- Preface
- Using the Command-Line Interface
-
- Configuring Spanning Tree Protocol
- Configuring Multiple Spanning-Tree Protocol
- Configuring Optional Spanning-Tree Features
- Configuring EtherChannels
- Configuring Link-State Tracking
- Configuring Flex Links and the MAC Address-Table Move Update Feature
- Configuring UniDirectional Link Detection
- Configuring Resilient Ethernet Protocol
-
- Security Features Overview
- Preventing Unauthorized Access
- Controlling Switch Access with Passwords and Privilege Levels
- Configuring TACACS+
- Configuring RADIUS
- Configuring Kerberos
- Configuring Local Authentication and Authorization
- Configuring Secure Shell (SSH)
- Configuring Secure Socket Layer HTTP
- Configuring IPv4 ACLs
- Configuring IPv6 ACLs
- Configuring DHCP
- Configuring IP Source Guard
- Configuring Dynamic ARP Inspection
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring Web-Based Authentication
- Configuring Port-Based Traffic Control
- Configuring IPv6 First Hop Security
- Configuring Cisco TrustSec
- Configuring FIPS
- Index
- Finding Feature Information
- LLDP, LLDP-MED, and Wired Location Service Overview
- How to Configure LLDP, LLDP-MED, and Wired Location Service
Configuring LLDP, LLDP-MED, and Wired Location Service
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
LLDP, LLDP-MED, and Wired Location Service Overview
LLDP
The Cisco Discovery Protocol (CDP) is a device discovery protocol that runs over Layer 2 (the data link layer) on all Cisco-manufactured devices (routers, bridges, access servers, switches, and controllers). CDP allows network management applications to automatically discover and learn about other Cisco devices connected to the network.
To support non-Cisco devices and to allow for interoperability between other devices, the switch supports the IEEE 802.1AB Link Layer Discovery Protocol (LLDP). LLDP is a neighbor discovery protocol that is used for network devices to advertise information about themselves to other devices on the network. This protocol runs over the data-link layer, which allows two systems running different network layer protocols to learn about each other.
LLDP Supported TLVs
LLDP supports a set of attributes that it uses to discover neighbor devices. These attributes contain type, length, and value descriptions and are referred to as TLVs. LLDP supported devices can use TLVs to receive and send information to their neighbors. This protocol can advertise details such as configuration information, device capabilities, and device identity.
The switch supports these basic management TLVs. These are mandatory LLDP TLVs.
These organizationally specific LLDP TLVs are also advertised to support LLDP-MED.
LLDP and Cisco Switch Stacks
A switch stack appears as a single switch in the network. Therefore, LLDP discovers the switch stack, not the individual stack members.
LLDP and Cisco Medianet
When you configure LLDP or CDP location information on a per-port basis, remote devices can send Cisco Medianet location information to the switch. For information, go to http://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_cdp_discover.html.
LLDP-MED
LLDP for Media Endpoint Devices (LLDP-MED) is an extension to LLDP that operates between endpoint devices such as IP phones and network devices such as switches. It specifically provides support for voice over IP (VoIP) applications and provides additional TLVs for capabilities discovery, network policy, Power over Ethernet, inventory management and location information. By default, all LLDP-MED TLVs are enabled.
LLDP-MED Supported TLVs
-
Allows LLDP-MED endpoints to determine the capabilities that the connected device supports and has enabled.
-
Allows both network connectivity devices and endpoints to advertise VLAN configurations and associated Layer 2 and Layer 3 attributes for the specific application on that port. For example, the switch can notify a phone of the VLAN number that it should use. The phone can connect to any switch, obtain its VLAN number, and then start communicating with the call control.
By defining a network-policy profile TLV, you can create a profile for voice and voice-signaling by specifying the values for VLAN, class of service (CoS), differentiated services code point (DSCP), and tagging mode. These profile attributes are then maintained centrally on the switch and propagated to the phone.
-
Enables advanced power management between LLDP-MED endpoint and network connectivity devices. Allows switches and phones to convey power information, such as how the device is powered, power priority, and how much power the device needs.
