Lldpd not working

dmonty2 · January 11, 2019, 6:26pm

On a Linksys E1200 V2 (Broadcom BCM53572)

I installed lldpd but it is not working. We extensively use lldpd to keep track of network topology.

I tried tcpdump and it shows packets being sent out but none received and the switch it is connected to shows workstations, voip phones and other switches but not openwrt. I also can not see lldp packets coming into the router.

tcpdump -vvv -i eth0 ether proto 0x88cc

This only shows outgoing packets.

I've tried this:

echo 16384 > /sys/class/net/br-lan/bridge/group_fwd_mask

I've tried cycling through "list interface" in /etc/config/lldpd:

lan
br-lan
eth0
eth0.1
eth0.2
lo
as well as commented out.

I've tried running it in debug mode from the command line.

lldpd -d -c -f -s -e -M 4
lldpd -d -c -f -s -e -M 4 -I eth0
lldpd -d -c -f -s -e -M 4 -I br-lan... etc.

Here is some lldpcli info showing no received packets waited several minutes as switch transmits every 30 seconds.

root@OpenWrt:~# lldpcli show statistics
-------------------------------------------------------------------------------
LLDP statistics:
-------------------------------------------------------------------------------
Interface:    br-lan
  Transmitted:  38
  Received:     0
  Discarded:    0
  Unrecognized: 0
  Ageout:       0
  Inserted:     0
  Deleted:      0
root@OpenWrt:~# lldpcli show neighbors
-------------------------------------------------------------------------------
LLDP neighbors:
-------------------------------------------------------------------------------

It looks like the network topology in the router is a switch with internal (hidden) eth0 that vlan tags each port on the switch.

root@OpenWrt:~# swconfig dev eth0 show
Global attributes:
	enable_vlan: 1
	ports: 0x003f
Port 0:
	pvid: 1
	link: port:0 link:up speed:100baseT full-duplex auto
Port 1:
	pvid: 1
	link: port:1 link:down
Port 2:
	pvid: 1
	link: port:2 link:down
Port 3:
	pvid: 1
	link: port:3 link:down
Port 4:
	pvid: 2
	link: port:4 link:down
Port 5:
	pvid: 1
	link: port:5 link:up speed:100baseT full-duplex 
VLAN 1:
	ports: 0 1 2 3 5t 
VLAN 2:
	ports: 4 5t

I checked iptables (filter, nat, mangle) for DROP/REJECT but and any adjustments in iptables didn't help.

Could it be that the "switch" or "bridge" or "vlan" portion of the router is somehow not passing lldp packets through?
How do I get lldpd working in openwrt?

dlakelan · January 11, 2019, 7:09pm

That seems plausible. On proper standalone smart switches obviously lldp packets don't pass from one port to other ports (because their whole purpose is to answer "which port is this object connected to?"). It's concievable that the switch on your router doesn't pass these packets either. It's not "supposed" to in some sense...

trendy · January 11, 2019, 7:10pm

Since tcpdump shows outgoing packets only, I'd focus on why there is nothing coming back. Tcpdump will capture something even if it is blocked by the firewall. Have you tried to connect on the same port with the same cable some other device that exchanges lldp frames without issues? Do you see anything on the switch?

dmonty2 · January 11, 2019, 9:02pm

port 1 <=> hp switch with lldp and cdp support enabled
port 2 <=> linux station with lldpd installed.

tcpdump and lldpcli shows:

no incoming lldp packets on openwrt.
no incoming lldp packets on linux station.
outgoing/transmitted lldp packets on both openwrt and linux station.

root@OpenWrt:~# lldpcli show statistics
-------------------------------------------------------------------------------
LLDP statistics:
-------------------------------------------------------------------------------
Interface:    eth0
  Transmitted:  90
  Received:     0
  Discarded:    0
  Unrecognized: 0
  Ageout:       0
  Inserted:     0
  Deleted:      0
-------------------------------------------------------------------------------

And on the linux station:

root@linux:~# lldpcli show st
-------------------------------------------------------------------------------
LLDP statistics:
-------------------------------------------------------------------------------
Interface:    enp0s25
  Transmitted:  2
  Received:     0
  Discarded:    0
  Unrecognized: 0
  Ageout:       0
  Inserted:     0
  Deleted:      0
-------------------------------------------------------------------------------

I also tried combinations of switch interface/vlan settings.
eth0:untagged port2:untagged
eth0:tagged port2:untagged
eth0:tagged port2:tagged

Also attaching lldpd to both eth0 and the vlan eth0.1(lan)

It looks like the problem is related to this...

dlakelan · January 11, 2019, 9:30pm

It sounds like your hardware switch on the board is swallowing these packets and they never actually go out of the physical ports of the device. since the OpenWrt OS is supposedly sending them out, can you look on your HP switch and see if it is aware of them / receives them? If so, then it's probably not the hardware on your OpenWrt if not, then it might well be the hardware filtering them.

dmonty2 · January 11, 2019, 10:22pm

That is probably the case. Hardware chip switch is masking off inbound and outbound broadcasts - so consumer based switch/router can't behave like an enterprise switch/router.

