LLDP does not disable in 3.1

Ben_Backus · December 6, 2016, 4:48pm

We noticed a wierd increase in traffic on our network and traced it down to discovery protocol responses. It turns out in 3.1 LLDP can not be disabled via gui or cli. A roll back to 2.6.2 fixes the issue. Has anyone else seen this problem ?

update: it appears that 3.2 increases the problem, in 3.1 responses are every 5-10 seconds, but in 3.2 responses are every 1-2 seconds.

-B

Mykola · December 7, 2016, 4:33pm

Hi Ben Backus,

Could you execute and attach next commands:

on ePMP device CLI:
show lldp-neighbors

on directly connected PC:
lldpctl

Thanks.

Ben_Backus · December 8, 2016, 5:43pm

running the neighbors command results in this

Officese-camb>show lldp-neighbors
-------------------------------------------------------------------------------
LLDP neighbors:
----------------

It appears it does not see any neighbors

but our firewall tells a different story

Dec 8 10:35:08 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:35:01 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:34:58 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:34:55 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:34:48 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:34:38 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:34:31 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:34:28 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:34:28 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:34:26 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:34:19 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:34:15 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:34:11 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:34:07 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:34:04 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:33:55 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:33:51 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:33:44 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:33:32 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP
Dec 8 10:33:28 WAN 172.17.4.65:5678 255.255.255.255:5678 UDP

Also the lldpctl command is not active in the shell from what i can tell.

-B

Ben_Backus · December 16, 2016, 4:47pm

Has anything come of this?

Ben_Backus · December 22, 2016, 7:28pm

If anyone else has this problem it is fixed by setting: System "MAC-Telnet-Access" is disabled.

-Ben