If LLDP does not work as expected, you’ll get very little information from lldpd by default. This article will show you how to get error messages from lldpd. In addition, the treatment of some possible errors with lldpd will be briefly discussed.
The lldpd is started from the script /etc/rc.vnet (entry in /etc/inittab), when the virtual I/O server is booted. The lldpd runs as a service under the control of the System Resource Controller SRC. For troubleshooting, it is recommended to stop the lldpd service and to start the daemon manually. The daemon has some undocumented options, including the “-d” and “-v” options. The option “-d” allows to start the daemon in the foreground. The option “-v” is only valid when using the option “-d” and ensures that messages (in particular error messages) of the lldpd are sent to the standard output:
/usr/sbin/lldpd [-A] [-d [-v]] -A accepting all supported LLDP multicast addresses -d run in foregrund (debugging) -v verbose output to standard out
By default, lldpd messages are logged via syslog (facility daemon). The lldpd is started by default by the SRC without any arguments.
We stop the service first and then start the daemon manually with the options “-d -v” on the command line. This requires root privileges (oem_setup_env):
padmin > oem_setup_env # stopsrc -s lldpd 0513-044 The lldpd Subsystem was requested to stop. # lldpd -d -v lldpd: 0810-013 starting lldpd lldpd: 0810-016 waiting for incoming message or signal …
In a second window, we start a query for the list of ports on which LLDP is used:
padmin> oem_setup_env # lldpctl show portlist lldpctl: 0812-001 lldpd is currently not managing any ports #
On our system, LLDP is currently not used on any port. The output of the lldpd is interesting:
lldpd: 0810-024 unix domain connection received lldpd: 0810-016 waiting for incoming message or signal lldpd: 0810-020 unix domain message received lldpd: 0810-070 received GETPORTLIST request lldpd: 0810-016 waiting for incoming message or signal
You can see from the output, that communication is performed using a unix domain socket (/var/run/lldpdsock), and then the list of ports is queried (GETPORTLIST).
Next, we enable LLDP on the shared ethernet adapter ent15. This can be done permanently, by setting the attribute lldpsvc=yes and the command lldpsync, or manually with the command lldpctl:
# lldpctl add ent15 lldpctl: 0812-005 successfully added port ent15 #
Again, let’s take a quick look at the output of lldpd:
lldpd: 0810-024 unix domain connection received lldpd: 0810-016 waiting for incoming message or signal lldpd: 0810-020 unix domain message received lldpd: 0810-076 received ADDPORT request lldpd: 0810-023 sending LLDPDU on port ent15 lldpd: 0810-079 port ent15 added successfully lldpd: 0810-016 waiting for incoming message or signal …
Again, you can see a connection using a unix domain socket and the registering of the port (ADDPORT). In addition, an LLDP packet is then sent immediately by the lldpd.
A few seconds later, one or more LLDP packets should have arrived from the connected switch, here is the corresponding output of the lldpd:
lldpd: 0810-016 waiting for incoming message or signal lldpd: 0810-022 LLDPDU received on port ent15 lldpd: 0810-040 processing frame lldpd: 0810-043 neighbor LLDPDU is valid lldpd: 0810-047 updating existing neighbor lldpd: 0810-048 starting rxInfoTTL timer (120 seconds) on port ent15 lldpd: 0810-008 checking EVB status
The switch should now be known on the virtual I/O server! We check this by querying the neighbor information with the command lldpctl:
# lldpctl show neighbor ent15 MSAP: XX:XX:XX:XX:XX:XX Eth101/1/5 Received on port: ent15 TLVs: Chassis ID: XX:XX:XX:XX:XX:XX (MAC address) Port ID: Eth101/1/5 (locally assigned) TTL: 120 Port Description: Ethernet101/1/5 System Name: switch01 System Description: Cisco Nexus Operating System (NX-OS) Software 9.2(2) ... #
As the output shows, the switch is a Cisco switch. The messages of the lldpd due to the command are the following:
lldpd: 0810-016 waiting for incoming message or signal lldpd: 0810-020 unix domain message received lldpd: 0810-073 received GETNEIGHBOR request
Next, let’s look at a case where LLDP can not be successfully activated. We show this using another shared ethernet adapter, ent10. Again, we manually enable LLDP on the adapter again:
# lldpctl add ent10 lldpctl: 0812-005 successfully added port ent10 #
This looks pretty good at first, and the messages from lldpd confirm this:
lldpd: 0810-024 unix domain connection received lldpd: 0810-016 waiting for incoming message or signal lldpd: 0810-020 unix domain message received lldpd: 0810-076 received ADDPORT request lldpd: 0810-023 sending LLDPDU on port ent10 lldpd: 0810-079 port ent10 added successfully
However, if you wait some time (maximum 2 minutes), and then try to display the information on the neighbor (switch), you get the following error message:
# lldpctl show neighbor ent10 lldpctl: 0812-003 failed to get neighbor information on port ent10 lldpctl: 0812-013 neighbor information is not available for port ent10 #
One possibility, of course, is that the switch does not send any LLDP packets. In that case, of course, there is no information about the switch using LLDP.
