Knowing what's connected in large networks is important. The bigger the network -- logically and physically --...
the easier it can be to get lost in the topology. Add in redundant links and link aggregation, and the challenge of knowing what connects to where gets even bigger. And the icing on the cake? Mixing network components from different vendors can hose your favorite device discovery protocol. But attempting to know your environment doesn't have to be the nightmare it often becomes. I'll tell you why.
First, some background: I'm part of a team that runs a large, mostly Cisco environment. "Mostly" has significance when it comes to device discovery. Cisco, like other network vendors, uses a proprietary protocol to allow network administrators to see what's connected directly to a box to which you have admin access. No doubt, this Cisco Discovery Protocol (CDP) screenshot will look quite familiar to many readers:
The command "show CDP neighbors" gives a brief table view of directly connected devices, whereas, "show CDP neighbors detail" enlarges the table and provides expanded insight into the connections between switches (is there a VLAN mismatch, perhaps?), as well as information on each device, including management IP address information.
So far so good, right? Well, what happens when my Cisco switch is connected to vendor X's hardware, and vendor X doesn't do CDP? Thankfully, you don't have to go without the powerful views afforded by CDP or a comparable proprietary discovery protocol if you toggle on the Link Layer Discovery Protocol (LLDP). LLDP is a widely available, but frequently ignored, answer to seeing adjacent network devices on mixed vendor networks. Let's consider a real-world example.
As I mentioned, my environment is mostly Cisco, but we also go with other vendors when it makes sense for us. Meraki has become our go-to solution in most of our branch locations in the United States and abroad, but Meraki access points (AP), like other third-party devices, have no switch interconnect visibility through CDP. In other words, the "show CDP neighbors" command returns nothing for them.
How LLDP changes the picture when assessing your network
Enter LLDP, which changes things for the better -- much better.
By default, LLDP is disabled on my Cisco Catalyst switches. Let's turn it on, and then look at those same Meraki APs with "show LLDP neighbors".
And then expand it out with "show LLDP neighbors detail".
That’s the stuff! But it gets even better when we talk about LLDP. The protocol is mature, is an actual standard (IEEE 802.1AB), and it can show far more than just interconnected network infrastructure devices from a mix of vendors. A number of VoIP phones and analog terminal adapters support LLDP, as do some CCTV cameras and other utility-type network hosts. It's one of those features that is easy to blow past at switch configuration time if disabled by default, but once you start using it, it can be invaluable for troubleshooting and mapping your environment.
Some environments use LLDP in the provisioning of devices like VoIP phones, but that's a different discussion. Just remember, like CDP, LLDP is a single-hop tool for device visibility in that you see directly connected devices (the next switch over when mapping the network), but not beyond. To see all interconnects -- from a core switch to a building aggregator switch and out to your edge switches -- you'd need to “show LLDP neighbors” from each switch
About the author:
Lee Badman is a network engineer and wireless technical lead for a large private university. He also teaches classes on networking, wireless network administration and wireless security.