In this article, we go through CDP and LLDP, how to Enable Link Layer Discovery Protocol (LLDP) in vSwitch, and for vDS and how to check the information in vCenter provided by this feature.
This week we installed new ESXi hosts from a remote location. Since we did not have access to the Switches/ESXi hosts, we needed to double-check if the cabling was correct and which interface was connected to which switch port.
When you have your vCenter and all VMware Infrastructure installed, this is easy to enable and discover. By using CDP (for CISCO) or Link Layer Discovery Protocol (LLDP for HP, Juniper, or other brands), Network teams can quickly get this information, and even we can check this in the vCenter (see images below).
Since this was a new installation(new Switches, ESXi hosts, etc.), there was no vCenter and no Storage Network (we still need to check where and which cables are connected). Since only one vSwitch was created in the ESXi, I remember there was a way to configure this LLDP (we were using Juniper Switches) in the vSwitch using the vsish command.
Different ways to grab Physical Switches vs Virtual Switches information :
Listen mode – The ESXi/ESX host detects and displays information about the associated Cisco switch port, but information about the vSwitch is not available to the Cisco, Switch administrator.
Advertise mode – The ESXi/ESX host makes information about the vSwitch available to the Cisco switch administrator but does not detect and display information about the Cisco switch.
Both mode – The ESXi/ESX host detects and displays information about the associated Cisco switch and makes information about the vSwitch available to the Cisco, switch administrator.
Note: Depending on your Network / Virtual environment, you can choose any of these options. Most of our implementations are set with Both, but some use Listen. So check with your Network Teams what is the best option for them (or for Virtual Administrators).
How to configure CDP in Standard Switch (vSS):
For vSS we need to do this in the ESXi shell command.
First, check what mode is set (listen is by default), then enable mode (add your mode option).
1 2 3 4 5 6 |
[root@hostname:~] esxcfg-vswitch -b vSwitch0 listen [root@hostname:~]esxcfg-vswitch -B both vSwitch0 |
To enable LLDP in a vSwith is more complex.
Note: VMware doesn’t support LLDP in vSwitch, so please be careful using the next steps in Productions environments.
To enable this, we need to connect/read directly into the vSwitch with the command vsish.
Note: If you have more than one vSwitch already configured in your ESXi and want to enable LLDP in all vSwitch, you need to do the steps to all vSwitches(one at a time)
We use vSwitch0 to enable LLDP. Then we go to the folder for ports in this vSwitch0 and list all the available ports.
Again, connect to your host in the ESXi Shell.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 |
[root@hostname:~] vsish /> cd /net/portsets/vSwitch0 /net/portsets/vSwitch0/> /net/portsets/vSwitch0/> ls ports/ overlays/ uplinks/ vlans/ isResvSupported netEventChain type enableDetailedStats mtu unlink link destroy properties stats niocPendingVms/ niocNoResvPorts/ niocPendingVnics/ niocPendingPorts/ /net/portsets/vSwitch0/> cd /net/portsets/vSwitch0/ports/ /net/portsets/vSwitch0/ports/> ls 33554433/ 33554434/ 33554435/ 33554436/ 33554437/ 33554438/ /net/portsets/vSwitch0/ports/> |
So in this vSwitch0, we have all these ports
33554433/
33554434/
33554435/
33554436/
33554437/
33554438/
Then we need to check which port belongs to which vmnics (our ESXi Network Interfaces). To get the information from the vSwitch ports, we use get status for each port.
Just run the command to each port to identify which ones are from the vmnics.
1 2 3 |
/net/portsets/vSwitch0/ports/> get 33554433/status |
Since this port doesn’t match a vmnic, let’s check the next one.
1 2 3 |
/net/portsets/vSwitch0/ports/> get 33554434/status |
As we can see in the highlight, this port belongs to vmnic0. So please do the same for all ports, and then we enable the LLDP in the correct ports.
In this case, these are the ports that were identified.
33554433 — management
33554434 — vmnic0
33554435 — shadow vmnic0
33554436 — vmnic9
33554437 — shadow vmnic9
33554438 — vmk0 (if you have any vmkernel in the vSwitch all are displayed here as a port)
So we need to enable LLDP in port 33554434 and port 33554436. Because those are the physical ones, the rest is just virtual.
