LLMpediaThe first transparent, open encyclopedia generated by LLMs

Link Layer Discovery Protocol

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: CDP Hop 4
Expansion Funnel Raw 130 → Dedup 46 → NER 37 → Enqueued 29
1. Extracted130
2. After dedup46 (None)
3. After NER37 (None)
Rejected: 9 (not NE: 9)
4. Enqueued29 (None)
Similarity rejected: 6
Link Layer Discovery Protocol
NameLink Layer Discovery Protocol
CaptionLLDP packet format illustration
DeveloperIEEE
Introduced2005
StandardIEEE 802.1AB
RelatedCisco Discovery Protocol, CDP, LLDP-MED

Link Layer Discovery Protocol

Link Layer Discovery Protocol provides a vendor-neutral protocol for devices to advertise identity and capabilities across a local area network, enabling network mapping, topology discovery, and device management when used with Simple Network Management Protocol, SNMP, Network Management System, NMS platforms. LLDP was defined to interoperate with existing Ethernet switching fabrics, Data Center deployments, and Voice over IP infrastructures, and is frequently compared and integrated with vendor protocols such as Cisco Systems's Cisco Discovery Protocol, Juniper Networks solutions, and Extreme Networks products.

Overview

LLDP originated as an IEEE standard developed by working groups associated with IEEE 802.1 and published as IEEE 802.1AB to provide a standardized method for network devices to advertise identity and capabilities on a per-port basis. The protocol operates at the data link layer over Ethernet and is widely implemented across equipment from Cisco Systems, Juniper Networks, Arista Networks, Huawei, Hewlett Packard Enterprise, Dell Technologies, Brocade Communications Systems, Extreme Networks, and Mellanox Technologies. LLDP complements higher-layer management frameworks such as SNMP and NETCONF and integrates with orchestration tools from Red Hat, VMware, and Microsoft for inventory and topology functions. LLDP is often extended by initiatives including LLDP-MED for VoIP and Power over Ethernet management, and by vendor-specific TLVs in products from Avaya, Alcatel-Lucent Enterprise, and Ericsson.

Protocol Design and Operation

LLDP uses periodic transmission of multicast frames to advertise a device's chassis ID, port ID, time-to-live, and optional Type-Length-Value elements to directly connected neighbors. Frames are encapsulated in IEEE 802.3 Ethernet II and use a dedicated MAC address for link-local discovery; receipt and local MIB population enable topology construction by controllers and management stations such as Cisco Prime, SolarWinds, Nagios, Zabbix, and PRTG Network Monitor. LLDP integrates with VLAN-aware switches from Aruba Networks and supports per-port negotiation relevant to 802.1Q trunking and 802.1D bridging behavior. Neighbor information is stored in standardized MIBs accessible by SNMPv2, SNMPv3, and modern telemetry systems including sFlow and IPFIX, while orchestration platforms like Ansible and SaltStack can consume LLDP data for automated configuration. LLDP timers and retransmission behavior align with management requirements seen in data centers operated by organizations such as Google, Amazon Web Services, Microsoft Azure, and Facebook.

Message Types and TLVs

LLDP messages are composed of mandatory TLVs — Chassis ID, Port ID, and Time To Live — followed by optional TLVs that convey capabilities, management address, and system name. Optional TLVs include System Name, System Description, System Capabilities, Management Address, Port Description, and Organizationally Specific TLVs that enable extensions such as LLDP-MED for Cisco Unified Communications Manager and Avaya Aura environments. Vendors use Organizationally Specific TLVs to carry proprietary data in platforms from HPE Aruba, Juniper Junos, Cisco IOS, Brocade NOS, and Cumulus Networks. LLDP-MED defines TLVs for location, network policy, and power management to support emergency services and E911 deployments common in enterprise telephony. Software implementations such as OpenLLDP, lldpd, and components of Open vSwitch expose TLV parsing for integration with OpenStack and Kubernetes networking plugins.

Implementations and Vendor Extensions

LLDP is implemented in firmware and operating systems across a broad range of vendors: Cisco IOS, Juniper Junos, Arista EOS, Huawei VRP, Dell OS10, ExtremeXOS, MikroTik RouterOS, and Ubiquiti UniFi. Open-source projects include OpenBSD and FreeBSD implementations, as well as tools in Linux distributions like Debian, Ubuntu, Red Hat Enterprise Linux and CentOS via packages such as lldpd and openlldp. Vendors augment LLDP with proprietary TLVs—Cisco Discovery Protocol interactions, Nexus-specific extensions, and Mellanox SN telemetry—that supply additional inventory fields for data centers operated by Equinix, Digital Realty, and cloud providers. Management suites from SolarWinds, HPIMC, NetBrain, CA Technologies, and BMC Software consume LLDP data for asset discovery, while orchestration and service assurance tools from ServiceNow and Splunk correlate LLDP-derived topology with incident and change management workflows.

Security Considerations

LLDP is inherently unauthenticated and operates link-local, exposing discovery information to any directly connected device; this risk is addressed in secure deployments by isolating management networks via VLANs, 802.1X port-based network access control from vendors like Cisco and Fortinet, and by filtering LLDP at network edges using policy features in Aruba ClearPass, Juniper Network Access Control, and F5 Networks devices. Attacks such as LLDP spoofing, information disclosure, and topology poisoning have been demonstrated in academic research from institutions including MIT, Stanford University, Carnegie Mellon University, and ETH Zurich; mitigation strategies include strict port security, control-plane policing, and integration with RADIUS and TACACS+ authentication systems. Network segmentation practices by enterprises such as Bank of America and Walmart use LLDP selectively together with endpoint security and SIEM tools like IBM QRadar and Splunk Enterprise Security to reduce exposure.

Interoperability and Standards Compliance

LLDP compliance is governed by IEEE 802.1AB and profiles such as LLDP-MED and IEEE 802.3af/802.3at for Power over Ethernet coordination in multi-vendor environments. Interoperability testing is performed by vendor interoperability labs run by Ixia, Keysight Technologies, Spirent Communications, and industry consortia including MEF and ONF to validate behavior across product lines from Cisco, Juniper, Arista, Huawei, and HPE Aruba Networks. Standards bodies like IETF and IEEE publish guidance for TLV usage and MIB mappings to ensure management tools such as SNMP managers, NETCONF clients, and YANG models can consistently interpret LLDP data. Compliance programs and certifications from organizations including TÜV Rheinland and Underwriters Laboratories are sometimes sought by vendors to demonstrate interoperability and safety in critical deployments for healthcare and financial services sectors.

Category:Network protocols