Hide unwanted remote ports just after receiving information about them.

[thirdparty/lldpd.git] / man / lldpd.8

.\" Copyright (c) 2006 Pierre-Yves Ritschard <pyr@openbsd.org>
.\" Copyright (c) 2008 Vincent Bernat <bernat@luffy.cx>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: August 21 2008 $
.Dt LLDPD 8
.Os
.Sh NAME
.Nm lldpd
.Nd LLDP daemon
.Sh SYNOPSIS
.Nm
.Op Fl dxcseikl
.Op Fl S Ar description
.Op Fl X Ar socket
.Op Fl m Ar management
.Op Fl M Ar class
.Op Fl H Ar hide
.Sh DESCRIPTION
.Nm
is a daemon able to receive and send
.Em LLDP
frames. The Link Layer Discovery Protocol is a vendor-neutral Layer 2
protocol that allows a network device to advertise its identity and
capabilities on the local network.
.Pp
.Nm
also implements an SNMP subagent using AgentX protocol to interface to
a regular SNMP agent like Net-SNMP. To enable this subagent, you need
something like that in your
.Xr snmpd.conf 5 :
.Bd -literal -offset indent
master agentx
.Ed
.Pp
This daemon implements both reception and sending. It will collect
various information to send LLDP frames to all Ethernet interfaces,
including management address, speed and VLAN names.
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl d
Do not daemonize.
If this option is specified,
.Nm
will run in the foreground and log to
.Em stderr .
This option can be specified many times to increase verbosity.
.It Fl k
Disable advertising of kernel release, version and machine. Kernel name
(ie: Linux) will still be shared, and Inventory software version will be set
to 'Unknown'.
.It Fl S Ar description
Override system description with the provided description. The default
description is the kernel name, the node name, the kernel version, the
build date and the architecture (except if you use the
.Fl k
flag described above).
.It Fl x
Enable SNMP subagent.
With this option,
.Nm
will enable an SNMP subagent using AgentX protocol. This allows to get
information about local system and remote systems through SNMP.
.It Fl X Ar socket
Enable SNMP subagent using the specified socket.
.Nm
will enable an SNMP subagent using AgentX protocol for the given
socket. This option implies the previous one. The default socket is
usally
.Em /var/agentx/master .
You can specify a socket like
.Em tcp:127.0.0.1:705
for example. Since the process that will open this socket is enclosed
in a chroot, you need to specify an IP address (not a hostname) when
using a TCP or UDP socket.
.It Fl c
Enable the support of CDP protocol to deal with Cisco routers that do
not speak LLDP. If repeated, CDPv1 packets will be sent even when
there is no CDP peer detected.
.It Fl f
Enable the support of FDP protocol to deal with Foundry routers that do
not speak LLDP. If repeated, FDP packets will be sent even when there
is no FDP peer detected.
.It Fl s
Enable the support of SONMP protocol to deal with Nortel routers and
switches that do not speak LLDP. If repeated, SONMP packets will be
sent even when there is no SONMP peer detected.
.It Fl e
Enable the support of EDP protocol to deal with Extreme routers and
switches that do not speak LLDP. If repeated, EDP packets will be sent
even when there is no EDP peer detected.
.It Fl l
Force to send LLDP packets even when there is no LLDP peer detected
but there is a peer speaking another protocol detected. By default,
LLDP packets are sent when there is a peer speaking LLDP detected or
when there is no peer at all.
.It Fl m Ar management
Specify the management address of this system.
.Nm
only sends one management address. It will use the first one that it
finds or the one that you specify with this option. This option can
use wildcards.
.It Fl M Ar class
Enable emission of LLDP-MED frame. The class should be one of the
following value:
.Bl -tag -width "0:XX" -compact
.It Sy 1
Generic Endpoint (Class I)
.It Sy 2
Media Endpoint (Class II)
.It Sy 3
Communication Device Endpoints (Class III)
.It Sy 4
Network Connectivity Device
.El
.It Fl i
Disable LLDP-MED inventory TLV transmission.
.Nm
will still receive (and publish using SNMP if enabled) those LLDP-MED
TLV but will not send them. Use this option if you don't want to
transmit sensible information like serial numbers.
.It Fl H Ar hide
Filter neighbors. See section
.Sx FILTERING NEIGHBORS
for details.
.El
.Sh FILTERING NEIGHBORS
In a heterogeneous network, you may see several different hosts on the
same port, even if there is only one physically plugged to this
port. For example, if you have a Nortel switch running LLDP which is
plugged to a Cisco switch running CDP and your host is plugged to the
Cisco switch, you will see the Nortel switch as well because LLDP
frames are forwarded by the Cisco switch. This may not be what you
want. The
.Fl H Ar hide
parameter will allow you to tell
.Nm
to discard some frames that it receives and to avoid to send some
other frames.
