C2-00-00-0E
- LLDP does not support ATM or Frame Relay
- LLDP Disabled by default. Enabled with
SW1(config)#lldp run
- Supports Auto Negotiation
- Can show errors via
SecurityNik#show lldp errors
- Default LLDP sends advertisements every 30 seconds
- An environment can only used LLDP or LLDP-MED on an interface but not both at the same time
- LLDP-MED defines how a port transitions from LLDP-MED to LLDP when it detects a LLDP-MED capable device
- Runs on the data link layer L2
- Allows systems running different network layer protocol
- Uses a set of attributes to discover neighbour devices
- The attributes contain type, length and value descriptions, known as TLVs
- Advertises information such as configuration, device capabilities and device identity
- Basic Management TLvs include:
- Port description TLV
- Systen name TLV
- System description TLV
- System capabilities TLV
- Managemnt Address TLV
- Also advertises organizationally specific TLVs:
- Port VLAN ID TLV
MAC/PHY configuration/status
- Because switch stacks are seen as a single host, LLDP discovers the stack and not the individual stack members
- LLDP-MED
- LLDP-MED is an extension to LLDP which operates between endpoint devices such as IP Phones and network devices such as switches.
- Specifically supports for VoIP applications and traditional TLVs
- Can be used for capabilities discover, network policy, Power over Ethernet, inventory management and location information
- By default, all LLDP-MED TLVs are enabled
- Supported LLDP-MED:
- LLDP-MED capabilities TLVs: used to determining capabilities of connected supported devices which are enabled
- Network Policy TLV: Allows for connected endpoints to advertise VLAN configuration and associated Layer 2 and 3 attributes for specific port
- Power Management LTV: Allows switches and phone to convey power information, such as how much power is needed, priority, etc.
- Inventory Management: Allows sending of detailed inventory information about itself. Information includes hardware, firmware and software version, serial number, manufacturer, name, model name and asset ID TLVs
- Location TLV: Provides location information from the switch to the endpoint. This information includes Civic as well as ELIN location information
- Wired Location Service: This is used to send location and attachment tracking information for its connected devices to a Cisco Mobility Services Engine (MSE)
- Some of the information obtain when the client link is up based on its capabilities are:
- Slot and port specified in port connection
- MAC address specified in the client MAC address
- IP address specified in port connection
- 802.1x user name if application
- Device category specified as a wired station
- State specified as new
- Serial number, UDI
- Model number
- Time in seconds since the switch detected the association
- Some information obtained at link down includes
- Slot and port which was disconnected
- MAC address
- IP address
- 802.1x user name if application
- device category is specified as a wired station
- state is specified as delete
- Serial number, UDI
- TIme in seconds since the switch detected the disassociation
- LLDP disabled globally
- LLDP Holdtime 120
- LLDP Timer (update packet) 30 second
- LLDP reinitialization delay 2 seconds
- LLDP enabled on interfaces
- Uses 0 - 127
- LLDP is limited to Ethernet, Token Ring, FDDI
- Maximum number of neighbour is limited by the devices
- LLDP is unidirectional, only in advertising mode
- Does not monitor information or provide state changes
- Leverages Multicast address
- LLDP and CDP can operate on the same interface
- Has 3 classes
Generic - Class 1 - Basic - IP communications controllers
Media - class 2 - supporting streaming. Media gateways and conference bridges
Communication Device - class 3 - IP enabled endpoints, IP Phones, soft phones
References:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_55_se/configuration/guide/3560_scg/swlldp.html
https://www.cisco.com/c/en/us/td/docs/ios/cether/configuration/guide/ce_lldp-med.html
https://www.cisco.com/en/US/technologies/tk652/tk701/technologies_white_paper0900aecd804cd46d.html
No comments:
Post a Comment