Copyright © 2014-2018 VMware, Inc. All rights reserved. Copyright and trademark information.
EN-002526-00
NSX-T Command-Line Interface Reference
NSX-T Data Center 2.3.0
Table of Contents
start capture node <cap-node-id> vnic <vnic-id> direction <capture-direction> parameters <arguments>
About This Book
The NSX-T Command-Line Interface Reference describes how to use the NSX-T
Command-Line Interface (CLI) and includes examples and command overviews.
Intended Audience
The information in this guide is written
for experienced systems and network administrators who are familiar with virtual
machine technology and virtual datacenter operations.
VMware Technical Publications Glossary
VMware Technical Publications provides a glossary of terms that might
be unfamiliar to you. For definitions of terms as they are used in
VMware technical documentation go to
http://www.vmware.com/support/pubs.
Document Feedback
VMware welcomes your suggestions for improving our documentation.
If you have comments, send your feedback to
[email protected].
Introduction to the NSX-T CLI
Each NSX-T virtual appliance contains a command-line interface (CLI).
The command syntax and output format of NSX-T commands are not guaranteed
to be the same from release to release. If you are automating tasks, please use the
API. See the NSX-T API Guide for details.
Logging In and Out of the CLI
Before you can run CLI commands, you must connect to
an NSX-T virtual appliance. You can connect to the console or through
SSH.
If you did not enable SSH while installing the appliance, you can use the
set service ssh start-on-boot command to enable
the SSH service.
To log out, type exit from Basic mode.
CLI Command Modes
The commands available to you at any given time depend on the mode you
are currently in.
Important Note
Starting with NSX-T 2.1, the NSX Manager GUI uses the term N-VDS
(NSX managed virtual distributed switch) to refer to what was known as
host switch in previous releases. In this document, the term
host switch is still used. The two terms are synonyms.
NSX-T CLI Commands
Activate clustering services on this controller. Run the
activate control-cluster command after the controller has joined the cluster.Example
nsx-controller-2> activate control-cluster
Control cluster activation successful.
Mode
Basic
Availability
Controller
Create a backup of an NSX KeyManager node.
If you do not provide a passphrase on the command line, you will be prompted to enter one. The passphrase is used to encrypt the backup. If you forget the passphrase, you will not be able to restore the backup.
Important: This backup command is one part of the backup process. You must complete all backup and restore tasks in the correct order. See the NSX-T Administration Guide for information and instructions about performing backups and restores.
| Option | Description |
|---|---|
| <filename> | Filename argument Allowed pattern: ^[^/ *;&|]+$ |
| <passphrase> | Backup passphrase |
Example
nsx-keymanager-1> backup node file backup-node-timestamp.tar.gz
Passphrase:
nsx-keymanager-1>
Mode
Basic
Availability
Key Manager
Move to the bottom of the path. The arrow moves to show which interface is current.
Example
nsx-edge-1(path)> bottom
interface : de650f56-276d-46ef-959e-960752acfe19
interface : 140ca8de-61e0-4bba-b429-6a3791b0846a
port : 9eff9e4e-9157-4107-a0dd-c79350dce6f7
port : 53bab4b1-f0df-451b-af80-0a9d5e580186
interface : 2a7bf881-1f89-4833-833e-47673b79901a
interface : bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a
port : 5b2068d0-8c28-4427-8be4-48f422f92309
port : eb3bd495-9ce3-40b4-a955-c2ddc4893cfa
interface : 1fec3ffa-213d-4d2b-ae1b-e12857434846
interface : 13592f56-be3c-4d3d-88de-7d5825dd51bb
port : c588fc5d-dd62-45b2-bc16-3dae466c16c7
port : 2120ef07-05e3-477f-8d96-e2be390784db
interface : 3bbbd5e9-2ffe-4fb7-9edb-edc7bba67278
interface : dd10beb2-3673-43a5-b180-ecc46e830ee0
->port : fdc429ef-d778-421b-bf84-e1063a7bf5ab
Mode
Path
Availability
Edge, Public Cloud Gateway
Clear the vidm service's enabled property.
Example
nsx-manager-1> clear auth-policy vidm enabled
nsx-manager-1>
Mode
Basic
Availability
Manager, Policy Manager
Clear the security banner or message of the day. The banner is reset to the system default banner.
Example
nsx> clear banner
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Clear the statistics for the specified BFD session
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> clear bfd-session local-ip 192.168.250.60 remote-ip 192.168.250.61 stats
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Clear the statistics for all BFD sessions.
Example
nsx-edge-1> clear bfd-session stats
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Reset all BGP neighbor connections.
Example
nsx-edge-1(tier0_sr)> clear bgp neighbors
nsx-edge-1(tier0_sr)>
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Clear flow cache statistics for all fastpath cores.
Example
nsx-edge-1> clear dataplane flow-cache stats
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Turn off BGP debugging.
Example
nsx-edge-1(tier0_sr)> clear debug bgp
nsx-edge-1(tier0_sr)>
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Turn off IPS tracing.
Example
nsx-edge-1(tier0_sr)> clear debug routing ipstrace
nsx-edge-1(tier0_sr)>
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Clear the Edge cluster state history.
Example
nsx-edge-1> clear edge-cluster history state
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
This command disables mandatory access control on the node. Usage for the command is
clear hardening-policy mandatory-access-control enabledExample
nsx-edge-1> clear hardening-policy mandatory-access-control enabled
Mandatory Access Control is disabled.
Mode
Basic
Availability
Controller, Edge, Manager, Policy Manager, Public Cloud Gateway
Clear statistics for the specified high-availability channel
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> clear high-availability channel local-ip 30.0.246.232 remote-ip 30.0.29.0 stats
Mode
Basic
Availability
Edge, Public Cloud Gateway
Clear statistics for all high-availability channels.
Example
nsx-edge-1> clear high-availability channels stats
Mode
Basic
Availability
Edge, Public Cloud Gateway
Clear the high availability state history for the logical router in the VRF context.
Example
nsx-edge-1(tier1_sr)> clear high-availability history state
nsx-edge-1(tier1_sr)>
Mode
Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Clear statistics for the specified high-availability session
| Option | Description |
|---|---|
| <service-id> | Service id (0-65535) |
Example
nsx-edge-1> clear high-availability session local-service-id 101 peer-service-id 101 stats
Mode
Basic
Availability
Edge, Public Cloud Gateway
Clear statistics for all high-availability sessions.
Example
nsx-edge-1> clear high-availability sessions stats
Mode
Basic
Availability
Edge, Public Cloud Gateway
Remove all network configuration from the specified interface.
| Option | Description |
|---|---|
| <interface-name> | Configurable network interface argument |
Example
nsx-edge> clear interface eth0 ip
nsx-edge>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Clear the network interface plane configuration.
| Option | Description |
|---|---|
| <interface-name> | Configurable network interface argument |
Example
nsx-edge> clear interface eth0 plane
nsx-edge>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Deletes LLDP Neighbor information on all devices.
Example
nsx-edge-1> clear lldp neighbors
Mode
Basic
Availability
Edge, Public Cloud Gateway
Deletes LLDP Neighbor information on given device.
| Option | Description |
|---|---|
| <interface-name> | LLDP interface argument |
Example
nsx-edge-1> clear lldp neighbors eth0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Deletes LLDP Statistics on all devices.
Example
nsx-edge-1> clear lldp stats
Mode
Basic
Availability
Edge, Public Cloud Gateway
Deletes LLDP Statistics on given device.
| Option | Description |
|---|---|
| <interface-name> | LLDP interface argument |
Example
nsx-edge-1> clear lldp stats eth0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Clear the statistics for a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> clear load-balancer ed785df6-2143-4944-b918-66470886be83 stats
Mode
Basic
Availability
Edge, Public Cloud Gateway
Clear load balancer performance profile parameter settings from edge.
Example
nsx-edge-1> clear load-balancer perf-profile
Mode
Basic
Availability
Edge, Public Cloud Gateway
Clear all logging server configuration.
Example
nsx> clear logging-servers
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Clear the high availability state history for the specified logical router. Only service routers have a high availability status. Use the
get logical-routers command to get a list of logical routers and their router types.| Option | Description |
|---|---|
| <uuid> | UUID argument |
Example
nsx-edge-1> clear logical-router 4e425c9e-09c6-4021-bbc7-fab2895a2c09 high-availability history state
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Deletes all NSX configuration and modules from the host only. Please delete the corresponding transport node entries from NSX manager using GUI/API.
Example
host-1> clear management-plane
host-1>
Mode
Basic
Availability
ESXi, KVM
Clear all name servers from the DNS configuration.
Example
nsx> clear name-servers
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Clear statistics for the specified physical port.
| Option | Description |
|---|---|
| <physical-port-name> | Datapath String argument |
Example
nsx-edge-1> clear physical-port fp-eth2 stats
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Remove all domain names from the DNS search list.
Example
nsx> clear search-domains
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Clear the HTTP service redirect host.
Example
nsx-manager-1> clear service http redirect-host
nsx-manager-1>
Mode
Basic
Availability
Manager, Policy Manager
Clear the install-upgrade service's enabled property.
Example
nsx-manager-1> clear service install-upgrade enabled
nsx-manager-1>
Mode
Basic
Availability
Manager, Policy Manager
Configure the snmp service to not start on boot.
Example
nsx> clear service snmp start-on-boot
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Configure the SSH service to not start on boot.
Example
nsx> clear service ssh start-on-boot
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Copy a local file to a remote destination.
| Option | Description |
|---|---|
| <filename> | Existing file argument |
| <url> | Remote file url (e.g. scp://username@ip_address/filepath/filename) |
Example
nsx> copy file support-bundle-0.tgz url scp://[email protected]/home/admin/
[email protected]'s password:
nsx>
Mode
Basic
Availability
Controller, Edge, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Copy a remote file to the local file store. If no destination file is specified, the copied file has the same file name as the source file. You can use the
file argument to specify a different destination file name.| Option | Description |
|---|---|
| <url> | Remote file url (e.g. scp://username@ip_address/filepath/filename) |
| <filename> | Filename argument Allowed pattern: ^[^/ *;&|]+$ |
Example
nsx> copy url scp://[email protected]/home/admin/file-0.txt
[email protected]'s password:
nsx>
or
nsx> copy url scp://[email protected]/home/admin/file-1.txt file newfile-1.txt
[email protected]'s password:
nsx>
Mode
Basic
Availability
Controller, Edge, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Deactivate clustering services on this controller. Run the
deactivate control-cluster command after the controller has been detached from the cluster.Example
nsx-controller-2> deactivate control-cluster force
Control cluster deactivation successful.
Mode
Basic
Availability
Controller
Delete all packet capture sessions.
Example
nsx-manager> del all capture sessions
Session Count: 1
Session ID: 62fd4a28-5463-4f92-af34-42e55547ec7e
Session Status: deleted
Start Time: 2018-07-31 07:09:36
Stop Time: 2018-07-31 07:09:51
Request:
Node: af1c570b-f78d-4ea3-8858-219f9fe73511
Capture Type: vmknic
Capture Value: vmk0
Capture Direction: input
Capture Mode: standalone
Mode
Basic
Availability
Manager
Delete the specified packet capture session.
| Option | Description |
|---|---|
| <session-id-arg> | Packet capture session id parameter |
Example
nsx-manager> del capture session 2e4d5f24-88a9-4d88-8af0-e588833064d9
Session ID: 2e4d5f24-88a9-4d88-8af0-e588833064d9
Session Status: deleted
Start Time: 2018-07-31 07:10:35
Stop Time: 2018-07-31 07:10:45
Request:
Node: af1c570b-f78d-4ea3-8858-219f9fe73511
Capture Type: vmknic
Capture Value: vmk0
Capture Direction: input
Capture Mode: standalone
Mode
Basic
Availability
Manager
Delete a packet capture session configuration.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
Example
kvm-1> del capture session 1
kvm-1>
Mode
Basic
Availability
KVM
Delete a packet capture session configuration.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
Example
nsx-edge-1(path)> del capture session 1
nsx-edge-1(path)>
Mode
Path
Availability
Edge, Public Cloud Gateway
Delete a packet capture session configuration.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
Example
nsx-edge-1> del capture session 1
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Delete the specified interface from a packet capture session configuration. If you are only monitoring one interface, this deletes the monitoring session configuration.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
| <interface-name> | Network interface argument |
Example
kvm-1> del capture session 1 interface b592a7c8-4e21-493e-b0fc-0b1d152c949c
kvm-1>
Mode
Basic
Availability
KVM
Delete the specified interface from a packet capture session configuration. If you are only monitoring one interface, this deletes the monitoring session configuration.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
| <port-uuid-name> | Datapath String argument |
Example
nsx-edge-1> del capture session 1 interface fp-eth1
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Delete a local file.
| Option | Description |
|---|---|
| <filename> | Existing file argument |
Example
nsx> del file support-bundle-0.tgz
nsx>
Mode
Basic
Availability
Controller, Edge, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Delete the host's public cloud gateway certificate
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
host-1> del gateway certificate 13.14.41.34
Mode
Basic
Availability
NSX Cloud VM
Delete all the host's public cloud gateway certificates
Example
host-1> del gateway certificates
Mode
Basic
Availability
NSX Cloud VM
Remove public cloud VM certificate
| Option | Description |
|---|---|
| <vm-id> | VM ID |
Mode
Basic
Availability
Public Cloud Gateway
Delete the specified logging server configuration. You can use the
get logging-servers command to display the current logging server configuration.| Option | Description |
|---|---|
| <hostname-or-ip-address[:port]> | A hostname or IP address with optional port delimited by a colon |
| <proto> | Logging server protocol Allowed values: tcp, udp, tls, li, li-tls |
| <level> | Level of log entries to export Allowed values: emerg, alert, crit, err, warning, notice, info, debug |
| <facility> | Comma delimited list of facilities of log entries to export |
| <messageid> | Comma delimited list of MSGIDs of log entries to export |
| <structured-data> | Structured data of log entries to export Allowed pattern: ^(comp|subcomp|s2comp|security|audit|reqId|ereqId|entId|errorCode|eventId|euser|threadId|splitId|splitIndex)=.+$ |
Example
nsx> del logging-server 192.168.110.60 proto udp level info facility syslog messageid SYSTEM,FABRIC structured-data audit=true
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Delete the specified name server from the DNS configuration.
| Option | Description |
|---|---|
| <ip-address> | Name server IP address argument |
Example
nsx> del name-server 192.168.110.11
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Remove an existing NTP server.
| Option | Description |
|---|---|
| <hostname-or-ip-address> | A hostname or IP address |
Example
nsx-manager-1> del ntp-server 172.31.32.2
nsx-manager-1>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Delete the specified network route.
| Option | Description |
|---|---|
| <prefix> | CIDR notation argument |
| <gateway-ip> | Gateway IP address argument |
| <interface-name> | Configurable network interface argument |
Example
nsx> del route prefix 10.10.10.0/24 gateway 192.168.110.1
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Delete the specified domain name from the DNS search list.
| Option | Description |
|---|---|
| <domain> | Search domain argument |
Example
nsx> del search-domains eng.example.com
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Delete the specified host entry from the SSH known hosts file.
| Option | Description |
|---|---|
| <hostname-or-ip-address[:port]> | A hostname or IP address with optional port delimited by a colon |
Example
nsx> del ssh-known-host 192.168.110.105
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Delete any SSH key with specified label from specified user's authorized_keys file. If password is not provided in the command then you are prompted to enter it. Password is required only for users root and admin.
| Option | Description |
|---|---|
| <username> | Username of user |
| <key-label> | Unique label for SSH key |
| <password> | Password of user |
Example
nsx> del user admin ssh-keys label user1@domain1 password Pa$$w0rd
nsx>
or
nsx> del user admin ssh-keys label user1@domain1
Password (required only for users root and admin):
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Detach the specified controller from the controller cluster. Run the
detach control-cluster command from a controller that will remain in the cluster, not from the controller you intend to detach.| Option | Description |
|---|---|
| <ip-address[:port]> | IP address of an NSX Controller and optional port |
Example
nsx-controller-1> detach control-cluster nsx-controller-2
Successfully detached node from the control cluster.
Mode
Basic
Availability
Controller
Detach the specified controller from the management cluster. The controller must also be removed from the control cluster by logging into the controller CLI and running the
detach control-cluster command on a node other than the one being detached.| Option | Description |
|---|---|
| <controller-node-uuid> | UUID of a controller node |
Example
nsx-manager-1> detach controller cebd518a-b2c5-4b56-8f68-52455284c7eb
The detach operation completed successfully
nsx-manager-1>
Mode
Basic
Availability
Manager
Detach this hypervisor host from the management plane. You can specify any NSX Manager in the management cluster in this command.
Use the API username and password for the specified NSX Manager. If you do not provide a password on the command line, you will be prompted to enter one.
Get the NSX Manager thumbprint by running the get certificate api thumbprint command on the specified NSX Manager.
| Option | Description |
|---|---|
| <hostname-or-ip-address[:port]> | Hostname or IP address of an NSX Manager and optional port |
| <username> | Manager API username |
| <thumbprint> | Manager API thumbprint |
| <password> | Manager API password |
Example
host-1> detach management-plane 192.168.110.105 username admin thumbprint 898b75618e3e56615d53f987a720ff22b6381f4b85bec1eb973214ff7361f8b8
Password for API user:
Node successfully removed
Mode
Basic
Availability
ESXi, KVM
Detach this Edge from the management plane.
| Option | Description |
|---|---|
| <hostname-or-ip-address[:port]> | Hostname or IP address of an NSX Manager and optional port |
| <username> | Manager API username |
| <thumbprint> | Manager API thumbprint |
| <password> | Manager API password |
Example
nsx-edge> detach management-plane 192.168.110.105 username admin thumbprint 7f1374c339b592da504b352857a0bdc4e77b9b998a9971f9335633210f667c97
Password for API user:
Node successfully deregistered
Mode
Basic
Availability
Edge, Public Cloud Gateway
Detach this keymanager from the management plane. You can specify any NSX Manager in the management cluster in this command.
Use the API username and password for the specified NSX Manager. If you do not provide a password on the command line, you will be prompted to enter one.
Get the NSX Manager thumbprint by running the get certificate api thumbprint command on the specified NSX Manager.
| Option | Description |
|---|---|
| <ip-address[:port]> | IP address of an NSX Manager and optional port |
| <username> | Manager API username |
| <thumbprint> | Manager API thumbprint |
| <password> | Manager API password |
Example
nsx-keymanager-1> detach management-plane 192.168.110.105 username admin
thumbprint fef089bbfbd2e10da6ee08c7ff4a95da1368587abfd2c6db59c8db540bc43e58
Password for API user:
Node successfully unregistered and keymanager service stopped
Mode
Basic
Availability
Key Manager
Display the result of the specified packet capture session with the tcpdump command.
| Option | Description |
|---|---|
| <session-id-arg> | Packet capture session id parameter |
Example
nsx-manager> display capture session 0fea2cac-5a13-44cf-b92e-b63f69572268
reading from file /tmp/pktcap/0fea2cac-5a13-44cf-b92e-b63f69572268.pcap, link-type EN10MB (Ethernet)
07:10:46.513603 IP w1-mvpcloud-164.eng.vmware.com.31181 > nsx-controller-leng1.eng.vmware.com.1235: Flags [.], ack 2218716988, win 128, length 0
07:10:48.460753 IP w1-mvpcloud-164.eng.vmware.com.52976 > nsx-controller-leng4.eng.vmware.com.amqps: Flags [P.], seq 768580848:768580898, ack 2927523439, win 128, length 50
07:10:48.463135 IP w1-mvpcloud-164.eng.vmware.com.52976 > nsx-controller-leng4.eng.vmware.com.amqps: Flags [P.], seq 50:100, ack 554, win 128, length 50
Mode
Basic
Availability
Manager
Display packet capture result with command tcpdump.
| Option | Description |
|---|---|
| <session-id-arg> | Packet capture session id parameter |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> display capture session ed0a79df-4e4d-4784-9f2a-d14327e511a1 parameters -c 2
nsx-manager-1>
Mode
Basic
Availability
Manager
Move down the path. The arrow moves to show which interface is current.
Example
nsx-edge-1(path)> get path
interface : de650f56-276d-46ef-959e-960752acfe19
interface : 140ca8de-61e0-4bba-b429-6a3791b0846a
port : 9eff9e4e-9157-4107-a0dd-c79350dce6f7
port : 53bab4b1-f0df-451b-af80-0a9d5e580186
interface : 2a7bf881-1f89-4833-833e-47673b79901a
interface : bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a
port : 5b2068d0-8c28-4427-8be4-48f422f92309
port : eb3bd495-9ce3-40b4-a955-c2ddc4893cfa
interface : 1fec3ffa-213d-4d2b-ae1b-e12857434846
interface : 13592f56-be3c-4d3d-88de-7d5825dd51bb
port : c588fc5d-dd62-45b2-bc16-3dae466c16c7
->port : 2120ef07-05e3-477f-8d96-e2be390784db
interface : 3bbbd5e9-2ffe-4fb7-9edb-edc7bba67278
interface : dd10beb2-3673-43a5-b180-ecc46e830ee0
port : fdc429ef-d778-421b-bf84-e1063a7bf5ab
nsx-edge-1(path)> down
interface : de650f56-276d-46ef-959e-960752acfe19
interface : 140ca8de-61e0-4bba-b429-6a3791b0846a
port : 9eff9e4e-9157-4107-a0dd-c79350dce6f7
port : 53bab4b1-f0df-451b-af80-0a9d5e580186
interface : 2a7bf881-1f89-4833-833e-47673b79901a
interface : bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a
port : 5b2068d0-8c28-4427-8be4-48f422f92309
port : eb3bd495-9ce3-40b4-a955-c2ddc4893cfa
interface : 1fec3ffa-213d-4d2b-ae1b-e12857434846
interface : 13592f56-be3c-4d3d-88de-7d5825dd51bb
port : c588fc5d-dd62-45b2-bc16-3dae466c16c7
port : 2120ef07-05e3-477f-8d96-e2be390784db
->interface : 3bbbd5e9-2ffe-4fb7-9edb-edc7bba67278
interface : dd10beb2-3673-43a5-b180-ecc46e830ee0
port : fdc429ef-d778-421b-bf84-e1063a7bf5ab
Mode
Path
Availability
Edge, Public Cloud Gateway
Exit the VRF context mode if you are in it. Otherwise, exit the CLI.
Example
nsx-edge-1> vrf 1
nsx-edge-1(tier1_sr)> exit
nsx-edge-1>
Mode
Availability
Controller, Edge, ESXi, KVM, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display information for all packet capture sessions.
Example
nsx-manager> get all capture sessions
Session Count: 1
Session ID: 0fea2cac-5a13-44cf-b92e-b63f69572268
Session Status: stopped
Start Time: 2018-07-31 07:11:54
Stop Time: 2018-07-31 07:12:10
Request:
Node: af1c570b-f78d-4ea3-8858-219f9fe73511
Capture Type: vmknic
Capture Value: vmk0
Capture Direction: input
Capture Mode: standalone
Mode
Basic
Availability
Manager
Display the ARP table.
Example
nsx-manager-1> get arp-table
Protocol Address Hardware Addr Type Interface
Internet 192.168.110.201 00:50:56:a9:8a:8c ether eth0
Internet 192.168.110.101 00:50:56:a9:45:29 ether eth0
Internet 192.168.110.1 68:ef:bd:4e:98:7f ether eth0
Internet 192.168.110.10 00:50:56:a6:e0:14 ether eth0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the ARP table.
Example
nsx-manager-1> get arp-table
Protocol Address Hardware Addr Type Interface
Internet 192.168.110.201 00:50:56:a9:8a:8c ether eth0
Internet 192.168.110.101 00:50:56:a9:45:29 ether eth0
Internet 192.168.110.1 68:ef:bd:4e:98:7f ether eth0
Internet 192.168.110.10 00:50:56:a6:e0:14 ether eth0
Mode
Basic
Availability
Controller, Key Manager, Manager, Policy Manager
Display the ARP table for the logical router in the VRF context.
Example
nsx-edge-1(vrf)> get context arp-table
Logical Router
UUID : d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8
VRF : 6
LR-ID : 6
name : R3
type : DISTRIBUTED_ROUTER
arp
interface : c66fc321-df74-4aaa-835e-95dc815fe7ae
IP : 172.16.130.13
MAC : 00:50:56:8e:3e:0b
state : perm
interface : f6ef3b50-64a0-4948-ab9e-9135963d4b8b
IP : 169.0.0.2
MAC : 02:50:56:00:00:05
state : reach
timeout : 429
interface : be290c92-74ed-437c-bbf1-dd78673b6a5a
IP : 172.16.120.11
MAC : 00:50:56:8e:15:e5
state : reach
timeout : 482
interface : 3c139373-f8f7-441e-aac4-146d9b5ff3a6
IP : 172.16.110.11
MAC : 00:50:56:8e:91:12
state : perm
Mode
VRF, Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Get the amount of time, in seconds, that an account will remain locked
out of the API after exceeding the maximum number of failed
authentication attempts.
Example
nsx> get auth-policy api lockout-period
900 seconds
Mode
Basic
Availability
Manager, Policy Manager
In order to trigger an account lockout, all authentication
failures must occur in this time window. If the reset
period exprires, the failed login count is reset to zero.
Example
nsx> get auth-policy api lockout-reset-period
900 seconds
Mode
Basic
Availability
Manager, Policy Manager
Get the number of failed API authentication attempts that are
allowed before the account is locked. If set to 0, account
lockout is disabled.
Example
nsx> get auth-policy api max-auth-failures
5
Mode
Basic
Availability
Manager, Policy Manager
Get the amount of time, in seconds, that an account will remain locked
out of the CLI after exceeding the maximum number of failed
authentication attempts.
Example
nsx> get auth-policy cli lockout-period
900 seconds
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Get the number of failed CLI authentication attempts that are
allowed before the account is locked. If set to 0, account
lockout is disabled.
Example
nsx> get auth-policy cli max-auth-failures
3
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Get the minimum number of characters that passwords must have.
Example
nsx> get auth-policy minimum-password-length
8 characters
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Get the vidm's properties.
Example
nsx-manager-1> get auth-policy vidm
nsx-manager-1>
vIDM Enabled: True
Hostname: jt-vidm.eng.vmware.com
Thumbprint: 898b75618e3e56615d53f987a720ff22b6381f4b85bec1eb973214ff7361f8b8
Client Id: OAuth2Client_NsxClientId
Node Hostname: jt-nsx.eng.vmware.com
Mode
Basic
Availability
Manager, Policy Manager
Display parameters defined in global logical router BFD
Example
nsx-edge(tier0_sr)> get bfd-config
Logical Router
UUID : d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8
vrf : 6
lr-id : 6
name :
type : SERVICE_ROUTER_TIER0
BFD global configuration
Enabled : True
Min RX Interval: 1000
Min TX Interval: 1000
Min RX TTL : 255
Multiplier : 3
Port : 4451c48f-8cff-4444-8e10-bff403783dca
BFD session configuration
Source : 192.168.50.1
Peer : 192.168.50.10
Enabled : True
Min RX Interval: 1000
Min TX Interval: 1000
RX TTL : 255
Multiplier : 3
Source : 192.168.50.1
Peer : 192.168.50.20
Enabled : True
Min RX Interval: 3000
Min TX Interval: 3000
RX TTL : 255
Multiplier : 5
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display information about the specified BFD session.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> get bfd-session local-ip 192.168.250.60 remote-ip 192.168.250.61
BFD Session
Diag : Control Detection Time Expired(from local)
Forwarding : last true (current true)
Last_down_time : 2016-02-09 22:38:47
Last_up_time : 2016-02-09 22:38:52
Local_address : 192.168.250.60
Remote_address : 192.168.250.61
Remote_diag : No Diagnostic
Remote_state : up
Rx_cfg_min : 500
Rx_interval : 500
State : up
Tx_cfg_min : 100
Tx_interval : 500
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display statistics for the specified BFD session.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> get bfd-session local-ip 192.168.250.60 remote-ip 192.168.250.61 stats
BFD Session
Admin_down_count : 0
Cpath_down_count : 0
Down_count : 1
Local_address : 192.168.250.60
Remote_address : 192.168.250.61
Rx_drop : 0
Rx_drop_admin_down : 0
Rx_drop_auth_set : 0
Rx_drop_bad_version : 0
Rx_drop_intf_unmatch : 0
Rx_drop_multipoint_set: 0
Rx_drop_null_my_disc : 0
Rx_drop_null_your_disc: 0
Rx_drop_pkt_len_unmatch: 0
Rx_drop_pkt_too_short: 0
Rx_drop_rx_ttl_small : 0
Rx_drop_your_disc_unmatch: 0
Rx_drop_zero_multipier: 0
Rx_packets : 44993
Tx_error : 0
Tx_packets : 49249
Up_count : 2
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about BFD sessions.
Example
nsx-edge-1> get bfd-sessions
BFD Session
Diag : Control Detection Time Expired(from local)
Forwarding : last true (current true)
Last_down_time : 2016-02-09 22:38:47
Last_up_time : 2016-02-09 22:38:52
Local_address : 192.168.250.60
Remote_address : 192.168.250.62
Remote_diag : No Diagnostic
Remote_state : up
Rx_cfg_min : 500
Rx_interval : 500
State : up
Tx_cfg_min : 100
Tx_interval : 500
BFD Session
Diag : Control Detection Time Expired(from local)
Forwarding : last true (current true)
Last_down_time : 2016-02-09 22:38:47
Last_up_time : 2016-02-09 22:38:52
Local_address : 192.168.250.60
Remote_address : 192.168.250.61
Remote_diag : No Diagnostic
Remote_state : up
Rx_cfg_min : 500
Rx_interval : 500
State : up
Tx_cfg_min : 100
Tx_interval : 500
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display BFD sessions in a logical router
Example
nsx-edge(tier0_sr)> get bfd-sessions
BFD Session
Dest_port : 3784
Diag : No Diagnostic
Encap : vlan
Forwarding : last false (current false)
Interface : 4451c48f-8cff-4444-8e10-bff403783dca
Last_cp_diag : No Diagnostic
Last_cp_rmt_diag : No Diagnostic
Last_cp_rmt_state : admin_down
Last_cp_state : admin_down
Last_fwd_state : NONE
Local_address : 192.168.50.1
Local_discr : 2830404107
Min_rx_ttl : 255
Multiplier : 5
Prev_failure_diag : No Diagnostic
Received_remote_diag : No Diagnostic
Received_remote_state : down
Remote_address : 192.168.50.20
Remote_admin_down : false
Remote_diag : No Diagnostic
Remote_discr : 0
Remote_min_rx_interval : 0
Remote_min_tx_interval : 0
Remote_multiplier : 0
Remote_state : down
Rx_cfg_min : 3000
Rx_interval : 3000
Session_type : LR_PORT
State : down
Tx_cfg_min : 3000
Tx_interval : 3000
.
.
.
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display the BFD sessions statistics.
Example
nsx-edge-1> get bfd-sessions stats
BFD Global Counters
Bfd_sessions_count : 2
Last_notify_time : 2016-02-09 22:38:52
Last_nsxa_msg_receive_time: 2016-02-09 22:38:52
Nsxa_connect_count : 1
Nsxa_disconnect_count: 0
Nsxa_err_msg_receive_count: 0
Nsxa_msg_receive_count: 166085
Nsxa_notify_count : 107287
Rx_drop_bad_csum : 0
Rx_drop_count : 32
Rx_drop_intf_type : 0
Rx_drop_ip_mismatch : 0
Rx_drop_non_bfd : 0
Rx_drop_non_udp : 0
Rx_drop_null_bfd_session: 32
Rx_drop_null_intf : 0
Rx_drop_runt_pkt : 0
Rx_drop_udp_len : 0
BFD Session
Admin_down_count : 0
Cpath_down_count : 0
Down_count : 1
Local_address : 192.168.250.60
Remote_address : 192.168.250.62
Rx_drop : 0
Rx_drop_admin_down : 0
Rx_drop_auth_set : 0
Rx_drop_bad_version : 0
Rx_drop_intf_unmatch : 0
Rx_drop_multipoint_set: 0
Rx_drop_null_my_disc : 0
Rx_drop_null_your_disc: 0
Rx_drop_pkt_len_unmatch: 0
Rx_drop_pkt_too_short: 0
Rx_drop_rx_ttl_small : 0
Rx_drop_your_disc_unmatch: 0
Rx_drop_zero_multipier: 0
Rx_packets : 44754
Tx_error : 0
Tx_packets : 48989
Up_count : 2
.
.
.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all BGP learned routes.
Example
nsx-edge-1(tier0_sr)> get bgp
Status flags: * - best, I - internal
Origin flags: I - IGP, E - EGP, ! - incomplete
Network Next Hop LocPrf MED AS Path
* 0.0.0.0/0 192.168.100.253 100 0 64521 !
* 10.10.10.0/24 192.168.100.253 100 0 64521 I
* 172.16.110.0/24 169.0.0.1 100 0 !
* 172.16.120.0/24 169.0.0.1 100 0 !
* 172.16.130.0/24 169.0.0.1 100 0 !