We look at the output of the lldpd and find the following messages for ent10 at regular intervals:
lldpd: 0810-016 waiting for incoming message or signal lldpd: 0810-022 LLDPDU received on port ent10 lldpd: 0810-040 processing frame lldpd: 0810-050 not sent to LLDP multicast address lldpd: 0810-042 frame was discarded
An LLDP packet has apparently arrived (LLDPDU received on port ent10), has been processed (processing frame) and was then discarded (frame was discarded), because it has not been sent to the expected LLDP multicast address.
We take a closer look at the LLDP packets on the shared ethernet adapter ent10 with tcpdump. We first bring the associated interface “up”:
# chdev -l en10 -a state=up en10 changed #
Then we start tcpdump on the interface. We are only interested in LLDP packets (type/proto is 0x88cc):
# tcpdump -i en11 -e -n -v ether proto 0x88cc tcpdump: WARNING: BIOCPROMISC: Operation not supported on socket tcpdump: listening on en11, link-type EN10MB (Ethernet), capture size 262144 bytes 12:19:43.103134 XX:XX:XX:XX:XX:XX > 01:80:c2:00:00:0e, ethertype LLDP (0x88cc), length 345: LLDP, length 331 Chassis ID TLV (1), length 7 Subtype MAC address (4): XX:XX:XX:XX:XX:XX Port ID TLV (2), length 12 Subtype Local (7): Eth120/1/17 Time to Live TLV (3), length 2: TTL 120s Port Description TLV (4), length 16: Ethernet120/1/17 System Name TLV (5), length 25: switch13 System Description TLV (6), length 149 Cisco Nexus Operating System (NX-OS) Software\0x0aTAC support: http://www.cisco.com/tac\0x0aCopyright (c) 2002-2014, Cisco Systems, Inc. All rights reserved. System Capabilities TLV (7), length 4 System Capabilities [Bridge] (0x0004) Enabled Capabilities [Bridge] (0x0004) Management Address TLV (8), length 12 Management Address length 5, AFI IPv4 (1): X.X.X.X Interface Index Interface Numbering (2): 83886080 …
The switch sends the LLDP packets to the multicast address 01: 80: c2: 00: 00: 0e, but by default the lldpd daemon expects the packets to be sent to the multicast address 01: 80: c2: 00: 00: 00. A request to IBM Support showed that the lldpd daemon can be started with the (undocumented) option “-A” to recognize the multicast address 01: 80: c2: 00: 00: 0e in addition. We will try this out by stopping the lldpd (Control-C) and then restarting it and adding the option “-A“:
(Control-C) # lldpd -d -v -A lldpd: 0810-013 starting lldpd lldpd: 0810-016 waiting for incoming message or signal
As before, we manually add the adapter ent10 back to the port list:
# lldpctl add ent10 lldpctl: 0812-005 successfully added port ent10 #
After a short time the lldpd daemon shows messages about incoming LLDP packets and this time they are considered as valid:
lldpd: 0810-016 waiting for incoming message or signal lldpd: 0810-022 LLDPDU received on port ent10 lldpd: 0810-040 processing frame lldpd: 0810-043 neighbor LLDPDU is valid lldpd: 0810-047 updating existing neighbor lldpd: 0810-048 starting rxInfoTTL timer (120 seconds) on port ent10 lldpd: 0810-008 checking EVB status
We stop tcpdump and remove the interface en10:
# rmdev -l en10 en10 Defined #
Since the lldpd daemon is started at boot time via SRC, we add the argument “-A” for the lldpd in the ODM:
# chssys –s lldpd –a –A 0513-077 Subsystem has been changed. #
The problem should be solved. We stop the interactively started lldpd daemon and activate lldpd again via the SRC:
(Control-C) Beenden des lldpd # startsrc -s lldpd 0513-059 The lldpd Subsystem has been started. Subsystem PID is 23396416. # ps -ef|grep lldpd root 21954710 22609950 0 12:36:33 pts/0 0:00 grep lldpd root 23396416 7209188 0 12:36:28 - 0:00 /usr/sbin/lldpd -A #
The lldpd daemon has now been started with the option “-A” as the ps-output confirms.
For all shared Ethernet adapters where LLDP is to be used, the attribute lldpsvc=yes should be set. These are then automatically made known to the lldpd daemon at boot time:
# chdev –l ent10 –a lldpdvc=yes ent11 changed #
The lldpsync command can be used to manually register the configured shared sthernet adapters with the lldpd daemon:
# lldpsync #
(For newer versions of IOS, setting the attribute is enough, starting lldpsync is not necessary.)
# lldpctl show portlist ent15 ent10 #