LLDP should be enabled on new APs

  • 2
  • Idea
  • Updated 10 months ago
When new devices are first connected, they may need their ports reconfigured, but LLDP isn't turned on until it gets a configuration. It would make it much easier to find the device by looking for an LLDP neighbor instead of tracing MAC addresses.
Photo of Dan Mellem

Dan Mellem

  • 52 Posts
  • 1 Reply Like

Posted 2 years ago

  • 2
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Hi Dan,

Good suggestion.

I agree with you that LLDP should be enabled by default.

Nick
Photo of Eddie Klaczko

Eddie Klaczko

  • 28 Posts
  • 5 Reply Likes
I've run into this a couple times as well, maybe the devs are listening.  ;)
Photo of Eliu Rodriguez

Eliu Rodriguez

  • 16 Posts
  • 0 Reply Likes
Was this already addressed by Aerohive, yes/no?
Photo of Dan Mellem

Dan Mellem

  • 52 Posts
  • 1 Reply Like
No. I've tried this on 6.6.x and 6.5r7 and they still need to be enabled before showing in LLDP.
Photo of Hammertime

Hammertime

  • 8 Posts
  • 0 Reply Likes
I use to think the same thing, why don't they just have LLDP enabled by default. It would be very helpful in locating an AP's switch port! 

I've since learned of the security issues associated with having LLDP enabled on both switching and AP infrastructure. I suspect due to the security issues Aerohive do not want to have LLDP enabled by default. 

Try reading this section (bit.ly/2w9jffl) of the CWSP book, which was co-authored by an Aerohive employee.
(Edited)
Photo of Dan Mellem

Dan Mellem

  • 52 Posts
  • 1 Reply Like
It's certainly a good idea to consider security, but the AP doesn't need to bridge LLDP or transmit sensitive data. Even if the default LLDP broadcasts on the Ethernet ports just included the MAC address/default name (AH-xxyyzz) that would help locating the AP without introduce a risk (the MAC address is already visible).