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display all BGP NLRI matching the community.
| Option | Description |
|---|---|
| <bgp-community> | BGP community argument, either NO_EXPORT, NO_ADVERTISE, NO_EXPORT_SUBCONFED or community in AA:NN format |
Example
nsx-edge-1(tier0_sr)> get bgp community 100:28
Status flags: * - best, I - internal
Origin flags: I - IGP, E - EGP, ! - incomplete
Network Next Hop LocPrf Weight MED AS Path
* 28.28.28.0/24 192.168.10.3 100 0 0 101 I
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display all BGP neighbor information.
Example
nsx-edge-1(tier0_sr)> get bgp neighbor
BGP neighbor: 192.168.100.253 Remote AS: 64521
BGP state: Established, Up
BFD state: Up
Hold Time: 3s Keepalive Interval: 1s
Capabilities:
4Byte ASN: advertised and received
Route Refresh: advertised and received
Graceful Restart: none
Restart Remaining Time: 0
Address Family: IPv4 Unicast:advertised and received
Messages: 6011 received, 6009 sent
Minimum time between advertisements: 30s (default)
1 Connections established, 1 dropped
Local host: 192.168.100.103, Local port: 52202
Remote host: 192.168.100.253, Remote port: 179
Route Refresh: 0 received, 0 sent
For Address Family IPv4 Unicast:advertised and received
Prefixes: 2 received, 3 sent, 3 advertised
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display information about the specified BGP neighbor.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1(tier0_sr)> get bgp neighbor 192.168.10.12
BGP neighbor: 192.168.10.12 Remote AS: 101
BGP state: Active, Up
BFD state: Init
Hold Time: 0s Keepalive Interval: 0s
Capabilities:
4Byte ASN: None
Route Refresh: None
Graceful Restart: None
Restart Remaining Time: 0
Address Family: None
Messages: 0 received, 0 sent
Minimum time between advertisements: 30s (default)
0 Connections established, 2 dropped
Local host: 0.0.0.0, Local port: 0
Remote host: 192.168.10.12, Remote port: 0
Route Refresh: 0 received, 0 sent
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display routes advertised to the specified BGP neighbor.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1(tier0_sr)> get bgp neighbor 192.168.100.253 advertised-routes
Status flags: * - best, I - internal
Origin flags: I - IGP, E - EGP, ! - incomplete
Network Next Hop LocPrf MED AS Path
172.16.110.0/24 192.168.100.103 0 0 64520 !
172.16.120.0/24 192.168.100.103 0 0 64520 !
172.16.130.0/24 192.168.100.103 0 0 64520 !
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display routes learned from the specified BGP neighbor.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1(tier0_sr)> get bgp neighbor 192.168.100.253 routes
Status flags: * - best, I - internal
Origin flags: I - IGP, E - EGP, ! - incomplete
Network Next Hop LocPrf MED AS Path
* 0.0.0.0/0 192.168.100.253 100 0 64521 !
* 10.10.10.0/24 192.168.100.253 100 0 64521 I
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display summarized BGP neighbor information.
Example
nsx-edge-1(tier0_sr)> get bgp neighbor summary
BFD States: NC - Not configured, AC - Activating, DC - Disconnected
AD - Admin down, DW - Down, IN - Init, UP - Up
BGP summary information for VRF default
Router ID: 192.168.10.2 Local AS: 100
Neighbor AS State Up/DownTime BFD InMsgs OutMsgs InPfx OutPfx
192.168.10.11 101 Establ 0d1h6m1s UP 680 778 9 3
192.168.10.12 101 Active 0d0h0m0s IN 0 0 0 0
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display the bond interface with the specified name. Specify the
stats argument to display the statistics for the interface.| Option | Description |
|---|---|
| <bond-name> | Datapath device name argument |
Example
nsx-edge-1> get bond bond0
Bond
Hash algorithm : layer 2+3+4
Mode : lacp active
Name : bond0
Port id : 2
Slaves :
Name : fp-eth0
LACP state :
Local admin key : 11
Local oper key : 11
Local oper port state : ACT FTO AGG DEF
Local port internal state: LACP_ENABLED
Local port number : 1
Local port priority : 255
Local port rx machine state: DEFAULTED
Local timeout cfg : fast
Partner age in sec : 2
Partner device id : 00:00:00:00:00:00
Partner mode : LACP passive
Partner oper key : 0
Partner oper port state:
Partner port number : 0
Partner port priority : 0
Partner timeout cfg : slow
State : stand-alone
State : active
Name : fp-eth1
LACP state :
Local admin key : 11
Local oper key : 11
Local oper port state : ACT FTO AGG DEF
Local port internal state: LACP_ENABLED
Local port number : 2
Local port priority : 255
Local port rx machine state: DEFAULTED
Local timeout cfg : fast
Partner age in sec : 2
Partner device id : 00:00:00:00:00:00
Partner mode : LACP passive
Partner oper key : 0
Partner oper port state:
Partner port number : 0
Partner port priority : 0
Partner timeout cfg : slow
State : stand-alone
State : active
Status : up
nsx-edge-1> get bond bond0 stats
Bond
Name : bond0
Slaves :
Name : fp-eth0
LACP drops : 0
Rx LACP errors : 0
Rx LACP pdus : 10
Tx LACP errors : 0
Tx LACP pdus : 10
Name : fp-eth1
LACP drops : 0
Rx LACP errors : 0
Rx LACP pdus : 10
Tx LACP errors : 0
Tx LACP pdus : 10
name : bond0
rx_bytes : 1488
rx_drop_no_match : 0
rx_errors : 0
rx_misses : 0
rx_nombufs : 0
rx_packets : 12
tx_bytes : 0
tx_drops : 0
tx_errors : 0
tx_packets : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all bond interfaces. Specify the
stats argument to display the statistics for the interfaces.Example
nsx-edge-1> get bonds
Bond
Hash algorithm : layer 2+3+4
Mode : lacp active
Name : bond0
Port id : 2
Slaves :
Name : fp-eth0
LACP state :
Local admin key : 11
Local oper key : 11
Local oper port state : ACT FTO AGG DEF
Local port internal state: LACP_ENABLED
Local port number : 1
Local port priority : 255
Local port rx machine state: DEFAULTED
Local timeout cfg : fast
Partner age in sec : 2
Partner device id : 00:00:00:00:00:00
Partner mode : LACP passive
Partner oper key : 0
Partner oper port state:
Partner port number : 0
Partner port priority : 0
Partner timeout cfg : slow
State : stand-alone
State : active
Name : fp-eth1
LACP state :
Local admin key : 11
Local oper key : 11
Local oper port state : ACT FTO AGG DEF
Local port internal state: LACP_ENABLED
Local port number : 2
Local port priority : 255
Local port rx machine state: DEFAULTED
Local timeout cfg : fast
Partner age in sec : 2
Partner device id : 00:00:00:00:00:00
Partner mode : LACP passive
Partner oper key : 0
Partner oper port state:
Partner port number : 0
Partner port priority : 0
Partner timeout cfg : slow
State : stand-alone
State : active
Status : up
nsx-edge-1> get bonds stats
Bond
Name : bond0
Slaves :
Name : fp-eth0
LACP drops : 0
Rx LACP errors : 0
Rx LACP pdus : 10
Tx LACP errors : 0
Tx LACP pdus : 10
Name : fp-eth1
LACP drops : 0
Rx LACP errors : 0
Rx LACP pdus : 10
Tx LACP errors : 0
Tx LACP pdus : 10
name : bond0
rx_bytes : 1488
rx_drop_no_match : 0
rx_errors : 0
rx_misses : 0
rx_nombufs : 0
rx_packets : 12
tx_bytes : 0
tx_drops : 0
tx_errors : 0
tx_packets : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about the specified bridge.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
esx-1> get bridge 69377c84-c661-4935-956b-e42399411b2b
Bridge
-------------------------------------------------------------------------------------
Bridge UUID : 69377c84-c661-4935-956b-e42399411b2b
DVS name : nsxvswitch
Ref count : 2
Number of networks : 2
Number of uplinks : 0
Mode
Basic
Availability
ESXi
Display MAC table for the specified bridge.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
esx-1> get bridge 255e190d-2a9e-4ca0-917e-80dfbb89ac34 mac-table
Bridge MAC Table
-----------------------------------------------------------------------------------------------
MAC Address Type VLAN ID VXLAN ID Destination Port Age
===============================================================================================
00:50:56:86:7c:9f Dynamic 0 33672 50331650 2
00:50:56:86:ee:f1 Dynamic 16 0 50331650 2
Mode
Basic
Availability
ESXi
Display networks on the specified bridge.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
esx-1> get bridge 69377c84-c661-4935-956b-e42399411b2b networks
Bridge Networks
-----------------------------------------------------------------------------------------------
Network name : vxlan-48009-type-bridging
Ref count : 2
Network type : 1
VLAN ID : 0
VXLAN ID : 48009
Ageing time : 300
Fdb entry hold time : 1
FRP filter enable : True
port ID : 50331679
Ref count : 1
VLAN ID : 4095
IOChains installed : 0
Network name : vlan-150-type-bridging
Ref count : 2
Network type : 1
VLAN ID : 150
VXLAN ID : 0
Ageing time : 300
Fdb entry hold time : 1
FRP filter enable : True
port ID : 50331679
Ref count : 1
VLAN ID : 4095
IOChains installed : 0
Mode
Basic
Availability
ESXi
Display information about bridges on this bridge node.
Example
esx-1> get bridges
Bridges Summary
----------------------------------------------------------------------
Bridge UUID Number of networks Ref count
69377c84-c661-4935-956b-e42399411b2b 2 1
Mode
Basic
Availability
ESXi
Display information for the specified packet capture session.
| Option | Description |
|---|---|
| <session-id-arg> | Packet capture session id parameter |
Example
nsx-manager-leng5> get capture session 0fea2cac-5a13-44cf-b92e-b63f69572268
Session ID: 0fea2cac-5a13-44cf-b92e-b63f69572268
Session Status: stopped
Start Time: 2018-07-31 07:11:54
Stop Time: 2018-07-31 07:12:10
Request:
Node: af1c570b-f78d-4ea3-8858-219f9fe73511
Capture Type: vmknic
Capture Value: vmk0
Capture Direction: input
Capture Mode: standalone
Mode
Basic
Availability
Manager
Display information about the specified packet capture session.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed pattern: ^[0-9]+$ |
Example
esx-1> get capture session 1
Packet Capture Session
ID : 1
PORT : b2dce32f-8312-4c10-a7fe-320d4cb226ff
VNI : 24580
Mode
Basic
Availability
ESXi
Display information about the specified packet capture session.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
Example
nsx-edge-1> get capture session 1
Packet Capture Session
ID : 1
PORTS : ['fp-eth0', 'fp-eth1']
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about the specified packet capture session.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
Example
kvm-1> get capture session 1
Packet Capture Session
ID : 1
PORTS : ['b592a7c8-4e21-493e-b0fc-0b1d152c949c']
Mode
Basic
Availability
KVM
Display configured packet capture sessions. Session 0 is reserved for captures started with the
start capture interface <interface-name> command.Example
kvm-1> get capture sessions
Packet Capture Session
ID : 0
PORTS : []
Packet Capture Session
ID : 1
PORTS : ['b592a7c8-4e21-493e-b0fc-0b1d152c949c']
Packet Capture Session
ID : 2
PORTS : ['b592a7c8-4e21-493e-b0fc-0b1d152c949c', 'd0c59cee-6095-5eeb-815b-ae6732d749e4']
Packet Capture Session
ID : 3
PORTS : []
Mode
Basic
Availability
KVM
Display configured packet capture sessions.
Example
esx-1> get capture sessions
Packet Capture Session
ID : 0
PORT : b2dce32f-8312-4c10-a7fe-320d4cb226ff
VNI : 24580
Packet Capture Session
ID : 1
PORT : 10
Packet Capture Session
ID : 2
TRACE : True
Packet Capture Session
ID : 3
PORT : uplink1
Mode
Basic
Availability
ESXi
Display configured packet capture sessions. Session 0 is reserved for captures started with the
start capture interface <interface-name> command.Example
nsx-edge-1> get capture sessions
Packet Capture Session
ID : 0
PORTS : []
Packet Capture Session
ID : 1
PORTS : ['fp-eth0', 'fp-eth1']
Packet Capture Session
ID : 2
PORTS : ['d0c59cee-6095-5eeb-815b-ae6732d749e4']
Packet Capture Session
ID : 3
PORTS : []
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the API server's certificate.
Example
nsx-manager-1> get certificate api
-----BEGIN CERTIFICATE-----
MIIDfzCCAmegAwIBAgIEVQEDTTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzELMAkGA1UE
...
/JbzbimmEgaC3Yy5rOZXUnhn+dANkUShIeGIpOnH7rpLrrPYcB1Hx31jieY=
-----END CERTIFICATE-----
Mode
Basic
Availability
Manager, Policy Manager
Display the API server's certificate thumbprint.
Example
nsx-manager-1> get certificate api thumbprint
82d99b793ff84f1f1f01f420656975522a03b9bebe87c50bcff80e7d3ebe8705
Mode
Basic
Availability
Manager, Policy Manager
Display the clsuter certificate.
Example
nsx-manager-1> get certificate cluster
-----BEGIN CERTIFICATE-----
MIIDfjCCAmagAwIBAgIETzOK8zANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJV
...
QaWyyFxNFfuCLibJPuiO5scGJmGB6UvZLGt/7stcuLIQ3A==
-----END CERTIFICATE-----
Mode
Basic
Availability
Manager, Policy Manager
Display the cluster certificate thumbprint.
Example
nsx-manager-1> get certificate cluster thumbprint
40a5d453ea43ef1e21597d9d14749d4c6b0874402ed0b4c2d6a212a4fe7819c5
Mode
Basic
Availability
Manager, Policy Manager
Display the translations for the specified container group. Optionally specify a translation type to display translations of that type.
| Option | Description |
|---|---|
| <uuid> | Cgroup identifier |
| <translation-type> | Translation type Allowed values: logical-objects, ips, vifs, macs |
Example
nsx-controller-1> get cgroup 2d22c229-bffb-405a-8246-8e50c01d1fc6 logical-objects
id: 2d22c229-bffb-405a-8246-8e50c01d1fc6, type: Container
id: 1d467d11-df42-4eff-96d0-3018c0fc6e93, type: Container
id: 6e05fa9f-72d2-4102-8970-d93a301b93d8, type: Container
Mode
Basic
Availability
Controller
Display all container groups.
Example
nsx-controller-1> get cgroups
id: 2d22c229-bffb-405a-8246-8e50c01d1fc6, type: Container
id: 31c4853f-3e2e-458b-ad64-6164c66ebb66, type: Container
id: fb4781b1-a748-4009-bfa6-06ab7edeb98e, type: Container
id: d807d5d9-f9ca-4863-8ab5-b209ba42ed64, type: Container
Mode
Basic
Availability
Controller
Display container groups with the specified IP address.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-controller-1> get cgroups with ip 192.168.1.2
id: fb4781b1-a748-4009-bfa6-06ab7edeb98e, type: Container
Mode
Basic
Availability
Controller
Display container groups with the specified MAC address.
| Option | Description |
|---|---|
| <hardware-address> | Network hardware address argument |
Example
nsx-controller-1> get cgroups with mac 00:50:56:8e:13:51
id: 31c4853f-3e2e-458b-ad64-6164c66ebb66, type: Container
Mode
Basic
Availability
Controller
Display container groups with the specified network interface.
| Option | Description |
|---|---|
| <vif> | VIF ID |
Example
nsx-controller-1> get cgroups with vif vif-15
id: d807d5d9-f9ca-4863-8ab5-b209ba42ed64, type: Container
Mode
Basic
Availability
Controller
Show inactivity timeout in seconds.
Example
nsx> get cli-timeout
1200 seconds
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display the current date and time.
Example
nsx> get clock
Sat Dec 12 2015 UTC 00:11:33.168
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display configuration settings in command line syntax.
Example
nsx> get configuration
!
set route prefix 0.0.0.0/0 gateway 192.168.110.1 interface eth0
set route prefix 192.168.110.0/24 interface eth0
set search-domains example.com
set timezone Etc/UTC
set name-servers 192.168.110.10
set ntp-server 0.ubuntu.pool.ntp.org
set ntp-server 1.ubuntu.pool.ntp.org
set ntp-server 2.ubuntu.pool.ntp.org
set ntp-server 3.ubuntu.pool.ntp.org
set ntp-server ntp.ubuntu.com
set hostname nsx
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display control channel connection information for the specified hypervisor host.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-controller-1> get control-channel ip 192.168.210.51 connection
Host-IP Port ID
192.168.210.51 27386 648
Mode
Basic
Availability
Controller
Display control channel connection statistics for the specified hypervisor host.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-controller-1> get control-channel ip 192.168.210.51 connection-stats
messages.received 43352
messages.received.dropped 0
messages.transmitted 43429
messages.transmit.dropped 0
Mode
Basic
Availability
Controller
Display statistics for the controller to hypervisor control channel.
Example
nsx-controller-1> get control-channel stats
messages.received 86928
messages.received.dropped 0
messages.transmitted 87784
messages.transmit.dropped 0
messages.processing.dropped 0
connections.up 5
connections.down 3
connections.timeout 3
connections.active 2
Mode
Basic
Availability
Controller
Display statistics over time for the controller to hypervisor control channel.
Example
nsx-controller-1> get control-channel stats-sample
23:56:30 23:56:40 23:56:50 23:57:00 23:57:10 23:57:20 23:57:30 23:57:40 23:57:50 23:58:00
messages.received 86922 86924 86926 86928 86930 86932 86934 86936 86938 86940
messages.received.dropped 0 0 0 0 0 0 0 0 0 0
messages.transmitted 87778 87780 87782 87784 87786 87788 87790 87792 87794 87796
messages.transmit.dropped 0 0 0 0 0 0 0 0 0 0
messages.processing.dropped 0 0 0 0 0 0 0 0 0 0
connections.up 5 5 5 5 5 5 5 5 5 5
connections.down 3 3 3 3 3 3 3 3 3 3
connections.timeout 3 3 3 3 3 3 3 3 3 3
connections.active 2 2 2 2 2 2 2 2 2 2
Mode
Basic
Availability
Controller
Display the controller cluster thumbprint. The security model for this controller must be set before using this command. Use the
set control-cluster security-model command to set the security model.Example
nsx-controller-1> get control-cluster certificate thumbprint
b821493e3cbf1f04af002fae2d44c1dc7459793bdf4385794b0903efa497dbeb
Mode
Basic
Availability
Controller
Get the controller cluster status.
Example
nsx-controller-1> get control-cluster status
uuid: a463a496-d8fe-4135-a60a-665333a5624a
is master: true
in majority: true
uuid address status
a463a496-d8fe-4135-a60a-665333a5624a 192.168.110.108 active
32ccb0aa-d74a-44f4-b76a-12716a759e32 192.168.110.109 active
b49e4c31-1d2e-4600-9fed-66ae1d8862b9 192.168.110.110 active
Mode
Basic
Availability
Controller
Get verbose controller cluster status.
Example
nsx-controller-1> get control-cluster status verbose
NSX Controller Status:
uuid: 9d61f3df-60d3-4c02-a6dc-75237ec5edbe
is master: false
in majority: true
uuid address status
adc96b47-8067-49c0-98cc-d427f5ab2406 10.160.95.64 active
9d61f3df-60d3-4c02-a6dc-75237ec5edbe 10.161.4.7 active
27634f7c-b905-4c26-967c-9252acbf6db2 10.161.8.34 active
Cluster Management Server Status:
uuid rpc address rpc port global id vpn address status
64bb9678-af32-4658-973c-e6a77bdfffd1 10.161.4.7 7777 1 10.0.0.1 connected
2c7396cb-9612-4b6f-b006-81c0bd21b791 10.161.8.34 7777 2 10.0.0.2 connected
db0b6963-65c6-4405-96d9-153a79c7f3f4 10.160.95.64 7777 3 10.0.0.3 connected
Zookeeper Ensemble Status:
Zookeeper Server IP: 10.0.0.1, reachable, ok
Zookeeper version: 3.5.1-alpha--1, built on 12/03/2015 14:18 GMT
Latency min/avg/max: 0/0/105
Received: 93104
Sent: 93324
Connections: 7
Outstanding: 0
Zxid: 0x100000215
Mode: leader
Node count: 51
Connections:
/10.0.0.3:47335[1](queued=0,recved=6189,sent=6197,sid=0x10000104d2c0044,lop=PING,est=1450333546218,to=40000,lcxid=0xac,lzxid=0x100000215,lresp=189591062,llat=1,minlat=0,avglat=0,maxlat=7)
/10.0.0.2:51511[1](queued=0,recved=18826,sent=18826,sid=0x10000104d2c0009,lop=PING,est=1450225468496,to=30000,lcxid=0x3,lzxid=0x100000215,lresp=189582555,llat=0,minlat=0,avglat=0,maxlat=8)
/10.0.0.2:51510[1](queued=0,recved=18825,sent=18825,sid=0x10000104d2c0008,lop=PING,est=1450225468464,to=30000,lcxid=0x2,lzxid=0x100000215,lresp=189582631,llat=0,minlat=0,avglat=0,maxlat=6)
/10.0.0.3:47332[1](queued=0,recved=6272,sent=6274,sid=0x10000104d2c0043,lop=PING,est=1450333540372,to=40000,lcxid=0xfa,lzxid=0x100000215,lresp=189579900,llat=1,minlat=0,avglat=0,maxlat=10)
/10.0.0.1:56383[0](queued=0,recved=1,sent=0)
/10.0.0.1:51741[1](queued=0,recved=18857,sent=18862,sid=0x10000104d2c0002,lop=PING,est=1450225325339,to=30000,lcxid=0x13,lzxid=0x100000215,lresp=189587874,llat=0,minlat=0,avglat=0,maxlat=6)
/10.0.0.2:51543[1](queued=0,recved=14277,sent=14339,sid=0x10000104d2c0011,lop=PING,est=1450225548462,to=40000,lcxid=0xb0,lzxid=0x100000215,lresp=189580439,llat=0,minlat=0,avglat=0,maxlat=14)
Zookeeper Server IP: 10.0.0.2, reachable, ok
Zookeeper version: 3.5.1-alpha--1, built on 12/03/2015 14:18 GMT
Latency min/avg/max: 0/0/71
Received: 44056
Sent: 44151
Connections: 4
Outstanding: 0
Zxid: 0x100000215
Mode: follower
Node count: 51
Connections:
/10.0.0.1:58497[1](queued=0,recved=14717,sent=14735,sid=0x20000127d000005,lop=GETC,est=1450226200991,to=40000,lcxid=0x292,lzxid=0x100000215,lresp=189546742,llat=0,minlat=0,avglat=0,maxlat=42)
/10.0.0.1:58499[1](queued=0,recved=14160,sent=14203,sid=0x20000127d000006,lop=PING,est=1450226201030,to=40000,lcxid=0x6b,lzxid=0xffffffffffffffff,lresp=189540338,llat=0,minlat=0,avglat=0,maxlat=43)
/10.0.0.1:34844[0](queued=0,recved=1,sent=0)
/10.0.0.2:36754[1](queued=0,recved=14548,sent=14566,sid=0x20000127d000004,lop=PING,est=1450226200562,to=40000,lcxid=0x1df,lzxid=0xffffffffffffffff,lresp=189549590,llat=0,minlat=0,avglat=0,maxlat=40)
Zookeeper Server IP: 10.0.0.3, reachable, ok
Zookeeper version: 3.5.1-alpha--1, built on 12/03/2015 14:18 GMT
Latency min/avg/max: 0/6/57
Received: 63
Sent: 62
Connections: 1
Outstanding: 0
Zxid: 0x100000215
Mode: follower
Node count: 51
Connections:
/10.0.0.1:54356[0](queued=0,recved=1,sent=0)
Mode
Basic
Availability
Controller
Display the controllers connected to this node.
Example
nsx> get controllers
Controller IP Port SSL Status Is Physical Master Session State Controller FQDN
NA 1234 enabled not used false null CCP1.COM
10.160.193.174 1234 enabled connected true up CCP2.COM
NA 1234 enabled not used false null CCP3.COM
Mode
Basic
Availability
Edge, ESXi, KVM, Public Cloud Gateway
Display the system CPU information.
Example
nsx-manager-1> get cpu-stats
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 62
model name : Intel(R) Xeon(R) CPU E5-2440 v2 @ 1.90GHz
stepping : 4
microcode : 0x427
cpu MHz : 1900.000
cache size : 20480 KB
physical id : 0
siblings : 1
core id : 0
cpu cores : 1
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm ida arat pln pts dtherm fsgsbase tsc_adjust smep
bogomips : 3800.00
clflush size : 64
cache_alignment : 64
address sizes : 42 bits physical, 48 bits virtual
power management:
processor : 1
vendor_id : GenuineIntel
cpu family : 6
model : 62
model name : Intel(R) Xeon(R) CPU E5-2440 v2 @ 1.90GHz
stepping : 4
microcode : 0x427
cpu MHz : 1900.000
cache size : 20480 KB
physical id : 2
siblings : 1
core id : 0
cpu cores : 1
apicid : 2
initial apicid : 2
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm ida arat pln pts dtherm fsgsbase tsc_adjust smep
bogomips : 3800.00
clflush size : 64
cache_alignment : 64
address sizes : 42 bits physical, 48 bits virtual
power management:
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display information about the current interface.
Example
nsx-edge-1(path)> get current
{
"admin": "up",
"enable-firewall": false,
"enable-span": false,
"force-reassemble": false,
"ifuid": 289,
"ifuuid": "de650f56-276d-46ef-959e-960752acfe19",
"internal_operation": "up",
"ipns": [
"192.168.130.3/24"
],
"lrouter": "f2a25dd6-4ceb-4bf5-8ad5-3e80d2970d60",
"mac": "02:50:56:00:00:04",
"mtu": 1600,
"peer": "54710465-99a0-481b-ac04-2ff4eda2f270",
"redirect-to-kernel": true,
"stats": {
"rx_bytes": 1564840,
"rx_drop_blocked": 0,
"rx_drop_dst_unsupported": 0,
"rx_drop_firewall": 0,
"rx_drop_ip_options": 0,
"rx_drop_ipv6": 0,
"rx_drop_kni": 0,
"rx_drop_l4port_unsupported": 0,
"rx_drop_malformed": 0,
"rx_drop_no_receiver": 0,
"rx_drop_no_route": 0,
"rx_drop_proto_unsupported": 0,
"rx_drop_rpf_check": 0,
"rx_drop_ttl_exceeded": 3,
"rx_drops": 3,
"rx_frag_error": 0,
"rx_frag_ok": 0,
"rx_frag_timeout": 0,
"rx_frags": 0,
"rx_pkts": 23609,
"tx_bytes": 957372,
"tx_drop_blocked": 0,
"tx_drop_firewall": 0,
"tx_drop_frag_needed": 0,
"tx_drop_no_arp": 0,
"tx_drops": 0,
"tx_frag_error": 0,
"tx_frag_ok": 0,
"tx_pkts": 14312
},
"ttl": 1,
"type": "lif",
"urpf-mode": "STRICT_MODE"
}
or
nsx-edge-1(path)> get current
{
"ifuid": 285,
"ifuuid": "9eff9e4e-9157-4107-a0dd-c79350dce6f7",
"lswitch": "d5af58f5-0616-46fd-af83-242d82983c65",
"peer": "140ca8de-61e0-4bba-b429-6a3791b0846a",
"stats": {
"rx_bytes": 9150,
"rx_drop_l2_loop": 0,
"rx_drop_malformed": 0,
"rx_drop_no_match": 0,
"rx_drops": 0,
"rx_pkts": 127,
"tx_bytes": 2807,
"tx_drop_no_mem": 0,
"tx_drops": 0,
"tx_pkts": 38
}
}
Mode
Path
Availability
Edge, Public Cloud Gateway
Display the datum ID(s) and span(s) for the specified message ID.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get data c22a70f9-c592-49fb-9df7-33b161160354
id: c22a70f9-c592-49fb-9df7-33b161160354, type: vmware.nsx.nestdb.RuleSectionMsg
span: 7c72c4ae-8fe8-4449-a4e2-c5e53ab0bb4f, 6ca7e1fc-1690-450f-aad3-a2f642fb70c5
Mode
Basic
Availability
Controller
Display datum ID(s) for the specified receiver.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get data with receiver 7c72c4ae-8fe8-4449-a4e2-c5e53ab0bb4f
id: c22a70f9-c592-49fb-9df7-33b161160354, type: vmware.nsx.nestdb.RuleSectionMsg
id: 7c72c4ae-8fe8-4449-a4e2-c5e53ab0bb4f, type: vmware.nsx.nestdb.TransportNodeConfigMsg
id: 4e5d3a8c-5be8-4df6-9a0f-b0458715b036, type: vmware.nsx.nestdb.IpfixConfigurationMsg
id: 73f0fe85-4b28-42d3-8b7c-94cec3879451, type: vmware.nsx.nestdb.RuleSectionMsg
id: 00000000-0000-0000-0000-000000000001, type: vmware.nsx.nestdb.RuleMsg
id: 00000000-0000-0000-0000-000000000002, type: vmware.nsx.nestdb.RuleMsg
status: synced
Mode
Basic
Availability
Controller
Display Data Plane Development Kit (DPDK) configurations, which include fastpath cores, hugepage reserved, NUMA, physical port bindings, etc.
Example
nsx-edge-1> get dataplane
Bfd_ring_size : 512
Corelist : 0
Ctrl_prio_on : True
Fc_max_mem_percore : 394
Fc_mega_cache_size : 262144
Fc_mega_hard_timeout_ms: 423
Fc_mega_soft_timeout_ms: 353
Fc_micro_cache_size: 262144
Firewall_flow_cache_on: 1
Firewall_max_purge_rate: 5
Firewall_max_sessions: 8388608
Firewall_purge_timeout_ms: 10
Firewall_timer_resolution_ms: 50
Flow_cache_mega : True
Flow_cache_micro : True
Hugepage_mem : 1974
Intr_mode_on : True
Ip_reass4_gc_period: 2
Ip_reass4_interfrag_ms: 1000
Ip_reass4_max_ms : 5000
Ip_reass4_maxq_len : 45
Ip_reass4_qhash_order: 8
Ip_reass4_qlist_order: 9
Lacp_ring_size : 512
Learning_ring_size : 512
Link_speed : 0
Mainloop_sleep_threshold: 10
Mainloop_wait_timeout_ms: 1
Mbuf_pool_size : 48128
N_mem_channel : 3
Numa_on : True
Pkt_queue_limit : 0
Pkt_queue_rx_burst_size: 128
Pkt_seg_pnic_limit : 24
Prio_rx_queue_per_core: 8
Rss : c0=0:2:1
Rx_queue_per_core : 8
Rx_ring_size : 512
Slowpath_ring_size : 512
Stt_frag_queue_expire_ms: 3000
Stt_mbuf_queued_limit: 16000
Stt_reass_gc_period_ms: 3000
Tx_ring_size : 512
Devices:
Device_id : 0x07b0
Name : fp-eth0
Numa_node : -1
Pci : 0000:0b:00.00
Vendor : 0x15ad
Device_id : 0x07b0
Name : fp-eth1
Numa_node : -1
Pci : 0000:13:00.00
Vendor : 0x15ad
Device_id : 0x07b0
Name : fp-eth2
Numa_node : -1
Pci : 0000:1b:00.00
Vendor : 0x15ad
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display data plane cpu statistics.
Example
nsx-edge-1> get dataplane cpu stats
CPU Usage
Core : 0
Kni : 0 pps
Rx : 0 pps
Slowpath : 0 pps
Tx : 0 pps
Usage : 0%
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the flow cache configurations.
Example
nsx-edge-1> get dataplane flow-cache config
Enabled : true
Mega_hard_timeout_ms: 4944
Mega_size : 262144
Mega_soft_timeout_ms: 4874
Micro_size : 262144
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display flow cache statistics for all fastpath cores.
Example
nsx-edge-1> get dataplane flow-cache stats
Micro
Core : 0
Active : 0/262144
Dont cache : 0
Hit rate : 0%
Hits : 0
Insertions : 0
Misses : 1602651
Skipped : 1018653
Bucket collisions : 0
Key collisions : 0
Mega
Core : 0
Active : 0/262144
Dont cache : 2693444
Hit rate : 0%
Hits : 0
Insertions : 0
Misses : 1602651
Skipped : 1018653
Bucket collisions : 0
Key collisions : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the flow cache statistics for the specified fastpath cores.
| Option | Description |
|---|---|
| <lcore-list-all> | Specify a list of lcore ids or "all" Allowed pattern: ^([0-9]+,)*([0-9]+)$|(all)$ |
Example
nsx-edge-1> get dataplane flow-cache stats 0
Micro
Core : 0
Active : 0/262144
Dont cache : 0
Hit rate : 0%
Hits : 0
Insertions : 0
Misses : 1602797
Skipped : 1018748
Bucket collisions : 0
Key collisions : 0
Mega
Core : 0
Active : 0/262144
Dont cache : 2693695
Hit rate : 0%
Hits : 0
Insertions : 0
Misses : 1602797
Skipped : 1018748
Bucket collisions : 0
Key collisions : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display data plane memory statistics.
