LLDP double detection?

  • 0
  • 1
  • Question
  • Updated 5 years ago
  • Answered
Create Date: Feb 15 2013 4:04PM

I have been doing some testing with a customer who has Siemens OpenStage IP phones.  I have looked at the various LLDP UPM scripts that are on here and in the Extreme documentation and I have hit this issue with LLDP detecting a device twice (UPM device-detect) and then 180-seconds later the 1st of the two devices being undetected.  This then causes the UPM device-undetect script to run which removes the voice VLAN from the interface.
The UPM script has a check for a device being detected and then configures LLDP to push the LLDP med voice & voice-application policies as well as add the voice VLAN to the interface.  The same UPM script also checks for a device being undetected and then removes the LLDP commands and deletes the voice VLAN from the port.  This one script is attached to both the device-detect and device-undetect events.
Due to this double detection thing the undetect of the 1st device is causing issues.  I have since tested this with Mitel & Cisco IP phones that have LLDP and get the same behaviour with the double detect.

UPM Script is as follows and is copied from the scripts available on here:

create upm profile GenericVoIPLLDPDetect
# @VariableFieldLabel "If this script encounters errors, do you wish to abort or ignore?"
set var clierrormode abort
# @VariableFieldLabel "Voice VLAN Name (default = voice)"
set var voicevlan voice
# @VariableFieldLabel "Enable SNMP Traps on LLDP Events (true or false)"
set var enabletrap false
# @VariableFieldLabel "Differentiated Services Code Point Value for RTP (default = 46)"
set var dscpRTP 46
# @VariableFieldLabel "Differentiated Services Code Point Value for Signaling (default = 40)"
set var dscpSignaling 40
# @MetaDataEnd
#############################################################################
# Generic VoIP LLDP Device Provisioning
#############################################################################
create log entry "Starting Generic VoIP LLDP Device Provisioning"
if (!$match($clierrormode,ignore)) then
  configure cli mode scripting ignore-error
  create log entry "CLI mode set for Ignore on Error"
else
  configure cli mode scripting abort-on-error
  create log entry "CLI mode set for Abort on Error"
endif
#############################################################################
# Determine if "Device Detect" on Port
#############################################################################
if (!$match($EVENT.NAME,DEVICE-DETECT)) then
  create log entry "LLDP Device Detected on Port"
#############################################################################
# Add Port to Voice VLAN Using Tagged Addressing
#############################################################################
  configure vlan $voicevlan add ports $EVENT.USER_PORT tagged
#############################################################################
# Determine SNMP Trap Settings
#############################################################################
  if (!$match($enabletrap,true)) then
    create log entry "Enabling SNMP Traps for LLDP on port"
    enable snmp traps lldp ports $EVENT.USER_PORT
    enable snmp traps lldp-med ports $EVENT.USER_PORT
  else
    create log entry "Disabling SNMP Traps for LLDP on port"
    disable snmp traps lldp ports $EVENT.USER_PORT
    disable snmp traps lldp-med ports $EVENT.USER_PORT
  endif
#############################################################################
# Configure Port for Link Layer Discovery Protocol (LLDP)
#############################################################################
  create log entry "Configuring LLDP on port"
  configure lldp ports $EVENT.USER_PORT advertise vendor-specific med capabilities
  configure lldp ports $EVENT.USER_PORT advertise vendor-specific dot1 vlan-name vlan $voicevlan
  configure lldp ports $EVENT.USER_PORT advertise vendor-specific med policy application voice vlan $voicevlan dscp $dscpRTP
  configure lldp ports $EVENT.USER_PORT advertise vendor-specific med policy application voice-signaling vlan $voicevlan dscp $dscpSignaling
#############################################################################
# Determine if "Device Undetect" on Port
#############################################################################
else   if (!$match(EVENT.NAME,DEVICE-UNDETECT) && $match($EVENT.DEVICE_IP,0.0.0.0)) then
    create log entry "LLDP Device Undected on Port"
    if (!$match($enabletrap,true)) then
      create log entry "Disabling SNMP Traps for LLDP on port"
      disable snmp traps lldp ports $EVENT.USER_PORT
      disable snmp traps lldp-med ports $EVENT.USER_PORT
    endif
#############################################################################
# Reset LLDP Configuration on Port to Default
#############################################################################
    create log entry "Unconfiguring LLDP on port"
    unconfigure lldp ports $EVENT.USER_PORT
#############################################################################
# Delete Voice VLAN from port
#############################################################################
  configure vlan $voicevlan delete ports $EVENT.USER_PORT
#############################################################################
# Spurious Event on IP Address 0.0.0.0 - Do Nothing
#############################################################################
    create log entry "Do Nothing 0.0.0.0"
    create log entry $EVENT.TIME
  endif
endif
create log entry "End Generic VoIP LLDP Device Provisioning"