Is there anyone with a different router/chipset and similar interface topology able to get lldpd to work?
Default install of OpenWrt 18.06.1.
eth0 is the internal interface of device assigned to br-lan (switch port 5)
switch has vlan1 - untagged on ports 0 1 2 3(lan), tagged on 5(internal)
br-lan bridge assigned ip to to vlan1 (eth0.1)
vlan2 port4 is wan port.

serrgij · October 2, 2019, 6:36am

Hello. For bcm63xx/F@ST2704N lldp does not work for me too. And on MediaTek MT7621 (YouHua WR1200JS) everything is remarkable. Too works at tl-wr841 Tp-link. Does not work only at the tagged ports.

root@OpenWrt:~# lldpcli show neighbors
-------------------------------------------------------------------------------
LLDP neighbors:
-------------------------------------------------------------------------------
Interface:    eth0.10, via: LLDP, RID: 1, Time: 4 days, 22:46:25
  Chassis:
    ChassisID:    mac 08:19:a6:XX:XX:XX
    SysName:      VL002327
    SysDescr:     S3328TP-SI
                  Huawei Versatile Routing Platform Software
                   VRP (R) software,Version 5.70 (S3328 V100R006C05)
                   Copyright (C) 2003-2013 Huawei Technologies Co., Ltd.
    MgmtIP:       20.54.4.72
    Capability:   Bridge, on
  Port:
    PortID:       ifname Ethernet0/0/1
    PortDescr:    Ethernet0/0/1
    TTL:          120
-------------------------------------------------------------------------------
root@OpenWrt:~#

formatc · August 15, 2022, 9:36am

I would like to use LLDP to find and identify network participants via SIEMENS TIA Portal (S7 plc, PROFINET IO-devices etc.)

My PC (TIA Portal software) and a SIEMENS S7 plc are both connected to a switch (rt305x-esw) of a MediaTek MT7628AN based router running OpenWrt 21.02.3.

As long as "enable vlan functionality" is DEACTIVATED, TIA Portal detects the connected PLC immediatly.

Screenshot 2022-08-15 132633

This even works via WiFi when wireless is bridged to eth via OpenWrt.

Screenshot 2022-08-15 112013

However, as soon as I activate "enable vlan functionality" in OpenWrt, NO LLDP packets are received from the TIA Portal software via the switch. (while off course both switch ports are untaged in the same VLAN and the plc is pingable from the PC)

Unfortunately, it is not clear to me where these ethernet frames get stuck.

Can anyone help me figure out what's causing this and if it's possible to get LLDP working with VLAN support enabled?!

Many Thanks.

kreload · August 15, 2022, 6:55pm

The vlan interface that you want to use for lldp messages must be part of a bridge and the interface declared in the config file of lldpd must be the bridge. I used it this way on 12 routers without problems. This is for non-DSA switches - for DSA switches it may work too but i didn't tested.

formatc · August 16, 2022, 11:44am

I have tested some other routers...
one with a Lantiq XRX200 switch and another with Qualcomm Atheros QCA8337 (Linksys EA-8500).

Both routers / switches forward the lldp frames as expected.

While different routers with MediaTek hardware do NOT.

dlakelan · October 12, 2022, 11:50pm

Normally "smart" switches should not forward lldp packets. They are supposed to tell the switch what's connected to it so go just one hop. Dumb switches forward them along until the first "smart" switch receives it

paf · July 11, 2023, 1:30pm

Hello Maik,
Thanks for opening this topic also with PROFINET connection.

I Am also trying to accomplish wireless connection with ability to search devices on PROFINET network.
For me it is no luck yet.

Could you share your configuration on how did you bridged the "wireless to eth"?

I use the portable Wifi router/Extender TL-WR802N with only one LAN/WAN port and Wireless radio. I don't use any VLANS yet (or do I need one to make it work like yours?).
I set the Ethernet/WAN/LAN interface to be Static IP, so the router will supply needed IP to the unmanaged SCALANCE switch, and get acces to the network i want. Then to this interface i have attached also WiFi radio. Now if I Am connected trough WiFi, i can ping PLC and other devices on PN network, even I can connect to the PLC online from TIA Portal, but if i want to just search all accessible devices or assign PROFINET names i get an result of 0 devices found. Probbably it has something to do with layer 2 routing, but this is over my experience, i haven't found any setting for layer 2 actually.

I Am a little tech-y/IT guy, i like to dig in/deep dive into anything i have problem with.
So I connected the PC directly with Ethernet cable to SCALANCE switch, started WireShark in the background and then opened the TIA Portal to see the traffic, i found out that for device discovery from TIA, we don't use exactly LLDP packet but some kind of DCP packets specific for PN network. See picture below.

With the same PC, but now connected to WiFi trough router with configuration stated previously, i get no passtrough for these packets at all, so something block the communication trough the router.
You may have an idea or share your config.

formatc · July 11, 2023, 3:49pm

hi,

first off all: I used WR702N device in the past but with stock firmware. With stock firmware PLC discovery was working fine and i used it for years.

Later I used a GL.inet device with Atheros chipset (6416). On this device I also connected OpenVPN TAP to that bridge to be able to connect remotely and name any PN devices.

Devices with Mediatek switches did not work for me, even via ethernet directly on a device with more than one port. No idea why...

Did you deactivate VLAN functionality?? Did you bridge LAN and WLAN?? You dont need IP an IP for discovery.