Example
nsx-edge-1> get dataplane memory stats
Memory Usage
Available_entries : 55712
Available_entries_in_cache : 39
Cache_size_per_core : 128
Name : mbuf_pool_socket_0
Per_core_cache
Available_entries : 39
Core_id : 0
Size : 56704
Available_entries : 17407
Cache_size_per_core : 0
Name : sp_pktmbuf_pool
Size : 17408
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display data plane performance statistics.
| Option | Description |
|---|---|
| <interval> | Specify sample interval |
Example
nsx-edge-1> get dataplane perfstats 2
[
{
"CpuStats": [
{
"core": "0",
"tx": "0 pps",
"kni": "0 pps",
"rx": "0 pps",
"intercore": "0 pps",
"usage": "0%",
"slowpath": "0 pps"
},
{
"core": "1",
"tx": "0 pps",
"kni": "0 pps",
"rx": "0 pps",
"intercore": "0 pps",
"usage": "0%",
"slowpath": "0 pps"
},
{
"core": "2",
"tx": "0 pps",
"kni": "0 pps",
"rx": "0 pps",
"intercore": "0 pps",
"usage": "0%",
"slowpath": "0 pps"
},
{
"core": "3",
"tx": "0 pps",
"kni": "0 pps",
"rx": "0 pps",
"intercore": "0 pps",
"usage": "0%",
"slowpath": "0 pps"
}
]
},
{
"PortStats": [
{
"RxPkts": 5.0,
"RxTput": 375.0,
"TxThput": 309.0,
"PortID": "fp-eth0",
"TxPkts": 4.0
},
{
"RxPkts": 0.0,
"RxTput": 0.0,
"TxThput": 0.0,
"PortID": "fp-eth1",
"TxPkts": 0.0
},
{
"RxPkts": 0.0,
"RxTput": 0.0,
"TxThput": 0.0,
"PortID": "fp-eth2",
"TxPkts": 0.0
}
]
},
{
"FlowCacheStats": {
"micro": [
{
"core": "0",
"hits": "0",
"skipped": "1235795",
"insertions": "0",
"active": "0/262144",
"misses": "0",
"bucket collisions": "0",
"dont cache": "0",
"key collisions": "0",
"hit rate": "n/a"
},
{
"core": "1",
"hits": "0",
"skipped": "19380",
"insertions": "0",
"active": "0/262144",
"misses": "1104864",
"bucket collisions": "0",
"dont cache": "0",
"key collisions": "0",
"hit rate": "0%"
},
{
"core": "2",
"hits": "0",
"skipped": "9701",
"insertions": "0",
"active": "0/262144",
"misses": "2754887",
"bucket collisions": "0",
"dont cache": "0",
"key collisions": "0",
"hit rate": "0%"
},
{
"core": "3",
"hits": "0",
"skipped": "8",
"insertions": "0",
"active": "0/262144",
"misses": "904935",
"bucket collisions": "0",
"dont cache": "0",
"key collisions": "0",
"hit rate": "0%"
}
],
"mega": [
{
"core": "0",
"hits": "0",
"skipped": "1235795",
"insertions": "0",
"active": "0/262144",
"misses": "0",
"bucket collisions": "0",
"dont cache": "6567381",
"key collisions": "0",
"hit rate": "n/a"
},
{
"core": "1",
"hits": "0",
"skipped": "19380",
"insertions": "0",
"active": "0/262144",
"misses": "1104864",
"bucket collisions": "0",
"dont cache": "2932004",
"key collisions": "0",
"hit rate": "0%"
},
{
"core": "2",
"hits": "0",
"skipped": "9701",
"insertions": "0",
"active": "0/262144",
"misses": "2754887",
"bucket collisions": "0",
"dont cache": "3457790",
"key collisions": "0",
"hit rate": "0%"
},
{
"core": "3",
"hits": "0",
"skipped": "8",
"insertions": "0",
"active": "0/262144",
"misses": "904935",
"bucket collisions": "0",
"dont cache": "2503080",
"key collisions": "0",
"hit rate": "0%"
}
]
}
},
{
"NUMAStats": "CPU model not supported"
},
{
"PerfStats": "CPU model not supported"
}
]
Mode
Basic
Availability
Edge, Public Cloud Gateway
Calculate all nics throughput given an interval
| Option | Description |
|---|---|
| <time> | Time measurement in seconds Allowed pattern: [1-9][0-9]*$ |
Example
nsx-edge-1> get physical-port throughput 1
{
"fp-eth0": {
"rx Gbps": 0,
"rx K err/s": 0,
"rx MB/s": 0,
"rx k_err/s": 0,
"rx k_miss/s": 0,
"rx k_no_mbufs/s": 0,
"rx kpps": 0,
"tx Gbps": 0,
"tx K drops/s": 0,
"tx MB/s": 0,
"tx kpps": 0
},
"fp-eth1": {
"rx Gbps": 0,
"rx K err/s": 0,
"rx MB/s": 0,
"rx k_err/s": 0,
"rx k_miss/s": 0,
"rx k_no_mbufs/s": 0,
"rx kpps": 0,
"tx Gbps": 0,
"tx K drops/s": 0,
"tx MB/s": 0,
"tx kpps": 0
},
"fp-eth2": {
"rx Gbps": 0,
"rx K err/s": 0,
"rx MB/s": 0,
"rx k_err/s": 0,
"rx k_miss/s": 0,
"rx k_no_mbufs/s": 0,
"rx kpps": 0,
"tx Gbps": 0,
"tx K drops/s": 0,
"tx MB/s": 0,
"tx kpps": 0
},
"fp-eth3": {
"rx Gbps": 0,
"rx K err/s": 0,
"rx MB/s": 0,
"rx k_err/s": 0,
"rx k_miss/s": 0,
"rx k_no_mbufs/s": 0,
"rx kpps": 0,
"tx Gbps": 0,
"tx K drops/s": 0,
"tx MB/s": 0,
"tx kpps": 0
},
"fp-eth4": {
"rx Gbps": 0,
"rx K err/s": 0,
"rx MB/s": 0,
"rx k_err/s": 0,
"rx k_miss/s": 0,
"rx k_no_mbufs/s": 0,
"rx kpps": 0,
"tx Gbps": 0,
"tx K drops/s": 0,
"tx MB/s": 0,
"tx kpps": 0
},
"fp-eth5": {
"rx Gbps": 0,
"rx K err/s": 0,
"rx MB/s": 0,
"rx k_err/s": 0,
"rx k_miss/s": 0,
"rx k_no_mbufs/s": 0,
"rx kpps": 0,
"tx Gbps": 0,
"tx K drops/s": 0,
"tx MB/s": 0,
"tx kpps": 0
},
"fp-eth6": {
"rx Gbps": 0,
"rx K err/s": 0,
"rx MB/s": 0,
"rx k_err/s": 0,
"rx k_miss/s": 0,
"rx k_no_mbufs/s": 0,
"rx kpps": 0,
"tx Gbps": 0,
"tx K drops/s": 0,
"tx MB/s": 0,
"tx kpps": 0
}
}
Mode
Basic
Availability
Edge, Public Cloud Gateway
Show BGP debugging.
Example
nsx-edge-1(tier0_sr)> get debug bgp
2017-09-07 20:47:20.853: A BGP message has been received from a peer.
2017-09-07 20:47:20.853: A BGP message has been received from a peer.
2017-09-07 20:47:20.857: The destination address is the same as the next hop that would be
2017-09-07 20:47:20.857: DC-BGP Policy Manager filtered out a route.
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Get a routing dump trace. The dump file will be collected when you get a support bundle.
Example
nsx-edge-1(tier0_sr)> get debug routing dumptrace
nsx-edge-1(tier0_sr)>
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display a specific DHCP IP pool.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get dhcp ip-pool 31b79159-c160-40ba-a9d7-be37186ac658
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
ERROR_THRESHOLD: 100
ID: 31b79159-c160-40ba-a9d7-be37186ac658
OPTIONS:
GENERIC_OPTIONS:
CODE: 51
VALUES:
86400
CODE: 3
VALUES:
192.168.1.1
RANGE:
END:
IPV4: 192.168.1.200
START:
IPV4: 192.168.1.100
WARNING_THRESHOLD: 80
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all DHCP IP pools.
Example
nsx-edge-1> get dhcp ip-pools
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
ERROR_THRESHOLD: 100
ID: 31b79159-c160-40ba-a9d7-be37186ac658
OPTIONS:
GENERIC_OPTIONS:
CODE: 51
VALUES:
86400
CODE: 3
VALUES:
192.168.1.1
RANGE:
END:
IPV4: 192.168.1.200
START:
IPV4: 192.168.1.100
WARNING_THRESHOLD: 80
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display DHCP IP pools which matched a specific server UUID.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get dhcp ip-pools server-uuid efc4fc20-e00d-416d-819a-88eff8674602
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
ERROR_THRESHOLD: 100
ID: 31b79159-c160-40ba-a9d7-be37186ac658
OPTIONS:
GENERIC_OPTIONS:
CODE: 51
VALUES:
86400
CODE: 3
VALUES:
192.168.1.1
RANGE:
END:
IPV4: 192.168.1.200
START:
IPV4: 192.168.1.100
WARNING_THRESHOLD: 80
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a specific DHCP lease. You can specify a DHCP server's UUID, or a MAC address, or an IP address.
| Option | Description |
|---|---|
| <string> | Generic string argument Allowed pattern: ^([A-Za-z0-9_:.-]+)$ |
Example
nsx-edge-1> get dhcp lease efc4fc20-e00d-416d-819a-88eff8674602
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2
EXPIRE_TIME: 2016-10-11 23:48:07.136000 (timestamp: 1476229687136)
IP:
IPV4: 192.168.1.100
LEASE_TIME: 86400
MAC:
MAC: 00:0c:29:03:9c:b2
START_TIME: 2016-10-10 23:48:07.136000 (timestamp: 1476143287136)
SUBNET: 192.168.1.0
nsx-edge-1> get dhcp lease 00:0c:29:03:9c:b2
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2
EXPIRE_TIME: 2016-10-12 19:53:13.057000 (timestamp: 1476301993057)
IP:
IPV4: 192.168.1.100
LEASE_TIME: 86400
MAC:
MAC: 00:0c:29:03:9c:b2
START_TIME: 2016-10-11 19:53:13.057000 (timestamp: 1476215593057)
SUBNET: 192.168.1.0
nsx-edge-1> get dhcp lease 192.168.1.100
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2
EXPIRE_TIME: 2016-10-12 19:53:13.057000 (timestamp: 1476301993057)
IP:
IPV4: 192.168.1.100
LEASE_TIME: 86400
MAC:
MAC: 00:0c:29:03:9c:b2
START_TIME: 2016-10-11 19:53:13.057000 (timestamp: 1476215593057)
SUBNET: 192.168.1.0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a specific DHCP lease. You can specify a DHCP server's UUID, or a MAC address, or an IP address.
| Option | Description |
|---|---|
| <string> | Generic string argument Allowed pattern: ^([A-Za-z0-9_:.-]+)$ |
Example
nsx-edge-1> get dhcp lease efc4fc20-e00d-416d-819a-88eff8674602
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2
EXPIRE_TIME: 2016-10-11 23:48:07.136000 (timestamp: 1476229687136)
IP:
IPV4: 192.168.1.100
LEASE_TIME: 0
MAC:
MAC: 00:0c:29:03:9c:b2
START_TIME: 2016-10-10 23:48:07.136000 (timestamp: 1476143287136)
SUBNET: 192.168.1.0
nsx-edge-1> get dhcp lease 00:0c:29:03:9c:b2
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2
EXPIRE_TIME: 2016-10-12 19:53:13.057000 (timestamp: 1476301993057)
IP:
IPV4: 192.168.1.100
LEASE_TIME: 86400
MAC:
MAC: 00:0c:29:03:9c:b2
START_TIME: 2016-10-11 19:53:13.057000 (timestamp: 1476215593057)
SUBNET: 192.168.1.0
nsx-edge-1> get dhcp lease 192.168.1.100
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2
EXPIRE_TIME: 2016-10-12 19:53:13.057000 (timestamp: 1476301993057)
IP:
IPV4: 192.168.1.100
LEASE_TIME: 86400
MAC:
MAC: 00:0c:29:03:9c:b2
START_TIME: 2016-10-11 19:53:13.057000 (timestamp: 1476215593057)
SUBNET: 192.168.1.0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all non-released DHCP leases.
Example
nsx-edge-1> get dhcp leases
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2
EXPIRE_TIME: 2016-10-11 23:48:07.136000 (timestamp: 1476229687136)
IP:
IPV4: 192.168.1.100
LEASE_TIME: 86400
MAC:
MAC: 00:0c:29:03:9c:b2
START_TIME: 2016-10-10 23:48:07.136000 (timestamp: 1476143287136)
SUBNET: 192.168.1.0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all DHCP leases.
Example
nsx-edge-1> get dhcp leases
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2
EXPIRE_TIME: 2016-10-11 23:48:07.136000 (timestamp: 1476229687136)
IP:
IPV4: 192.168.1.100
LEASE_TIME: 0
MAC:
MAC: 00:0c:29:03:9c:b2
START_TIME: 2016-10-10 23:48:07.136000 (timestamp: 1476143287136)
SUBNET: 192.168.1.0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a specific DHCP server. Optionally specify an argument to display only the status or the synchronization information.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get dhcp server efc4fc20-e00d-416d-819a-88eff8674602
EDGE_CLUSTER_ID: 46944f73-89d0-40b8-86f2-6fd651ba4fb9
EDGE_NODE_ID:
0e10a15f-ca0d-47a7-92ff-9b0aa8d18b4d
b084f07f-bd1f-4d91-bf48-775b896296d5
ID: efc4fc20-e00d-416d-819a-88eff8674602
OPTIONS:
GENERIC_OPTIONS:
CODE: 54
VALUES:
192.168.1.2
CODE: 1
VALUES:
255.255.255.0
SERVER_MAC:
MAC: 00:50:56:98:7d:d7
SERVER_PREFIX:
IPV4: 192.168.1.2
PREFIX_LENGTH: 24
nsx-edge-1> get dhcp server efc4fc20-e00d-416d-819a-88eff8674602 status
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
STATUS: READY
nsx-edge-1> get dhcp server efc4fc20-e00d-416d-819a-88eff8674602 sync
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
LAST_ERROR_TIME: N/A
LAST_SYNC_TIME: N/A
STATUS: OK
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all DHCP servers. Optionally specify an argument to display only the status or the synchronization information.
If the edge node is the only member of the edge cluster, the STATUS property will be displayed as UNKNOWN when you call get dhcp servers status because HA (high availability) is not available.
If the edge node is the only member of the edge cluster, the STATUS property will be displayed as UNKNOWN when you call get dhcp servers status because HA (high availability) is not available.
Example
nsx-edge-1> get dhcp servers
EDGE_CLUSTER_ID: 46944f73-89d0-40b8-86f2-6fd651ba4fb9
EDGE_NODE_ID:
0e10a15f-ca0d-47a7-92ff-9b0aa8d18b4d
b084f07f-bd1f-4d91-bf48-775b896296d5
ID: efc4fc20-e00d-416d-819a-88eff8674602
OPTIONS:
GENERIC_OPTIONS:
CODE: 54
VALUES:
192.168.1.2
CODE: 1
VALUES:
255.255.255.0
SERVER_MAC:
MAC: 00:50:56:98:7d:d7
SERVER_PREFIX:
IPV4: 192.168.1.2
PREFIX_LENGTH: 24
nsx-edge-1> get dhcp servers status
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
STATUS: READY
nsx-edge-1> get dhcp servers sync
DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602
LAST_ERROR_TIME: N/A
LAST_SYNC_TIME: N/A
STATUS: OK
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a specific DHCP static binding.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get dhcp static-binding 3773289c-32f6-4892-a94e-c74a47bf1e71
DHCP_ID: 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d
ID: 3773289c-32f6-4892-a94e-c74a47bf1e71
MAC:
MAC: 12:34:56:78:9a:bc
OPTIONS:
GENERIC_OPTIONS:
CODE: 3
VALUES:
192.168.150.1
CODE: 12
VALUES:
machine-1
CODE: 51
VALUES:
86400
PREFIX:
IPV4: 192.168.150.201
PREFIX_LENGTH: 24
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all DHCP static bindings.
Example
nsx-edge-1> get dhcp static-bindings
DHCP_ID: 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d
ID: 3773289c-32f6-4892-a94e-c74a47bf1e71
MAC:
MAC: 12:34:56:78:9a:bc
OPTIONS:
GENERIC_OPTIONS:
CODE: 3
VALUES:
192.168.150.1
CODE: 12
VALUES:
machine-1
CODE: 51
VALUES:
86400
PREFIX:
IPV4: 192.168.150.201
PREFIX_LENGTH: 24
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a specific DHCP static bindings which matched a specific server UUID.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get dhcp static-bindings server-uuid 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d
DHCP_ID: 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d
ID: 3773289c-32f6-4892-a94e-c74a47bf1e71
MAC:
MAC: 12:34:56:78:9a:bc
OPTIONS:
GENERIC_OPTIONS:
CODE: 3
VALUES:
192.168.150.1
CODE: 12
VALUES:
machine-1
CODE: 51
VALUES:
86400
PREFIX:
IPV4: 192.168.150.201
PREFIX_LENGTH: 24
Mode
Basic
Availability
Edge, Public Cloud Gateway
Get edge config diagnosis
Example
nsx-edge-1> get diagnosis config
Passed:
Manager, Controller, Nsxa-state, Nsxa-lrouter, Nsxa-service-router
Failed:
Nsxa-edge-cluster : no peers
Mode
Basic
Availability
Edge, Public Cloud Gateway
Get diagnosis analysis
Example
nsx-edge-c0-1> get diagnosis log
2018-01-03T20:04:14.767Z host-326432070547636738750820273082671025578 NSX 6190 SYSTEM [nsx@6876 comp="nsx-edge" subcomp="lb-dispatcher.nestdb" level="INFO"] nsx-agent nestdb thread started
2018-01-03T20:04:14.767431Z host-326432070547636738750820273082671025578 NSX 5929 - [nsx@6876 comp="nsx-edge" subcomp="nestdb" tid="5929" level="INFO"] CreateVDb: main_vdb
2018-01-03T20:04:14.767467Z host-326432070547636738750820273082671025578 NSX 5929 - [nsx@6876 comp="nsx-edge" subcomp="nestdb" tid="5929" level="ERROR" errorCode="NST0601"] CreateVDb failed: Attempt to create main VDb
***********************************************************************
ERROR:2018-01-03T20:04:14.767523Z host-326432070547636738750820273082671025578 NSX 5929 - [nsx@6876 comp="nsx-edge" subcomp="nsx-rpc" tid="5929" level="ERROR" errorCode="RPC102"] Server:UnaryCall[Service[nestdb::NestDbServer, vmware.nsx.nestdb.NestDb/CreateVDb, RMT_SIMPLE], 0x0000, LOCAL_ERROR] Is in error state (INVALID_ARGUMENT: Attempt to create main VDb, status is reported to the Client)
***********************************************************************
2018-01-03T20:04:14.767728Z host-326432070547636738750820273082671025578 NSX 6190 - [nsx@6876 comp="nsx-edge" subcomp="nsx-rpc" tid="6192" level="ERROR" errorCode="RPC102"] Client:UnaryCall[RpcMethod[vmware.nsx.nestdb.NestDb/CreateVDb, RMT_SIMPLE], 0x0000, REMOTE_ERROR] Is in error state (INVALID_ARGUMENT reported by Server)
2018-01-03T20:04:14.767741Z host-326432070547636738750820273082671025578 NSX 5929 - [nsx@6876 comp="nsx-edge" subcomp="nestdb" tid="5929" level="INFO"] GetVDbId:
2018-01-03T20:04:14.767Z host-326432070547636738750820273082671025578 NSX 6190 SYSTEM [nsx@6876 comp="nsx-edge" subcomp="lb-dispatcher.nestdb" level="WARN"] Failed to create vdb object. The vdb may already exist. RPC status 2: INVALID_ARGUMENT
Mode
Basic
Availability
Edge, Public Cloud Gateway
Get number of diagnosis entries
| Option | Description |
|---|---|
| <log-num> | Specify number of log entries Allowed pattern: ^([0-9]+)$ |
Example
nsx-edge-c0-1> get diagnosis log limit 1
2018-01-03T20:04:16.548319+00:00 host-326432070547636738750820273082671025578 netcpa 6075 - - [DEBUG] Attempting to send data to client 11
2018-01-03T20:04:16.548798+00:00 host-326432070547636738750820273082671025578 netcpa 6075 - - [DEBUG] Sent Data to Client 11
2018-01-03T20:04:17.102262+00:00 host-326432070547636738750820273082671025578 NSX 5838 - [nsx@6876 comp="nsx-manager" subcomp="node-mgmt" username="root" level="INFO" audit="True"] 127.0.0.1 - - [2018-01-03 20:04:17] 'GET /api/v1/node/configuration' 200 1201 "" "curl/7.47.0" 0.144964
***********************************************************************
ERROR:2018-01-03T20:04:17.421993+00:00 host-326432070547636738750820273082671025578 NSX 5838 - [nsx@6876 comp="nsx-manager" subcomp="node-mgmt" username="root" level="ERROR" errorCode="NODE10"] Error setting system time, rc: 1, err: Failed to create bus connection: No such file or directory
***********************************************************************
2018-01-03T20:04:17.526811Z host-326432070547636738750820273082671025578 NSX 6075 - [nsx@6876 comp="nsx-controller" subcomp="netcpa" tid="71757700" level="verbose"] Checking global lock, current checked count: 1
2018-01-03T20:04:17.577539Z host-326432070547636738750820273082671025578 NSX 6075 - [nsx@6876 comp="nsx-controller" subcomp="netcpa" tid="71757700" level="verbose"] TCP connection started: 127.0.0.1:0::00000000-0000-0000-0000-000000000000:1234
2018-01-03T20:04:17.577589Z host-326432070547636738750820273082671025578 NSX 6075 - [nsx@6876 comp="nsx-controller" subcomp="netcpa" tid="71757700" level="warning"] socket async connect callback failed. Error code: Connection refused, system
Mode
Basic
Availability
Edge, Public Cloud Gateway
Get two number of diagnosis entries
| Option | Description |
|---|---|
| <log-num> | Specify number of log entries Allowed pattern: ^([0-9]+)$ |
| <context-line-num> | Specify the numbers of context logs before and after the error log Allowed pattern: ^([0-9]+)$ |
Example
nsx-edge-c0-1> get diagnosis log limit 1 context 1
2018-01-03T20:04:17.102262+00:00 host-326432070547636738750820273082671025578 NSX 5838 - [nsx@6876 comp="nsx-manager" subcomp="node-mgmt" username="root" level="INFO" audit="True"] 127.0.0.1 - - [2018-01-03 20:04:17] 'GET /api/v1/node/configuration' 200 1201 "" "curl/7.47.0" 0.144964
***********************************************************************
ERROR:2018-01-03T20:04:17.421993+00:00 host-326432070547636738750820273082671025578 NSX 5838 - [nsx@6876 comp="nsx-manager" subcomp="node-mgmt" username="root" level="ERROR" errorCode="NODE10"] Error setting system time, rc: 1, err: Failed to create bus connection: No such file or directory
***********************************************************************
2018-01-03T20:04:17.526811Z host-326432070547636738750820273082671025578 NSX 6075 - [nsx@6876 comp="nsx-controller" subcomp="netcpa" tid="71757700" level="verbose"] Checking global lock, current checked count: 1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the DNS Forwarder Cache Entries.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get dns-forwarder 9b032ded-a109-42ee-b49b-ae05e7b9edf6 cache
CACHE:
Cache size: 150
Cache insertions 0
Cache-Live-freed 0.
Queries forwarded 0,
Queries answered locally 0Host Address Flags Expires
ERR_MSG:
UUID: 9b032ded-a109-42ee-b49b-ae05e7b9edf6
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the DNS Forwarder Config.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get dns-forwarder 7f304144-9df2-477f-ad36-89232200a6a7 config
CACHE_SIZE: 1024
DEFAULT_ZONE:
SOURCE_IP:
IPV4: 11.11.11.11
UPSTREAM_SERVERS:
IPV4: 10.117.0.1
ID: 7f304144-9df2-477f-ad36-89232200a6a7
LISTENER_IP:
IPV4: 11.11.11.11
LOG_LEVEL: LB_LOG_LEVEL_INFO
LOGICAL_ROUTER_ID: a5e4fb83-ed0a-45ef-9407-b73740ca9277
SR_CLUSTER_ID: 00002000-0000-0000-0000-000000000001
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display DNS Forwarder Status
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get dns-forwarder 7f304144-9df2-477f-ad36-89232200a6a7 status
ID : 7f304144-9df2-477f-ad36-89232200a6a7
STATUS : up
ERR_MSG :
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the DNS Forwarder Entries.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get dns-forwarder 9b032ded-a109-42ee-b49b-ae05e7b9edf6 table
ERR_MSG:
TABLE:
Domain-name Forwarder-Source-Address DNS-Server-Address Number-of-Queries Failed-Queries
(null) 10.117.0.1 11.11.11.13 0 0
UUID: 9b032ded-a109-42ee-b49b-ae05e7b9edf6
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the DNS Forwarder Cache Entries Per SR.
Example
nsx-edge-1(tier0_sr)> get dns-forwarder cache
CACHE:
Cache size: 150
Cache insertions 0
Cache-Live-freed 0.
Queries forwarded 0,
Queries answered locally 0Host Address Flags Expires
ERR_MSG:
UUID: 9b032ded-a109-42ee-b49b-ae05e7b9edf6
Mode
Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Display the DNS Forwarder Entries Per SR.
Example
nsx-edge-1(tier0_sr)> get dns-forwarder status
ERR_MSG:
STATUS: up
UUID: 14590164-e8fc-4949-bad7-fe6909fb1099
Mode
Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Display the DNS Forwarder Entries Per SR.
Example
nsx-edge-1(tier0_sr)> get dns-forwarder table
ERR_MSG:
TABLE:
Domain-name Forwarder-Source-Address DNS-Server-Address Number-of-Queries Failed-Queries
(null) 10.117.0.1 11.11.11.13 0 0
UUID: 9b032ded-a109-42ee-b49b-ae05e7b9edf6
Mode
Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Display the DNS Forwarders Config.
Example
nsx-edge-1> get dns-forwarders config
CACHE_SIZE: 1024
DEFAULT_ZONE:
SOURCE_IP:
IPV4: 11.11.11.11
UPSTREAM_SERVERS:
IPV4: 10.117.0.1
ID: 7f304144-9df2-477f-ad36-89232200a6a7
LISTENER_IP:
IPV4: 11.11.11.11
LOG_LEVEL: LB_LOG_LEVEL_INFO
LOGICAL_ROUTER_ID: a5e4fb83-ed0a-45ef-9407-b73740ca9277
SR_CLUSTER_ID: 00002000-0000-0000-0000-000000000001
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display DNS Forwarder Status
Example
nsx-edge-1> get dns-forwarders status
ERR_MSG:
STATUS: up
UUID: 14590164-e8fc-4949-bad7-fe6909fb1099
ERR_MSG:
STATUS: up
UUID: 9b032ded-a109-42ee-b49b-ae05e7b9edf6
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about the specified domain object.
| Option | Description |
|---|---|
| <uuid> | Domain object identifier |
Example
nsx-controller-1> get domain-object 348e20a9-8b6e-4209-81df-779bff97781d
id: 348e20a9-8b6e-4209-81df-779bff97781d
type: RuleSection
content: com.vmware.nsx.ccp.domain.entity.RuleSection@1642d5b0[message=priority: 2305843009213693951
name: "Default Layer2 Section"
version: "0"
,id=348e20a9-8b6e-4209-81df-779bff97781d,resolver=com.vmware.nsx.falcon.FalconImpl@6306e14c]
Mode
Basic
Availability
Controller
Display domain objects of the specified type.
| Option | Description |
|---|---|
| <domain_object_type> | Domain object type Allowed values: ArpTableConfig, Container, Cif, DhcpIpPool, DhcpStaticBinding, EdgeNode, Hypervisor, EdgeClusterConfig, SiRedirectionPolicy, IpfixCollectorConfiguration, IpfixDfwConfiguration, LogicalDhcpServer, LogicalMDProxyServer, LogicalSwitch, LogicalSwitchPort, LogicalRouter, LogicalRouterPort, MacAddress, PublicCloudGatewayNode, Rule, RuleSection, Vif |
Example
nsx-controller-1> get domain-objects RuleSection
id: 348e20a9-8b6e-4209-81df-779bff97781d, type: RuleSection
id: a9ccd570-9b6f-42e9-a372-162c4b00238e, type: RuleSection
id: 00003200-0000-0000-0000-000000000001, type: RuleSection
id: 00003200-0000-0000-0000-000000000002, type: RuleSection
Mode
Basic
Availability
Controller
Display domain objects of the specified type with the specified component name
| Option | Description |
|---|---|
| <objects_type_with_component_name> | Object type with component name Allowed values: rule, rulesection |
| <component-name> | Component name Allowed values: dfw |
Example
nsx-controller-1> get domain-objects rule dfw
id: 00000000-0000-0000-0000-000000000401, type: Rule, rule config message id: 1025, section: 17df3754-73df-4809-8820-fe01ee57d02a
id: 00000000-0000-0000-0000-000000000402, type: Rule, rule config message id: 1026, section: ba6ae44f-4ea2-4167-a298-75849a458273
Mode
Basic
Availability
Controller
Display the Edge cluster state history.
Example
nsx-edge-1> get edge-cluster history state
State : Disabled
Time : 2016-09-12 18:07:03.20
Event : Init
Reason : Init
State : Offline
Time : 2016-09-20 10:19:24.22
Event : Config Updated
Reason : Config
State : Discover
Time : 2016-09-20 10:19:24.22
Event : Config Updated
Reason : Config
State : StateSync
Time : 2016-09-20 10:19:25.19
Event : BFD State Updated
Reason : Updated
State : Inactive
Time : 2016-09-20 10:19:30.50
Event : State Sync Completed
Reason : Updated
State : Active
Time : 2016-09-20 10:19:30.50
Event : State Sync Completed
Reason : Updated
State : Inactive
Time : 2016-10-10 13:53:30.88
Event : Node State Changed
Reason : Tunnels Down
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the Edge cluster status.
Example
nsx-edge-1> get edge-cluster status
High Availability State : Inactive
Since : 2016-10-10 13:53:30.88
Edge Node Id : f9933e11-96a5-48fa-9f64-9c3b789d530c
Edge Node Status : Down
Admin State : Up
Vtep State : Up
Configuration : applied
Health Check Config :
Interval : 1000 msec
Deadtime : 3000 msec
Max Hops : 255
Service Status :
Datapath Config Channel : Up
Datapath Status Channel : Up
Routing Status Channel : Up
Routing Status : Down
Peer Status :
Node Id : 14693d4d-de8b-417e-a53c-315702fc72c5
Node Status : Admin Down
Healthcheck Sessions :
Interface : eth0
Session : 192.168.110.111:192.168.110.112
Status : Admin Down
Interface : nsx-edge-vtep
Session : 192.168.150.201:192.168.150.202
Status : Unreachable
Mode
Basic
Availability
Edge, Public Cloud Gateway
Show the content of End User License Agreement
Mode
Basic
Availability
Manager
Display information about the specified file in the filestore.
| Option | Description |
|---|---|
| <filename> | Existing file argument |
Example
nsx> get file support-bundle-0.tgz
Directory of filestore:/
-rw- 24932275 Feb 05 2016 05:58:46 UTC support-bundle-0.tgz
Mode
Basic
Availability
Controller, Edge, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display the file thumbprint.
| Option | Description |
|---|---|
| <filename> | Existing file argument |
Example
nsx> get file support-bundle-0.tgz thumbprint
SHA1SUM: d0fc5c741bdc0be8eacce3e8f581b74c32bc4d62
SHA256SUM: 13cfaccbfc44193eaee3a729b6c4a810b276df6d8086fc82ed1720d23906473d
Mode
Basic
Availability
Controller, Edge, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display information about the files in the filestore.
Example
nsx> get files
Directory of filestore:/
-rw- 24950960 Feb 05 2016 05:59:23 UTC support-bundle-1.tgz
-rw- 24932275 Feb 05 2016 05:58:46 UTC support-bundle-0.tgz
Mode
Basic
Availability
Controller, Edge, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display the file system information.