disable cli scripting

.
#

configure upm event device-detect profile GenericVoIPLLDPDetect ports 1:1
configure upm event device-undetect profile GenericVoIPLLDPDetect ports 1:1

(from Andrew_Butterworth)
Photo of EtherNation User

EtherNation User, Employee

  • 20,340 Points 20k badge 2x thumb

Posted 5 years ago

  • 0
  • 1
Photo of EtherNation User

EtherNation User, Employee

  • 20,340 Points 20k badge 2x thumb
Create Date: Feb 15 2013 4:45PM

Hello ABD100

Just to make sure the two detects you are seeing are; one for 0.0.0.0 ( this happens when the phone first comes up) and another one with a legit IP address.

I see in your profile that you do have a if then for the 0.0.0.0 device detect but I don't see anything for the other entry.

Can you edit your script and try this?  Modify to your liking.

Try the following: remove you current DEVICE-UNDECTECT section use something like the following instead (edit to include you var names and log messages etc):         
# Event UNCONFIGURE1    
if (!$match($EVENT.NAME,DEVICE-UNDETECT) && $match($EVENT.DEVICE_IP,0.0.0.0)) then      
create log entry Starting_UPM_scripting_process_to_UNCONFIGURE_host_port    
# VoiceVLAN unconfiguration      
create log entry Removing_port_from_Voice_VLAN                    
configure vlan $voicevlan delete port $EVENT.USER_PORT     
# DataVLAN unconfiguration     
create log entry Removing_port_from_Data_VLAN                    
configure vlan $datavlan delete port $EVENT.USER_PORT     
# Link Layer Discovery Protocol-Media Endpoint Discover      
create log entry Removing_LLDP_configuration                    
unconfig lldp port $EVENT.USER_PORT    
endif         
#_________________________________________________________________         
# Event UNCONFIGURE2    
if (!$match($EVENT.NAME,DEVICE-UNDETECT) && !$match($EVENT.DEVICE_IP,0.0.0.0)) then      
create log entry Starting_UPM_script_to_do_nothing_for_device_with_no_IP_address     
create log entry $EVENT.TIME    
endif 


Please let us know what happens.

Thanks
P

(from Paul_Russo)
Photo of EtherNation User

EtherNation User, Employee

  • 20,340 Points 20k badge 2x thumb
Create Date: Feb 15 2013 9:12PM

Thanks for the reply. Both detections show the IP address 0.0.0.0. Here is a capture of the logs with the Cisco 7970:

