LLDP in the lab

LLDP is the non proprietary version of CDP. This discovery protocol has applications that can make an administrators life much easier. Now with two physical devices I am going to implement LLDP on JUNOS with the EX-2200 and SRX110. First of all we need to note that the SRX hasvLLDP off by default. The EX has it enabled by default.

Enabling LLDP is not a hard but some considerations have been made. I personally would not like to enable it by default globally on a firewall. I don’t mind this on a switch that is internal to your enterprise. If it was a DMZ firewall or switch you should control who sees what. To allow it per interface you just denote what interface in the command.

[email protected]> show configuration protocols lldp                                            
interface all;

This default on the switch is okay as my switch is an internal device. Time to enable LLDP on the interface fe-0/0/7 of the SRX.

[email protected]# set protocols lldp interface fe-0/0/7.0

Now both of our devices have active LLDP, it is time to check out what our SRX and EX sees.

[email protected]> show lldp neighbors                                                            
Local Interface    Parent Interface    Chassis Id          Port info          System Name   
fe-0/0/7.0         -                   08:81:f4:a9:14:80   ge-0/1/0.0         EX2200-C

Now from the other side.

[email protected]> show lldp neighbors                                                          
Local Interface    Parent Interface    Chassis Id          Port info          System Name   
ge-0/1/0.0         -                   b0:a8:6e:66:e2:40   fe-0/0/7.0         SRX110

There we go. Easily configured and extremely helpful. I find LLDP useful when applied carefully. If you work in a secure environment I would suggest enabling it on a need to know basis!

Leave a Reply

Your email address will not be published. Required fields are marked *

*