Example
nsx-manager-1> get filesystem-stats
Filesystem Size Used Avail Use% Mounted on
udev 7.9G 4.0K 7.9G 1% /dev
tmpfs 1.6G 768K 1.6G 1% /run
/dev/sda2 19G 2.2G 16G 13% /
none 4.0K 0 4.0K 0% /sys/fs/cgroup
none 5.0M 0 5.0M 0% /run/lock
none 7.9G 4.0K 7.9G 1% /run/shm
none 100M 0 100M 0% /run/user
/dev/mapper/nsx-repository 19G 302M 18G 2% /repository
/dev/mapper/nsx-tmp 3.7G 8.0M 3.5G 1% /tmp
/dev/sda1 945M 6.0M 874M 1% /boot
/dev/mapper/nsx-config 19G 44M 18G 1% /config
/dev/mapper/nsx-config__bak 19G 44M 18G 1% /config_bak
/dev/mapper/nsx-image 19G 44M 18G 1% /image
/dev/sda3 19G 44M 18G 1% /os_bak
/dev/mapper/nsx-var+log 9.3G 623M 8.2G 7% /var/log
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display the specified firewall address set for the logical router interface.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
| <string> | Generic string argument Allowed pattern: ^([A-Za-z0-9_:.-]+)$ |
Example
nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e addrset name srcep
Addrset count: 1
Name : srcep
Address(es) : 11.1.1.1,11.1.2.1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all the firewall address sets for the logical router interface.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
Example
nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e addrset sets
Addrset count: 2
Name : dstep
Address(es) : 11.1.1.1,11.1.2.1
Name : srcep
Address(es) : 10.1.1.1,10.1.1.10
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the firewall connections on the specified logical router interface.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
Example
nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e connection
Connection count: 1
0x00001c0c08000007: 192.168.130.254:57336 -> 172.16.10.11:80 (80.80.80.11:80) in protocol tcp state ESTABLISHED:ESTABLISHED
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the firewall connection count.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
Example
nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e connection count
Connection count: 1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the state of the firewall connections.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
Example
nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e connection state
Connection count: 1
192.168.130.254:57101 -> 172.16.10.11:80 (80.80.80.11:80) in protocol tcp state ESTABLISHED:ESTABLISHED f-0 n-421
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display IKE policy for the specified logical router interface.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
| <rule-id> | Rule ID Allowed pattern: ^[1-9][0-9]*$ |
Example
nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e ike policy 2052
Policy count: 1
Rule ID : 2052
Policy : in protocol any from ip 2.2.2.0/24 to ip 1.1.1.0/24 encrypt keypolicy 00000000-0000-0000-0b00-000000000000
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display firewall interface statistics for the specified logical router interface.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
Example
nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e interface stats
Failed IP option : 0
Failed NAT translation : 0
Failed SYN proxy : 0
Failed Spoofguard : 0
Failed bad offset : 0
Failed bad timestamp : 0
Failed checksum : 0
Failed congestion : 0
Failed expected state : 0
Failed fragment : 0
Failed memory allocation : 0
Failed normalization : 0
Failed short header : 0
Failed source limit : 0
Failed state insertion : 0
Failed state limit : 0
Firewall deletions : 13
Firewall insertions : 15
Firewall lookups : 0
Found match : 67
Input bytes allowed : 5741
Input bytes dropped : 0
Input packets allowed : 61
Input packets dropped : 0
Number of state collisions : 0
Number of states : 2
Output bytes allowed : 12628
Output bytes dropped : 0
Output packets allowed : 138
Output packets dropped : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display firewall rules with expanded address sets for the specified logical router interface.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
Example
nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e ruleset rules
DNAT rule count: 1
Rule ID : 2053
Rule : in protocol any from any to ip 80.80.80.11 dnat ip 172.16.10.11
SNAT rule count: 1
Rule ID : 2052
Rule : out protocol any from ip 172.16.10.11 to any snat ip 80.80.80.11
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display firewall rule statistics for the specified logical router interface.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
Example
nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e ruleset stats
DNAT rule count: 1
Rule ID : 2053
Input bytes : 1367
Output bytes : 2374
Input packets : 24
Output packets : 19
Evaluations : 8
Active connections : 1
SNAT rule count: 1
Rule ID : 2052
Input bytes : 4478
Output bytes : 6106
Input packets : 39
Output packets : 68
Evaluations : 7
Active connections : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the active/standby configuration for the firewall on the specified logical router interface.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
Example
nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e sync config
HA mode : primary-active
Firewall enabled : true
Sync pending : false
Bulk sync pending : false Last status: ok
Local VTEP IP : 192.168.250.62
Peer VTEP IP : 192.168.250.63
Local SR : 56eead22-3bb9-4586-8de3-9412941f9116
Peer SR : 56eead22-3bb9-4586-8de3-9412941f9116
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the firewall synchronization statistics.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
Example
nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e sync stats
bad-action : 0
bad-c-delete : 0
bad-c-update : 0
bad-delete : 0
bad-header : 0
bad-len : 0
bad-request : 0
bad-rule-id : 0
bad-stale-c-update : 0
bad-stale-update : 0
bad-state-c-update : 0
bad-state-insert : 0
bad-state-update : 0
bad-total : 0
bad-ttl : 0
bad-update : 0
bad-val : 0
bad-version : 0
failed-module-insert : 0
failed-no-mem : 0
failed-no-module : 0
failed-output : 0
input-ipv4 : 5
output-ipv4 : 138
send-bulk-update : 0
send-c-delete : 13
send-c-update : 135
send-update : 0
state-c-delete : 0
state-c-update : 0
state-delete : 0
state-insert : 0
state-request : 2
state-update : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the fixed timeouts for connection events.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
Example
nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e timeouts
Timeout count: 12
dfw.icmp.error_reply : 10
dfw.icmp.first_packet : 20
dfw.ip.frag : 30
dfw.tcp.closed : 5
dfw.tcp.closing : 900
dfw.tcp.established : 7200
dfw.tcp.fin_wait : 7
dfw.tcp.first_packet : 120
dfw.tcp.opening : 30
dfw.udp.first_packet : 60
dfw.udp.multiple : 60
dfw.udp.single : 30
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display firewall address sets
| Option | Description |
|---|---|
| <vifuuid> | UUID argument |
Example
> get firewall e0b4c45b-7df8-40d5-a229-2b2a5be2d4d0 addrset
Firewall Address Sets
--------------------------------------------------
Mode
Basic
Availability
ESXi, KVM
Display firewall rules
| Option | Description |
|---|---|
| <vifuuid> | UUID argument |
Example
> get firewall e0b4c45b-7df8-40d5-a229-2b2a5be2d4d0 ruleset rules
Firewall Rules
--------------------------------------------------
VIF UUID : e0b4c45b-7df8-40d5-a229-2b2a5be2d4d0
Ruleset UUID : 3d04fa69-5faa-4127-b55f-c08c5de5a134
Rule count : 4
rule 1031 inout protocol any from any to any accept;
rule 1032 inout protocol any from any to any accept;
rule 1033 inout protocol any from any to any accept;
rule 1034 inout protocol any from any to any accept;
Mode
Basic
Availability
ESXi, KVM
Display the logical router or switch interfaces which have firewall rules.
Example
nsx-edge-1> get firewall interfaces
Interface : e159f0db-d8e4-4973-9cbb-8cc30def2c3e
Type : UPLINK
Sync enabled : true
Name : lrp265
VRF ID : 22
Context entity : 627171f9-ba99-4d81-971e-54ec857b9693
Context name : SR-Tier0-LR-1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display firewall addresses for the specified address set.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
host-1> get firewall addrset name 986cf106-b987-48bb-bdaa-8b55e1e82756
Address Count: 2
Address : ip 14.14.14.14
Address : ip 12.12.12.12
Mode
Basic
Availability
NSX Cloud VM
Display firewall address sets for the available virtual interface.
Example
host-1> get firewall addrset sets
VIF ID : eni-d36ce980
Addrset Count : 1
Addrset UUID : 986cf106-b987-48bb-bdaa-8b55e1e82756
Address Count : 2
Address : 14.14.14.14
Address : 12.12.12.12
Mode
Basic
Availability
NSX Cloud VM
Display firewall exclude interfaces.
Example
host-1> get firewall exclude
VIF count: 1
VIF ID : eni-d36ce980
Mode
Basic
Availability
NSX Cloud VM
Display the firewall exclusion list.
Example
nsx-manager-1> get firewall exclude-list
target_display_name target_id target_type
------------------- ------------------------------------ -----------
1-switch-1227 da5022d9-d919-4452-8bd6-1b4fcc0f00a5 LogicalSwitch
lport-1001 29846482-d212-44f4-8036-36add02c334a LogicalPort
Mode
Basic
Availability
Manager
Display firewall exclusions.
Example
esx-1> get firewall exclusion
Firewall Exclusion
----------------------------------------------------------------------
None
Mode
Basic
Availability
ESXi, KVM
Display sync configuration for logical router interfaces with firewall rules.
Example
nsx-edge-1> get firewall interfaces sync
Total count: 1
Interface : e159f0db-d8e4-4973-9cbb-8cc30def2c3e
HA mode : primary-active
Firewall enabled : true
Sync pending : false
Bulk sync pending : false Last status: ok
Local VTEP IP : 192.168.250.62
Peer VTEP IP : 192.168.250.63
Local SR : 56eead22-3bb9-4586-8de3-9412941f9116
Peer Context : 56eead22-3bb9-4586-8de3-9412941f9116
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display firewall ipfix containers
Example
esx-1> get firewall ipfix-containers
Firewall IPFIX Containers
----------------------------------------------------------------------
Container UUID VIF UUID
daa4a875-9050... 1b78faa3-d8b9...
879e25c1-cf28... 14417daf-ce52...
a0286cfe-73d2... 36124bcf-5bdf...
14417daf-ce52...
e30a0072-1930...
e5e6fee8-61f7...
Mode
Basic
Availability
ESXi, KVM, NSX Cloud VM
Display firewall ipfix filters
Example
esx-1> get firewall ipfix-filters
Firewall IPFIX VIFs
----------------------------------------------------------------------
e0b4c45b-7df8-40d5-a229-2b2a5be2d4d0
e30a0072-1930-48a0-adaa-9412e758eea7
Mode
Basic
Availability
ESXi, KVM, NSX Cloud VM
Display firewall ipfix profile configration
Example
esx-1> get firewall ipfix-profiles
Firewall IPFIX Profiles
----------------------------------------------------------------------
UUID Priority Timeout Domain ID AppliedTo Count Collector UUID
0a988e9e-725d... 10 5 100 8 035cad05-0dc8...
6f25a736-646e... 0 3 1 2 188da901-1bd0...
Mode
Basic
Availability
ESXi, KVM, NSX Cloud VM
Display firewall ipfix statistics
Example
esx-1> get firewall ipfix-stats
Firewall IPFIX Statistics
----------------------------------------------------------------------
Collector config: 188da901-1bd0-402b-9b57-3521cb59910b
IP address port # bytes sent sequence # sent errors
10.2.117.211 2828 38016 355 0
Collector config: 035cad05-0dc8-44a8-b320-d6ebb8112515
IP address port # bytes sent sequence # sent errors
2.2.2.2 200 344 0 0
1.1.1.1 100 344 0 0
Mode
Basic
Availability
ESXi, KVM, NSX Cloud VM
Get orphaned sections from the firewall.
Mode
Basic
Availability
Manager
Display the contents of the DFW packet log file.
Example
2018-07-17T18:41:20.708Z f1007e48 INET match PASS 2 OUT 84 ICMP 1.1.1.10->1.1.3.10
2018-07-17T18:41:20.716Z a8de7313 INET match PASS 2 IN 84 ICMP 1.1.1.10->1.1.3.10
.
.
.
Mode
Basic
Availability
ESXi, KVM
Display last lines of the DFW packet log file.
| Option | Description |
|---|---|
| <lines> | Line count, up to 80 |
Example
.
.
.
2018-07-17T18:41:20.708Z f1007e48 INET match PASS 2 OUT 84 ICMP 1.1.1.10->1.1.3.10
2018-07-17T18:41:20.716Z a8de7313 INET match PASS 2 IN 84 ICMP 1.1.1.10->1.1.3.10
Mode
Basic
Availability
ESXi, KVM
Display firewall rule statistics
Example
esx-1> get firewall rule-stats
Firewall Rule Statistics
----------------------------------------------------------------------
RuleId packets bytes sessions
2 118 8248 72
1024 52 4112 14
Mode
Basic
Availability
ESXi, KVM, NSX Cloud VM
Display the summary of firewall rules.
Example
host-1> get firewall rules
VIF ID : eni-d36ce980
Rule Count : 2
Ruleset UUID : e83c8855-2541-4965-90dd-522435853409
Rule ID : 1025
Rule : inout protocol any from any to addrset 986cf106-b987-48bb-bdaa-8b55e1e82756 accept
Rule ID : 2
Rule : inout protocol any from any to any accept
Rule UUID : 8f03714c-4d60-48d2-9767-7654d90c079e
Rule ID : 1
Rule : inout ethertype any stateless from any to any accept
Mode
Basic
Availability
NSX Cloud VM
Display the firewall status.
Example
esx-1> get firewall status
Firewall Status
----------------------------------------------------------------------
enabled
Mode
Basic
Availability
ESXi, KVM
Display the firewall status.
Example
nsx-manager-1> get firewall status
context global_status _revision
------- ------------- ---------
logical_routers ENABLED 0
transport_nodes ENABLED 0
Mode
Basic
Availability
Manager
Display the firewall summary.
Example
nsx-manager-1> get firewall summary
section_type section_count rule_count
------------ ------------- ----------
L2DFW 1 1
L3DFW 1 1
Mode
Basic
Availability
Manager
Display firewall VIFs
Example
> get firewall vifs
Firewall VIFs
--------------------------------------------------
VIF count: 2
1. e0b4c45b-7df8-40d5-a229-2b2a5be2d4d0
2. e30a0072-1930-48a0-adaa-9412e758eea7
Mode
Basic
Availability
ESXi, KVM
Display forwarding information for the current interface. If the interface is a switch port, the MAC address table is displayed. If the interface is a router interface, the IP forwarding table is displayed.
Example
nsx-edge-1(path)> get forwarding
IP Neighbor Table:
IP UUID MAC State Last Update Time
IP Forwarding Table:
IP Prefix Type UUID Gateway IP Gateway MAC
0.0.0.0/0 route 2a7bf881-1f89-4833-833e-47673b79901a 169.0.0.2
80.80.80.11/32 route 3eb2d5aa-3d11-4de3-98df-3cdebf5094e0 100.64.1.3
100.64.1.0/32 route 01f737d3-a66a-5b14-9ff7-6fc64af6a613
100.64.1.0/31 route bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a
100.64.1.2/32 route 01f737d3-a66a-5b14-9ff7-6fc64af6a613
100.64.1.2/31 route 3eb2d5aa-3d11-4de3-98df-3cdebf5094e0
169.0.0.0/28 route 2a7bf881-1f89-4833-833e-47673b79901a
169.0.0.1/32 route 01f737d3-a66a-5b14-9ff7-6fc64af6a613
172.16.10.0/24 route bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a 100.64.1.1
172.16.20.0/24 route bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a 100.64.1.1
172.16.30.0/24 route bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a 100.64.1.1
172.16.40.0/24 route 3eb2d5aa-3d11-4de3-98df-3cdebf5094e0 100.64.1.3
192.168.130.0/24 route 2a7bf881-1f89-4833-833e-47673b79901a 169.0.0.2
192.168.130.3/32 route 2a7bf881-1f89-4833-833e-47673b79901a 169.0.0.2
or
nsx-edge-1(path)> get forwarding
MAC Table:
MAC UUID Source
02:50:56:00:00:00 5b2068d0-8c28-4427-8be4-48f422f92309 controller
02:50:56:00:00:02 eb3bd495-9ce3-40b4-a955-c2ddc4893cfa controller
02:50:56:56:44:52 5b2068d0-8c28-4427-8be4-48f422f92309 controller
Replication Tunnels:
UUID Local VTEP Remote VTEP MTEP
704d9577-39d4-5b7c-b890-5e5e0bba8d0e 192.168.250.62 192.168.250.63 False
Mode
Path
Availability
Edge, Public Cloud Gateway
Display the forwarding table for the logical router in the VRF context. Optionally specify a prefix to display only the entry that matches that network.
| Option | Description |
|---|---|
| <prefix> | Network Address argument |
Example
nsx-edge-1(tier0_sr)> get forwarding
Logical Router
UUID VRF LR-ID Name Type
e9d3379d-aba7-4459-9262-18bc95eaeec1 1 1 SERVICE_ROUTER_TIER0
IPv4 Forwarding Table
IP Prefix Gateway IP Type UUID Gateway MAC
127.0.0.1/32 route 4b115e5f-1395-54c3-aaf0-0de5736f99df
172.20.1.0/24 route 6c427841-e151-4479-9184-4196cfcef3b6
172.20.1.60/32 route 4b115e5f-1395-54c3-aaf0-0de5736f99df
172.24.4.1/32 172.20.1.50 route 6c427841-e151-4479-9184-4196cfcef3b6
or
nsx-edge-1(tier0_sr)> get forwarding 172.16.110.0/24
Logical Router
UUID VRF Name Type
e9d3379d-aba7-4459-9262-18bc95eaeec1 1 SERVICE_ROUTER_TIER0
IPv4 Forwarding Table
IP Prefix Gateway IP Type UUID Gateway MAC
172.24.4.1/32 172.20.1.50 route 6c427841-e151-4479-9184-4196cfcef3b6
Mode
VRF, Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Dump the host's public cloud gateway certificate
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
host-1> get gateway certificate 13.14.41.34
Public Cloud Gateway : 13.14.41.34
Certificate Thumbprint : 2A0489D8990FFB51D9F72190FBCC4052E42BB31F
SHA : sha256
Mode
Basic
Availability
NSX Cloud VM
Dump the host's public cloud gateway certificates.
Example
host-1> get gateway certificates
Public Cloud Gateway : 13.14.41.34
Certificate Thumbprint : 2A0489D8990FFB51D9F72190FBCC4052E42BB31F
SHA : sha256
Public Cloud Gateway : 13.14.41.35
Certificate Thumbprint : 345489B8990FDB51D9A72190FB0A7042842BB32C
SHA : sha256
Mode
Basic
Availability
NSX Cloud VM
Dump the host's public cloud gateway connection status.
Example
host-1> get gateway connection status
Public Cloud Gateway : 13.14.41.34:5555
Connection Status : ESTABLISHED
Connection Time : Thu Jun 15 19:12:34 2017
Last Known Error : None
Mode
Basic
Availability
NSX Cloud VM
Dump public cloud gateway connections
Example
nsx-public-cloud-gateway> get gw-controller connections
ConnectionId Remote IP Endpoint
0 10.10.4.226 ccp
1 127.0.0.1 edge-nsx-agent
6 10.10.4.65 i-0c61c378b52c1588c
7 10.10.4.247 i-05e1618bdffb8e521
8 10.10.4.170 i-0b28602753dbf4e51
Mode
Basic
Availability
Public Cloud Gateway
Display public cloud VM certificate
| Option | Description |
|---|---|
| <vm-id> | VM ID |
Example
nsx-public-cloud-gateway>get gw-controller vm-certificate i-00dd27a50b99b29b6
[{'ID': 'i-00dd27a50b99b29b6', 'Thumbprint': '9EB31557EE6B4733E588F4CA51449707132DDC79', 'SHA': 'sha256'}]
Mode
Basic
Availability
Public Cloud Gateway
Display all public cloud VM certificates
Example
nsx-public-cloud-gateway> get gw-controller vm-certificates
ID Thumbprint SHA
i-00dd27a50b99b29b6 9EB31557EE6B4733E588F4CA51449707132DDC79 sha256
i-05e1618bdffb8e521 2966DCA6F755D04FA87625A18A2671460A753A9E sha256
Mode
Basic
Availability
Public Cloud Gateway
Display public cloud VM state for all VMs
Example
nsx-public-cloud-gateway-AWS> get gw-controller vm-state
ConnID VM ID InstanceName State Quarantine Valid
3 i-00275186c5eab8d1e vm1-test-1 VM_STATE_NORMAL QUARANTINE_STATE_NORMAL TRUE
5 i-00dd27a50b99b29b6 vm2-test-2 VM_STATE_NORMAL QUARANTINE_STATE_NORMAL TRUE
nsx-gw1-AZURE> get gw-controller vm-state
ConnID VM ID InstanceName State Quarantine Valid
8 0502182d-4db9-48d2-aaf7-a737c8a2f630 vm-test-102 VM_STATE_NORMAL QUARANTINE_STATE_NORMAL TRUE
- 3ad0eb11-23c0-4f2f-8855-ee69e747a7a9 vm-test-101 VM_STATE_UNKNOWN QUARANTINE_STATE_ENABLED FALSE
Mode
Basic
Availability
Public Cloud Gateway
Display public cloud VM state for specific VM
| Option | Description |
|---|---|
| <vm-id> | VM ID |
Example
nsx-public-cloud-gateway>get gw-controller vm-state i-0c61c378b52c1588c
ID: i-0c61c378b52c1588c
Config:
Name: vm-10-overlay-test-5
VM ID: i-0c61c378b52c1588c
Power State: POWER_STATE_ON
Desired version:
Interfaces:
{'attachment_id': 'eni-b0dd8c8c', 'mac_address_string': '06:95:92:91:ba:0c', 'Secondary_IP': [], 'Tags': [{'value': 'b15e32de-5c02-4b12-999b-86595e3bfa46', 'key': 'nsx:network'}], 'IP': '10.10.4.65', 'Name': u'', 'Device index': '0', 'MAC address': '06:95:92:91:ba:0c', 'ID': 'eni-b0dd8c8c', 'NSX assigned IP': []}
Tags:
{'value': 'vm-10-overlay-test-5', 'key': 'Name'}
{'value': 'vpc-7d0fea1b', 'key': 'aws:vpc'}
{'value': 'us-west-2b', 'key': 'aws:availabilityzone'}
VM Services: []
Quarantine state: QUARANTINE_STATE_NORMAL
SystemTags: []
VM Security groups: [{'Security group': 'sg-6e300315'}]
VM Identifiers: [{'value': 'vpc-7d0fea1b', 'key': 'vpc-id'}]
State:
{'timestamp(ms)': '0', 'VM Version': '2.0.0.0.0.5706753', 'VM OS Version': '14.04', 'VM OS Type': 'UBUNTU', 'State': 'VM_STATE_NORMAL'}
ActiveConn: 14
Valid: 1
Mode
Basic
Availability
Public Cloud Gateway
Display the mandatory access control report for possible policy violations. Specify the
file argument to write the information to a file with the specified file name. The report is written to this file in a concise format. You can specify the all argument to have a verbose report, which includes exact log messages.| Option | Description |
|---|---|
| <filename> | Name of file to generate, for example report-bundle.tgz Allowed pattern: ^[^/ *;&|]+$ |
Example
nsx-edge-1> get hardening-policy mandatory-access-control report
ACTION OPERATION PROFILE
DENIED Capable /usr/sbin/tcpdump
DENIED Capable /sbin/dhclient
nsx-edge-1> get hardening-policy mandatory-access-control report file report.tar.gz
report.tar.gz created, use the following command to transfer the file:
copy file report.tar.gz url <url>
After transferring report.tar.gz, extract it using: tar xzf report.tar.gz
nsx-edge-1> get hardening-policy mandatory-access-control report file report_all.tar.gz all
report_all.tar.gz created, use the following command to transfer the file:
copy file report_all.tar.gz url <url>
After transferring report.tar.gz, extract it using: tar xzf report_all.tar.gz
Mode
Basic
Availability
Controller, Edge, Manager, Policy Manager, Public Cloud Gateway
This command gets the current status of mandatory access control. Usage for the command is
get hardening-policy mandatory-access-control status Example
nsx-edge-1> get hardening-policy mandatory-access-control status
Mandatory Access Control is enabled.
Mode
Basic
Availability
Controller, Edge, Manager, Policy Manager, Public Cloud Gateway
Display information about the specified high-availability channel.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> get high-availability channel local-ip 30.0.246.232 remote-ip 30.0.29.0
High-Availability Channel
Cfg_flags : 0x00000000
Channel_if_uuid : 0f02ccfe-0cbf-524a-ba32-6bedaa0429ec
Channel_sessions : 1
Channel_state : SYN
Ctl_req_seq : 1
Egress_inst_id : b75cdf09-e71f-4574-960a-45f7cc43300b
Ingress_inst_id : 00000000-0000-0000-0000-000000000000
Last_tx : 0x1eff538
Local_address : 30.0.246.232
Next_tx : 0x1eff894
Remote_address : 30.0.29.0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display statistics for the specified high-availability channel.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> get high-availability channel local-ip 30.0.246.232 remote-ip 30.0.29.0 stats
High-Availability Session
Local_address : 30.0.246.232
Remote_address : 30.0.29.0
Rx_ack_packets : 0
Rx_drop : 0
Rx_drop_bad_version : 0
Rx_drop_inst_unmatch : 0
Rx_drop_intf_unmatch : 0
Rx_drop_ip_unmatch : 0
Rx_drop_pkt_len_unmatch : 0
Rx_drop_pkt_too_short : 0
Rx_drop_seq_unmatch : 0
Rx_drop_wait_syn_ack : 0
Rx_packets : 0
Tx_drop : 0
Tx_error : 0
Tx_packets : 754
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about high-availability channels.
Example
nsx-edge-1> get high-availability channels
High-Availability Channel
Cfg_flags : 0x00000000
Channel_if_uuid : 0f02ccfe-0cbf-524a-ba32-6bedaa0429ec
Channel_sessions : 1
Channel_state : SYN
Ctl_req_seq : 1
Egress_inst_id : b75cdf09-e71f-4574-960a-45f7cc43300b
Ingress_inst_id : 00000000-0000-0000-0000-000000000000
Last_tx : 0x1eb115c
Local_address : 30.0.246.232
Next_tx : 0x1eb1512
Remote_address : 30.0.29.0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display statistics for the high-availability channels.
Example
nsx-edge-1> get high-avaiability channels stats
High-Availability Session
Local_address : 30.0.246.232
Remote_address : 30.0.29.0
Rx_ack_packets : 0
Rx_drop : 0
Rx_drop_bad_version : 0
Rx_drop_inst_unmatch : 0
Rx_drop_intf_unmatch : 0
Rx_drop_ip_unmatch : 0
Rx_drop_pkt_len_unmatch : 0
Rx_drop_pkt_too_short : 0
Rx_drop_seq_unmatch : 0
Rx_drop_wait_syn_ack : 0
Rx_packets : 0
Tx_drop : 0
Tx_error : 0
Tx_packets : 476
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the high availability state history for the logical router in the VRF context.
Example
nsx-edge-1(tier0_sr)> get high-availability history state
State : Down
Event : Init
Resources :
Time : 2016-02-02 18:41:22.80
State : Active
Event : Node Up
Resources : 0
Time : 2016-02-02 18:41:26.91
Mode
Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Display information about the specified high-availability session.
| Option | Description |
|---|---|
| <service-id> | Service id (0-65535) |
Example
nsx-edge-1> get high-availability session local-service-id 5 peer-service-id 5
High-Availability Session
Cfg_flags : 0x00000000
Last_tx : 0x0
Local_address : 30.0.246.232
Local_service_id : 5
Next_tx : 0x0
Nsxa_req_ha_state : 1
Nsxa_req_msg_type : 0
Peer_ha_state : 255
Peer_service_id : 5
Remote_address : 30.0.29.0
Req_seq : 1
Req_state : active
Service_type : service-router
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display statistics for the specified high-availability session.
| Option | Description |
|---|---|
| <service-id> | Service id (0-65535) |
Example
nsx-edge-1> get high-availability session local-service-id 5 peer-service-id 5
High-Availability Session
Cfg_flags : 0x00000000
Last_tx : 0x0
Local_address : 30.0.246.232
Local_service_id : 5
Next_tx : 0x0
Nsxa_req_ha_state : 1
Nsxa_req_msg_type : 0
Peer_ha_state : 255
Peer_service_id : 5
Remote_address : 30.0.29.0
Req_seq : 1
Req_state : active
Service_type : service-router
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about high-availability sessions.
Example
nsx-edge-1> get high-availability sessions
High-Availability Session
Cfg_flags : 0x00000000
Last_tx : 0x0
Local_address : 30.0.246.232
Local_service_id : 5
Next_tx : 0x0
Nsxa_req_ha_state : 1
Nsxa_req_msg_type : 0
Peer_ha_state : 255
Peer_service_id : 5
Remote_address : 30.0.29.0
Req_seq : 1
Req_state : active
Service_type : service-router
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about high-availability sessions by remote-ip of the channel
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> get high-availability sessions remote-ip 30.0.29.0
High-Availability Session
Cfg_flags : 0x00000000
Last_tx : 0x0
Local_address : 30.0.246.232
Local_service_id : 5
Next_tx : 0x0
Nsxa_req_ha_state : 1
Nsxa_req_msg_type : 0
Peer_ha_state : 255
Peer_service_id : 5
Remote_address : 30.0.29.0
Req_seq : 1
Req_state : active
Service_type : service-router
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about high-availability sessions by service-type.
| Option | Description |
|---|---|
| <service-type> | Service type argument is one of {service-router} Allowed values: service-router, l2-bridge |
Example
nsx-edge-1> get high-availability sessions service-type service-router
High-Availability Session
Cfg_flags : 0x00000000
Last_tx : 0x0
Local_address : 30.0.246.232
Local_service_id : 5
Next_tx : 0x0
Nsxa_req_ha_state : 1
Nsxa_req_msg_type : 0
Peer_ha_state : 255
Peer_service_id : 5
Remote_address : 30.0.29.0
Req_seq : 1
Req_state : active
Service_type : service-router
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about high-availability sessions by service-type and remote-ip of the channel
| Option | Description |
|---|---|
| <service-type> | Service type argument is one of {service-router} Allowed values: service-router, l2-bridge |
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> get high-availability sessions service-type service-router remote-ip 30.0.29.0
High-Availability Session
Cfg_flags : 0x00000000
Last_tx : 0x0
Local_address : 30.0.246.232
Local_service_id : 5
Next_tx : 0x0
Nsxa_req_ha_state : 1
Nsxa_req_msg_type : 0
Peer_ha_state : 255
Peer_service_id : 5
Remote_address : 30.0.29.0
Req_seq : 1
Req_state : active
Service_type : service-router
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display statistics for the high-availability sessions of specified service-type.
| Option | Description |
|---|---|
| <service-type> | Service type argument is one of {service-router} Allowed values: service-router, l2-bridge |
Example
nsx-edge-1> get high-availability session service-type service-router stats
High-Availability Session
Local_service_id : 5
Peer_service_id : 5
Rx_ack_packets : 0
Rx_drop : 0
Rx_drop_bad_version : 0
Rx_drop_inst_unmatch : 0
Rx_drop_intf_unmatch : 0
Rx_drop_ip_unmatch : 0
Rx_drop_pkt_len_unmatch : 0
Rx_drop_pkt_too_short : 0
Rx_drop_seq_unmatch : 0
Rx_packets : 0
Rx_packets_to_conf_thread : 0
Service_type : service-router
Tx_drop : 0
Tx_error : 0
Tx_packets : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Displays any high-availability sessions of a given type who have completed synchronization with peer
| Option | Description |
|---|---|
| <service-type> | Service type argument is one of {service-router} Allowed values: service-router, l2-bridge |
Example
nsx-edge-1> get high-availability sessions service-type service-router sync complete
Total : 2
UUID : e371701a-3e7d-4173-a0fc-7311d70f50e6
Type : TIER1
State : Active
UUID : 4e425c9e-09c6-4021-bbc7-fab2895a2c09
Type : TIER1
State : Standby
Mode
Basic
Availability
Edge, Public Cloud Gateway
Displays any high-availability sessions of a given type who have not yet completed synchronization with peer
| Option | Description |
|---|---|
| <service-type> | Service type argument is one of {service-router} Allowed values: service-router, l2-bridge |
Example
nsx-edge-1> get high-availability sessions service-type service-router sync in-progress
Total : 2
UUID : e371701a-3e7d-4173-a0fc-7311d70f50e6
Type : TIER1
State : Active, waiting for peer to confirm
UUID : 4e425c9e-09c6-4021-bbc7-fab2895a2c09
Type : TIER1
State : Down
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the synchronization status of high-availability sessions of a given type on current node
| Option | Description |
|---|---|
| <service-type> | Service type argument is one of {service-router} Allowed values: service-router, l2-bridge |
Example
nsx-edge-1> get high-availability service-type service-router sync summary
Overview
Sync in progress: 2
Sync done : 100
All sync done : false
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display statistics for the high-availability sessions.
Example
nsx-edge-1> get high-availability sessions stats
High-Availability Global Counters
Ha_sessions : 1
Nsxa_err_msg_receive_count : 0
Nsxa_msg_receive_count : 0
Nsxa_notify_count : 0
Nsxa_notify_drop_count : 0
Rx_drop_bad_csum : 0
Rx_drop_bad_version : 0
Rx_drop_count : 0
Rx_drop_intf_type : 0
Rx_drop_non_app : 0
Rx_drop_non_udp : 0
Rx_drop_null_app_peer_session : 0
Rx_drop_null_app_session : 0
Rx_drop_null_intf : 0
Rx_drop_runt_pkt : 0
Rx_drop_udp_len : 0
Tx_drop_count : 0
Tx_drop_no_route : 0
High-Availability Session
Local_service_id : 5
Peer_service_id : 5
Rx_ack_packets : 0
Rx_drop : 0
Rx_drop_bad_version : 0
Rx_drop_inst_unmatch : 0
Rx_drop_intf_unmatch : 0
Rx_drop_ip_unmatch : 0
Rx_drop_pkt_len_unmatch : 0
Rx_drop_pkt_too_short : 0
Rx_drop_seq_unmatch : 0
Rx_packets : 0
Rx_packets_to_conf_thread : 0
Service_type : service-router
Tx_drop : 0
Tx_error : 0
Tx_packets : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the high availability status for the logical router in the VRF context.