02/13/2013 22:39:57.03 <Noti:UPM.Msg.LLDPDevDetected> Slot-1: LLDP Device detected. Mac is 00:1A:A2:89:3A:5A, IP is 0.0.0.0, on port 1:1, device type is 36, max power is 0
02/13/2013 22:39:57.04 <Noti:UPM.Msg.upmMsgExshLaunch> Slot-1: Launched profileGenericVoIPLLDPDetect for the event device-detect
02/13/2013 22:39:57.20 <Info:System.userComment> Slot-1: Starting Generic VoIP LLDP Device Provisioning
02/13/2013 22:39:57.21 <Info:System.userComment> Slot-1: CLI mode set for Abort on Error
02/13/2013 22:39:57.22 <Info:System.userComment> Slot-1: LLDP Device Detected on Port
02/13/2013 22:39:57.27 <Info:System.userComment> Slot-1: Disabling SNMP Traps for LLDP on port
02/13/2013 22:39:57.29 <Info:System.userComment> Slot-1: Configuring LLDP on port
02/13/2013 22:39:57.33 <Info:System.userComment> Slot-1: End Generic VoIP LLDP Device Provisioning
02/13/2013 22:40:00.90 <Noti:UPM.Msg.LLDPDevDetected> Slot-1: LLDP Device detected. Mac is 00:1A:A2:89:3A:5A, IP is 0.0.0.0, on port 1:1, device type is 36, max power is 0
02/13/2013 22:40:00.91 <Noti:UPM.Msg.upmMsgExshLaunch> Slot-1: Launched profile GenericVoIPLLDPDetect for the event device-detect
02/13/2013 22:40:01.07 <Info:System.userComment> Slot-1: Starting Generic VoIP LLDP Device Provisioning
02/13/2013 22:40:01.08 <Info:System.userComment> Slot-1: CLI mode set for Abort on Error
02/13/2013 22:40:01.09 <Info:System.userComment> Slot-1: LLDP Device Detected on Port
02/13/2013 22:40:01.14 <Info:System.userComment> Slot-1: Disabling SNMP Traps for LLDP on port
02/13/2013 22:40:01.16 <Info:System.userComment> Slot-1: Configuring LLDP on port
02/13/2013 22:40:01.20 <Info:System.userComment> Slot-1: End Generic VoIP LLDP Device Provisioning

180-seconds after the 1st detection we get a disconnection:

* Slot-1 X250-24p.140 # 02/13/2013 22:43:00.13 <Noti:UPM.Msg.LLDPDevRemoved> Slot-1: LLDP Device Removed. Mac is 00:1A:A2:89:3A:5A, IP is 0.0.0.0, on port 1:1,device Type is 0
02/13/2013 22:43:00.14 <Noti:UPM.Msg.upmMsgExshLaunch> Slot-1: Launched profile GenericVoIPLLDPDetect for the event device-undetect
02/13/2013 22:43:00.29 <Info:System.userComment> Slot-1: Starting Generic VoIP LLDP Device Provisioning
02/13/2013 22:43:00.30 <Info:System.userComment> Slot-1: CLI mode set for Aborton Error
02/13/2013 22:43:00.33 <Info:System.userComment> Slot-1: End Generic VoIP LLDP Device Provisioning

Cheers, Andy
(from Andrew_Butterworth)
Photo of EtherNation User

EtherNation User, Employee

  • 20,340 Points 20k badge 2x thumb
Create Date: Feb 16 2013 1:06PM

Hey Andy

to make sure I understand the two disconnects include both the 0.0.0.0 entry and the entry with An IP address even though it shows just 0.0.0.0?

when you connect the phone can you do multiple show lldp commands to see the double entries and again when they disconnects?

thanks
p

(from Paul_Russo)
Photo of EtherNation User

EtherNation User, Employee

  • 20,340 Points 20k badge 2x thumb
Create Date: Feb 16 2013 4:53PM

This is the output from show lldp neighbors and show lldp neighbors detailed in the period where two devices are detected.  I also captured the fdb entries for the port as I thought it might be the device detected on the tagged and untagged vlans.