Enter the port folder and in the LLDP folder to enable LLDP.
Commands:
get enable – Provides the state of the LLDP (0 is disabled, 1 is enabled)
set enable 0/1 – is to enable or disable the LLDP
1 2 3 4 5 6 7 8 9 10 11 |
/net/portsets/vSwitch0/ports/> cd 33554434/lldp/ /net/portsets/vSwitch0/ports/33554434/lldp/> typels enable VSI_BOOL /net/portsets/vSwitch0/ports/33554434/lldp/> get enable 0 /net/portsets/vSwitch0/ports/33554434/lldp/> set enable 1 /net/portsets/vSwitch0/ports/33554434/lldp/> get enable 1 /net/portsets/vSwitch0/ports/33554434/lldp/> |
With these commands, you can enable LLDP in your ports.
I found a shell script in the https://gist.github.com/ that does the same trick for all vmnics in the vSwitch. Thanks to AnthonyWC for this script.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
VSISH_VSWITCH_PATH=/net/portsets for vSwitch in $(vsish -e ls ${VSISH_VSWITCH_PATH}); do VSWITCH=$(echo ${vSwitch} | sed 's/\///g') for port in $(vsish -e ls ${VSISH_VSWITCH_PATH}/${vSwitch}ports); do PORT=$(echo ${port} | sed 's/\///g') PORTINFO=$(vsish -e get ${VSISH_VSWITCH_PATH}/${vSwitch}ports/${port}status | sed 's/^[ \t]*//;s/[ \t]*$//'); CLIENT=$(echo ${PORTINFO} | sed 's/ /\n/g' | grep "clientName:" | awk -F ":" '{print $2}') MACADDRESS=$(echo ${PORTINFO} | sed 's/ /\n/g' | grep "unicastAddr:" | uniq | sed 's/unicastAddr://;s/\(.*\)./\1/') vmnics=$(echo -e "${PORT}\t${CLIENT}" | grep vmnic | awk '{ print $1 }') for i in $vmnics; do vsish -e typels /net/portsets/${vSwitch}ports/$i/lldp/enable vsish -e set /net/portsets/${vSwitch}ports/$i/lldp/enable 1 done done done |
There are also some other script examples HERE.
Updated 24/04/2021: Grzegorz Kulikowski also wrote a nice LLDP PowerCLI script to do the same work. It is worth trying if it is easier for you than using vsish.
Note: I did not test these scripts, so tried first in a test environment before using them in any production environment.
In vCenter:
After your vSwitches have all vmnics configured with LLDP, you can now check with Network Teams(or your own teams) the ports/interfaces connections.
Check in the next image where you can list the CDP / LLDP from the vSwitch using vSphere client (next section, we can check how to see this through vSphere Web Client).
How to configure CDP/LLDP in vNetworking Distributed Switch (vDS):
Configuring CDP or LLDP in a vDS is much easier than in a vSS. Since we need vCenter o do this (vDS only works with vCenter ).
- Using vSphere Client:
-
Connect to vCenter Server using the vSphere Client.
-
On the vCenter Server home page, click Networking.
-
Right-click the vDS and click Edit Settings.
-
Select Advanced under Properties.
-
Using the checkbox and the dropdown, change the CDP settings.
- Using vSphere Web Client:
-
Connect to vCenter Server using the vSphere Web Client.
-
On the vCenter Server home page, click Networking.
-
Right-click the vDS and click Edit Settings.
-
Select Advanced under Properties.
-
Using the checkbox and the dropdown, change the CDP / LLDP settings.
Check in the next image where you can list the CDP / LLDP from the vSwitch using vSphere Web client.
The above tasks can be done in vSphere 5.x/6.7 and vSphere 7. Tasks and options are the same for every version.
I hope this information was helpful.
Share this article if you think it is worth sharing. If you have any questions or comments, comment here, or contact me on Twitter.
©2019 ProVirtualzone. All Rights Reserved
thanks for the article
You are welcome.
Nice article, thanks. I encountered 2 problems on a standard vswitch configured as above. First i ran into the problem that i do not get any lldp information in the vSphere client. In my vSphere client i only see some information of the host itself.
The second problem is that the settings for the vswich ports are gone after a machine reboot an need reenabled after the reboot.