Example
nsx-edge-1(tier1_sr)> get high-availability status
Service Router
UUID : 4e425c9e-09c6-4021-bbc7-fab2895a2c09
state : Active
type : TIER1
mode : A/S
failover mode : Non-preemptive
rank : 0
service count : 1
service score : 0
HA ports state
UUID : 733d7ed3-1daa-4c28-bc0a-77e3736fea14
op_state : Up
addresses : 169.0.0.2/28
Mode
Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Display IPFIX setting on the specified DVPort of the specified host switch
| Option | Description |
|---|---|
| <host-switch-name> | Host switch name Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
| <dvport-id> | DVPort identifier Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
Example
esx-1> get host-switch nsxvswitch dvport cdb36fdd-a3ec-494e-9b7b-60a8c6af5b70 ipfix setting
Host IPFIX setting
--------------------------------------------------------------------------
activeTimeout : 8
idleTimeout : 15
sampleRate : 1000
obsDomainID : 0
sourceIP : 0.0.0.0
internalFlowsOnly : 0
virtualObsID :
collectors : 192.168.7.3 5003
Mode
Basic
Availability
ESXi
Display IPFIX stats on the specified DVPort of the specified host switch
| Option | Description |
|---|---|
| <host-switch-name> | Host switch name Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
| <dvport-id> | DVPort identifier Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
Example
esx-1> get host-switch nsxvswitch dvport cdb36fdd-a3ec-494e-9b7b-60a8c6af5b70 ipfix stats
Host IPFIX stats
--------------------------------------------------------------------------
flows : 0
currentFlows : 0
pktsSent : 10
pktsSenterrors : 0
sampleok : 0
ipv4ok : 0
ipv6ok : 0
sampleerrors : 0
unsupportedproto : 0
ipv4errors : 0
ipv6errors : 0
etherrors : 0
inputiferrors : 0
outputiferrors : 0
allocerrors : 0
ipv4headererrors : 0
ipv6headererrors : 0
ipv4unsupportedproto: 0
ipv6unsupportedproto: 0
ipv4missingfrags : 0
ipv6missingfrags : 0
pktattrerrors : 0
Mode
Basic
Availability
ESXi
Display the mcast filter mode for the specified host switch and dvPort
| Option | Description |
|---|---|
| <host-switch-name> | Host switch name Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
| <dvport-id> | DVPort identifier Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
Example
esx-1> get host-switch nsxvswitch dvport 73c6d671-32e0-4e74-95a0-bf604c0e0669 mcast-filter
Host Switch DVPort Mcast Filter Entry
---------------------------------------------------------------------------
Legacy Filter Entry
===========================================================================
33:33:ff:69:ae:cd
33:33:00:00:00:01
01:00:5e:00:00:01
IGMP Filter Entry
===========================================================================
224.1.1.2
MLD Filter Entry
===========================================================================
Mode
Basic
Availability
ESXi
Display the mcast filter stata of the specified entry
| Option | Description |
|---|---|
| <host-switch-name> | Host switch name Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
| <dvport-id> | DVPort identifier Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
| <entry-mode> | Mode of a mcast filter entry Allowed values: igmp, mld |
| <entry-group> | Group address of a mcast filter entry Allowed pattern: ^([A-Fa-f0-9.:]+)$ |
Example
esx-1> get host-switch nsxvswitch dvport 73c6d671-32e0-4e74-95a0-bf604c0e0669 mcast-filter igmp 224.1.1.2
Host Switch DVPort Mcast Filter Entry Status
---------------------------------------------------------------------------
VNI : 41864
version : 3
srcIPFilterMode : INCLUDE
updateTime : 35
srcIPs :
192.168.1.4
192.168.1.5
Mode
Basic
Availability
ESXi
Display IPFIX stats on the specified host switch
| Option | Description |
|---|---|
| <host-switch-name> | Host switch name Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
Example
esx-1> get host-switch nsxvswitch ipfix stats
Host IPFIX stats
--------------------------------------------------------------------------
flows : 0
currentFlows : 0
pktsSent : 10
pktsSenterrors : 0
sampleok : 0
ipv4ok : 0
ipv6ok : 0
sampleerrors : 0
unsupportedproto : 4
ipv4errors : 0
ipv6errors : 0
etherrors : 0
inputiferrors : 0
outputiferrors : 0
allocerrors : 0
ipv4headererrors : 0
ipv6headererrors : 0
ipv4unsupportedproto: 0
ipv6unsupportedproto: 0
ipv4missingfrags : 0
ipv6missingfrags : 0
pktattrerrors : 0
Mode
Basic
Availability
ESXi
Display the mcast filter mode for the specified host switch.
| Option | Description |
|---|---|
| <host-switch-name> | Host switch name Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
Example
esx-1> get Host-switch nsxvswitch mcast-filter
Host Switch Mcast Filter
---------------------------------------------------------------------------
Mode : Snooping
Mode
Basic
Availability
ESXi
Display the stats of mirror on the specified host switch.
| Option | Description |
|---|---|
| <host-switch-name> | Host switch name Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
| <mirror-session-id> | Mirror session identifier UUID Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
Example
esx-1> get host-switch nsxvswitch mirror-session a779b62e-7711-47ad-8d54-
5cb166d061af
Mirror Session
=======================================================
UUID :a779b62e-7711-47ad-8d54-5cb166d061af
Direction :Both
Snap Length :0
Source :9484c882-76e6-4f9e-85c4-087968963769;34b19ace-8396-4dd2-
9b92-5867b1bf30ef;vmnic1(Encap)
Destination :79b8f233-4c22-49ce-b270-3802796de856
EncapVlan :
OrigialVlan :
EncapType :
GreKey :
ERspanID :
Mode
Basic
Availability
ESXi
Display the mirror settings on the specified host switch.
| Option | Description |
|---|---|
| <host-switch-name> | Host switch name Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
Example
esx-1> get host-switch nsxvswitch mirror-sessions
Mirror Session Summary
============================================================
Mirror UUID Direction Snap Length
a779b62e-7711-47ad-8d54-5cb166d061af Both 0
Mode
Basic
Availability
ESXi
Display Tunnel Detail info on the specified DVPort of the specified host switch.
| Option | Description |
|---|---|
| <host-switch-name> | Host switch name Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
| <local_ip> | Local IP |
| <remote_ip> | Remote IP |
Example
esx-1> get host-switch tunnel 10.0.0.1 20.0.0.1
Local State :up
Remote State :up
Local Diag :None
Remote Diag :None
min_rx :100
min_tx :1000
local_disc :0xabcdef
remote_disc :0x123456
Tx Interval :1000
Rx Interval :100
mult :3
Mode
Basic
Availability
ESXi
Display Tunnels info on the specified host switch.
| Option | Description |
|---|---|
| <host-switch-name> | Host switch name Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
Example
esx-1> get host-switch tunnels
Local IP Remote IP Local State Remote State
10.0.0.1 20.0.0.1 Up Init
10.0.0.1 30.0.0.1 Up Up
10.0.0.1 40.0.0.1 Down Down
Mode
Basic
Availability
ESXi
Display IPFIX setting on the specified uplink of the specified host switch
| Option | Description |
|---|---|
| <host-switch-name> | Host switch name Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
| <uplink> | Uplink identifier Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
Example
esx-1> get host-switch nsxvswitch uplink vmnic1 ipfix setting
Host IPFIX setting
--------------------------------------------------------------------------
activeTimeout : 8
idleTimeout : 15
sampleRate : 1000
obsDomainID : 0
sourceIP : 0.0.0.0
internalFlowsOnly : 0
virtualObsID : Uplink-0x03000002
collectors : 192.168.7.3 5003
Mode
Basic
Availability
ESXi
Display IPFIX stats on the specified uplink of the specified host switch
| Option | Description |
|---|---|
| <host-switch-name> | Host switch name Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
| <uplink> | Uplink identifier Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
Example
esx-1> get host-switch nsxvswitch uplink vmnic1 ipfix stats
Host IPFIX stats
--------------------------------------------------------------------------
flows : 0
currentFlows : 0
pktsSent : 0
pktsSenterrors : 0
sampleok : 0
ipv4ok : 0
ipv6ok : 0
sampleerrors : 0
unsupportedproto : 4
ipv4errors : 0
ipv6errors : 0
etherrors : 0
inputiferrors : 0
outputiferrors : 0
allocerrors : 0
ipv4headererrors : 0
ipv6headererrors : 0
ipv4unsupportedproto: 0
ipv6unsupportedproto: 0
ipv4missingfrags : 0
ipv6missingfrags : 0
pktattrerrors : 0
Mode
Basic
Availability
ESXi
Display VLAN table for the host switch.
Example
nsx-edge-1> get host-switch vlan-table
VLAN : 100
MAC : 02:50:56:00:00:03
Ingress Port
name : fp-eth0
ID : 0
Egress Port
port : 783a05cd-033d-4891-ad11-7c082641e069
ifuid : 274
VLAN : 250
MAC : 04:00:c0:a8:fa:a2
Ingress Port
name : fp-eth1
ID : 1
Egress Port
port : 7bd1dd3d-97eb-5312-9d0d-b26c148a4fac
ifuid : 296
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about all host switches.
Example
nsx-edge-1> get host-switches
Host Switch : 8d4c2128-e748-4878-8314-ad8414f7f943
Switch Name : vlanswitch
Transport Zone : 4e9a90b7-96de-4102-a9bf-1f3733eb3375
Physical Port : fp-eth0
Uplink Name : uplink1
Host Switch : d7ea327f-2569-4b1c-b7cf-8cd4c85ebb18
Switch Name : hostswitch
Transport Zone : 9bc2392d-b7ee-4cf9-9200-7d082f199aef
Physical Port : fp-eth1
Uplink Name : uplink1
Transport VLAN : 250
Default Gateway : 192.168.250.1
Subnet Mask : 255.255.255.0
Local VTEP Device : fp-eth1
Local VTEP IP : 192.168.250.162
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the system hostname.
Example
nsx> get hostname
nsx
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display hugepage information, including total system memory, hugepage sizes supported and hugepage pools.
Example
nsx-edge-1> get hugepage
Total system memory
3949 MB
Hugepage sizes supported
2097152
Hugepage pools
Size Minimum Current Maximum Default
2097152 987 987 987 *
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the container interface (CIF) configuration for the specified app.
| Option | Description |
|---|---|
| <string> | Application ID Allowed pattern: ^.*$ |
Example
kvm-1> get hyperbus app-id c1-vm2ebc cif-config
AppID LSPID LRPID VIFID LSID MAC IP GatewayIP Vlan Version
c1-vm2ebc 939e3ef4-3f42-4a12-a125-24a9ef5035a9 00000000-0000-0000-0000-000000000000 b819f915-6f8f-4b9d-a816-9c7c3f44f830 db3d238f-4528-4fb3-9f94-bb2f61cc49b5 aa:bb:cc:dd:ee:11 192.168.102.11 0.0.0.0 11 1
Mode
Basic
Availability
ESXi, KVM
Display the container interface (CIF) configuration table.
Example
kvm-1> get hyperbus cif-table
Type AppID LSPID LRPID VIFID LSID MAC IP GatewayIP Vlan Version
Parent VIF 93d80cc9-9654-4300-93d2-8a27925feebd 00000000-0000-0000-0000-000000000000 b819f915-6f8f-4b9d-a816-9c7c3f44f830 775a3d45-063d-40b2-8a89-8e102fc7bbb9 00:00:00:00:00:00 0.0.0.0 0.0.0.0 0 1
Link LSP 0dd90579-e3cc-4f9c-b5f3-cfbe16d82d0d be3d0a5a-f80d-456f-89c7-33219090fdcb db3d238f-4528-4fb3-9f94-bb2f61cc49b5 00:00:00:00:00:00 0.0.0.0 192.168.102.1 0 1
Link LSP 22e38f1c-453a-4821-a0f1-de77af397000 3ad6ec1f-72f3-45ad-8201-eb8b67d25682 18f9821a-9844-4ba1-bb0e-b975eacbdabf 00:00:00:00:00:00 0.0.0.0 192.168.101.1 0 1
Child CIF c1-vm2ebc 939e3ef4-3f42-4a12-a125-24a9ef5035a9 00000000-0000-0000-0000-000000000000 b819f915-6f8f-4b9d-a816-9c7c3f44f830 db3d238f-4528-4fb3-9f94-bb2f61cc49b5 aa:bb:cc:dd:ee:11 192.168.102.11 0.0.0.0 11 1
Mode
Basic
Availability
ESXi, KVM
Display the virtual interface (VIF) connection information.
Example
kvm-1> get hyperbus connection info
VIFID Connection Status
db4f717e-d0dd-4552-a99b-5a5839f3e06d 169.254.1.10:2345 HEALTHY
Mode
Basic
Availability
ESXi, KVM
Display the container interface (CIF) configuration for the specified logical switch port.
| Option | Description |
|---|---|
| <logical-switch-port-ID> | Logical switch port ID Allowed pattern: ^[0-9]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
kvm-1> get hyperbus logical-switch-port 939e3ef4-3f42-4a12-a125-24a9ef5035a9 cif-config
Type AppID LSPID LRPID VIFID LSID MAC IP GatewayIP Vlan Version
Child CIF c1-vm2ebc 939e3ef4-3f42-4a12-a125-24a9ef5035a9 00000000-0000-0000-0000-000000000000 b819f915-6f8f-4b9d-a816-9c7c3f44f830 db3d238f-4528-4fb3-9f94-bb2f61cc49b5 aa:bb:cc:dd:ee:11 192.168.102.11 0.0.0.0 11 1
Mode
Basic
Availability
ESXi, KVM
Display the connection information for the specified virtual interface (VIF).
| Option | Description |
|---|---|
| <vif-ID> | VIF ID Allowed pattern: ^[0-9]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
kvm-1> get hyperbus vif-id db4f717e-d0dd-4552-a99b-5a5839f3e06d connection info
VIFID Connection Status
db4f717e-d0dd-4552-a99b-5a5839f3e06d 169.254.1.10:2345 HEALTHY
Mode
Basic
Availability
ESXi, KVM
Display the logical IP (LIP) for the specified virtual interface (VIF).
| Option | Description |
|---|---|
| <vif-ID> | VIF ID Allowed pattern: ^[0-9]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
kvm-1> get hyperbus vif-id db4f717e-d0dd-4552-a99b-5a5839f3e06d lip
VIFID LIP
db4f717e-d0dd-4552-a99b-5a5839f3e06d 169.254.1.10
Mode
Basic
Availability
ESXi, KVM
Display the VIF (virtual interface) LIP (logical IP) table.
Example
kvm-1> get hyperbus vif-lip-table
VIFID LIP State
db4f717e-d0dd-4552-a99b-5a5839f3e06d 169.254.1.10 LSP_ATTACHMENT/VIF_CONNECT
Mode
Basic
Availability
ESXi, KVM
Display the connected virtual interfaces (VIFs). For ESXi, all connected container host VIFs are displayed. For KVM, all connected container host VIFs and CIFs are displayed.
Example
kvm-1> get hyperbus vif-table
VIFID Version
b819f915-6f8f-4b9d-a816-9c7c3f44f830 1
c1-vm2ebc 1
Mode
Basic
Availability
ESXi, KVM
Display information about the specified network interface.
| Option | Description |
|---|---|
| <interface-name> | Network interface argument |
Example
nsx> get interface eth0
Interface: eth0
Address: 192.168.110.108/24
MAC address: 00:50:56:8e:13:51
MTU: 1500
Default gateway: 192.168.110.1
Broadcast address: 192.168.110.255
Link status: up
Admin status: up
RX packets: 1634378
RX bytes: 333335650
RX errors: 0
RX dropped: 276
TX packets: 1441590
TX bytes: 286624283
TX errors: 0
TX dropped: 0
TX collisions: 0
Mode
Basic
Availability
Controller, Manager, Policy Manager
Display information about the specified network interface.
| Option | Description |
|---|---|
| <interface-name> | Network interface argument |
Example
nsx-edge> get interface eth0
Interface: eth0
Address: 192.168.110.111/24
MAC address: 00:50:56:8e:e8:2e
MTU: 1500
Default gateway: 192.168.110.1
Broadcast address: 0.0.0.0
Link status: up
Admin status: up
RX packets: 66493
RX bytes: 12712191
RX errors: 0
RX dropped: 0
TX packets: 58436
TX bytes: 15051574
TX errors: 0
TX dropped: 0
TX collisions: 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display interface information for the logical router in the VRF context.
Example
nsx-edge-1(vrf)> get interfaces
UUID VRF LR-ID Name Type
736a80e3-23f6-5a2d-81d6-bbefb2786666 0 0 R1 TUNNEL
interfaces
interface : 9fd3c667-32db-5921-aaad-7a88c80b5e9f
ifuid : 258
mode : blackhole
interface : 34ca595f-fa62-5ed4-afcc-a6ef0195d4ed
ifuid : 261
mode : lif
IP/Mask : 142.134.61.36/24
MAC : 00:0c:29:5a:96:2b
VLAN id : untagged
LS port : 238d7422-e488-5cee-9639-1894b8ab56e2
urpf-mode : NONE
admin : up
op_state : up
MTU : 1600
interface : f322c6ca-4298-568b-81c7-a006ba6e6c88
ifuid : 257
mode : cpu
Mode
VRF, Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Display information about all network interfaces.
Example
nsx-edge> get interfaces
Interface: eth0
Address: 192.168.110.111/24
MAC address: 00:50:56:8e:e8:2e
MTU: 1500
Default gateway: 192.168.110.1
Broadcast address: 0.0.0.0
Link status: up
Admin status: up
RX packets: 66307
RX bytes: 12698263
RX errors: 0
RX dropped: 0
TX packets: 58340
TX bytes: 15041724
TX errors: 0
TX dropped: 0
TX collisions: 0
Interface: lo
Address: 127.0.0.1/8
MTU: 65536
Link status: up
Admin status: up
RX packets: 221628
RX bytes: 54868485
RX errors: 0
RX dropped: 0
TX packets: 221628
TX bytes: 54868485
TX errors: 0
TX dropped: 0
TX collisions: 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about all network interfaces.
Example
nsx> get interfaces
Interface: eth0
Address: 192.168.110.108/24
MAC address: 00:50:56:8e:13:51
MTU: 1500
Default gateway: 192.168.110.1
Broadcast address: 192.168.110.255
Link status: up
Admin status: up
RX packets: 1636181
RX bytes: 333661267
RX errors: 0
RX dropped: 276
TX packets: 1443225
TX bytes: 286925131
TX errors: 0
TX dropped: 0
TX collisions: 0
Interface: lo
Address: 127.0.0.1/8
MTU: 65536
Link status: up
Admin status: up
RX packets: 10410417
RX bytes: 2281216307
RX errors: 0
RX dropped: 0
TX packets: 10410417
TX bytes: 2281216307
TX errors: 0
TX dropped: 0
TX collisions: 0
Mode
Basic
Availability
Controller, Manager, Policy Manager
Display the interface statistics for the logical router in the VRF context.
Example
nsx-edge-1(tier0_sr)> get interfaces stats
Logical Router
UUID : e9d3379d-aba7-4459-9262-18bc95eaeec1
VRF : 1
LR-ID : 1
name : R2
type : SERVICE_ROUTER_TIER0
Statistics
Interface Type RX PKTS TX PKTS RX BYTES TX BYTES RX Drops TX Drops
b83cb77f-ca34-595c-a3e1-76278f0dcb00 blackhole 0 0 0 0 0 0
4b115e5f-1395-54c3-aaf0-0de5736f99df cpu 8 0 648 0 8 0
6c427841-e151-4479-9184-4196cfcef3b6 lif 5601 11 1915542 462 5601 0
081e2e50-2f0e-42e1-8764-80a127dd3918 lif 0 0 0 0 0 0
00003300-0000-0000-0000-000000000002 loopback 8 0 648 0 8 0
Total 5617 11 1916838 462 5617 0
Mode
VRF, Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Display all configured Dead Peer Detection profiles.
Example
nsx-edge-1> get ipsecvpn config dpd-profile
UUID : 00000000-0000-0001-0000-000000000001
Enabled : True
DPD Probe Interval : 200 sec
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display configured Dead Peer Detection profile.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get ipsecvpn config dpd-profile 78b17d39-22ad-47bb-a23d-bea7dc13bc44
Enabled : True
DPD Probe Interval : 200 sec
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all configured IKE profiles.
Example
nsx-edge-1> get ipsecvpn config ike-profile
UUID : 00000000-0000-0001-0000-000000000002
Authentication Algorithm : AUTH_HMAC_SHA1
Encryption Algorithm : ENCR_AES_128_CBC
SA Expiry Time : 200 sec
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display configured IKE profile.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get ipsecvpn config ike-profile 00000000-0000-0001-0000-000000000002
UUID : 00000000-0000-0001-0000-000000000002
Authentication Algorithm : AUTH_HMAC_SHA1
Encryption Algorithm : ENCR_AES_128_CBC
SA Expiry Time : 200 sec
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all configured IPSec local endpoint profiles.
Example
nsx-edge-1> get ipsecvpn config local-endpoint
UUID : 00000000-0000-0001-0000-000000000004
Local Address :
Ipv4 : 10.112.202.147
Local ID : local_edp_1
Local ID Type : IPSEC_IP_ADDR_TYPE
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display configured IPSec local endpoint profile.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get ipsecvpn config local endpoint 78b17d39-22ad-47bb-a0da-792f7e89bc47
Local Address :
Ipv4 : 10.112.202.147
Local ID : local_edp_1
Local ID Type : IPSEC_IP_ADDR_TYPE
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all configured IPSec peer endpoint profiles.
Example
nsx-edge-1> get ipsecvpn config peer-endpoint
UUID : 00000000-0000-0001-0000-000000000005
Auth Mode : AUTH_MODE_PSK
DPD Profile :
UUID : 00000000-0000-0001-0000-000000000001
Enabled : True
DPD Probe Interval : 200 sec
IKE Profile :
UUID : 00000000-0000-0001-0000-000000000002
Authentication Algorithm : AUTH_HMAC_SHA1
Encryption Algorithm : ENCR_AES_128_CBC
SA Expiry Time : 200 sec
IKE Role : INITIATOR
Ipsec Tunnel Profile :
UUID : 00000000-0000-0001-0000-000000000003
AH Transport Protocol Enabled : False
Authentication Algorithm : AUTH_HMAC_SHA1
DF Policy : DF_COPY
Disable Anti Replay : True
Enable ESN : True
Encryption Algorithm : ENCR_AES_128_CBC
SA Expiry Time : 1200 sec
Transport Mode : False
Peer Address : 10.112.202.167
Peer ID : peer_edp_1
Peer ID Type : IPSEC_IP_ADDR_TYPE
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display configured IPSec peer endpoint profile.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get ipsecvpn config peer-endpoint 78b17d39-22ad-47bc-a0da-792f7e89bc46
Auth Mode : AUTH_MODE_PSK
DPD Profile :
UUID : 00000000-0000-0001-0000-000000000001
Enabled : True
DPD Probe Interval : 200 sec
IKE Profile :
UUID : 00000000-0000-0001-0000-000000000002
Authentication Algorithm : AUTH_HMAC_SHA1
Encryption Algorithm : ENCR_AES_128_CBC
SA Expiry Time : 200 sec
IKE Role : INITIATOR
Ipsec Tunnel Profile :
UUID : 00000000-0000-0001-0000-000000000003
AH Transport Protocol Enabled : False
Authentication Algorithm : AUTH_HMAC_SHA1
DF Policy : DF_COPY
Disable Anti Replay : True
Enable ESN : True
Encryption Algorithm : ENCR_AES_128_CBC
SA Expiry Time : 1200 sec
Transport Mode : False
Peer Address : 10.112.202.167
Peer ID : peer_edp_1
Peer ID Type : IPSEC_IP_ADDR_TYPE
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all configured IPSec VPN sessions.
Example
nsx-edge-1> get ipsecvpn config session
UUID : 00000000-0000-0000-0000-00000000000a
Enabled : True
IKE Session ID : 2
Local Endpoint Profile :
UUID : 00000000-0000-0000-0000-000000000004
Local Address :
Ipv4 : 10.109.24.20
Local ID : 174921748
Local ID Type : IPSEC_IP_ADDR_TYPE
Peer Endpoint Profile :
UUID : 00000000-0000-0000-0000-000000000005
Auth Mode : AUTH_MODE_PSK
DPD Profile :
UUID : 00000000-0000-0001-0000-000000000001
Enabled : True
DPD Probe Interval : 600 sec
IKE Profile :
UUID : 00000000-0000-0001-0000-000000000002
Authentication Algorithm : AUTH_HMAC_SHA1
Encryption Algorithm : ENCR_AES_128_CBC
IKE Version : 3
DH Group : DH_GROUP_5
SA Expiry Time : 1000 sec
IKE Role : INITIATOR
Ipsec Tunnel Profile :
UUID : 00000000-0000-0001-0000-000000000003
AH Transport Protocol Enabled : False
Authentication Algorithm : AUTH_HMAC_SHA1
DF Policy : DF_COPY
Disable Anti Replay : True
Enable ESN : False
Encryption Algorithm : ENCR_AES_128_CBC
SA Expiry Time : 1200 sec
Transport Mode : False
Peer Address : 10.109.24.22
Peer ID : 10.109.24.22
Peer ID Type : IPSEC_IP_ADDR_TYPE
Policy :
UUID : 00000000-0000-0000-0000-00000000000b
Action : VPN_ACTION_PROTECT
Applied TO :
Logical Router Port : 00000000-0000-0000-0000-00000000000c
IKE Rulefrom ID : 2
IKE Ruleto ID : 1
Local IP Address : 192.168.2.0/24
Peer IP Address : 172.16.2.0/24
Priority : 10
Type : POLICY_BASED_SESSION
VPN Service Profile :
UUID : 00000000-0000-0001-0000-000000000007
Enable : True
IKE State File Encryption PWD : XXXX
SR Clustur ID : 00000000-0000-0001-0000-000000000006
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a configured IPSec VPN session.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get ipsecvpn config session 00000000-0000-0000-0000-00000000000a
Enabled : True
IKE Session ID : 2
Local Endpoint Profile :
UUID : 00000000-0000-0000-0000-000000000004
Local Address :
Ipv4 : 10.109.24.20
Local ID : 174921748
Local ID Type : IPSEC_IP_ADDR_TYPE
Peer Endpoint Profile :
UUID : 00000000-0000-0000-0000-000000000005
Auth Mode : AUTH_MODE_PSK
DPD Profile :
UUID : 00000000-0000-0001-0000-000000000001
Enabled : True
DPD Probe Interval : 600 sec
IKE Profile :
UUID : 00000000-0000-0001-0000-000000000002
Authentication Algorithm : AUTH_HMAC_SHA1
Encryption Algorithm : ENCR_AES_128_CBC
IKE Version : 3
DH Group : DH_GROUP_5
SA Expiry Time : 1000 sec
IKE Role : INITIATOR
Ipsec Tunnel Profile :
UUID : 00000000-0000-0001-0000-000000000003
AH Transport Protocol Enabled : False
Authentication Algorithm : AUTH_HMAC_SHA1
DF Policy : DF_COPY
Disable Anti Replay : True
Enable ESN : False
Encryption Algorithm : ENCR_AES_128_CBC
SA Expiry Time : 1200 sec
Transport Mode : False
Peer Address : 10.109.24.22
Peer ID : 10.109.24.22
Peer ID Type : IPSEC_IP_ADDR_TYPE
Policy :
UUID : 00000000-0000-0000-0000-00000000000b
Action : VPN_ACTION_PROTECT
Applied TO :
Logical Router Port : 00000000-0000-0000-0000-00000000000c
IKE Rulefrom ID : 2
IKE Ruleto ID : 1
Local IP Address : 192.168.2.0/24
Peer IP Address : 172.16.2.0/24
Priority : 10
Type : POLICY_BASED_SESSION
VPN Service Profile :
UUID : 00000000-0000-0001-0000-000000000007
Enable : True
IKE State File Encryption PWD : XXXX
SR Clustur ID : 00000000-0000-0001-0000-000000000006
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a configured IPSec VPN session with specific endpoints.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> get ipsecvpn config session local-ip 10.109.24.20 remote-ip 10.109.24.20
UUID : 00000000-0000-0000-0000-00000000000a
Enabled : True
IKE Session ID : 2
Local Endpoint Profile :
UUID : 00000000-0000-0000-0000-000000000004
Local Address :
Ipv4 : 10.109.24.20
Local ID : 174921748
Local ID Type : IPSEC_IP_ADDR_TYPE
Peer Endpoint Profile :
UUID : 00000000-0000-0000-0000-000000000005
Auth Mode : AUTH_MODE_PSK
DPD Profile :
UUID : 00000000-0000-0001-0000-000000000001
Enabled : True
DPD Probe Interval : 600 sec
IKE Profile :
UUID : 00000000-0000-0001-0000-000000000002
Authentication Algorithm : AUTH_HMAC_SHA1
Encryption Algorithm : ENCR_AES_128_CBC
IKE Version : 3
DH Group : DH_GROUP_5
SA Expiry Time : 1000 sec
IKE Role : INITIATOR
Ipsec Tunnel Profile :
UUID : 00000000-0000-0001-0000-000000000003
AH Transport Protocol Enabled : False
Authentication Algorithm : AUTH_HMAC_SHA1
DF Policy : DF_COPY
Disable Anti Replay : True
Enable ESN : False
Encryption Algorithm : ENCR_AES_128_CBC
SA Expiry Time : 1200 sec
Transport Mode : False
Peer Address : 10.109.24.22
Peer ID : 10.109.24.22
Peer ID Type : IPSEC_IP_ADDR_TYPE
Policy :
UUID : 00000000-0000-0000-0000-00000000000b
Action : VPN_ACTION_PROTECT
Applied TO :
Logical Router Port : 00000000-0000-0000-0000-00000000000c
IKE Rulefrom ID : 2
IKE Ruleto ID : 1
Local IP Address : 192.168.2.0/24
Peer IP Address : 172.16.2.0/24
Priority : 10
Type : POLICY_BASED_SESSION
VPN Service Profile :
UUID : 00000000-0000-0001-0000-000000000007
Enable : True
IKE State File Encryption PWD : XXXX
SR Clustur ID : 00000000-0000-0001-0000-000000000006
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all configured IPsec tunnel profiles.
Example
nsx-edge-1> get ipsecvpn config tunnel-profile
UUID : 00000000-0000-0001-0000-000000000003
AH Transport Protocol Enabled : False
Authentication Algorithm : AUTH_HMAC_SHA1
DF Policy : DF_COPY
Disable Anti Replay : True
Enable ESN : True
Encryption Algorithm : ENCR_AES_128_CBC
SA Expiry Time : 1200 sec
Transport Mode : False
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display configured IPSec tunnel profile.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get ipsecvpn config tunnel-profile 78b17d39-22ad-47bb-a0da-792f7e89bc58
AH Transport Protocol Enabled : False
Authentication Algorithm : AUTH_HMAC_SHA1
DF Policy : DF_COPY
Disable Anti Replay : True
Enable ESN : True
Encryption Algorithm : ENCR_AES_128_CBC
SA Expiry Time : 1200 sec
Transport Mode : False
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all IKE SAs.
Example
nsx-edge-1> get ipsecvpn ikesa
Total Number of IKE SAs: 1
IKE Version : IKEv2
IKE Status : Up
IKE Session ID : 8
Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6
Session Type : Policy Based
IKE SPI Initiator : 0x0c6a7a809f4a6e2f
IKE SPI Responder : 0x33bbea1267703b12
Role : Initiator
Number of Child SA Pairs : 1
Created Timestamp : 2017-12-21 07:34:58
IKE SA Uptime : 163 sec
IKE SA Lifetime : 1000 sec
DPD Probe Interval : 600 sec
IP Address:
Local : 10.109.24.20
Remote : 10.109.24.22
Identity:
Local : 10.109.24.20 (ipv4)
Remote : 10.109.24.22 (ipv4)
Algorithm:
Encryption : aes128-cbc
Authentication : hmac-sha1-96
PRF : hmac-sha1
DH Group : 14
Authentication Method : Pre-shared key
--------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display an IKE SA.
| Option | Description |
|---|---|
| <session-id> | IKE Session ID |
Example
nsx-edge-1> get ipsecvpn ikesa 2
Total Number of IKE SAs: 1
IKE Version : IKEv2
IKE Status : Up
IKE Session ID : 2
Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6
Session Type : Policy Based
IKE SPI Initiator : 0x0c6a7a809f4a6e2f
IKE SPI Responder : 0x33bbea1267703b12
Role : Responder
Number of Child SA Pairs : 1
Created Timestamp : 2017-12-27 20:49:52
IKE SA Uptime : 163 sec
IKE SA Lifetime : 1000 sec
DPD Probe Interval : 600 sec
IP Address:
Local : 10.109.24.20
Remote : 10.109.24.22
Identity:
Local : 10.109.24.20 (ipv4)
Remote : 10.109.24.22 (ipv4)
Algorithm:
Encryption : aes128-cbc
Authentication : hmac-sha1-96
PRF : hmac-sha1
DH Group : 14
Authentication Method : Pre-shared key
----------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all IKE security associations in active state.