There is only a single disconnect which is the timeout of the 1st LLDP device disappearing as far as the switch is concerned.  Looking at the wireshark capture the phone sends its 1st LLDP packet with the 'voice' network policy TLV that has no VLAN ID or QoS values, the 2nd one received about a second later is identical however the 'voice' policy is polulated with the details the switch has advertised to the phone, however the IP address is still 0.0.0.0 (Chassis Id:).  I think this is where it is falling down because this 2nd packet is sent another two times before the phone goes through DHCP and then sends a LLDP packet with its assigned IP address.  These LLDP packets are all about a second apart.
So my assumption is this:
    1st LLDP packet the switch detects a LLDP device and adds it to the list off LLDP devices on the port (it also triggers the UPM device-detect event)
    Switch then sends LLDP to phone with Voice policy TLV
    Phone sends another LLDP packet with the 'voice' policy TLV updated and the switch sees this as another LLDP device so triggers the UPM device-detect event again
    TTL is reached and the switch removes the 1st LLDP device causing the UPM device-undetect to trigger

* Slot-1 X250-24p.138 # sho fdb ports 1:1
Mac                     Vlan       Age  Flags         Port / Virtual Port List
------------------------------------------------------------------------------
00:1a:a2:89:3a:5a      voice(0200) 0000 d mi          1:1

Flags : d - Dynamic, s - Static, p - Permanent, n - NetLogin, m - MAC, i - IP,
        x - IPX, l - lockdown MAC, L - lockdown-timeout MAC, M- Mirror, B - Egre
ss Blackhole,
        b - Ingress Blackhole, v - MAC-Based VLAN, P - Private VLAN, T - VLAN tr
anslation,
        D - drop packet, h - Hardware Aging, o - IEEE 802.1ah Backbone MAC,
        S - Software Controlled Deletion, r - MSRP

Total: 2 Static: 0  Perm: 0  Dyn: 2  Dropped: 0  Locked: 0  Locked with Timeout:
 0
FDB Aging time: 300
* Slot-1 X250-24p.139 #
* Slot-1 X250-24p.139 # sho lldp neighbors

Port     Neighbor Chassis ID        Neighbor Port ID           TTL     Age
=============================================================================
1:1      (5.1)0.0.0.0               001AA2893A5A:P1            180     84
1:1      (5.1)10.100.101.10         001AA2893A5A:P1            180     17
=============================================================================
NOTE: The Chassis ID and/or Port ID might be truncated to fit the screen.

* Slot-1 X250-24p.156 # sho lldp neighbors detailed

-----------------------------------------------------------------------------
LLDP Port 1:1 detected 2 neighbors
  Neighbor: (5.1)0.0.0.0/001AA2893A5A:P1, age 121 seconds
    - Chassis ID type: Network address (5); Address type: IPv4 (1)
      Chassis ID     : 0.0.0.0
    - Port ID type: Locally assigned (7)
      Port ID     : "001AA2893A5A:P1"
    - Time To Live: 180 seconds
    - Port Description: "SW PORT"
    - System Name: "SEP001AA2893A5A"
    - System Description: "Cisco IP Phone 7970G,V1, SCCP70.9-3-1SR1-1S"
    - System Capabilities : "Bridge, Telephone"
      Enabled Capabilities: "Bridge, Telephone"
    - IEEE802.3 MAC/PHY Configuration/Status
      Auto-negotiation       : Supported, Enabled (0x03)
      Operational MAU Type   : 100BaseTXFD (16)
    - MED Capabilities: "MED Capabilities, Network Policy, Extended Power via MDI - PD, Inventory"
      MED Device Type : Endpoint Class III (3)
    - MED Network Policy
      Application Type  : Voice (1)
      Policy Flags      : Known Policy, Tagged (0x1)
      VLAN ID           : 200
      L2 Priority       : 5
      DSCP Value        : 46
    - MED Network Policy
      Application Type  : Voice Signaling (2)
      Policy Flags      : Known Policy, Tagged (0x1)
      VLAN ID           : 200
      L2 Priority       : 4
      DSCP Value        : 32
    - MED Extended Power-via-MDI
      Power Type    : PD Device (1)
      Power Source  : PSE (1)
      Power Priority: Unknown (0)
      Power Value   : 6.3 Watts
    - MED Hardware Revision: "1"
    - MED Firmware Revision: "7970_020706_cert.bin"
    - MED Software Revision: "SCCP70.9-3-1SR1-1S"
    - MED Serial Number: "FCH1051ABHC"
    - MED Manufacturer Name: "Cisco Systems, Inc."
    - MED Model Name: "CP-7970G"
    - MED Asset ID: ""

