FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
adhawan
Staff
Staff
Article Id 240590
Description

This article describes the query on the output of 'diagnose lldprx neighbor summary'.

Scope FortiGate.
Solution

See the following documentation for LLDP reception:

https://docs.fortinet.com/document/fortigate/7.0.8/administration-guide/311052/lldp-reception

 

For example:

 

# diagnose lldprx neighbor summary


1 port 24 mac AC:8F:F8:4B:DA:0C  chassis AC:8F:F8:4B:D9:7D port '39714816' system 'UKHWU-P10-PBL002'
2 port 26 mac 02:76:A0:09:F1:A7  chassis D4:76:A0:09:F1:BB port 'npu1_vlink1' system 'UKHWT-P10-PFW002.uk.pri.o2.com'
port 23 mac C0:D6:82:ED:A9:B4  chassis C0:D6:82:ED:A9:84 port 'Ethernet48' system 'UKHWT-P10-PFS001.tcprod.uk.pri.o2.com'

 

The 'port 23' actually corresponds to the local interface index 23 and not port 23. It is possible to find the interface by running the below:

 

FG10E0-3 # get sys stat
Version: FortiGate-1100E v6.4.10

 

FG10E0-3 # diag netlink interface list | grep 23


if=port29 family=00 type=1 index=23 mtu=1500 link=0 master=0  -> corresponds to port29 

 

The output corresponds to the local interface index and not the local interface name. Map the output to the correct port by tracking the index in the command 'diag netlink interface list'.

 

As an improvement to this command, from FortiOS 7.2.1 and 7.0.6 onwards, 'diagnose lldprx neighbor summary' displays not only the local interface index but also an interface name.

 

FortiOS 6.4 does not have this field and it will not necessary to map the output to the correct port by tracking the index in the command 'diag netlink interface list'.

 

Other useful commands:

 

To view the received LLDP information in the CLI:


# diagnose user device list

 

To view additional information about LLDP neighbors and ports:


# diagnose lldprx neighbor {summary | details | clear}
# diagnose lldprx port {details | summary | neighbor | filter}
# diagnose lldprx port neighbor {summary | details}