Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.


LLDP + source mac address


Does anyone know what the source mac address of an LLDP frame should be according to the IEEE standard ?

We connected some devices that use LLDP to our network, and we noticed that they were using two MAC addresses: MAC A for ARP and IP higher layer protocol and MAC B (which was MAC A + 1) for LLDP advertisements. I am not sure if a device is free to do this.

This generates problems with our port security policy which allows only one MAC per port in the data vlan.

I only see the following solutions:

- change our policy to allow two macs/port

- ask the device manager to disable LLDP on that device

- put a VLAN ACL on all ports to drop LLDP frames (??)

- others..



Cisco Employee

Re: LLDP + source mac address

Here's clause 8.2 from the 802.1AB spec:

"8.2 Source address

The source address shall be the MAC address of the sending station or port."

The statement seems to assume that a given device will only have one MAC address, so using another MAC address may not necessarily be a violation.

What platform(s) and IOS version(s) are you seeing this on?



Re: LLDP + source mac address

The device is a Siemens S7-300 PLC, it uses different MAC addresses for ARP broadcasts and LLDP advertisements (very strange to me, but i have a capture proving it).

It also send an LLDP advertisment every 5 seconds (not sure if this also is "within specification")

PS. What exactly does the command:

"no lldp receive" do on an interface ?

Does it filter off LLDP protocol messages (and therefore also prevents the port from learning an additional MAC address) ?

Cisco Employee

Re: LLDP + source mac address