I am running my environment in 5.5U3.
Any suggestions?
Hi,
First, I do not understand when you say information of the host itself. This is only for interfaces(vmnics) in you Virtual Standard Switch. No information about the host will be display here. Check screenshots in the article.
Second, this is only for LLDP it always depends on the Physical Switch that you have.
When you do in vsish “get portnumber status” one line you should see something like “flags:port flags: 0x1010c043 -> IN_USE ENABLED UPLINK DISPATCH_STATS_IN DISPATCH_STATS_OUT DISPATCH_STATS CONNECTED LLDP_ENABLED TUNNEL_ENDPOINT”
That means the LLDP is enabled.
Regarding host loses changes in the vsish, need to check that. I only use this changes in a initial stage, after ESXi host is configured, I do not need anymore. But will try to check this and reply my findings.
Hi Luciano, thanks for your reply. I will send you an e-mail later today providing some more detail.
Hi All!, and congratulations about the article
I have the same 2 issues that Toni reports:
– No LLDP info showed in vSphere console. Just “LLDP not available in this NIC”. But in Switch side LLDP info is correct!!
– and, after reboot… LLDP activation is missed… and need to be activated again with “set enable 1”
Running 6.02 Update2, and vSwtich configured in “Both mode” (Listen and advertisement)
Any idea to solve the issue?
Thanks in advance!
Hi Jorge,
Thank you for your reply.
Have already notice that issue. I am working on solution so that is always persistence after a reboot.
Will update the post when I found the solution.
Thank You
Luciano Patrao
Hi,
first, it is not a powershell script, but a standard .sh script. to add persistence after the reboot you need to copy the code in /etc/rc.local.d/local.sh (https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2043564)
The script has also 2 fixed value and set lldp only in vmnic located in vSwitch0, a quick update can fix that. You have to replace the 2 following lines
“vsish -e typels /net/portsets/vSwitch0/ports/$i/lldp/enable”
“vsish -e set /net/portsets/vSwitch0/ports/$i/lldp/enable 1”
with
vsish -e typels /net/portsets/${vSwitch}ports/$i/lldp/enable
vsish -e set /net/portsets/${vSwitch}ports/$i/lldp/enable 1
if you updated your vswitch, just ssh your esx and run again ./etc/rc.local.d/local.sh
Enjoy
Oli
Hi Oliver,
Thanks for your comment.
Yes you are correct, is a shell script. I did notice before, was supposed to change it and then I forgot 🙂
Thanks for the update in the script for all vSwitchs. Will test and if it works will update the article.
Regarding adding this to the local.sh. I only use this for troubleshooting and do not want this to be persistence and since I am not very fan to do changes in local.sh in production.
But last time I did some tests in this lldp changes, I was able to change in the way that was persistence after a reboot without the need to run the script every time I need to reboot. When I have time, will test this again, and if this is really the solution, I will update the article with that solution.
Again, thank your for comment and sharing.
Luciano Patrao
Hi Luciano,
You are welcome.
I would love to hear about that ! So far, I always followed VMWare KB to make the change somehow persistent after the reboot.
/sbin/auto-backup.sh doesn’t do the trick.
Oli
Hi Oliver,
Unfortunately I was not able to put the changes persistence. I though I could make some changes at vSwitch level that this could be persistence, but I was not able to do that.
But I am pretty sure that should be a way to do that. Just need to find it 🙂
Thank again for your comments and help.
Luciano Patrao
[…] a bit the query of LLDP on esxi vswitch. There are some nice posts on internet about that like https://www.provirtualzone.com/enable-lldp-in-vswitch/ for example. It explains in nice details about how this works. So lets automate this a little bit […]
Thank you for the great post. i made a tiny automation around it using powershell in case somebody will be looking for it
https://grzegorzkulikowski.info/2021/04/24/vswitch-lldp-info-powershell/
Hi Grzegorz,
Thanks for your commend and also for the quote for my blog post in your blog post about LLDP.
Did not test your PowerClI script, but plan to. It was also in my idea to create one when I wrote this some time ago, but then it went to the planned but not-do list. Like many others 🙂
But know you wrote is nice. I will also point in my article to your blog post PowerCLI script.
Thanks again
LP