Im running a RB5009UG+S+ and CRS354-48G-4S+2Q+, the Switch connected wird SPF+ and Untagged Default and Tagged VLans to the Router.
Both running current RouterOS 7.1.3.
My Problem:
Neighbors discovery is switched on at both, with all protocols and Interface "!Dynamic"
In first place, the Switch detected every neighbor as attached to the vlan Interface.
After moving the switch management IP from a VLan Interface back to IP directly on the bridge and default vlan the uplinkports are correctly displayed but this doesn't fit to my network infra (dedicated Management vlan).
When i take a look at a linux server (lldpctl) i see EVERY device attached to the switch on any port offerin lldp, not only the directly connected switch-port-interface.
Am i missing something? The switch doesn't do any firewalling or routing, only L2 Switching with tagged and untagged VLans.
Switch-View:
Linux Host:
Same for the router, here everything is connected at the vlan interface, not the physical port and Systems connected to the switch, not router, are displayed.
Seems like all the lldp / cdp / mndp Frames are getting forwarded to every port instead of getting hold.
-
-
killerchris
just joined
- Posts: 3
- Joined:
LLDP Issue - See all devices
You do not have the required permissions to view the files attached to this post.
Re: LLDP Issue - See all devices [SOLVED]
If a bridge has protocol-mode=none it will forward packets with a destination MAC address 01:80:C2:00:00:0x, this is not compliant with 802.1D but has its uses.
If you set protocol-mode=rstp, and optionally edge=yes on all of the bridge ports if you do not want to send/receive spanning-tree BPDUs, it will stop LLDP being propagated between links.
CDP and MNDP will always appear throughout a layer 2 network as CDP uses 01:00:0C:CC:CC:CC as a destination, which is not filtered by switches, and MNDP uses broadcast.
If you set protocol-mode=rstp, and optionally edge=yes on all of the bridge ports if you do not want to send/receive spanning-tree BPDUs, it will stop LLDP being propagated between links.
CDP and MNDP will always appear throughout a layer 2 network as CDP uses 01:00:0C:CC:CC:CC as a destination, which is not filtered by switches, and MNDP uses broadcast.
-
-
killerchris
just joined
- Posts: 3
- Joined:
Re: LLDP Issue - See all devices
Thanks a lot, that was one of the things i switched off because i dont need ist (RSTP).
Now everything is as expected
Now everything is as expected
Re: LLDP Issue - See all devices
It not only violates 802.1D, it has the potential to mess up VOIP settings by propagating LLDP-MED to all ports.If a bridge has protocol-mode=none it will forward packets with a destination MAC address 01:80:C2:00:00:0x, this is not compliant with 802.1D but has its uses.
Another alternative is to use RB5009 switch rules to stop LLDP forwarding:If you set protocol-mode=rstp, and optionally edge=yes on all of the bridge ports if you do not want to send/receive spanning-tree BPDUs, it will stop LLDP being propagated between links.
viewtopic.php?p=911066&hilit=lldp#p908576