Example
nsx-edge-1> get ipsecvpn ikesa active
Total Number of Active IKE SAs: 1
IKE Version : IKEv2
IKE Status : Up
IKE Session ID : 2
Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6
Session Type : Policy Based
IKE SPI Initiator : 0x0c6a7a809f4a6e2f
IKE SPI Responder : 0x33bbea1267703b12
Role : Initiator
Number of Child SA Pairs : 2
Created Timestamp : 2017-09-25 03:02:45
IKE SA Uptime : 163 sec
IKE SA Lifetime : 1000 sec
DPD Probe Interval : 600 sec
IP Address:
Local : 10.112.202.147
Remote : 10.112.200.243
Identity:
Local : [email protected] (email)
Remote : [email protected] (email)
Algorithm:
Encryption : aes128-cbc
Authentication : hmac-sha1-96
PRF : hmac-sha1
DH Group : 14
Authentication Method : Pre-shared key
----------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display IKE security association in active state.
| Option | Description |
|---|---|
| <session-id> | IKE Session ID |
Example
nsx-edge-1> get ipsecvpn ikesa active 3
Total Number of Active IKE SAs: 1
IKE Version : IKEv2
IKE Status : Up
IKE Session ID : 3
Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6
Session Type : Policy Based
IKE SPI Initiator : 0x0c6a7a809f4a6e2f
IKE SPI Responder : 0x33bbea1267703b12
Role : Initiator
Number of Child SA Pairs : 2
Created Timestamp : 2017-09-25 03:02:45
IKE SA Uptime : 163 sec
IKE SA Lifetime : 1000 sec
DPD Probe Interval : 600 sec
IP Address:
Local : 10.112.202.147
Remote : 10.112.200.243
Identity:
Local : [email protected] (email)
Remote : [email protected] (email)
Algorithm:
Encryption : aes128-cbc
Authentication : hmac-sha1-96
PRF : hmac-sha1
DH Group : 14
Authentication Method : Pre-shared key
----------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all IKE security associations in negotiating state.
Example
nsx-edge-1> get ipsecvpn ikesa negotiating
Total Number of Negotiating IKE SAs: 1
IKE Version : IKEv2
IKE Status : Negotiating (SSH_IKEV2_STATE_IKE_INIT_SA)
IKE Session ID : 2
Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6
Session Type : Policy Based
IKE SPI Initiator : 0x0c6a7a809f4a6e2f
IKE SPI Responder : 0x0
Role : Initiator
Number of Child SA Pairs : 2
IKE SA Lifetime : 1000 sec
DPD Probe Interval : 600 sec
IP Address:
Local : 10.112.202.147
Remote : 10.112.200.243
Identity:
Local : Negotiating
Remote : Negotiating
Algorithm:
Encryption : Negotiating
Authentication : Negotiating
PRF : Negotiating
DH Group : Negotiating
Authentication Method : Negotiating
----------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display IKE security association in negotiating state.
| Option | Description |
|---|---|
| <session-id> | IKE Session ID |
Example
nsx-edge-1> get ipsecvpn ikesa negotiating 2
Total Number of Negotiating IKE SAs: 1
IKE Version : IKEv2
IKE Status : Negotiating (SSH_IKEV2_STATE_IKE_INIT_SA)
IKE Session ID : 2
Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6
Session Type : Policy Based
IKE SPI Initiator : 0x0c6a7a809f4a6e2f
IKE SPI Responder : 0x0
Role : Initiator
Number of Child SA Pairs : 2
IKE SA Lifetime : 1000 sec
DPD Probe Interval : 600 sec
IP Address:
Local : 10.112.202.147
Remote : 10.112.200.243
Identity:
Local : Negotiating
Remote : Negotiating
Algorithm:
Encryption : Negotiating
Authentication : Negotiating
PRF : Negotiating
DH Group : Negotiating
Authentication Method : Negotiating
----------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all IPSec SAs from control plane.
Example
nsx-edge-1> get ipsecvpn ipsecsa
Total Number of IPSec SA Pairs: 1
Session ID : 2
Created Timestamp : 2018-04-10 03:58:33
Local TS : ipv4(192.168.2.0-192.168.2.255)
Remote TS : ipv4(172.16.2.0-172.16.2.255)
SPI In : 0xd03e65b0 SPI Out : 0xcbebe1e9
Rule ID In : 22 Rule ID Out : 2147483670
SA Uptime : 184 sec SA Lifetime : 1200 sec
Local Endpoint : 10.0.0.1 Remote Endpoint: 10.1.0.1
Algorithm: aes128-cbc/hmac-sha1-96/14
NAT-T: False, ESN: False, DF-Policy: Copy
Replay Window Size: 960, Role: Initiator
----------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display IPSec SA with specific rule id from control plane.
| Option | Description |
|---|---|
| <rule-id> | Rule ID |
Example
nsx-edge-1> get ipsecvpn ipsecsa ruleid 22
Total Number of IPSec SA Pairs: 1
Session ID : 2
Created Timestamp : 2018-04-10 03:58:33
Local TS : ipv4(192.168.2.0-192.168.2.255)
Remote TS : ipv4(172.16.2.0-172.16.2.255)
SPI In : 0xd03e65b0 SPI Out : 0xcbebe1e9
Rule ID In : 22 Rule ID Out : 2147483670
SA Uptime : 184 sec SA Lifetime : 1200 sec
Local Endpoint : 10.0.0.1 Remote Endpoint: 10.1.0.1
Algorithm: aes128-cbc/hmac-sha1-96/14
NAT-T: False, ESN: False, DF-Policy: Copy
Replay Window Size: 960, Role: Initiator
----------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display an IPSec SA with specific session id from control plane.
| Option | Description |
|---|---|
| <session-id> | IKE Session ID |
Example
nsx-edge-1> get ipsecvpn ipsecsa sessionid 2
Total Number of IPSec SA Pairs: 1
Session ID : 2
Created Timestamp : 2018-04-10 03:58:33
Local TS : ipv4(192.168.2.0-192.168.2.255)
Remote TS : ipv4(172.16.2.0-172.16.2.255)
SPI In : 0xd03e65b0 SPI Out : 0xcbebe1e9
Rule ID In : 22 Rule ID Out : 2147483670
SA Uptime : 184 sec SA Lifetime : 1200 sec
Local Endpoint : 10.0.0.1 Remote Endpoint: 10.1.0.1
Algorithm: aes128-cbc/hmac-sha1-96/14
NAT-T: False, ESN: False, DF-Policy: Copy
Replay Window Size: 960, Role: Initiator
----------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all IPSec VPN policy rules.
Example
nsx-edge-1> get ipsecvpn policy rules
UUID : 00000000-0000-0000-0000-00000000000c
Rule :
ID : 1
Action : RA_ENCRYPT
Applied TO :
Logical Router Port : 00000000-0000-0000-0000-00000000000c
Component Name : CN_IKE
Direction : RD_OUT
From Address :
IP Address :
Ipv4 : 10.109.24.20
Prefix Length : 32
IS Stateful : True
Keypolicy ID : 00000000-0000-0000-0000-00000000000b
Lbrule : False
Priority : 10
Protocol :
DST Ports :
Range :
SRC Ports :
Range :
Section ID : 00000000-0000-0003-0000-000000000005
TAG : ipsec
TO Address :
IP Address :
Ipv4 : 10.109.24.22
Prefix Length : 32
Type : RT_LAYER3
Uuid : 00000000-0000-0000-0000-00000000000c
UUID : 00000000-0000-0000-0000-00000000000d
Rule :
ID : 1
Action : RA_ENCRYPT
Applied TO :
Logical Router Port : 00000000-0000-0000-0000-00000000000c
Component Name : CN_IKE
Direction : RD_IN
From Address :
IP Address :
Ipv4 : 10.109.24.22
Prefix Length : 32
IS Stateful : True
Keypolicy ID : 00000000-0000-0000-0000-00000000000b
Lbrule : False
Priority : 10
Protocol :
DST Ports :
Range :
SRC Ports :
Range :
Section ID : 00000000-0000-0003-0000-000000000005
TAG : ipsec
TO Address :
IP Address :
Ipv4 : 10.109.24.20
Prefix Length : 32
Type : RT_LAYER3
Uuid : 00000000-0000-0000-0000-00000000000d
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display an IPSec policy rule.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get ipsecvpn policy rules 00000000-0000-0000-0000-00000000000c
Rule :
ID : 1
Action : RA_ENCRYPT
Applied TO :
Logical Router Port : 00000000-0000-0000-0000-00000000000c
Component Name : CN_IKE
Direction : RD_OUT
From Address :
IP Address :
Ipv4 : 10.109.24.20
Prefix Length : 32
IS Stateful : True
Keypolicy ID : 00000000-0000-0000-0000-00000000000b
Lbrule : False
Priority : 10
Protocol :
DST Ports :
Range :
SRC Ports :
Range :
Section ID : 00000000-0000-0003-0000-000000000005
TAG : ipsec
TO Address :
IP Address :
Ipv4 : 10.109.24.22
Prefix Length : 32
Type : RT_LAYER3
Uuid : 00000000-0000-0000-0000-00000000000c
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display summary of IPSec VPN policy rules.
Example
nsx-edge-1>get ipsecvpn policy summary
IPSec Security Policy count: 4
RuleId Dir Local Subnet Peer Subnet Action UUID
--------------------------------------------------------------------------------------------------------------
1027 Out 192.168.100.0/24 2.2.5.0/24 Encrypt 00003400-0000-0402-0000-040300000000
2147484675 In 2.2.5.0/24 192.168.100.0/24 Encrypt 00003400-0000-0402-8000-040300000000
1032 Out 192.168.100.1/32 2.2.5.1/32 Bypass 00003400-0000-0407-0000-040800000000
2147484680 In 2.2.5.1/32 192.168.100.1/32 Bypass 00003400-0000-0407-8000-040800000000
--------------------------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all IPSec SAs present in Security Association Database(datapath).
Example
nsx-edge-1> get ipsecvpn sad
Total Number of IPSec SAs: 2
Inbound SAs:
Rule ID : 2147484675
VRF ID : 1
SPI : 0xf835f82a
Created Timestamp : 2018-03-19 10:24:21
SA Uptime : 496 sec
SA Lifetime : 3600 sec
NAT-Traversal : False
ESN : False
DF Policy : clear
SA Hit : 1
Sequence Number (Recv) : 1234
Replay Window Size : 960
Traffic Mode : Tunnel
Protocol : ESP
IP Address:
Source : 1.1.5.100
Destination : 192.168.128.1
Subnets:
Local : 2.2.5.0/24
Peer : 192.168.100.0/24
Algorithm:
Encryption : aes-128-cbc
Authentication : sha1-hmac
----------------------------------------
Outbound SAs:
Rule ID : 1027
VRF ID : 1
SPI : 0xc3f194fa
Created Timestamp : 2018-03-19 10:24:21
SA Uptime : 496 sec
SA Lifetime : 3600 sec
NAT-Traversal : False
ESN : False
DF Policy : clear
SA Hit : 1
Sequence Number (Sent) : 1234
Replay Window Size : 960
Traffic Mode : Tunnel
Protocol : ESP
IP Address:
Source : 192.168.128.1
Destination : 1.1.5.100
Subnets:
Local : 192.168.100.0/24
Peer : 2.2.5.0/24
Algorithm:
Encryption : aes-128-cbc
Authentication : sha1-hmac
----------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display IPSec SA present in Security Association Database(datapath).
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get ipsecvpn sad 00003400-0000-0402-0000-040300000000
Total Number of IPSec SAs: 2
Inbound SAs:
Rule ID : 2147484675
VRF ID : 1
SPI : 0xf835f82a
Created Timestamp : 2018-03-19 10:24:21
SA Uptime : 496 sec
SA Lifetime : 3600 sec
NAT-Traversal : False
ESN : False
DF Policy : clear
SA Hit : 1
Sequence Number (Recv) : 1234
Replay Window Size : 960
Traffic Mode : Tunnel
Protocol : ESP
IP Address:
Source : 1.1.5.100
Destination : 192.168.128.1
Subnets:
Local : 2.2.5.0/24
Peer : 192.168.100.0/24
Algorithm:
Encryption : aes-128-cbc
Authentication : sha1-hmac
----------------------------------------
Outbound SAs:
Rule ID : 1027
VRF ID : 1
SPI : 0xc3f194fa
Created Timestamp : 2018-03-19 10:24:21
SA Uptime : 496 sec
SA Lifetime : 3600 sec
NAT-Traversal : False
ESN : False
DF Policy : clear
SA Hit : 1
Sequence Number (Sent) : 1234
Replay Window Size : 960
Traffic Mode : Tunnel
Protocol : ESP
IP Address:
Source : 192.168.128.1
Destination : 1.1.5.100
Subnets:
Local : 192.168.100.0/24
Peer : 2.2.5.0/24
Algorithm:
Encryption : aes-128-cbc
Authentication : sha1-hmac
----------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all IPSec VPN sessions.
Example
nsx-edge-1>get ipsecvpn session
Total Number of Sessions: 2
IKE Session ID : 3
UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.102
Local ID : 192.168.128.1 Peer ID : 1.1.5.102
Session Status : Down Down Reason : Timed out
Policy Rules
Policy UUID : 00003400-0000-0404-0000-040500000000
ToRule ID : 1029 ToRule ID : 2147484677
Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Down Down Reason : IKE SA down
------------------------------------------------------------------------------------------
IKE Session ID : 2
UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6
Type : Policy
Local IP : 192.168.128.1 Peer IP : 1.1.5.100
Local ID : 192.168.128.1 Peer ID : 1.1.5.100
Session Status : Up
Policy Rules
Policy UUID : 00003400-0000-0402-0000-040300000000
ToRule ID : 1027 FromRule ID : 2147484675
Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Up
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display specific IPSec VPN session.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1>get ipsecvpn session ffc00327-0d7b-4e4d-8676-3eb12c803ed6
Total Number of Sessions: 1
IKE Session ID : 2
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.100
Local ID : 192.168.128.1 Peer ID : 1.1.5.100
Session Status : Up
Policy Rules
Policy UUID : 00003400-0000-0402-0000-040300000000
ToRule ID : 1027 FromRule ID : 2147484675
Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Up
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all IPSec VPN sessions in active state.
Example
nsx-edge-1> get ipsecvpn session active
Total Number of Active Sessions: 1
IKE Session ID : 2
UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.100
Local ID : 192.168.128.1 Peer ID : 1.1.5.100
Session Status : Up
Policy Rules
Policy UUID : 00003400-0000-0402-0000-040300000000
ToRule ID : 1027 FromRule ID : 2147484675
Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Up
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display an IPSec VPN session in active state.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get ipsecvpn session active ffc00327-0d7b-4e4d-8676-3eb12c803ed6
Total Number of Active Sessions: 1
IKE Session ID : 2
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.100
Local ID : 192.168.128.1 Peer ID : 1.1.5.100
Session Status : Up
Policy Rules
Policy UUID : 00003400-0000-0402-0000-040300000000
ToRule ID : 1027 FromRule ID : 2147484675
Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Up
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display IPSec VPN session in active state for specific endpoints.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> get ipsecvpn session active local-ip 192.168.128.1 remote-ip 1.1.5.100
Total Number of Active Sessions: 1
IKE Session ID : 2
UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.100
Local ID : 192.168.128.1 Peer ID : 1.1.5.100
Session Status : Up
Policy Rules
Policy UUID : 00003400-0000-0402-0000-040300000000
ToRule ID : 1027 FromRule ID : 2147484675
Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Up
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display an IPSec VPN session in active state.
| Option | Description |
|---|---|
| <session-id> | IKE Session ID |
Example
nsx-edge-1> get ipsecvpn session active sessionid 2
Total Number of Sessions: 1
IKE Session ID : 2
UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.100
Local ID : 192.168.128.1 Peer ID : 1.1.5.100
Session Status : Up
Policy Rules
Policy UUID : 00003400-0000-0402-0000-040300000000
ToRule ID : 1027 FromRule ID : 2147484675
Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Up
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all IPsec VPN sessions in down state.
Example
nsx-edge-1> get ipsecvpn session down
Total Number of Down Sessions: 1
IKE Session ID : 3
UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.102
Local ID : 192.168.128.1 Peer ID : 1.1.5.102
Session Status : Down Down Reason : No proposal chosen
Policy Rules
Policy UUID : 00003400-0000-0404-0000-040500000000
ToRule ID : 1027 FromRule ID : 2147484677
Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Down Down Reason : IKE SA Down
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display an IPsec VPN session in down state.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get ipsecvpn session down 254d755e-e133-4831-89ab-41ef49c2bdc1
Total Number of Down Sessions: 1
IKE Session ID : 3
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.102
Local ID : 192.168.128.1 Peer ID : 1.1.5.102
Session Status : Down Down Reason : Timed out
Policy Rules
Policy UUID : 00003400-0000-0404-0000-040500000000
ToRule ID : 1027 FromRuleId : 2147484677
Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Down Down Reason : IKE SA Down
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display IPsec VPN session in down state for specific endpoints.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> get ipsecvpn session down local-ip 192.168.128.1 remote-ip 1.1.5.102
Total Number of Down Sessions: 1
IKE Session ID : 3
UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.102
Local ID : 192.168.128.1 Peer ID : 1.1.5.102
Session Status : Down Down Reason : Timed out
Policy Rules
Policy UUID : 00003400-0000-0404-0000-040500000000
ToRule ID : 1027 Rule ID FromRule ID : 2147484677
Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Down Down Reason : IKE SA Down
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display an IPsec VPN session in down state.
| Option | Description |
|---|---|
| <session-id> | IKE Session ID |
Example
nsx-edge-1> get ipsecvpn session down sessionid 3
Total Number of Down Sessions: 1
IKE Session ID : 3
UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.102
Local ID : 192.168.128.1 Peer ID : 1.1.5.102
Session Status : Down Down Reason : Timed out
Policy Rules
Policy UUID : 00003400-0000-0404-0000-040500000000
ToRule ID : 1029 FromRule ID : 2147484677
Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Down Down Reason : IKE SA Down
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display IPSec VPN session for specific endpoints.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1>get ipsecvpn session local-ip 192.168.128.1 remote-ip 1.1.5.101
Total Number of Sessions: 1
IKE Session ID : 2
UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.100
Local ID : 192.168.128.1 Peer ID : 1.1.5.100
Session Status : Up
Policy Rules
Policy UUID : 00003400-0000-0402-0000-040300000000
ToRule ID : 1027 FromRule ID : 2147484675
Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Up
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all IPsec VPN sessions in negotiating state.
Example
nsx-edge-1> get ipsecvpn session negotiating
Total Number of Negotiating Sessions: 1
IKE Session ID : 3
UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.102
Local ID : 192.168.128.1 Peer ID : 1.1.5.102
Session Status : Negotiating Last Known Failure: Peer not reachable
Policy Rules
Policy UUID : 00003400-0000-0404-0000-040500000000
ToRule ID : 1027 FromRule ID : 2147484677
Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Down Down Reason : IKE SA Down
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display an IPsec VPN session in negotiating state.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get ipsecvpn session negotiating 254d755e-e133-4831-89ab-41ef49c2bdc1
Total Number of Negotiating Sessions: 1
IKE Session ID : 3
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.102
Local ID : 192.168.128.1 Peer ID : 1.1.5.102
Session Status : Negotiating Last Known Failure: Peer not reachable
Policy Rules
Policy UUID : 00003400-0000-0404-0000-040500000000
ToRule ID : 1027 FromRule ID : 2147484677
Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Down Down Reason : IKE SA Down
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display IPsec VPN session in negotiating state for specific endpoints.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> get ipsecvpn session negotiating local-ip 192.168.128.1 remote-ip 1.1.5.102
Total Number of Negotiating Sessions: 1
IKE Session ID : 3
UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.102
Local ID : 192.168.128.1 Peer ID : 1.1.5.102
Session Status : Negotiating Last Known Failure: Peer not reachable
Policy Rules
Policy UUID : 00003400-0000-0404-0000-040500000000
ToRule ID : 1027 FromRule ID :2147484677
Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Down Down Reason : IKE SA Down
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display an IPsec VPN session in negotiating state.
| Option | Description |
|---|---|
| <session-id> | IKE Session ID |
Example
nsx-edge-1> get ipsecvpn session negotiating sessionid 3
Total Number of Negotiating Sessions: 1
IKE Session ID : 3
UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.102
Local ID : 192.168.128.1 Peer ID : 1.1.5.102
Session Status : Negotiating Last Known Failure: Peer not reachable
Policy Rules
Policy UUID : 00003400-0000-0404-0000-040500000000
ToRule ID : 1029 FromRule ID : 2147484677
Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Down Down Reason : IKE SA Down
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all IPSec VPN sessions.
| Option | Description |
|---|---|
| <session-id> | IKE Session ID |
Example
nsx-edge-1>get ipsecvpn session sessionid 2
Total Number of Sessions: 1
IKE Session ID : 2
UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6
Type : Policy
IKE Version : IKEFlex
Local IP : 192.168.128.1 Peer IP : 1.1.5.100
Local ID : 192.168.128.1 Peer ID : 1.1.5.100
Session Status : Up
Policy Rules
Policy UUID : 00003400-0000-0402-0000-040300000000
ToRule ID : 1027 FromRule ID : 2147484675
Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24
Tunnel Status : Up
------------------------------------------------------------------------------------------
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display IPSec VPN session status.
Example
nsx-edge-1> get ipsecvpn session status
VPN Session Status
Total Configured Sessions : 2
Total UP Sessions : 1
Total Down Sessions : 1
Total Negotiating Sessions : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display summary of all IPSec VPN sessions.
Example
nsx-edge-1>get ipsecvpn session summary
Version SID Type Status Local IP Peer IP Down Reason
------------------------------------------------------------------------------------------
IKEv2 4 Policy Down 192.168.128.1 1.1.5.102 Peer not reachable
IKEv2 3 Policy Down 192.168.128.1 1.1.5.101 No proposal chosen
IKEv1 2 Policy Negotiating 192.168.128.1 1.1.5.100 Peer not reachable*
------------------------------------------------------------------------------------------
SID: Session ID *: Last Known Failure
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all IPSec SA tunnel statistics.
Example
nsx-edge-1> get ipsecvpn tunnel stats
Interface UID : 294
Interface UUID : 00003400-0000-0402-0000-040300000000
Policy UUID : 00003400-0000-0402-0000-040300000000
Policy Rule Information
Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24
Outbound Rule ID : 1027 Inbound Rule ID : 2147484675
Action : RA_ENCRYPT
Stats
Rx Pkts : 5 Tx Pkts : 5
Rx Bytes : 420 Tx Bytes : 420
Rx Drops : 0 Tx Drops : 0
Rx Drop Crypto Failure : 0 Tx Drop Crypto Failure : 0
Rx Drop State Mismatch : 0 Tx Drop State Mismatch : 0
Rx Drop Malformed : 0 Tx Drop Malformed : 0
Rx Drop Proto Not Supported : 0 Tx Drop Proto Not Supported : 0
Rx Drop Replay : 0 Tx Drop Seq Rollover : 0
Rx Drop Inner Malformed : 0 Rekey Request Failure : 0
Rx Drop Policy Nomatch : 0
Rx Drop Auth Failure : 0
Interface UID : 295
Interface UUID : 00003400-0000-0404-0000-040500000000
Policy UUID : 00003400-0000-0404-0000-040500000000
Policy Rule Information
Local Subnet : 192.168.100.1/32 Peer Subnet : 2.2.5.1/32
Outbound Rule ID : 1031 Inbound Rule ID : 2147484679
Action : RA_CLEAR
Stats
Rx Pkts : 0 Tx Pkts : 0
Rx Bytes : 0 Tx Bytes : 0
Rx Drops : 0 Tx Drops : 0
Rx Drop Crypto Failure : 0 Tx Drop Crypto Failure : 0
Rx Drop State Mismatch : 0 Tx Drop State Mismatch : 0
Rx Drop Malformed : 0 Tx Drop Malformed : 0
Rx Drop Proto Not Supported : 0 Tx Drop Proto Not Supported : 0
Rx Drop Replay : 0 Tx Drop Seq Rollover : 0
Rx Drop Inner Malformed : 0 Rekey Request Failure : 0
Rx Drop Policy Nomatch : 0
Rx Drop Auth Failure : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display IPSec SA tunnel statistics.
| Option | Description |
|---|---|
| <keypolicy-id> | Keypolicy ID for the rule Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get ipsecvpn tunnel stats 00003400-0000-0402-0000-040300000000
Interface UID : 294
Interface UUID : 00003400-0000-0402-0000-040300000000
Policy UUID : 00003400-0000-0402-0000-040300000000
Policy Rule Information
Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24
Outbound Rule ID : 1027 Inbound Rule ID : 2147484675
Action : RA_ENCRYPT
Stats
Rx Pkts : 5 Tx Pkts : 5
Rx Bytes : 420 Tx Bytes : 420
Rx Drops : 0 Tx Drops : 0
Rx Drop Crypto Failure : 0 Tx Drop Crypto Failure : 0
Rx Drop State Mismatch : 0 Tx Drop State Mismatch : 0
Rx Drop Malformed : 0 Tx Drop Malformed : 0
Rx Drop Proto Not Supported : 0 Tx Drop Proto Not Supported : 0
Rx Drop Replay : 0 Tx Drop Seq Rollover : 0
Rx Drop Inner Malformed : 0 Rekey Request Failure : 0
Rx Drop Policy Nomatch : 0
Rx Drop Auth Failure : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Displays all IPSec VPN Policy Rules.
Example
nsx-edge-1> get ipsecvpn vti rules 00000000-0000-0000-0000-00000000000c
UUID : 00000000-0000-0000-0000-00000000000c
KEY Policyid : 00000000-0000-0000-0000-00000000000b
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display an IPSec VPN VTI rule.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get ipsecvpn vti rules 00000000-0000-0000-0000-00000000000c
KEY Policyid : 00000000-0000-0000-0000-00000000000b
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about specified L2 bridge port.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get l2bridge-port a70600a9-eda8-499f-96d0-1262dc36f4a1
Bridge Port
UUID : a70600a9-eda8-499f-96d0-1262dc36f4a1
Logical Switch : f322ca3a-a218-5d65-85c1-20ef6adea670
VLAN ID : 10
State : 1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about specified L2 bridge port and mac flush stats.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get l2bridge-port a70600a9-eda8-499f-96d0-1262dc36f4a1 flush-stats
Bridge Port
UUID : a70600a9-eda8-499f-96d0-1262dc36f4a1
Last Flush : 2018-03-03 01:40:22.319
Flush Count : 2
Last Rarp : 2018-03-03 01:40:20.319
Rarp count : 3
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display configuration and states of a specific L2 bridge
| Option | Description |
|---|---|
| <uuid> | UUID argument |
Example
nsx-edge-1> get l2bridge-port-config 76c85110-b041-4e9f-a3e3-b54179a88ceb
Bridge UUID : 3ee1f7bd-eff3-523c-8bfe-1aba1c603cc6
Rank : 0
Failover Mode : Non-preemptive
Bridge Port UUID : 76c85110-b041-4e9f-a3e3-b54179a88ceb
Bridge Port State : Forwarding
Transport Zone : d7ea327f-2569-4b1c-b7cf-8cd4c85ebb18
VLAN ID : 10
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about all L2 bridge ports.
Example
nsx-edge-1> get l2bridge-ports
Bridge Port
UUID : a70600a9-eda8-499f-96d0-1262dc36f4a1
Logical Switch : f322ca3a-a218-5d65-85c1-20ef6adea670
VLAN ID : 10
State : 1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display configuration and states of all L2 bridges
Example
nsx-edge-1> get l2bridge-ports-config
Bridge UUID : 3ee1f7bd-eff3-523c-8bfe-1aba1c603cc6
Rank : 0
Failover Mode : Preemptive
Bridge Port UUID : 76c85110-b041-4e9f-a3e3-b54179a88ceb
Bridge Port State : Stopped
Transport Zone : d7ea327f-2569-4b1c-b7cf-8cd4c85ebb18
VLAN ID : 10
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display L2VPN sessions configuration for a given L2VPN service.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsxedge-ob-7490391-1-new> get l2vpn service 1d5bb34a-0480-45e4-1d5b-b34a048046b6 sessions config
DISPLAY_NAME: l2vpn_session1
ENABLED: True
ID: 1d5bb34a-0480-45e2-a261-bd5f98c24d36
L2VPN_SERVICE_ID: 1d5bb34a-0480-45e4-1d5b-b34a048046b6
MTU: 1500
TUNNEL_ENCAPSULATION:
LOCAL_ENDPOINT_IP:
IPV4: 1.1.1.2
PEER_ENDPOINT_IP:
IPV4: 1.1.1.3
PROTOCOL: GRE
VTI:
1d5bb34a-0480-45e3-a261-bd5f98c24d37
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all L2VPN services configuration.
Example
nsxedge-ob-7490391-1-new> get l2vpn services config
ENABLE_FULL_MESH: True
ID: 1d5bb34a-0480-46aa-a261-bd5f98c24b9c
SR_CLUSTER_ID: a261bd5f-98c2-4d37-1d5b-b34a048045e3
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display stretched logical switch behind L2VPN session.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get l2vpn session 2ds29c11-8920-29q1-1029-2lk20129d910 logical-switch ea8c4460-6d15-49c5-a82e-6812a26b4200
Tunnel-Port : fe34062b-7ad3-5bca-beb8-1adde6c0d46e
Logical-switch: ea8c4460-6d15-49c5-a82e-6812a26b4200
VNI : 1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display remote macs learnt on L2VPN stretched logical-switch.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get l2vpn session 2ds29c11-8920-29q1-1029-2lk20129d910 logical-switch ea8c4460-6d15-49c5-a82e-6812a26b4200 remote-macs
MACs:
04:00:c0:a8:fa:a2
02:50:56:56:44:52
00:50:56:8e:1b:21
00:50:56:8e:9a:a5
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display stats for stretched logical-switch behind L2VPN session.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get l2vpn session 2ds29c11-8920-29q1-1029-2lk20129d910 logical-switch ea8c4460-6d15-49c5-a82e-6812a26b4200 stats
RX-Packets : 4474
RX-Bytes : 302966
RX-Drops : 0
Malformed : 0
No-Match : 0
L2-Loop : 0
TX-Packets : 5527
TX-Bytes : 371568
TX-Drops : 0
No-Memory : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display stretched logical switches behind given L2VPN session.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get l2vpn session 2ds29c11-8920-29q1-1029-2lk20129d910 logical-switches
Tunnel-Port : fe34062b-7ad3-5bca-beb8-1adde6c0d46e
Logical-switch: 6aeaf0a7-110d-4d9d-bd76-b17032b36746
VNI : 60297
Logical-switch: 9cac13e9-eb71-4ce4-870e-ccc1dc8d6c3f
VNI : 60296
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display stats for L2VPN session
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get l2vpn session 1d5bb34a-0480-45e2-a261-bd5f98c24d36 stats
Session : 1d5bb34a-0480-45e2-a261-bd5f98c24d36
Tunnel : d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa
Local IP : 192.168.10.2
Remote IP : 192.168.10.20
Status : UP
RX-Packets : 0
RX-Bytes : 0
RX-Drops : 0
Malformed : 0
No-Match : 0
L2-Loop : 0
TX-Packets : 3325
TX-Bytes : 412300
TX-Drops : 0
No-Memory : 0
No-Route : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display status of specific L2VPN session.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get l2vpn session 2ds29c11-8920-29q1-1029-2lk20129d910 status
Session : 2ds29c11-8920-29q1-1029-2lk20129d910
Tunnel : 6598ab27-95c6-50ef-85b3-89b7811ab672
Status : UP
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all L2VPN sessions information.
Example
nsx-edge-1> get l2vpn sessions
Session : 1d5bb34a-0480-45e2-a261-bd5f98c24d36
Tunnel : d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa
Status : UP
Session : 2ds29c11-8920-29q1-1029-2lk20129d910
Tunnel : 6598ab27-95c6-50ef-85b3-89b7811ab672
Status : UP
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all L2VPN sessions configuration.