  Neighbor: (5.1)10.100.101.10/001AA2893A5A:P1, age 57 seconds
    - Chassis ID type: Network address (5); Address type: IPv4 (1)
      Chassis ID     : 10.100.101.10
    - Port ID type: Locally assigned (7)
      Port ID     : "001AA2893A5A:P1"
    - Time To Live: 180 seconds
    - Port Description: "SW PORT"
    - System Name: "SEP001AA2893A5A.support.local"
    - System Description: "Cisco IP Phone 7970G,V1, SCCP70.9-3-1SR1-1S"
    - System Capabilities : "Bridge, Telephone"
      Enabled Capabilities: "Bridge, Telephone"
    - Management Address Subtype: IPv4 (1)
      Management Address        : 10.100.101.10
      Interface Number Subtype  : Unknown (1)
      Interface Number          : 0
      Object ID String          : "null"
    - IEEE802.3 MAC/PHY Configuration/Status
      Auto-negotiation       : Supported, Enabled (0x03)
      Operational MAU Type   : 100BaseTXFD (16)
    - MED Capabilities: "MED Capabilities, Network Policy, Extended Power via MDI - PD, Inventory"
      MED Device Type : Endpoint Class III (3)
    - MED Network Policy
      Application Type  : Voice (1)
      Policy Flags      : Known Policy, Tagged (0x1)
      VLAN ID           : 200
      L2 Priority       : 5
      DSCP Value        : 46
    - MED Network Policy
      Application Type  : Voice Signaling (2)
      Policy Flags      : Known Policy, Tagged (0x1)
      VLAN ID           : 200
      L2 Priority       : 4
      DSCP Value        : 32
    - MED Extended Power-via-MDI
      Power Type    : PD Device (1)
      Power Source  : PSE (1)
      Power Priority: Unknown (0)
      Power Value   : 6.3 Watts
    - MED Hardware Revision: "1"
    - MED Firmware Revision: "7970_020706_cert.bin"
    - MED Software Revision: "SCCP70.9-3-1SR1-1S"
    - MED Serial Number: "FCH1051ABHC"
    - MED Manufacturer Name: "Cisco Systems, Inc."
    - MED Model Name: "CP-7970G"
    - MED Asset ID: ""

* Slot-1 X250-24p.156 #



(from Andrew_Butterworth)
Photo of EtherNation User

EtherNation User, Employee

  • 20,340 Points 20k badge 2x thumb
Create Date: Sep 4 2013 1:19PM

I have the same problem.
What value have the EVENT.DEVICE_IP - variable of your Cisco Phone in  "sho upm his exec-id xx" ?

I think of a solution like CLI.OUT <- show ports EVENT.USER_PORT no-refresh and a rexep to link-state OR
search in sho log match ...

my solution:
if (!$match($EVENT.NAME, DEVICE-UNDETECT) && !$match($EVENT.DEVICE_IP,0.0.0.0)) then
        set var CLI.OUT " "
        show lldp neighbors
        set var listing $TCL(split ${CLI.OUT} "\n")
        delete var CLI.OUT
        set var delimit $uppercase($EVENT.DEVICE_MAC)
        set var i $TCL(lsearch -glob $listing *$delimit*)
        if ($i < 0) then
                create log entry "LLDP-Device unplugged"
                configure vlan $voiceVlan delete port $EVENT.USER_PORT
                create log entry "LLDP-Device and VLAN unconfigured successfully!"
        else
                create log entry "LLDP-Device exists"
        endif
endif


regards,
lake

(from lakerate)

This conversation is no longer open for comments or replies.