LLDP-MED also supports an extended power TLV to advertise fine-grained power requirements, end-point power priority, and end-point and network connectivity-device power status. LLDP is enabled and power is applied to a port, the power TLV determines the actual power requirement of the endpoint device so that the system power budget can be adjusted accordingly. The switch processes the requests and either grants or denies power based on the current power budget. If the request is granted, the switch updates the power budget. If the request is denied, the switch turns off power to the port, generates a syslog message, and updates the power budget. If LLDP-MED is disabled or if the endpoint does not support the LLDP-MED power TLV, the initial allocation value is used throughout the duration of the connection.
You can change power settings by entering the power inline {auto [max max-wattage] | never | static [max max-wattage]} interface configuration command. By default the PoE interface is in auto mode; If no value is specified, the maximum is allowed (30 W).
-
Allows an endpoint to send detailed inventory information about itself to the switch, including information hardware revision, firmware version, software version, serial number, manufacturer name, model name, and asset ID TLV.
-
Provides location information from the switch to the endpoint device. The location TLV can send this information:
-
Provides the civic address information and postal information. Examples of civic location information are street address, road name, and postal community name information.
-
Provides the location information of a caller. The location is determined by the Emergency location identifier number (ELIN), which is a phone number that routes an emergency call to the local public safety answering point (PSAP) and which the PSAP can use to call back the emergency caller.
-
Wired Location Service
The switch uses the location service feature to send location and attachment tracking information for its connected devices to a Cisco Mobility Services Engine (MSE). The tracked device can be a wireless endpoint, a wired endpoint, or a wired switch or controller. The switch notifies the MSE of device link up and link down events through the Network Mobility Services Protocol (NMSP) location and attachment notifications.
The MSE starts the NMSP connection to the switch, which opens a server port. When the MSE connects to the switch there are a set of message exchanges to establish version compatibility and service exchange information followed by location information synchronization. After connection, the switch periodically sends location and attachment notifications to the MSE. Any link up or link down events detected during an interval are aggregated and sent at the end of the interval.
When the switch determines the presence or absence of a device on a link-up or link-down event, it obtains the client-specific information such as the MAC address, IP address, and username. If the client is LLDP-MED- or CDP-capable, the switch obtains the serial number and UDI through the LLDP-MED location TLV or CDP.
Depending on the device capabilities, the switch obtains this client information at link up:
Depending on the device capabilities, the switch obtains this client information at link down:
When the switch shuts down, it sends an attachment notification with the state delete and the IP address before closing the NMSP connection to the MSE. The MSE interprets this notification as disassociation for all the wired clients associated with the switch.
If you change a location address on the switch, the switch sends an NMSP location notification message that identifies the affected ports and the changed address information.
Default LLDP Configuration
Disabled to send all LLDP-MED TLVs. When LLDP is globally enabled, LLDP-MED-TLV is also enabled. |
Restrictions for LLDP
-
If the interface is configured as a tunnel port, LLDP is automatically disabled.
-
If you first configure a network-policy profile on an interface, you cannot apply the switchport voice vlan command on the interface. If the switchport voice vlan vlan-id is already configured on an interface, you can apply a network-policy profile on the interface. This way the interface has the voice or voice-signaling VLAN network-policy profile applied on the interface.
-
You cannot configure static secure MAC addresses on an interface that has a network-policy profile.
How to Configure LLDP, LLDP-MED, and Wired Location Service
- Enabling LLDP
- Configuring LLDP Characteristics
- Configuring LLDP-MED TLVs
- Configuring Network-Policy TLV
- Configuring Location TLV and Wired Location Service
Enabling LLDP
1.
enable
9.
copy running-config
startup-config
DETAILED STEPS
Configuring LLDP Characteristics
You can configure the frequency of LLDP updates, the amount of time to hold the information before discarding it, and the initialization delay time. You can also select the LLDP and LLDP-MED TLVs to send and receive.
