Earlier versions of vSphere had support for CDP, the Cisco Discovery Protocol, in both standard vSwitches and the newer Distributed vSwitches. In vSphere 5 we will now see the non proprietary LLDP introduced.
LLDP, meaning “Link Layer Discovery Protocol“, is quite similar to CDP. Both Discovery Protocols share the goal of helping out the network administrator by building a small list of “neighbors”, that is directly connected network devices, typically other switches. When doing switch re-configuration remotely it is often very useful to be able to “see out” from the switch and make sure the port that should be changed really is connected to the correct switch neighbor.
By running for example “show cdp neighbors” in Cisco devices or “show lldp info remote” on HP switches a helpful table is presented. The neighbor table is built from information the switches sends on each port, typically twice a minute.
The CDP method supported in vSphere 4.x is unfortunately proprietary to Cisco and while there exist at least five other vendor specific discovery protocols, this has led to obvious incompability issues when having network devices from different vendors. LLDP is a vendor neutral discovery protocol with about the same features as CDP and with a growing support from network vendors. HP has been running LLDP for a long time and most Cisco devices have support these days.
Since the virtual switches in the ESX / ESXi hosts are a logical part of the rest of the network it is nice that they have supported CDP before, both Standard and Distributed vSwitches. In vSphere 5 the new LLDP support is unfortunately for Distributed Switches only, available at Enterprise Plus license level. It would have been a good feature to be able to activate LLDP on standard vSwitches from the old esxcfg-vswitch command as before. Note also that LLDP is only available at the new version 5 of Distributed Switches and not on version 4 or 4.1.
(If you do not have Distributed vSwitches and not Cisco based physical switches you could still benefit from CDP, see this post for more information.)
It is enabled at the advanced settings of Distributed Switch, notice above that we can now select between CDP and LLDP. The default is as before: CDP being enabled when the dSwitch is created.
Note that to make the distributed switch actually send LLDP/CDP discovery messages to the physical network we have to change the Operation State of them. Default is to just listen, but can easily be changed to “Both” which means listen and send. This should be a good move which will simplify the work for technicians configuring the physical switches our vSphere 5 hosts connects to. See also this post for more information about the output from ESXi LLDP to the switches.
Good write up, besides what is in the VMware “Whats new in ESXi5” guides there is little documented (that I could find anyway) about this and its limits to only run on dvSwitches. Thanks.
Thanks for your comment! For some more details on LLDP with ESXi 5 see also this article:
https://rickardnobel.se/troubleshooting-esxi-networking-with-lldp
Very informative post. I have a question about LLDP with ESXi 5. What if I cannot associate the ESXi hosts with any distributed VSwitch ? . Can I configure the hosts to just send out LLDP frames on the given interface e.g. vmnic0 , vmnic1? E.g. if you have worked with RHEL based KVM or ESX, it allows us to configure the interface to send the LLDP packet directly from the NIC without the need of having to configure any vSwitch. I ask the question because there is another distributed vswitch implementation in my vCenter so I cannot create a new distributed vswitch, associate the ESXi hosts with it and configure it to send LLDP, instead I need the hosts to independently send it. Is it possible ? Thanks in advance…
If you have unused vmnics you could have multiple Distributed vSwitches on the same host, but that might apply to your situation?
Ehhh.. I missed the first comment. Probably its limited to dvswitches only. Let me know if you have any more information configuring this without dvs…
Hello Rahul,
and thanks for your comments. It is correct that LLDP unfortunately is not available on standard vSwitch. CDP is possible and could have at least some usage even if not having Cisco physical switches.
Regards / Rickard
Hi Rickard,
Thanks for the quick response. Glad to know that CDP is possible, although I wonder how much it will help to other non-Cisco vendor firmwares on the physical switches. Btw, is it possible to implement/write any customized modules for ESXi ? I come from ESX background and haven’t worked on ESXi much yet so pardon me if my question is too basic 🙂 , but on RHEL based ESX, I had an option to install RPMs and stuff but I hear ESXi is mostly closed for adding any outside modules..
Thanks
Rahul R
Hi! Many switch vendors could still read, but not send, CDP frames. This makes the ESXi network configuration visible still on the psysical switches.
See this for the output on HP Procurve switches:
https://rickardnobel.se/vswitch-cdp-with-hp-switches
You are correct that ESXi is very limited to 3rd party code, except some close partners to VMware. From VMwares point of view this makes the product more stable since they control all running code in the hypervisor.
Thanks for this informative blog post. Just FYI, I upgraded my host from ESXi 4.1 to 5.0 and did not see LLDP as an option when editing the VDS. The reason is that the VDS was initially created as a version 4.1 VDS.
The solution was simple, select the VDS and then click on the “Summary” tab. There will be an “Upgrade…” link which starts a 3 step wizard to upgrade the VDS. The upgrade is non-service impacting according to vmware docs.