PoE and LLDP
For the most part, PoE (Power over Ethernet) works perfectly with LLDP (Link Layer Discovery Protocol). I recently ran into a bizarre issue with a UniFi AP and an HPE Aruba switch where the AP would reboot under load.
In this post, I will cover how I fixed it and everything I learned in this rabbit hole.
The Setup
In my setup, I have an HPE Aruba 2930F switch, specifically the JL256A version. I also have a UniFi U7 Pro Max AP. The UniFi AP is plugged directly into the Aruba switch.
Initially, everything seemed to work fine. I could configure the UniFi AP and everything, but when I was testing the speed of the UniFi AP, I noticed that the AP would reboot, which is strange. I thought at first that maybe I had a faulty AP and would need to RMA it. However, the problem could be with my switch. To rule out the switch, I moved the AP to a PoE injector, and everything worked. I was now able to put the AP under load without it rebooting.
I started digging into my Aruba switch logs and noticed that I was getting PD over current errors on the port that the UniFi AP is plugged into, port 47. The log entry I saw was 00562 ports: port 47 PD Over Current indication.
I double-checked to make sure everything was fully compatible with each other. The power delivery method for the UniFi U7 Pro Max AP is PoE+, with a maximum power consumption of 25 watts. The Aruba 2930F has a PoE budget of 370 watts and is capable of PoE+, and I have room in the PoE budget to power the UniFi AP.
I started thinking that maybe the Aruba switch didn’t want to give the AP enough power for some reason. So I started down the rabbit hole of how PoE works and discovered that much of the magic is LLDP, specifically LLDP-MED (Link Layer Discovery Protocol – Media Endpoint Discovery).
LLDP and LLDP-MED
LLDP is similar to Cisco’s CDP (Cisco Discovery Protocol). The main difference between LLDP and CDP is that LLDP is vendor-neutral. LLDP is used by networking devices to provide information about themselves, such as port description, management address, system name, system capabilities, and system description.
LLDP-MED is an extension of LLDP and is commonly used by devices such as APs, VoIP phones, computers, and others. A very common use of LLDP-MED is to detect VoIP phones and place them on a voice VLAN because this lets you configure an access port with a data VLAN for computers and a voice VLAN for VoIP phones.
The LLDP information is transferred in an LLDPDU (Link Layer Discovery Protocol Data Unit). Inside the LLDPDU is a TLV (type-length-value). The TLV holds most of the information about the device.
PoE
With PoE, there are PSE (Power Sourcing Equipment) devices, which are basically your switches or PoE injectors, and then there are PD (Powered Device) devices, which are the devices that need PoE power, like a VoIP phone or an AP.
When a PoE device is plugged into a PoE switch, the PoE device uses LLDP-MED to communicate with the PoE switch to tell it what kind of power it needs, and the switch provides that. This is done using TLV in the LLDPDU and PoE types and classes.
PoE Types
There are a few types of PoE. The PoE type dictates their name and available power. Below is a chart of the PoE types.
| Types | Common Name | Maximum Power |
| Type 1 | PoE aka 802.3af | 15.4 Watts |
| Type 2 | PoE+ aka 802.3at | 30 Watts |
| Type 3 | PoE++ aka 802.3bt | 60 Watts |
| Type 4 | PoE++ aka 802.3bt | 90 Watts |
PoE Classes
In addition to PoE types, there are a few PoE classes. Classes dictate the PoE type they need and how much power could be required. Below is a chart of the PoE classes.
| Classes | PoE Types | Maximum Power |
| Class 0 | Type 1 aka PoE aka 802.3af | 15.4 Watts |
| Class 1 | Type 1 aka PoE aka 802.3af | 4 Watts |
| Class 2 | Type 1 aka PoE aka 802.3af | 7 Watts |
| Class 3 | Type 1 aka PoE aka 802.3af | 15.4 Watts |
| Class 4 | Type 2 aka PoE+ aka 802.3at | 30 Watts |
| Class 5 | Type 3 aka PoE++ aka 802.3bt | 45 Watts |
| Class 6 | Type 3 aka PoE++ aka 802.3bt | 60 Watts |
| Class 7 | Type 4 aka PoE++ aka 802.3bt | 75 Watts |
| Class 8 | Type 4 aka PoE++ aka 802.3bt | 90 Watts |
PoE Allocation
With PoE, you can allocate the power based on the device’s usage or class. Typically, the default is based on usage, and then LLDP will communicate if the device needs more power.