Example
nsxedge-ob-7490391-1-new> get l2vpn sessions config
DISPLAY_NAME: l2vpn_session1
ENABLED: True
ID: 1d5bb34a-0480-45e2-a261-bd5f98c24d36
L2VPN_SERVICE_ID: 1d5bb34a-0480-45e4-1d5b-b34a048046b6
MTU: 1500
TUNNEL_ENCAPSULATION:
LOCAL_ENDPOINT_IP:
IPV4: 1.1.1.2
PEER_ENDPOINT_IP:
IPV4: 1.1.1.3
PROTOCOL: GRE
VTI:
1d5bb34a-0480-45e3-a261-bd5f98c24d37
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display L2VPN sessions stats
Example
nsx-edge-1> get l2vpn sessions stats
Session : 1d5bb34a-0480-45e2-a261-bd5f98c24d36
Tunnel : d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa
Local IP : 192.168.10.2
Remote IP : 192.168.10.20
Status : UP
RX-Packets : 0
RX-Bytes : 0
RX-Drops : 0
Malformed : 0
No-Match : 0
L2-Loop : 0
TX-Packets : 3325
TX-Bytes : 412300
TX-Drops : 0
No-Memory : 0
No-Route : 0
Session : 2ds29c11-8920-29q1-1029-2lk20129d910
Tunnel : 6598ab27-95c6-50ef-85b3-89b7811ab672
Local IP : 192.168.9.2
Remote IP : 192.168.9.20
Status : UP
RX-Packets : 0
RX-Bytes : 0
RX-Drops : 0
Malformed : 0
No-Match : 0
L2-Loop : 0
TX-Packets : 3331
TX-Bytes : 413044
TX-Drops : 0
No-Memory : 0
No-Route : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Get the last barrier processed by NestDb Pigeon for the specified transport node.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get last processed barrier 7c72c4ae-8fe8-4449-a4e2-c5e53ab0bb4f
1191
Mode
Basic
Availability
Controller
Displays LLDP configuration on all devices.
Example
nsx-edge-1> get lldp config
Device
Name : eth0
Tx : enabled
Rx : enabled
Tx Interval : 30
Device
Name : eth1
Tx : disabled
Rx : enabled
Tx Interval : 30
Mode
Basic
Availability
Edge, Public Cloud Gateway
Displays LLDP configuration given device.
| Option | Description |
|---|---|
| <interface-name> | LLDP interface argument |
Example
nsx-edge-1> get lldp config eth0
Device
Name : eth0
Tx : enabled
Rx : enabled
Tx Interval : 30
Mode
Basic
Availability
Edge, Public Cloud Gateway
Displays LLDP Neighbor information on all devices.
Example
nsx-edge-1> get lldp neighbors
Device : eth0
Neighbor Count : 1
Neighbors
Neighbor : eth0/0:50:56:b7:7f:47
Life Time : 111
System Name : NSX ESG
System Desc : NSX Edge Services Gateway
System Cap : ['Router']
Enabled Cap : ['Router']
Chassis Id : eth0
Port Id : 0:50:56:b7:7f:47
Port Desc : management iface
Mgmt Address
Address : 10.172.139.51
Addr Family : IPv4
Iface Number : 2
Iface Type : 2
MAC PHY Status
AutoNeg : supported
AutoNeg Status: enabled
PMDAutoNeg : supported
PMDAutoNeg Status: not-enabled
MAU Type : 16
Power via MDI
Port Class : PSE
Power Source : supported
PSE MDI State : enabled
PSE Pair Ctrl : yes
PSE Pair : 1
PSE Class : 2
Link Aggregation
Aggr Capability: yes
Aggr Status : enabled
Aggr Port Id : 1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Displays LLDP Neighbor information on given device.
| Option | Description |
|---|---|
| <interface-name> | LLDP interface argument |
Example
nsx-edge-1> get lldp neighbors eth0
Device : eth0
Neighbor Count : 1
Neighbors
Neighbor : eth0/0:50:56:b7:7f:47
Life Time : 111
System Name : NSX ESG
System Desc : NSX Edge Services Gateway
System Cap : ['Router']
Enabled Cap : ['Router']
Chassis Id : eth0
Port Id : 0:50:56:b7:7f:47
Port Desc : management iface
Mgmt Address
Address : 10.172.139.51
Addr Family : IPv4
Iface Number : 2
Iface Type : 2
MAC PHY Status
AutoNeg : supported
AutoNeg Status: enabled
PMDAutoNeg : supported
PMDAutoNeg Status: not-enabled
MAU Type : 16
Power via MDI
Port Class : PSE
Power Source : supported
PSE MDI State : enabled
PSE Pair Ctrl : yes
PSE Pair : 1
PSE Class : 2
Link Aggregation
Aggr Capability: yes
Aggr Status : enabled
Aggr Port Id : 1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Displays LLDP Statistics on all devices.
Example
nsx-edge-1> get lldp stats
TX Total : 36
TX Errors : 0
RX Total : 36
RX Errors : 0
RX Discards : 0
RX Deletes : 0
Device : eth0
Tx Total : 36
Tx Errors : 0
Device : eth0
Rx Total : 36
Rx Valid : 36
Rx Errors : 0
Rx Discards : 0
Rx Deletes : 0
Neighbor : eth0/0:50:56:b7:7f:47
Rx Total : 36
Rx Valid : 36
Rx Discards : 0
Rx TLV Errors : 0
Rx TLV Unrecognized: 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Displays LLDP Statistics on given device.
| Option | Description |
|---|---|
| <interface-name> | LLDP interface argument |
Example
nsx-edge-1> get lldp stats eth0
TX Total : 36
TX Errors : 0
RX Total : 36
RX Errors : 0
RX Discards : 0
RX Deletes : 0
Device : eth0
Tx Total : 36
Tx Errors : 0
Device : eth0
Rx Total : 36
Rx Valid : 36
Rx Errors : 0
Rx Discards : 0
Rx Deletes : 0
Neighbor : eth0/0:50:56:b7:7f:47
Rx Total : 36
Rx Valid : 36
Rx Discards : 0
Rx TLV Errors : 0
Rx TLV Unrecognized: 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3
Load Balancer
Access Log Enabled : False
Applied To :
Attachment Id : 00002000-0000-0000-0000-000000000008
Type : LOG_SERVICE_ROUTER_CLUSTER
Display Name : lbs-on-lr1
Enabled : True
UUID : eba5f460-c660-4f82-8488-62231fb9aea3
Log Level : LB_LOG_LEVEL_INFO
Size : SMALL
Virtual Server Id : 37f1a8c9-ab8b-4ee9-9b41-5da317ac05d3
26168a79-48d6-44a7-86fe-0d5ee7c91e47
7e012072-0594-4063-97f0-82452e9a2813
11bb214f-bd06-4bff-b2a5-6f82e5ec62b6
110ac92c-1647-48a5-8d66-4cac06817716
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the error log file for a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer 4d3eafaa-5a16-422a-80d9-f799cb4bd40a error-log
2017/11/16 11:41:43 [info] 8290#0: Initialized l4lb zone (size: 3674112)
2017/11/16 11:41:43 [info] 8290#0: Initialized lb zone (size: 5550080)
2017/11/16 11:41:43 [debug] 8290#0: bind() 127.0.0.1:80 #16
2017/11/16 11:41:43 [info] 8290#0: lb stats module is disabled, configure lbstats_size to enable it.
2017/11/16 11:41:43 [notice] 8290#0: using the "epoll" event method
2017/11/16 11:41:43 [debug] 8290#0: counter: 00007B5D15B1A080, 1
2017/11/16 11:41:43 [info] 8290#0: lb allocated connection ctx (size: 56)
.
.
.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the last 10 lines of the error log file for a specific load balancer and all new messages that are written to the log file.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer 4d3eafaa-5a16-422a-80d9-f799cb4bd40a error-log follow
2017/11/16 22:32:13 [debug] 8326#0: worker cycle
2017/11/16 22:32:13 [debug] 8326#0: epoll timer: 346
2017/11/16 22:32:14 [debug] 8326#0: timer delta: 346
2017/11/16 22:32:14 [debug] 8326#0: event timer del: 0: 1510871534258
2017/11/16 22:32:14 [debug] 8326#0: event timer add: 0: 2500:1510871536758
2017/11/16 22:32:14 [debug] 8326#0: http check begin handler index: 1, owner: -1, ngx_pid: 8326, interval: 2479, check_interval: 5000
2017/11/16 22:32:14 [debug] 8326#0: shmtx lock
.
.
.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display error log messages containing strings that match the given regular expression pattern for a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <regex> | Regular expression |
Example
nsx-edge-1> get load-balancer 4d3eafaa-5a16-422a-80d9-f799cb4bd40a error-log reg-filter req.*
2017/11/16 11:41:48 [debug] 8326#0: ha: sent bulk pull request
2017/11/16 11:41:48 [notice] 8326#0: ha: sent full sync request, enter request state
2017/11/16 11:41:55 [debug] 8326#0: *3 http wait request handler
2017/11/16 11:41:55 [debug] 8326#0: *3 http process request line
2017/11/16 11:41:55 [debug] 8326#0: *3 http request line: "GET /show_status/all HTTP/1.1"
2017/11/16 11:41:55 [debug] 8326#0: *3 http process request header line
.
.
.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the health check table of a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer 0f6510bb-ff15-4385-9c45-a1ce626fc276 health-check-table
Health-Check-Table
INDEX POOL TYPE NAME STATUS RISE FALL PORT CHECK_TIME CHANGE_TIME FAIL_REASON ERRNO STATUS_CODE
0 backend tcp 127.0.0.1:3971 down 0 193 0 Aug 25 01:13:48 Aug 25 01:23:51 Connect Fail Connection refused n/a
1 backend tcp 127.0.0.1:3972 down 0 190 0 Aug 25 01:13:48 Aug 25 01:23:50 Connect Fail Connection refused n/a
2 backend tcp 127.0.0.1:3970 up 192 0 0 Aug 25 01:13:52 Aug 25 01:23:52 n/a n/a n/a
3 backend1 tcp 127.0.0.1:3976 down 0 195 0 Aug 25 01:13:48 Aug 25 01:23:51 Connect Fail Connection refused n/a
4 backend http 127.0.0.1:1971 down 0 196 0 Aug 25 01:13:48 Aug 25 01:23:51 Connect Fail Connection refused n/a
5 backend http 127.0.0.1:1970 down 0 175 0 Aug 25 01:13:48 Aug 25 01:23:51 Rx HTTP Code 4XX n/a 403
6 backend http 127.0.0.1:1972 down 0 195 0 Aug 25 01:13:48 Aug 25 01:23:52 Connect Fail Connection refused n/a
7 backend http 127.0.0.1:1973 down 0 195 0 Aug 25 01:13:48 Aug 25 01:23:51 Connect Fail Connection refused n/a
8 backend http 127.0.0.1:1974 down 0 192 0 Aug 25 01:13:48 Aug 25 01:23:51 Connect Fail Connection refused n/a
9 backend1 http 127.0.0.1:1975 down 0 193 0 Aug 25 01:13:48 Aug 25 01:23:52 Connect Fail Connection refused n/a
10 backend1 http 127.0.0.1:1976 down 0 192 0 Aug 25 01:13:48 Aug 25 01:23:52 Connect Fail Connection refused n/a
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the HA state of a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer 0f6510bb-ff15-4385-9c45-a1ce626fc276 HA-State
LB HA is disable
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a specific load balancer monitor.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <monitor-uuid> | Monitor UUID argument |
Example
nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 monitor 72945dda-f4f1-532f-9bd0-a3f52c099d4b
Monitor
Display Name : nsx-default-https-monitor
Fall Count : 3
Https Monitor :
Authenticate Depth : 3
Cipher : TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Protocol :
TLS_V1_1
TLS_V1_2
Request Method : HTTP_METHOD_GET
Request Version : HTTP_VERSION_1_1
Response Status : HTTP_STATUS_2XX
Server Auth : SERVER_AUTH_IGNORE
UUID : 72945dda-f4f1-532f-9bd0-a3f52c099d4b
Interval : 5
Monitor Port : 443
Rise Count : 3
Timeout : 1970-01-01 00:00:00.015000 (timestamp: 15)
Type : HTTPS
Mode
Basic
Availability
Edge, Public Cloud Gateway
Show the health check table of a load balancer monitor.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <monitor-uuid> | Monitor UUID argument |
Example
nsx-edge> get load-balancer ed785df6-2143-4944-b918-66470886be83 monitor 72945dda-f4f1-532f-9bd0-a3f52c099d4b status
Health-Check-Table
INDEX POOL TYPE NAME STATUS RISE FALL PORT CHECK_TIME CHANGE_TIME FAIL_REASON ERRNO STATUS_CODE
6 de719e2 icmp 192.168.100.160:0 up 10755 0 0 Jun 1 11:28:43 May 28 08:30:00 n/a n/a n/a
7 de719e2 icmp 192.168.100.161:0 up 20820 0 0 Jun 1 11:28:46 May 28 08:30:02 n/a n/a n/a
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the monitors for a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 monitors
Monitor
Display Name : nsx-default-http-monitor
Fall Count : 3
Http Monitor :
Request Method : HTTP_METHOD_GET
Request Version : HTTP_VERSION_1_1
Response Status : HTTP_STATUS_2XX
UUID : c2cb7f9e-72d7-55ed-914e-5209b67d02b2
Interval : 5
Monitor Port : 80
Rise Count : 3
Timeout : 1970-01-01 00:00:00.015000 (timestamp: 15)
Type : HTTP
Monitor
Display Name : nsx-default-https-monitor
Fall Count : 3
Https Monitor :
Authenticate Depth : 3
Cipher : TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Protocol :
TLS_V1_1
TLS_V1_2
Request Method : HTTP_METHOD_GET
Request Version : HTTP_VERSION_1_1
Response Status : HTTP_STATUS_2XX
Server Auth : SERVER_AUTH_IGNORE
UUID : 72945dda-f4f1-532f-9bd0-a3f52c099d4b
Interval : 5
Monitor Port : 443
Rise Count : 3
Timeout : 1970-01-01 00:00:00.015000 (timestamp: 15)
Type : HTTPS
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the persistence tables of a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer 0f6510bb-ff15-4385-9c45-a1ce626fc276 persistence-tables
Persistence-Tables
TABLE CADDR DADDR DPORT LIFE_TIME(S) NUM_SESSIONS
ip_hash 127.0.0.1 127.0.0.1 1970 84 0
parameter 127.0.0.1 127.0.0.1 1970 96 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a specific load balancer pool.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <pool-uuid> | Pool UUID argument |
Example
nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 pool 29e66f11-d589-4208-a78d-f72e18aa8286
Pool
Algorithm : ROUND_ROBIN
Display Name : tcppool1
UUID : 29e66f11-d589-4208-a78d-f72e18aa8286
Member Group :
Admin State : ENABLED
Container Id : aded6b65-54ce-47b7-8da6-92fa0d96ccf4
Ip Revision Filter : IPV4
Max Ip List Size : 100
Min Active Members : 1
Snat Translation :
Auto Map : True
Port Overload : 1
Tcp Multiplexing Enabled : False
Tcp Multiplexing Number : 6
Member Group
UUID : aded6b65-54ce-47b7-8da6-92fa0d96ccf4
Ip Address :
Ipv4 : 192.168.1.2
Prefix Length : 31
Ipv4 : 192.168.1.4
Prefix Length : 31
Ipv4 : 192.168.1.6
Prefix Length : 32
Ipv4 : 192.168.4.8
Prefix Length : 24
Ipv4 : 192.168.1.8
Prefix Length : 32
Ipv4 : 192.168.1.1
Prefix Length : 32
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the statistics for a specific load balancer and pool.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <pool-uuid> | Pool UUID argument |
Example
nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 pool 953e4da8-a571-4695-b54c-90505d8e59c2 stats
Pool
UUID : 953e4da8-a571-4695-b54c-90505d8e59c2
Display-Name : tcp pool
Type : L4
Sessions :
(Cur, Max, Total, Rate) : (0, 0, 0, 0)
Bytes :
(In, Out) : (0, 0)
Packets :
(In, Out) : (0, 0)
Pool Member
Display-Name : m1
IP : 192.168.1.1
Port : 80
Sessions :
(Cur, Max, Total, Rate) : (0, 0, 0, 0)
Bytes :
(In, Out) : (0, 0)
Packets :
(In, Out) : (0, 0)
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the status of a specific load balancer and pool.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <pool-uuid> | Pool UUID argument |
Example
nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 pool 2197df80-77d3-44e6-89b3-1db930be374d status
Pool
UUID : 2197df80-77d3-44e6-89b3-1db930be374d
Display-Name : tcppool1
Status : up
Total-Members : 2
Primary Up : 0
Primary Down : 0
Primary Disabled : 0
Primary Graceful Disabled : 0
Backup Up : 0
Backup Down : 0
Backup Graceful Disabled : 0
Backup Disabled : 0
Member
Display-Name : m1
IP : 192.168.2.201
Port : 8888
Status : up
Last-Check-Time : 2017-10-09 07:11:14
Last-State-Change-Time : 2017-10-09 03:54:28
L4-Passive-State : down
L4-Passive-Last-Change-Time : 2018-07-31 04:38:13
Member
Display-Name : m2
IP : 192.168.2.202
Port : 8888
Status : up
Last-Check-Time : 2017-10-09 07:11:11
Last-State-Change-Time : 2017-10-09 03:54:28
L4-Passive-State : down
L4-Passive-Last-Change-Time : 2018-07-31 04:38:13
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the pools of a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 pools
Pool
Active Monitor Id :
c2cb7f9e-72d7-55ed-914e-5209b67d02b2
Algorithm : ROUND_ROBIN
Display Name : httppool1
UUID : d39f9ed7-444c-493d-8c99-327a30befe8e
Member :
Admin State : ENABLED
Backup Member : False
Display Name : m1
Ip Address :
Ipv4 : 192.168.1.1
Port : 80
Weight : 1
Admin State : ENABLED
Backup Member : False
Display Name : m2
Ip Address :
Ipv4 : 192.168.1.2
Port : 80
Weight : 1
Min Active Members : 1
Snat Translation :
Auto Map : True
Port Overload : 1
Tcp Multiplexing Enabled : False
Tcp Multiplexing Number : 6
Pool
Algorithm : ROUND_ROBIN
Display Name : tcppool1
UUID : 29e66f11-d589-4208-a78d-f72e18aa8286
Member Group :
Admin State : ENABLED
Container Id : aded6b65-54ce-47b7-8da6-92fa0d96ccf4
Ip Revision Filter : IPV4
Max Ip List Size : 100
Min Active Members : 1
Snat Translation :
Auto Map : True
Port Overload : 1
Tcp Multiplexing Enabled : False
Tcp Multiplexing Number : 6
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the statistics for all the pools of a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 pools stats
Pool
UUID : 953e4da8-a571-4695-b54c-90505d8e59c2
Display-Name : tcp pool
Type : L4
Sessions :
(Cur, Max, Total, Rate) : (0, 0, 0, 0)
Bytes :
(In, Out) : (0, 0)
Packets :
(In, Out) : (0, 0)
Pool
UUID : 0ba2817e-9ddb-411e-a397-ef2f3b099a46
Display-Name : http pool
Type : L7
Sessions :
(Cur, Max, Total, Rate) : (0, 0, 0, 0)
Bytes :
(In, In-Rate) : (0, 0)
(Out, Out-Rate) : (0, 0)
HTTP Requests :
(Total, Rate) : (0, 0)
Pool
UUID : 0ba2817e-9ddb-411e-a397-ef2f3b099a83
Display-Name : shared pool
Type : L4 and L7
Sessions :
(Cur, Max, Total, Rate) : (0, 0, 0, 0)
Bytes :
(In, In-Rate) : (0, 0)
(Out, Out-Rate) : (0, 0)
HTTP Requests :
(Total, Rate) : (0, 0)
Packets :
(In, Out) : (0, 0)
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the status of all the pools of a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 pools status
Pool
UUID : 2197df80-77d3-44e6-89b3-1db930be374d
Display-Name : tcppool1
Members : 2
Status : up
Primary-UP-No : 0
Backup-UP-No : 0
Pool
UUID : 5cca6ba3-5732-4ea9-8197-c582e211a0aa
Display-Name : httppool1
Members : 2
Status : up
Primary-UP-No : 0
Backup-UP-No : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the sessions of a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 session-tables
Session-Tables
TABLE ID PROTO CADDR CPORT VADDR VPORT SADDR SPORT DADDR DPORT
l4lb-0 0000000000000000 udp 10.10.10.10 2000 20.20.20.20 80 30.30.30.30 4096 40.40.40.40 8000
l4lb-0 0000000000000001 tcp 10.10.10.11 2000 20.20.20.21 80 30.30.30.31 4097 40.40.40.41 8000
l4lb-0 0000000000000002 tcp 10.10.10.12 2000 20.20.20.22 80 30.30.30.32 5000 40.40.40.42 8000
l4lb-0 0000000000000004 tcp 10.10.10.14 2000 20.20.20.24 80 30.30.30.34 6000 40.40.40.44 8000
Mode
Basic
Availability
Edge, Public Cloud Gateway
Get load-balancer snat pools' information
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 snat-pools
SNAT : nat_3232235998_1
Min Port : 4096
Max Port : 65535
Port Overload Factor : 1
Random Port : False
Snat IP : 192.168.1.222 Allocated Port: 0
SNAT : nat_3232235998_3
Min Port : 4096
Max Port : 65535
Port Overload Factor : 1
Random Port : False
Snat IP : 192.168.1.222 Allocated Port: 0
Snat IP : 192.168.1.223 Allocated Port: 0
Snat IP : 192.168.1.224 Allocated Port: 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the statistics for a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 stats
Load Balancer
UUID : ed785df6-2143-4944-b918-66470886be83
Display-Name : lbs-dgo
Enabled : True
Type CUR_SESS MAX_SESS TOTAL_SESS SESS_RATE
L4 1000 2000 34325 30
L7 100 100 54321 10
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the status of a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 status
Load Balancer
UUID : ed785df6-2143-4944-b918-66470886be83
Display-Name : lbs-dgo
Enabled : True
LB-State : not_ready
LR-HA-State : active
Virtual Servers : 2
Up Virtual Servers: 0
Pools : 2
Up Pools : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a specific load balancer virtual server.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <vs-uuid> | Virtual server UUID argument |
Example
nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 virtual-server 11bb214f-bd06-4bff-b2a5-6f82e5ec62b6
Virtual Server
Application Profile Id : 4b6d4d28-208e-4a0d-a9aa-a712934d5bef
Display Name : udpvip1
Enabled : True
UUID : 11bb214f-bd06-4bff-b2a5-6f82e5ec62b6
Ip Address :
Ipv4 : 124.124.124.124
Ip Protocol : UDP
Pool Id : 56722b45-c276-43fb-81d0-4b15760fdbce
Port : 9999
Application Profile
Application Type : FAST_UDP
Display Name : fastUdpProfile1
Fast Udp Profile :
Flow Mirroring Enabled : False
Idle Timeout : 1970-01-01 00:00:00.300000 (timestamp: 300)
UUID : 4b6d4d28-208e-4a0d-a9aa-a712934d5bef
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the access log file for a specific load balancer and virtual server.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <vs-uuid> | Virtual server UUID argument |
Example
nsx-edge-1> get load-balancer 4d3eafaa-5a16-422a-80d9-f799cb4bd40a virtual-server 953e4da8-a571-4695-b54c-90505d8e59c2 access-log
1.1.5.10 - - [16/Nov/2017:11:47:49 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:11:47:49 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:11:48:15 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:11:48:16 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:11:48:17 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:11:54:50 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:16:42:15 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
.
.
.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the last 10 lines of the access log file for a specific virtual server of load balancer and all new messages that are written to the log file.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <vs-uuid> | Virtual server UUID argument |
Example
nsx-edge-1> get load-balancer 4d3eafaa-5a16-422a-80d9-f799cb4bd40a virtual-server 953e4da8-a571-4695-b54c-90505d8e59c2 access-log follow
1.1.5.10 - - [16/Nov/2017:11:47:49 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:11:47:49 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:11:48:15 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:11:48:16 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:11:48:17 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:11:54:50 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:16:42:15 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
.
.
.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display access log messages containing strings that match the given regular expression pattern for a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <vs-uuid> | Virtual server UUID argument |
| <regex> | Regular expression |
Example
nsx-edge-1> get load-balancer 4d3eafaa-5a16-422a-80d9-f799cb4bd40a virtual-server 953e4da8-a571-4695-b54c-90505d8e59c2 access-log reg-filter 16/Nov.*11:48
1.1.5.10 - - [16/Nov/2017:11:48:15 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:11:48:16 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
1.1.5.10 - - [16/Nov/2017:11:48:17 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the load balancer rules for a specific load balancer and virtual server.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <vs-uuid> | Virtual server UUID argument |
Example
nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 virtual-server 110ac92c-1647-48a5-8d66-4cac06817716 lbrules
LbRule
Action :
Action Type : HTTP_REQUEST_URI_REWRITE
Http Request Uri Rewrite :
Uri : /product_detail.html
Display Name : RewriteRequestUrl
UUID : 4202cb56-c8b3-4d7a-9f61-686d55ed7d80
Match Condition :
Http Request Url Config :
Request Url : /product.html
Match Type : HTTP_REQUEST_URL
Match Strategy : MATCH_STRATEGY_ANY
Phase : HTTP_REQUEST_REWRITE
LbRule
Action :
Action Type : SELECT_POOL
Select Pool Config :
Pool Id : e7a438a1-69e9-4347-9f21-0f28d7aa44d9
Display Name : LoginRouteRule
UUID : 58ba5a69-6a5a-4b6b-8899-d0fa8159fbcd
Match Condition :
Http Request Url Config :
Request Url : /login.html
Match Type : HTTP_REQUEST_URL
Match Strategy : MATCH_STRATEGY_ALL
Phase : HTTP_FORWARDING
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the statistics for a specific load balancer and virtual server.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <vs-uuid> | Virtual server UUID argument |
Example
nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-server 953e4da8-a571-4695-b54c-90505d8e59c2 stats
Virtual Server
UUID : 953e4da8-a571-4695-b54c-90505d8e59c2
Display-Name : tcpvip1
VIP : TCP 123.123.123.123:80
Type : L4
Sessions :
(Cur, Max, Total, Rate) : (0, 0, 0, 0)
Bytes :
(In, Out) : (0, 0)
Packets :
(In, Out) : (0, 0)
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the status of a specific load balancer virtual server.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <vs-uuid> | Virtual server UUID argument |
Example
nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-server 0ba2817e-9ddb-411e-a397-ef2f3b099a46 status
Virtual Server
UUID : 0ba2817e-9ddb-411e-a397-ef2f3b099a46
Display-Name: http-vip-1
IP : 123.123.123.123
Port : 80
Status : up
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the virtual servers of a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 virtual-servers
Virtual Server
Application Profile Id : 9c4d7f35-13f9-46fc-8d57-d60f0a12544d
Display Name : http-vip-1
Enabled : True
UUID : 37f1a8c9-ab8b-4ee9-9b41-5da317ac05d3
Ip Address :
Ipv4 : 123.123.123.123
Ip Protocol : TCP
Persistence Profile Id : e57ef9b9-fe06-4269-9c2c-9fc2609e3941
Pool Id : d39f9ed7-444c-493d-8c99-327a30befe8e
Port : 80
Virtual Server
Application Profile Id : f5586889-a812-4e64-b735-610851a6fad6
Display Name : tcpvip1
Enabled : True
UUID : 26168a79-48d6-44a7-86fe-0d5ee7c91e47
Ip Address :
Ipv4 : 123.123.123.123
Ip Protocol : TCP
Persistence Profile Id : 17d24b73-c090-495a-b60f-ed772b613bdf
Pool Id : 29e66f11-d589-4208-a78d-f72e18aa8286
Port : 8888
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the statistics for all virtual servers of a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-servers stats
Virtual Server
UUID : 953e4da8-a571-4695-b54c-90505d8e59c2
Display-Name : tcpvip1
VIP : TCP 123.123.123.123:80
Type : L4
Sessions :
(Cur, Max, Total, Rate) : (0, 0, 0, 0)
Bytes :
(In, Out) : (0, 0)
Packets :
(In, Out) : (0, 0)
Virtual Server
UUID : 0ba2817e-9ddb-411e-a397-ef2f3b099a46
Display-Name : http-vip-1
VIP : TCP 123.123.123.123:8080
Type : L7
Sessions :
(Cur, Max, Total, Rate) : (0, 0, 0, 0)
Bytes :
(In, In-Rate) : (0, 0)
(Out, Out-Rate) : (0, 0)
HTTP Requests :
(Total, Rate) : (0, 0)
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the status of all virtual servers of a specific load balancer.
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
Example
nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-servers status
Virtual Server
UUID : 953e4da8-a571-4695-b54c-90505d8e59c2
Display-Name: tcpvip1
IP : 123.123.123.123
Port : 8888
Status : up
Virtual Server
UUID : 0ba2817e-9ddb-411e-a397-ef2f3b099a46
Display-Name: http-vip-1
IP : 123.123.123.123
Port : 80
Status : up
Mode
Basic
Availability
Edge, Public Cloud Gateway
Get edge parameters configured by load balancer for performance.
Example
nsx-edge-1> get load-balancer perf-profile config
Load Balancer Performance Config
Profile :large vm http profile
Dataplane
Kni Busy Loop :enabled
Kni Fifo Size :8192
Tx Ring Size :512
Rx Ring Size :512
Cores :0
Intr Mode :disabled
Kni Mbuf Burst Num :2048
Dispatcher
Cores :4,5,6,7
Kni
Cores :1
Rps Cpus :2,3
Engine
Cores :4,5,6,7
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all load balancers.
Example
nsx-edge-1> get load-balancers
Load Balancer
Access Log Enabled : False
Applied To :
Attachment Id : 00002000-0000-0000-0000-000000000008
Type : LOG_SERVICE_ROUTER_CLUSTER
Display Name : lbs-on-lr1
Enabled : True
UUID : eba5f460-c660-4f82-8488-62231fb9aea3
Log Level : LB_LOG_LEVEL_INFO
Size : SMALL
Virtual Server Id : 37f1a8c9-ab8b-4ee9-9b41-5da317ac05d3
26168a79-48d6-44a7-86fe-0d5ee7c91e47
7e012072-0594-4063-97f0-82452e9a2813
11bb214f-bd06-4bff-b2a5-6f82e5ec62b6
110ac92c-1647-48a5-8d66-4cac06817716
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the status of all load balancers.
Example
nsx-edge-1> get load-balancers status
Load Balancer
UUID : ed785df6-2143-4944-b918-66470886be83
Display-Name : lbs-dgo
Enabled : True
LB-State : not_ready
LR-HA-State : active
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the contents of the specified log file.
| Option | Description |
|---|---|
| <filename> | Log file name |
Example
nsx-manager-1> get log-file manager.log
2016-10-24 05:11:50.292 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/connections?columns=name,user
Entity Body : <{Accept=[application/json]}> method: GET
2016-10-24 05:11:50.312 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/connections?columns=name,user
Response Body : [Lcom.vmware.nsx.management.messaging.rabbitmq.Connection;@59e806a2 method : GET
2016-10-24 05:11:50.312 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/users
Entity Body : <{Accept=[application/json]}> method: GET
2016-10-24 05:11:50.354 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/users
Response Body : [Lcom.vmware.nsx.management.messaging.rabbitmq.Account;@5307ed29 method : GET
2016-10-24 05:11:55.298 UTC INFO increment-barrier-timer RealizationStateBarrierServiceImpl - SYSTEM [nsx comp="nsx-manager" subcomp="manager"] Incremented realization state barrier number to 122598
2016-10-24 05:11:55.674 UTC INFO Event Processor for GatewaySender_AsyncEventQueue_txLogEventQueue TxLogAsyncEventListener - - [nsx comp="nsx-manager" subcomp="manager"] Gets 1 events to process.
.
.
.
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display the last 10 lines of the specified log file and all new messages that are written to the log file.
| Option | Description |
|---|---|
| <filename> | Log file name |
Example
nsx-manager-1> get log-file manager.log follow
2016-10-24 05:11:50.292 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/connections?columns=name,user
Entity Body : <{Accept=[application/json]}> method: GET
2016-10-24 05:11:50.312 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/connections?columns=name,user
Response Body : [Lcom.vmware.nsx.management.messaging.rabbitmq.Connection;@59e806a2 method : GET
2016-10-24 05:11:50.312 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/users
Entity Body : <{Accept=[application/json]}> method: GET
2016-10-24 05:11:50.354 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/users
Response Body : [Lcom.vmware.nsx.management.messaging.rabbitmq.Account;@5307ed29 method : GET
2016-10-24 05:11:55.298 UTC INFO increment-barrier-timer RealizationStateBarrierServiceImpl - SYSTEM [nsx comp="nsx-manager" subcomp="manager"] Incremented realization state barrier number to 122598
2016-10-24 05:11:55.674 UTC INFO Event Processor for GatewaySender_AsyncEventQueue_txLogEventQueue TxLogAsyncEventListener - - [nsx comp="nsx-manager" subcomp="manager"] Gets 1 events to process.
.
.
.
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display logging server configuration.
