NSX-T - useful CLI commands at one place
In this article I will try to summarize most useful CLI commands inside NSX-T environment, which I personally favorize, so you can quickly make observations/troubleshooting decisions, hopefully in an easy manner with relevant outputs. Now, NSX-T environment and support for CLI comes with many options - many GETs / SETs CLI commands etc. with included option also for Central CLI (more on very nice post at this LINK) - but here I'm going to put most interesting one, from my perspective, and for sure this list is going to be expanded:
- PING test using TEP interface
vmkping ++netstack=vxlan <IP> [vmkping ++netstack=vxlan -d -s 1572 <destination IP>] - example with sending packet with MTU=1572 w/o fragmentation
- Enable firewall logging for rules configured inside NSX-T
esxcli network firewall ruleset set -r syslog -e true - enable firewall SYSLOG generation inside ESXi transport node
tail -f /var/log/dfwpktlogs.log | grep <expression> - check distributed firewall LOGs inside ESXi, with expression included if needed
- PACKET capturing session configuration
get interfaces - find out interesting interface UUID where packet capturing process should start (T0 SR, TEPs...)
set capture session <interface UUID> file test.pcap - basic capture session configuration
set capture session <interface UUID> file test.pcap expression port 179 - filtering only for BGP interesting traffic
set capture session <interface UUID> file test.pcap expression host <interesting IP> - filtering for specific IP during capture session
/var/vmware/nsx/file-store/ - generated *.pcap file location
- T0 running-config in "IOS style" presentation
set debug
get service router running-config
- Edge node ADMIN - ROOT shell change inside session
st en - followed by the ROOT password
Comments
Post a Comment