.Pp
Incoming filtering and outgoing filtering are
unrelated. Incoming filtering will hide some remote ports to get you a
chance to know exactly what equipment is on the other side of the
network cable. Outgoing filtering will avoid to use some protocols to
avoid flooding your network with a protocol that is not handled by the
nearest equipment. Keep in mind that even without filtering,
.Nm
will speak protocols for which at least one frame has been received
and LLDP otherwise (there are other options to change this behaviour,
for example
.Fl cc , ss , ee , ll
and
.Fl ff
).
.Pp
When enabling incoming filtering,
.Nm
will try to select one protocol and filter out neighbors using other
protocols. To select this protocol, the rule is to take the less used
protocol. If on one port, you get 12 CDP neighbors and 1 LLDP
neighbor, this mean that the remote switch speaks LLDP and does not
filter CDP. Therefore, we select LLDP. When enabling outgoing
filtering,
.Nm
will also try to select one protocol and only speaks this
protocol. The filtering is done per port. Each port may select a
different protocol.
.Pp
There are two additional criteria when enabling filtering: allowing
one or several protocols to be selected (in case of a tie) and
allowing one or several neighbors to be selected. Even when allowing
several protocols, the rule of selecting the protocols with the less
neighbors still apply. If
.Nm
selects LLDP and CDP, this means they have the same number of
neighbors. The selection of the neighbor is random. Incoming filtering
will select a set of neighbors to be displayed while outgoing
filtering will use the selected set of neighbors to decide which
protocols to use: if a selected neighbor speaks LLDP and another one
CDP,
.Nm
will speak both CDP and LLDP on this port.
.Pp
There are some corner cases. A typical example is a switch speaking
two protocols (CDP and LLDP for example). You want to get the
information from the best protocol but you want to speak both
protocols because some tools use the CDP table and some other the LLDP
table.
.Pp
The table below summarize all accepted values for the
.Fl H Ar hide
parameter. The default value is
.Em 15
which corresponds to the corner case described above. The
.Em filter
column means that filtering is enabled. The
.Em 1proto
column tells that only one protocol will be kept. The
.Em 1neigh
column tells that only one neighbor will be kept.
.Pp
.Bl -column -compact -offset indent "HXXX" "filterX" "1protoX" "1neighX" "filterX" "1protoX" "1neighX"
.It Ta Ta incoming Ta Ta outgoing Ta
.It Ta Em filter Ta Em 1proto Ta Em 1neigh Ta Em filter Ta Em 1proto Ta Em 1neigh
.It Em 0  Ta   Ta   Ta   Ta   Ta   Ta  
.It Em 1  Ta x Ta x Ta   Ta x Ta x Ta  
.It Em 2  Ta x Ta x Ta   Ta   Ta   Ta  
.It Em 3  Ta   Ta   Ta   Ta x Ta x Ta  
.It Em 4  Ta x Ta   Ta   Ta x Ta   Ta  
.It Em 5  Ta x Ta   Ta   Ta   Ta   Ta  
.It Em 6  Ta   Ta   Ta   Ta x Ta   Ta  
.It Em 7  Ta x Ta x Ta x Ta x Ta x Ta  
.It Em 8  Ta x Ta x Ta x Ta   Ta   Ta  
.It Em 9  Ta x Ta   Ta x Ta x Ta x Ta  
.It Em 10 Ta   Ta   Ta   Ta x Ta   Ta x
.It Em 11 Ta x Ta   Ta x Ta   Ta   Ta  
.It Em 12 Ta x Ta   Ta x Ta x Ta   Ta x
.It Em 13 Ta x Ta   Ta x Ta x Ta   Ta  
.It Em 14 Ta x Ta x Ta   Ta x Ta   Ta x
.It Em 15 Ta x Ta x Ta   Ta x Ta   Ta  
.It Em 16 Ta x Ta x Ta x Ta x Ta   Ta x
.It Em 17 Ta x Ta x Ta x Ta x Ta   Ta  
.It Em 18 Ta x Ta   Ta   Ta x Ta   Ta x
.It Em 19 Ta x Ta   Ta   Ta x Ta x Ta  
.El
.Sh FILES
.Bl -tag -width "/var/run/lldpd.socketXX" -compact
.It /var/run/lldpd.socket
Unix-domain socket used for communication with
.Xr lldpctl 8 .
.El
.Sh SEE ALSO
.Xr lldpctl 8 ,
.Xr snmpd 8
.Sh HISTORY
The
.Nm
program is inspired from a preliminary work of Reyk Floeter.
.Sh AUTHORS
.An -nosplit
The
.Nm
program was written by
.An Pierre-Yves Ritschard Aq pyr@openbsd.org ,
and
.An Vincent Bernat Aq bernat@luffy.cx .