Note | Steps 2 through 5 are optional and can be performed in any order. |
1.
enable
11.
copy running-config
startup-config
DETAILED STEPS
Configuring LLDP-MED TLVs
By default, the switch only sends LLDP packets until it receives LLDP-MED packets from the end device. It then sends LLDP packets with MED TLVs, as well. When the LLDP-MED entry has been aged out, it again only sends LLDP packets.
1.
enable
6.
copy running-config
startup-config
DETAILED STEPS
Configuring Network-Policy TLV
1.
enable
3.
network-policy
profile
profile number
4. {voice | voice-signaling} vlan [vlan-id {cos cvalue | dscp dvalue}] | [[dot1p {cos cvalue | dscp dvalue}] | none | untagged]
7.
network-policy
profile number
8.
lldp
med-tlv-select network-policy
10.
show
network-policy profile
11.
copy running-config
startup-config
DETAILED STEPS
Configuring Location TLV and Wired Location Service
Beginning in privileged EXEC mode, follow these steps to configure location information for an endpoint and to apply it to an interface.
2.
location {admin-tag string | civic-location identifier {id | host} | elin-location string identifier id | custom-location identifier {id | host} | geo-location identifier {id | host}}
5.
location {additional-location-information word | civic-location-id {id | host} | elin-location-id id | custom-location-id {id | host} | geo-location-id {id | host} }
DETAILED STEPS
Enabling Wired Location Service on the Switch
For wired location to function, you must first enter the ip device tracking global configuration command.
1.
enable
3.
nmsp notification
interval {attachment |
location}
interval-seconds
DETAILED STEPS
Configuration Examples for LLDP, LLDP-MED, and Wired Location Service
Configuring Network-Policy TLV: Examples
This example shows how to configure VLAN 100 for voice application with CoS and to enable the network-policy profile and network-policy TLV on an interface:
Switch# configure terminal Switch(config)# network-policy 1 Switch(config-network-policy)# voice vlan 100 cos 4 Switch(config-network-policy)# exit Switch(config)# interface gigabitethernet1/0/1 Switch(config-if)# network-policy profile 1 Switch(config-if)# lldp med-tlv-select network-policy
This example shows how to configure the voice application type for the native VLAN with priority tagging:
Switchconfig-network-policy)# voice vlan dot1p cos 4 Switchconfig-network-policy)# voice vlan dot1p dscp 34
Monitoring and Maintaining LLDP, LLDP-MED, and Wired Location Service
Commands for monitoring and maintaining LLDP, LLDP-MED, and wired location service.
Command |
Description |
---|---|
Resets the traffic counters to zero. |
|
Deletes the LLDP neighbor information table. |
|
Clears the NMSP statistic counters. |
|
Displays global information, such as frequency of transmissions, the holdtime for packets being sent, and the delay time before LLDP initializes on an interface. |
|
Displays information about a specific neighbor. You can enter an asterisk (*) to display all neighbors, or you can enter the neighbor name. |
|
Displays information about interfaces with LLDP enabled. You can limit the display to a specific interface. |
|
Displays information about neighbors, including device type, interface type and number, holdtime settings, capabilities, and port ID. You can limit the display to neighbors of a specific interface or expand the display for more detailed information. |
|
Displays LLDP counters, including the number of packets sent and received, number of packets discarded, and number of unrecognized TLVs. |
|
Displays the location information for the specified administrative tag or site. |
|
Displays the location information for a specific global civic location. |
|
Displays the location information for an emergency location |
|
Displays the configured network-policy profiles. |
|
Displays the NMSP information |
Additional References for LLDP, LLDP-MED, and Wired Location Service
Error Message Decoder
Description | Link |
---|---|
To help you research and resolve system error messages in this release, use the Error Message Decoder tool. |
https://www.cisco.com/cgi-bin/Support/Errordecoder/index.cgi |
MIBs
MIB | MIBs Link |
---|---|
All supported MIBs for this release. |
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: |
Technical Assistance
Description | Link |
---|---|
The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. |
Feature Information for LLDP, LLDP-MED, and Wired Location Service
Release |
Modification |
---|---|
Cisco IOS 15.0(2)EX1 |
This feature was introduced. |