Getting started with LLDP for NGFW Engines

NGFW Engines can use LLDP to send information about themselves to directly connected devices on the network, and receive information that other devices on the network send.

LLDP makes it easier to deploy a large number of NGFW Engines. LLDP announcements from NGFW engines allow other directly connected devices on the network to assign the correct VLAN IDs to ports on network switches to which the NGFW engine is connected. LLDP announcements from directly connected devices on the network provide information about switch topology to NGFW Engines, such as which network switch and port the NGFW Engine is connected to, and which VLANs it can reach.

When LLDP is enabled for a Layer 3 Physical Interface on an NGFW Engine, the NGFW Engine always announces the following type-length-values (TLVs):

Chassis ID — The MAC address of the first Ethernet port
Port ID — The name of the interface in the format 'ifname <name>'
Port Description — The name of the interface
Time to Live — The period of time for which LLDP advertisements should be stored in the cache of neighboring LLDP-compliant devices. This value is automatically calculated based on the transmit delay and the hold time multiplier defined in the LLDP Profile element that the NGFW Engine uses.

The NGFW Engine can optionally announce the following TLVs:

System Name — The name of the NGFW Engine or the node in the NGFW Engine cluster in the SMC.
System Description — Operating system details about the NGFW Engine, such as operating system name, operating system version, and architecture.
System Capabilities — A bit-map of the enabled capabilities of the interface as router, repeater, and other.
Management Address — The IP addresses of the control interfaces

LLDP for NGFW Engines has the following limitations:

LLDP is supported only on NGFW Engines in the Firewall/VPN role and on Master NGFW Engines that host Virtual Firewalls.
LLDP is not supported on Virtual NGFW Engines.
LLDP is supported only on Layer 3 Physical Interfaces.