asterisk users - Jan 2017 - Understanding how LLDP works with DHCP [SOLVED]

2017-01-19 18:19 GMT+01:00 Jose Flores Galicia <flojose at gmail.com>:
> 2017-01-19 4:09 GMT-06:00 Olivier <oza.4h07 at gmail.com>:
>
>> Hello,
>>
>> For years, I used to configure SIP phone VLAN membership through a DHCP
>> server.
>>
>> Here are the details:
>> - I dedicate a LAN port on a switch to voice VLAN
>> - somewhere else, I configure a DHCP server to serve LAN addresses
within
>> voice VLAN
>> - any other switch port connected to an other DHCP server is
explicitely
>> excluded from voice VLAN
>> - new SIP hardphones are first connected to the dedicated voice VLAN
>> port: after several reboots, they get an address within voice VLAN
address
>> range and save VLAN tag somewhere within their persistent memory
>> - SIP phones are then moved to an other switch port: as they boots,
they
>> request a LAN address using previously received VLAN tag.
>>
>> Now I would like to improve this process using LLDP.
>> I ran a couple of tests in my lab and still have some questions:
>>
>>
>> 1. My lab switch sends within LLDP frames, a list of VLANs. One is
named
>> "default" and the other is named "voice".
>> Do LLDP-capable phones look for a specific name to elect the VLAN tag
>> they will later use to build DHCPDISCOVER request or do they look for
>> something else (medPolicy) ?
>>
>> 2. With LLDP, do you still need your DHCP server to embed VLAN
membership
>> data within DHCPOFFER or is it a thing of the past ?
>>
>> 3. Have you been successfull with LLDP on a KVM guest networked to an
>> LLDP-enabled switch through a linux bridge (see [1]) ?
>> Where can I find information regarding the line bellow:
>> echo 16384 >
/sys/class/net/<bridge_name>/bridge/group_fwd_mask
>>
>>
>> [1] https://thenetworkway.wordpress.com/2016/01/04/lldp-traffic-
>> and-linux-bridges/
>>
>>
>> Best regards
>>
>>
>> --
>> _____________________________________________________________________
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>
>> Check out the new Asterisk community forum at:
>> https://community.asterisk.org/
>>
>> New to Asterisk? Start here:
>>       https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>>
>> asterisk-users mailing list
>> To UNSUBSCRIBE or update options visit:
>>    http://lists.digium.com/mailman/listinfo/asterisk-users
>>
>
> Hi Oliver.
>
> 1. Actually there are 2 protocols which must be supported on switch and ip
> phone, one is LLDP wich inventories both ways. IP Phone <-> Switch,
to
> ellaborate on both devices MIB database with switching/routing/app
> capabilities of their partner; second is the LLDP-MED (Media Endpoint
> Discovery) which is capable of sending L2/L3 settings to devices. These
> settings are in several categories, concerning your question is
"Network
> Policy" settings wich will be sent to the ip phone based on their app
> capabilities (LLDP).
> "Network Policy" settings can contain VLAN ID for voice and other
ID for
> Data, and other for Video, etc. Once the LLDP-MED "Network
Policy" settings
> are received on ip phone, will tag the phone traffic on the specified VLAN,
> On switching capable ip phones (2 or more ethernet interfaces), probably
> will only tag phone traffic, and leave the switched traffic on the access
> vlan.
> So ip phone sends DHCPREQUEST on the VLAN ID set by LLDP-MED.
>
> 2. DHCP VLAN settings will probably being ignored since most of devices
> will prefer LLDP-MED settings.
>
> 3. With LLDP enabled on KVM guest, you can obtain information about
> network devices attached, their capabilities, brand, model, etc. I have
> never tried but LLDP-MED supposed only to work on next switch device (Link
> Layer), not a propagation protocol.
>
>
> I always have deployed LLDP-MED capable ip phones on a LLDP-MED capable
> network is:
> 1.- Enable LLDP on all access switches so they can advertise and receive
> LLDP information.
> 2.- Configure LLDP-MED on all ports where will be connected ip phones and
> set the correct Network Policy, sending LLDP-MED capable voice devices to
> voice VLAN ID
> 3.- DHCP server exists attached to voice VLAN ID, as LLDP-MED will provide
> same VLAN ID, phone will receive at the first boot their DHCP settings.
>
> Best Regards.
>
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at: https://community.asterisk.
> org/
>
> New to Asterisk? Start here:
>       https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
>
Hello,

Combining a Yealink phone with a Ubiquiti switch, and thanks to above
explanation,I could at last have my very first working LLDP experiment !

To sum up things: it seems an LLDP-enabled switch port would send a frame
including an LLDP policy. This LLDP policy (which can be specific to each
port) describe which tag to use to "enter" Voice VLAN.

In turn LLDP-enabled phone would tag its DHCP DISCOVER request with
appropriate VLAN tag value and there is no need to include vendor-specific
VLAN data in DHCP OFFER anymore.

The benefit is that with LLDP, any factory-reset phone can be plugged in
any LLDP-enabled network and get appropriate VLAN config.

Thanks for helping.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20170124/b366782f/attachment.html>