I tried changing between usage and class, and neither setting resolved my issue.
There is also a third option to allocate PoE power based on a hardcoded value that you define.
I decided to try PoE value on port 47 with the following command int 47 poe-allocate-by value.
Setting the PoE allocation by value gives you the warning Warning: Use this command at your own risk. Proceeding may result in undesired PoE behavior. Recommend setting 'poe-allocate-by' to 'class' or 'usage'.
I then set the value of PoE on port 47 to be 30 watts with the following command int 47 poe-value 30.
After changing the configurations, the UniFi AP started working correctly under load. As a sanity check, I also hardcoded the PoE value to 10 watts. Then I put the UniFi AP under load, and this caused the UniFi AP to reboot again and triggered a PD Over Current indication event.
Given all the warnings Aruba showed about hardcoding the PoE value, I decided to keep digging for another solution.
PLC and DLC
Within PoE, there is also something called PLC (Physical Layer Classification) and DLC (Data link Layer Classification).
When a PoE device boots up, it uses the PLC to communicate how much power is needed, and the switch will provide that. Once the PoE device is booted up, it can flip over to using DLC with LLDP, which allows for more granular control of the power allocation.
On my Aruba switch, DLC is optional but mandatory for type 2 devices (PoE+) that need more than 12.95 watts of power. The UniFi AP U7 Pro Max is a class 4 type 2 PoE device and requires more than 12.95 watts of power.
I ran the command show power-over-ethernet 47 to get more information about the PoE on port 47.
I can now see that, for some reason, the DLC class and type are missing, and we know that the DLC information is mandatory for type 2 devices (PoE+). Due to this missing information, the switch will only provide 13 watts of power, which explains why the AP can power up, but under load, it needs more power, but the switch won’t offer it, so the AP reboots.
To double-check everything, I plugged in an Aruba AP in port 48 and ran the command show power-over-ethernet 48 to get more information about the PoE on that port.
A few things stood out as different
- DLC Class/Type is 4/2
- Alloc By Actual is lldp
- PSE Allocated Power Value is 25.5 W
- PSE TLV Sent Type is dot3
- PD TLV Sent Type is dot3
Digging Deeper
We can look at the LLDP information for the UniFi AP with the command show lldp info remote-device 47
We can also look at the LLDP info for the port with the UniFi AP using the command show lldp info local-device 47
From those outputs, it looks like the UniFi AP wants to request 25.5 watts, but the switch ignores the request and only allows the UniFi AP to use 13 watts.
To cross-reference the information the UniFi AP is providing, I also looked at the LLDP info for the Aruba AP on port 48 with the command show lldp info remote-device 48
Interestingly, on the UniFi AP, the LLDP information about PD Requested Power Value and PSE Allocated Power Value are missing.
I also looked at the LLDP port information for port 48, which has the Aruba AP with the command show lldp info local-device 48
Everything works correctly on the Aruba AP but not the UniFi AP. I suspect this is due to the missing DLC information in the LLDP from the UniFi AP, which is causing the switch to limit the power to 13 watts.
The Fix
The UniFi U7 Pro Max AP seems to have issues with LLDP, which is creating issues with DLC, which causes the HPE Aruba 2930F switch to only provide 13 watts of power. I will disable DLC on the port that has the UniFi AP to force it to use PLC instead.
To disable DLC on port 47, which has the UniFi AP, I need to turn off the PoE+ 802.3 TLV in LLDP for port 47. To do so, I will run the following command no lldp config 47 dot3TlvEnable poeplus_config
Now, if we look at the LLDP info for port 47 with the UniFi AP using the command show lldp info local-device 47
We can see that the UniFi AP can now request 25.5 watts.
If we check the PoE information for port 47 with the command show power-over-ethernet 47
We can see that PSE TLV Configured is only MED. This means that UniFi AP only uses PLC to communicate its power needs instead of PLC and DLC.
Now, when the UniFi AP is under load, or I run a speed test, it doesn’t reboot, and everything works. I don’t know why there’s an issue with the DLC information in the LLDP of the UniFi AP. This may be a widespread problem, as when digging into this issue, I found many posts of people with similar experiences across switch vendors and PoE devices.
I couldn’t find much official documentation. However, I did find a reference in the HPE Aruba Networking documentation in the 802.3bt support section.
Leave a comment