The Link Layer Discovery Protocol (LLDP) is a vendor-neutral protocol that is used to advertise capabilities and information about the device. Every one of the NetAlly tools is designed to listen for LLDP frames that are reporting on the information contained in the frame. This information may contain the name of the switch, chassis number, slot, and port. When trying to determine where a wall jack is connected, this can eliminate the need to go to the wiring closet and trace the cable from the patch panel to the switch.
In this tech tip, we are going to take a look at what an LLDP frame looks like on the wire and how that information is displayed on the EtherScope® nXG. The capture app on the EtherScope® nXG was used to capture the network traffic. The capture was then uploaded to Link-Live™ and the capture was viewed using Wireshark.
Above is an LLDP frame as decoded by Wireshark. We can see there is a significant amount of information about the switch and the switch port contained in this frame. The information included in the frame will depend on the configuration and capabilities of the switch. Some switch manufacturers will enable LLDP by default, others may require LLDP to be enabled in the switch configuration. If the switch and port information is not displayed on your Netally tool when connecting to a port, you may need to enable LLDP on the switch.
By creating a filter on LLDP frames, we can see that these frames are being transmitted by the switch every 30 seconds. In some cases, the NetAlly tool may see a Cisco Discovery Frame (CDP) before it sees the LLDP frame. In that case, a device such as a phone may show up as the nearest switch. By refreshing the nearest switch information, the NetAlly tool will listen for the next LLDP frame. As seen above, this may take as long as the interval between these frames. In this case, the interval is 30 seconds.
Here is an example of the LLDP information displayed on the EtherScope® nXG. This lets us know that the EtherScope® nXG is plugged into port eth1/0/10 of the StudioCore switch. This information alone can save the time of trying to track down the wall jack to a switch and port. By attaching a comment to this test result with the jack number, this correlation between the wall jack and the switch port is saved in Link-Live™.
Some organizations disable protocols such as LLDP for security reasons. It is understandable that knowing this connectivity and configuration information could pose a security risk. If your organization chooses to disable LLDP, it is a good idea to enable it, document the connectivity, then disable LLDP. This will allow you to look up the wall jack to switch port mapping in Link-Live™, without exposing the switch information to anyone that plugs into the wall jack.