Example
nsx> get logging-servers
192.168.110.60 proto udp level info facility syslog messageid SYSTEM,FABRIC
192.168.110.60 proto udp level info facility auth,user
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display information about the specified logical router.
| Option | Description |
|---|---|
| <uuid> | Logical Router identifier Allowed pattern: ^[0-9]+$|^0x[0-9a-fA-F]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get logical-router db6760b3-d9e2-44ef-b1c4-f56138665d71
LR-Id LR-Name Hosts[] Service-Controller Router-Type ClusterId UUID
0x5 SR-46740ffe-9bf1-406e-816d-e200a45f0707 192.168.110.111 192.168.110.108 SERVICE_ROUTER_TIER1 00002000-0000-0000-0000-000000000001 db6760b3-d9e2-44ef-b1c4-f56138665d71
192.168.110.112
Mode
Basic
Availability
Controller
Display information about the specified logical router.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
kvm-1> get logical-router 091a05dc-8080-41a2-a56f-baf6d32fb512
Logical Router
==================================================
UUID : 091a05dc-8080-41a2-a56f-baf6d32fb512
ID : 32769
Ports :
100.64.1.1/31 (02:50:56:00:00:03)
172.16.30.1/24 (02:50:56:56:44:52)
172.16.10.1/24 (02:50:56:56:44:52)
172.16.20.1/24 (02:50:56:56:44:52)
Mode
Basic
Availability
KVM, NSX Cloud VM
Display information about the specified logical router.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
esx-1> get logical-router d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8
Logical Router
-------------------------------------------------------------------------------------
VDR UUID : d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8
LIF number : 4
Route number : 7
State : ['Enabled']
Controller IP : 192.168.110.108
Control plane IP : 192.168.210.51
Control plane active : True
Next hop number : 1
Generation number : 0
Edge active : False
Mode
Basic
Availability
ESXi
Display information about the specified logical router.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-router 736a80e3-23f6-5a2d-81d6-bbefb2786666
Logical Router
UUID VRF LR-ID Name Type Ports
736a80e3-23f6-5a2d-81d6-bbefb2786666 0 0 R1 TUNNEL 3
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the ARP table and ARP statistics for the specified logical router.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-router d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8 arp stats
Logical Router
UUID : d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8
VRF : 6
LR-ID : 6
name : R3
type : DISTRIBUTED_ROUTER
arp
interface : c66fc321-df74-4aaa-835e-95dc815fe7ae
IP : 172.16.130.13
MAC : 00:50:56:8e:3e:0b
state : perm
statistics
TX-Packets : 0
TX-Fails : 0
TX-Solicits : 0
TX-Solicit-Fails : 0
RX-Solicits : 0
RX-Unsolicits : 0
interface : f6ef3b50-64a0-4948-ab9e-9135963d4b8b
IP : 169.0.0.2
MAC : 02:50:56:00:00:05
state : reach
timeout : 325
statistics
TX-Packets : 1
TX-Fails : 0
TX-Solicits : 239
TX-Solicit-Fails : 0
RX-Solicits : 241
RX-Unsolicits : 0
interface : be290c92-74ed-437c-bbf1-dd78673b6a5a
IP : 172.16.120.11
MAC : 00:50:56:8e:15:e5
state : reach
timeout : 378
statistics
TX-Packets : 6
TX-Fails : 0
TX-Solicits : 261
TX-Solicit-Fails : 0
RX-Solicits : 233
RX-Unsolicits : 0
interface : 3c139373-f8f7-441e-aac4-146d9b5ff3a6
IP : 172.16.110.11
MAC : 00:50:56:8e:91:12
state : perm
statistics
TX-Packets : 0
TX-Fails : 0
TX-Solicits : 0
TX-Solicit-Fails : 0
RX-Solicits : 0
RX-Unsolicits : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the ARP table for the specified logical router.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-router d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8 arp-table
Logical Router
UUID : d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8
VRF : 6
LR-ID : 6
name : R3
type : DISTRIBUTED_ROUTER
arp
interface : c66fc321-df74-4aaa-835e-95dc815fe7ae
IP : 172.16.130.13
MAC : 00:50:56:8e:3e:0b
state : perm
interface : f6ef3b50-64a0-4948-ab9e-9135963d4b8b
IP : 169.0.0.2
MAC : 02:50:56:00:00:05
state : reach
timeout : 7
interface : be290c92-74ed-437c-bbf1-dd78673b6a5a
IP : 172.16.120.11
MAC : 00:50:56:8e:15:e5
state : reach
timeout : 24
interface : 3c139373-f8f7-441e-aac4-146d9b5ff3a6
IP : 172.16.110.11
MAC : 00:50:56:8e:91:12
state : perm
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display arp entry information (ARP cache) for the specified logical router.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
esx-1> get logical-router d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8 arp-table
Logical Routers Neighbors
--------------------------------------------------------------------------------------------------------------
Flags Legend: [S: Static], [V: Valid], [P: Proxy], [I: Interface]
[N: Nascent], [L: Local], [D: Deleted], [K: linKlif]
Network Mac Flags Expiry SrcPort Refcnt Lif UUID
==============================================================================================================
172.16.130.1 02:50:56:56:44:52 VI permanent 0 1 c66fc321-df74-4aaa-835e-95dc815fe7ae
172.16.120.1 02:50:56:56:44:52 VI permanent 0 1 be290c92-74ed-437c-bbf1-dd78673b6a5a
169.0.0.1 02:50:56:56:44:52 VI permanent 0 1 f6ef3b50-64a0-4948-ab9e-9135963d4b8b
169.0.0.2 02:50:56:00:00:05 V 498 83886128 2 f6ef3b50-64a0-4948-ab9e-9135963d4b8b
172.16.110.1 02:50:56:56:44:52 VI permanent 0 1 3c139373-f8f7-441e-aac4-146d9b5ff3a6
172.16.110.11 00:50:56:8e:91:12 VL 488 83886132 18 3c139373-f8f7-441e-aac4-146d9b5ff3a6
Mode
Basic
Availability
ESXi
Display parameters defined in global logical router BFD
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge> get logical-router 463c9dd1-986b-4947-895b-1126bd53abc8 bfd-config
Logical Router
UUID : d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8
vrf : 6
lr-id : 6
name : R1
type : SERVICE_ROUTER_TIER0
BFD global configuration
Enabled : True
Min RX Interval: 1000
Min TX Interval: 1000
Min RX TTL : 255
Multiplier : 3
Port : 4451c48f-8cff-4444-8e10-bff403783dca
BFD session configuration
Source : 192.168.50.1
Peer : 192.168.50.10
Enabled : True
Min RX Interval: 1000
Min TX Interval: 1000
RX TTL : 255
Multiplier : 3
Source : 192.168.50.1
Peer : 192.168.50.20
Enabled : True
Min RX Interval: 3000
Min TX Interval: 3000
RX TTL : 255
Multiplier : 5
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display BFD sessions in a logical router
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge> get logical-router 463c9dd1-986b-4947-895b-1126bd53abc8 bfd-session
BFD Session
Dest_port : 3784
Diag : No Diagnostic
Encap : vlan
Forwarding : last false (current false)
Interface : 4451c48f-8cff-4444-8e10-bff403783dca
Last_cp_diag : No Diagnostic
Last_cp_rmt_diag : No Diagnostic
Last_cp_rmt_state : admin_down
Last_cp_state : admin_down
Last_fwd_state : NONE
Local_address : 192.168.50.1
Local_discr : 2830404107
Min_rx_ttl : 255
Multiplier : 5
Prev_failure_diag : No Diagnostic
Received_remote_diag : No Diagnostic
Received_remote_state : down
Remote_address : 192.168.50.20
Remote_admin_down : false
Remote_diag : No Diagnostic
Remote_discr : 0
Remote_min_rx_interval : 0
Remote_min_tx_interval : 0
Remote_multiplier : 0
Remote_state : down
Rx_cfg_min : 3000
Rx_interval : 3000
Session_type : LR_PORT
State : down
Tx_cfg_min : 3000
Tx_interval : 3000
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all BGP learned routes.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-router 6db331c1-4aea-48f0-85ec-bd9c3ac30eb0 bgp
Status flags: * - best, I - internal
Origin flags: I - IGP, E - EGP, ! - incomplete
Network Next Hop LocPrf MED AS Path
* 0.0.0.0/0 192.168.100.253 100 0 64521 !
* 10.10.10.0/24 192.168.100.253 100 0 64521 I
* 172.16.110.0/24 169.0.0.1 100 0 !
* 172.16.120.0/24 169.0.0.1 100 0 !
* 172.16.130.0/24 169.0.0.1 100 0 !
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all BGP NLRI matching the community.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
| <bgp-community> | BGP community argument, either NO_EXPORT, NO_ADVERTISE, NO_EXPORT_SUBCONFED or community in AA:NN format |
Example
31f97d287520> get logical-router 2cf9a361-635d-4ec8-889c-7c0286534bcd bgp community NO_EXPORT
Status flags: * - best, I - internal
Origin flags: I - IGP, E - EGP, ! - incomplete
Network Next Hop LocPrf Weight MED AS Path
* 0.0.0.0/0 192.168.10.3 100 0 0 101 !
* 20.0.0.0/16 192.168.10.3 100 0 1 101 !
* 25.25.25.0/24 192.168.10.3 100 0 0 101 I
* 26.26.26.0/24 192.168.10.3 100 0 0 101 I
* 27.27.27.0/24 192.168.10.3 100 0 0 101 I
* 30.0.0.0/16 192.168.10.3 100 0 1 101 !
* 172.17.0.0/16 192.168.10.3 100 0 1 101 !
* 192.168.10.0/24 192.168.10.3 100 0 1 101 !
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all BGP neighbor information.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-router 6db331c1-4aea-48f0-85ec-bd9c3ac30eb0 bgp neighbor
BGP neighbor: 192.168.100.253 Remote AS: 64521
BGP state: Established, Up
BFD state: Up
Hold Time: 3s Keepalive Interval: 1s
Capabilities:
4Byte ASN: advertised and received
Route Refresh: advertised and received
Graceful Restart: none
Restart Remaining Time: 0
Address Family: IPv4 Unicast:advertised and received
Messages: 6011 received, 6009 sent
Minimum time between advertisements: 30s (default)
1 Connections established, 1 dropped
Local host: 192.168.100.103, Local port: 52202
Remote host: 192.168.100.253, Remote port: 179
Route Refresh: 0 received, 0 sent
For Address Family IPv4 Unicast:advertised and received
Prefixes: 2 received, 3 sent, 3 advertised
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about the specified BGP neighbor.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> get logical-router 6db331c1-4aea-48f0-85ec-bd9c3ac30eb0 bgp neighbor 192.168.10.12
BGP neighbor: 192.168.10.12 Remote AS: 101
BGP state: Active, Up
BFD state: Init
Hold Time: 0s Keepalive Interval: 0s
Capabilities:
4Byte ASN: None
Route Refresh: None
Graceful Restart: None
Restart Remaining Time: 0
Address Family: None
Messages: 0 received, 0 sent
Minimum time between advertisements: 30s (default)
0 Connections established, 2 dropped
Local host: 0.0.0.0, Local port: 0
Remote host: 192.168.10.12, Remote port: 0
Route Refresh: 0 received, 0 sent
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display routes advertised to the specified BGP neighbor.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> get logical-router 6db331c1-4aea-48f0-85ec-bd9c3ac30eb0 bgp neighbor 192.168.100.253 advertised-routes
Status flags: * - best, I - internal
Origin flags: I - IGP, E - EGP, ! - incomplete
Network Next Hop LocPrf MED AS Path
172.16.110.0/24 192.168.100.103 0 0 64520 !
172.16.120.0/24 192.168.100.103 0 0 64520 !
172.16.130.0/24 192.168.100.103 0 0 64520 !
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display routes learned from the specified BGP neighbor.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> get logical-router 6db331c1-4aea-48f0-85ec-bd9c3ac30eb0 bgp neighbor 192.168.100.253 routes
Status flags: * - best, I - internal
Origin flags: I - IGP, E - EGP, ! - incomplete
Network Next Hop LocPrf MED AS Path
* 0.0.0.0/0 192.168.100.253 100 0 64521 !
* 10.10.10.0/24 192.168.100.253 100 0 64521 I
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display summarized BGP neighbor information.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-router 6db331c1-4aea-48f0-85ec-bd9c3ac30eb0 bgp neighbor summary
BFD States: NC - Not configured, AC - Activating, DC - Disconnected
AD - Admin down, DW - Down, IN - Init, UP - Up
BGP summary information for VRF default
Router ID: 192.168.10.2 Local AS: 100
Neighbor AS State Up/DownTime BFD InMsgs OutMsgs InPfx OutPfx
192.168.10.11 101 Establ 0d1h6m1s UP 680 778 9 3
192.168.10.12 101 Active 0d0h0m0s IN 0 0 0 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display forwarding for the specified logical router.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
esx-1> get logical-router d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8 forwarding
Logical Routers Routes
-----------------------------------------------------------------------------------------------------------------------------
Flags Legend: [U: Up], [G: Gateway], [C: Connected], [I: Interface]
[H: Host], [R: Reject], [B: Blackhole], [F: Soft Flush], [E: ECMP]
Destination Gateway Type Lif UUID
==========================================================================================================================
0.0.0.0/0 169.0.0.2 UG f6ef3b50-64a0-4948-ab9e-9135963d4b8b
100.64.1.0/31 169.0.0.2 UG f6ef3b50-64a0-4948-ab9e-9135963d4b8b
100.64.1.1/32 169.0.0.2 UGH f6ef3b50-64a0-4948-ab9e-9135963d4b8b
169.0.0.0/30 0.0.0.0 UCI f6ef3b50-64a0-4948-ab9e-9135963d4b8b
172.16.110.0/24 0.0.0.0 UCI 3c139373-f8f7-441e-aac4-146d9b5ff3a6
172.16.120.0/24 0.0.0.0 UCI be290c92-74ed-437c-bbf1-dd78673b6a5a
172.16.130.0/24 0.0.0.0 UCI c66fc321-df74-4aaa-835e-95dc815fe7ae
Mode
Basic
Availability
ESXi
Display the forwarding table for the specified logical router. Optionally specify a prefix to display only the entry that matches that network.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
| <prefix> | Network Address argument |
Example
nsx-edge-1> get logical-router 736a80e3-23f6-5a2d-81d6-bbefb2786666 forwarding
Logical Router
UUID VRF LR-ID Name Type
736a80e3-23f6-5a2d-81d6-bbefb2786666 0 0 R1 TUNNEL
IPv4 Forwarding Table
IP Prefix Gateway IP Type UUID Gateway MAC
142.134.61.0/24 route 34ca595f-fa62-5ed4-afcc-a6ef0195d4ed
142.134.61.36/32 route f322c6ca-4298-568b-81c7-a006ba6e6c88
or
nsx-edge-1> get logical-router 736a80e3-23f6-5a2d-81d6-bbefb2786666 forwarding 142.134.61.0/24
Logical Router
UUID VRF LR-ID Name Type
736a80e3-23f6-5a2d-81d6-bbefb2786666 0 0 R1 TUNNEL
IPv4 Forwarding Table
IP Prefix Gateway IP Type UUID Gateway MAC
142.134.61.0/24 route 34ca595f-fa62-5ed4-afcc-a6ef0195d4ed
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the high availability state history for the specified logical router. Only service routers have a high availability status. Use the
get logical-routers command to get a list of logical routers and their router types.| Option | Description |
|---|---|
| <uuid> | UUID argument |
Example
nsx-edge-1> get logical-router 4e425c9e-09c6-4021-bbc7-fab2895a2c09 high-availability history state
State : Down
Event : Init
Resources :
Time : 2016-02-02 18:41:22.80
State : Active
Event : Node Up
Resources : 0
Time : 2016-02-02 18:41:26.91
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the high availability status for the specified logical router. Only service routers have a high availability status. Use the
get logical-routers command to get a list of logical routers and their router types.| Option | Description |
|---|---|
| <uuid> | UUID argument |
Example
nsx-edge-1> get logical-router 4e425c9e-09c6-4021-bbc7-fab2895a2c09 high-availability status
Service Router
UUID : 4e425c9e-09c6-4021-bbc7-fab2895a2c09
state : Active
type : TIER0
mode : A/A
rank : 0
service count : 1
service score : 1
HA ports state
UUID : 733d7ed3-1daa-4c28-bc0a-77e3736fea14
op_state : Up
addresses : 169.0.0.2/28
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about a specific interface on the specified logical router.
| Option | Description |
|---|---|
| <uuid> | Logical Router identifier Allowed pattern: ^[0-9]+$|^0x[0-9a-fA-F]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
| <interface-id> | Logical Router interface id Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get logical-router db6760b3-d9e2-44ef-b1c4-f56138665d71 interface 8b06827f-6325-4afd-b56d-6260ebf0a1a0
UUID: 8b06827f-6325-4afd-b56d-6260ebf0a1a0
Interface-Name: bp-sr0-port
Logical-Router-Id: 0x5
Id: 15240
Type: VXSTT
AdminStateUp: true
UrpfMode: PORT_CHECK
Subnets:
169.0.0.2/28
Mac: 02:50:56:00:00:06
Mtu: 0
Multicast-IP: 0.0.0.1
Flags: 0x204
DHCP-Server-IP:
Mode
Basic
Availability
Controller
Display interface information for the specified logical router.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
esx-1> get logical-router d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8 interfaces
Logical Router Interfaces
---------------------------------------------------------------------------
LIF UUID : c66fc321-df74-4aaa-835e-95dc815fe7ae
Mode : ['Routing']
Overlay VNI : 27530
IP : 172.16.130.1
IP mask : 255.255.255.0
Mac : 02:50:56:56:44:52
Connected DVS : nsxvswitch
Control plane enable : True
Replication Mode : 0.0.0.1
State : ['Enabled']
Flags : 0x2288
DHCP relay : Not enable
LIF UUID : be290c92-74ed-437c-bbf1-dd78673b6a5a
Mode : ['Routing']
Overlay VNI : 25480
IP : 172.16.120.1
IP mask : 255.255.255.0
Mac : 02:50:56:56:44:52
Connected DVS : nsxvswitch
Control plane enable : True
Replication Mode : 0.0.0.1
State : ['Enabled']
Flags : 0x2288
DHCP relay : Not enable
LIF UUID : f6ef3b50-64a0-4948-ab9e-9135963d4b8b
Mode : ['Routing-Backplane']
Overlay VNI : 37768
IP : 169.0.0.1
IP mask : 255.255.255.240
Mac : 02:50:56:56:44:52
Connected DVS : nsxvswitch
Control plane enable : True
Replication Mode : 0.0.0.1
State : ['Enabled']
Flags : 0x12308
DHCP relay : Not enable
LIF UUID : 3c139373-f8f7-441e-aac4-146d9b5ff3a6
Mode : ['Routing']
Overlay VNI : 11145
IP : 172.16.110.1
IP mask : 255.255.255.0
Mac : 02:50:56:56:44:52
Connected DVS : nsxvswitch
Control plane enable : True
Replication Mode : 0.0.0.1
State : ['Enabled']
Flags : 0x2388
DHCP relay : Not enable
Mode
Basic
Availability
ESXi
Display all interfaces on the specified logical router.
| Option | Description |
|---|---|
| <uuid> | Logical Router identifier Allowed pattern: ^[0-9]+$|^0x[0-9a-fA-F]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get logical-router db6760b3-d9e2-44ef-b1c4-f56138665d71 interfaces
Interface Type Id IP[] Urpf-Mode Admin-State-Up UUID
sr-0-loopback-port UNSET 0 127.0.0.1/8 NONE true 00003300-0000-0000-0000-000000000005
bp-sr0-port VXSTT 15240 169.0.0.2/28 PORT_CHECK true 8b06827f-6325-4afd-b56d-6260ebf0a1a0
97458be5-bf5e-44f8-a6b0-9fc32be347fc VXSTT 41864 100.64.1.1/31 PORT_CHECK true 97458be5-bf5e-44f8-a6b0-9fc32be347fc
Mode
Basic
Availability
Controller
Display interface information for the specified logical router.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-router d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8 interfaces
Logical Router
UUID VRF LR-ID Name Type
736a80e3-23f6-5a2d-81d6-bbefb2786666 0 0 R1 TUNNEL
interfaces
interface : 9fd3c667-32db-5921-aaad-7a88c80b5e9f
ifuid : 258
mode : blackhole
interface : 34ca595f-fa62-5ed4-afcc-a6ef0195d4ed
ifuid : 261
mode : lif
IP/Mask : 142.134.61.36/24
MAC : 00:0c:29:5a:96:2b
VLAN id : untagged
LS port : 238d7422-e488-5cee-9639-1894b8ab56e2
urpf-mode : NONE
admin : up
op_state : up
MTU : 1600
interface : f322c6ca-4298-568b-81c7-a006ba6e6c88
ifuid : 257
mode : cpu
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the interface statistics for the specified logical router.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-router e9d3379d-aba7-4459-9262-18bc95eaeec1 interfaces stats
Logical Router
UUID : e9d3379d-aba7-4459-9262-18bc95eaeec1
VRF : 1
LR-ID : 1
name : R2
type : SERVICE_ROUTER_TIER0
Statistics
Interface Type RX PKTS TX PKTS RX BYTES TX BYTES RX Drops TX Drops
b83cb77f-ca34-595c-a3e1-76278f0dcb00 blackhole 0 0 0 0 0 0
4b115e5f-1395-54c3-aaf0-0de5736f99df cpu 8 0 648 0 8 0
6c427841-e151-4479-9184-4196cfcef3b6 lif 5563 11 1902546 462 5563 0
081e2e50-2f0e-42e1-8764-80a127dd3918 lif 0 0 0 0 0 0
00003300-0000-0000-0000-000000000002 loopback 8 0 648 0 8 0
Total 5579 11 1903842 462 5579 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display neighbor information (ARP cache) for the specified logical router.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
kvm-1> get logical-router 1904e13f-757a-4f44-9f85-cb84678a1a16 neighbors
Logical Router Forwarding Table
============================================================
Prefix MAC State Timeout
192.168.1.1/24 02:50:56:56:44:52 Up 10
Mode
Basic
Availability
KVM, NSX Cloud VM
Display interface information for the specified logical router.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
kvm-1> get logical-router 091a05dc-8080-41a2-a56f-baf6d32fb512 ports
Logical Router Ports
============================================================
Port UUID : e1ce6498-b3ca-4000-a0f4-0734415044cf
IP/Mask : 100.64.1.1/31
MAC Address : 02:50:56:00:00:03
VNI : 58248
Flag : 1
============================================================
Port UUID : d7c184c8-bf63-47c8-bf48-01836d0380e5
IP/Mask : 172.16.30.1/24
MAC Address : 02:50:56:56:44:52
VNI : 31624
Flag : 0
============================================================
Port UUID : 07607708-9bc7-46fc-8d14-fc016b9297da
IP/Mask : 172.16.10.1/24
MAC Address : 02:50:56:56:44:52
VNI : 54152
Flag : 0
============================================================
Port UUID : b2d3d312-962e-4a79-864c-09304195b88a
IP/Mask : 172.16.20.1/24
MAC Address : 02:50:56:56:44:52
VNI : 52104
Flag : 0
============================================================
Mode
Basic
Availability
KVM, NSX Cloud VM
Display the routing table for the specified logical router.
| Option | Description |
|---|---|
| <uuid> | Logical Router identifier Allowed pattern: ^[0-9]+$|^0x[0-9a-fA-F]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get logical-router db6760b3-d9e2-44ef-b1c4-f56138665d71 route
LR-Id Destination Next-Hop LR-Port-Id Blackhole Route-Type Admin-Distance Admin-State-Up Route-UUID
0x5 172.16.110.0/24 169.0.0.1 8b06827f-6325-4afd-b56d-6260ebf0a1a0 false NSX_CONNECTED 0 true 00000018-ac10-6e00-0000-000000000005
0x5 100.64.1.0/31 0.0.0.0 97458be5-bf5e-44f8-a6b0-9fc32be347fc false CONNECTED 0 true 0000001f-6440-0100-0000-000000000005
0x5 0.0.0.0/0 100.64.1.0 97458be5-bf5e-44f8-a6b0-9fc32be347fc false NSX_STATIC 3 true 00000000-0000-0000-0000-000000000005
0x5 172.16.120.0/24 169.0.0.1 8b06827f-6325-4afd-b56d-6260ebf0a1a0 false NSX_CONNECTED 0 true 00000018-ac10-7800-0000-000000000005
0x5 172.16.130.0/24 169.0.0.1 8b06827f-6325-4afd-b56d-6260ebf0a1a0 false NSX_CONNECTED 0 true 00000018-ac10-8200-0000-000000000005
0x5 169.0.0.0/28 0.0.0.0 8b06827f-6325-4afd-b56d-6260ebf0a1a0 false CONNECTED 0 true 0000001c-a900-0000-0000-000000000005
Mode
Basic
Availability
Controller
Display a specific IPv4 route on the specified logical router.
| Option | Description |
|---|---|
| <uuid> | Logical Router identifier Allowed pattern: ^[0-9]+$|^0x[0-9a-fA-F]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
| <prefix> | Network Address argument |
Example
nsx-controller-1> get logical-router db6760b3-d9e2-44ef-b1c4-f56138665d71 route 172.16.120.0/24
LR-Id Destination Next-Hop LR-Port-Id Blackhole Route-Type Admin-Distance Admin-State-Up Route-UUID
0x5 172.16.120.0/24 169.0.0.1 8b06827f-6325-4afd-b56d-6260ebf0a1a0 false NSX_CONNECTED 0 true 00000018-ac10-7800-0000-000000000005
Mode
Basic
Availability
Controller
Display the routing table for the specified logical router.
You must specify a tier 0 service router in this command.
Use the
get logical-routers command to get a
list of logical routers and their router types.
Optionally specify a prefix or IP address to display only the route used for that network.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
| <prefix> | Prefix or IP address with optional prefix length |
Example
nsx-edge-1> get logical-router 4e425c9e-09c6-4021-bbc7-fab2895a2c09 route
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
Total number of routes: 7
b 11.11.11.0/24 [20/0] via 192.168.130.254
rl 100.64.1.0/31 [0/0] via 169.0.0.1
c 169.0.0.0/28 [0/0] via 169.0.0.2
ns 172.16.110.0/24 [3/3] via 169.0.0.1
ns 172.16.120.0/24 [3/3] via 169.0.0.1
ns 172.16.130.0/24 [3/3] via 169.0.0.1
c 192.168.130.0/24 [0/0] via 192.168.130.3
or
nsx-edge-1> get logical-router 4e425c9e-09c6-4021-bbc7-fab2895a2c09 route 172.16.110.0/24
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
ns 172.16.110.0/24 [3/3] via 169.0.0.1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display BGP-learned routes from the routing table.
You must specify a tier 0 service router in this command.
Use the
get logical-routers command to get a
list of logical routers and their router types.
Optionally specify a prefix or IP address to display only the route used for that network.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
| <prefix> | Prefix or IP address with optional prefix length |
Example
nsx-edge-1> get logical-router 4e425c9e-09c6-4021-bbc7-fab2895a2c09 route bgp
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
b 11.11.11.0/24 [20/0] via 192.168.130.254
b 12.12.12.0/24 [20/0] via 192.168.130.254
or
nsx-edge-1> get logical-router 4e425c9e-09c6-4021-bbc7-fab2895a2c09 route bgp 12.12.12.1
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
b 12.12.12.0/24 [20/0] via 192.168.130.254
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display connected routes from the routing table for the specified
logical router.
You must specify a tier 0 service router in this command.
Use the
get logical-routers command to get a
list of logical routers and their router types.
Optionally specify a prefix or IP address to display only the route used for that network.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
| <prefix> | Prefix or IP address with optional prefix length |
Example
nsx-edge-1> get logical-router 4e425c9e-09c6-4021-bbc7-fab2895a2c09 route connected
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
c 169.0.0.0/28 [0/0] via 169.0.0.2
c 192.168.130.0/24 [0/0] via 192.168.130.3
or
nsx-edge-1> get logical-router 4e425c9e-09c6-4021-bbc7-fab2895a2c09 route connected 192.168.130.22
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
c 192.168.130.0/24 [0/0] via 192.168.130.3
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display NAT routes from the routing table for the specified logical router. You must specify a tier 0 service router in this command. Use the
get logical-routers command to get a list of logical routers and their router types. Optionally specify a prefix or IP address to display only the route used for that network.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
| <prefix> | Prefix or IP address with optional prefix length |
Example
nsx-edge-1> get logical-router 44c70e10-3a76-4477-a461-bf3097da2d54 route nat
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
t0n 11.11.1.0/24 [2/0] via 0.0.0.0
t1n 11.11.2.0/24 [3/0] via 169.254.0.1
nsx-edge-1> get logical-router 44c70e10-3a76-4477-a461-bf3097da2d54 route nat 11.11.2.0/24
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
t1n 11.11.2.0/24 [3/0] via 169.254.0.1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display static routes from the routing table.
You must specify a tier 0 service router in this command.
Use the
get logical-routers command to get a
list of logical routers and their router types.
Optionally specify a prefix or IP address to display only the route used for that network.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
| <prefix> | Prefix or IP address with optional prefix length |
Example
nsx-edge-1> get logical-router 4e425c9e-09c6-4021-bbc7-fab2895a2c09 route static
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
rl 100.64.1.0/31 [0/0] via 169.0.0.1
ns 172.16.110.0/24 [3/3] via 169.0.0.1
ns 172.16.120.0/24 [3/3] via 169.0.0.1
ns 172.16.130.0/24 [3/3] via 169.0.0.1
or
nsx-edge-1> get logical-router 4e425c9e-09c6-4021-bbc7-fab2895a2c09 route static 172.16.110.11
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
ns 172.16.110.0/24 [3/3] via 169.0.0.1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display routes for the specified logical router.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
kvm-1> get logical-router 091a05dc-8080-41a2-a56f-baf6d32fb512 routes
Logical Router Forwarding Table
================================================================================
Prefix Gateway Interface
100.64.1.0/8 0.0.0.0 e1ce6498-b3ca-4000-a0f4-0734415044cf
172.16.30.0/16 0.0.0.0 d7c184c8-bf63-47c8-bf48-01836d0380e5
172.16.10.0/16 0.0.0.0 07607708-9bc7-46fc-8d14-fc016b9297da
172.16.20.0/16 0.0.0.0 b2d3d312-962e-4a79-864c-09304195b88a
0.0.0.0/8 100.64.1.0 e1ce6498-b3ca-4000-a0f4-0734415044cf
Mode
Basic
Availability
KVM, NSX Cloud VM
Display statistics for the specified logical router.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-router 736a80e3-23f6-5a2d-81d6-bbefb2786666 stats
Logical Router
UUID : 736a80e3-23f6-5a2d-81d6-bbefb2786666
VRF : 0
LR-ID : 0
name : R1
type : TUNNEL
Statistics
Dropped No Memory : 0
Dropped No Route : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the ARP table for all logical router interfaces.
Example
nsx-edge-1> get logical-router arp-table
interface : 8d655fb8-fc5e-5c08-90f5-15de973a9c77
IP : 192.168.250.61
MAC : 00:50:56:62:58:be
state : reach
timeout : 287
interface : 4b3be9e1-1363-4a85-ac13-8f7ad5b1e842
IP : 192.168.130.1
MAC : 68:ef:bd:4e:98:7f
state : reach
timeout : 309
interface : ef76622f-52ea-425f-b7c9-6264bf11b667
IP : 169.0.0.2
MAC : 02:50:56:00:00:02
state : reach
timeout : 425
interface : c66fc321-df74-4aaa-835e-95dc815fe7ae
IP : 172.16.130.13
MAC : 00:50:56:8e:3e:0b
state : perm
interface : f6ef3b50-64a0-4948-ab9e-9135963d4b8b
IP : 169.0.0.2
MAC : 02:50:56:00:00:05
state : reach
timeout : 397
.
.
.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display interface information for the specified logical router.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-router interface 34ca595f-fa62-5ed4-afcc-a6ef0195d4ed
interface : 34ca595f-fa62-5ed4-afcc-a6ef0195d4ed
ifuid : 261
VRF : 736a80e3-23f6-5a2d-81d6-bbefb2786666
mode : lif
IP/Mask : 142.134.61.36/24
MAC : 00:0c:29:5a:96:2b
VLAN id : untagged
LS port : 238d7422-e488-5cee-9639-1894b8ab56e2
urpf-mode : NONE
admin : up
op_state : up
MTU : 1600
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the ARP table for the specified logical router interface.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-router interface 3c139373-f8f7-441e-aac4-146d9b5ff3a6 arp-table
interface : 3c139373-f8f7-441e-aac4-146d9b5ff3a6
IP : 172.16.110.12
MAC : 00:0c:29:4d:09:19
state : perm
interface : 3c139373-f8f7-441e-aac4-146d9b5ff3a6
IP : 172.16.110.11
MAC : 00:50:56:8e:91:12
state : perm
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display statistics for the specified logical router interface.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-router interface 6c427841-e151-4479-9184-4196cfcef3b6 stats
interface : 6c427841-e151-4479-9184-4196cfcef3b6
ifuid : 266
VRF : e9d3379d-aba7-4459-9262-18bc95eaeec1
IP/Mask : 172.20.1.60/24
MAC : 00:0c:29:5a:96:2b
VLAN id : 101
LS port : 986ab7c0-acda-465f-8cda-1b9b84cd2518
urpf-mode : STRICT_MODE
admin : up
op_state : up
MTU : 1600
statistics
RX-Packets : 1331
RX-Bytes : 455202
RX-Drops : 1331
Blocked : 0
DST-Unsupported: 1331
Firewall : 0
IP-Options : 0
Malformed : 0
No-Receiver : 0
No-Route : 0
RPF-Check : 0
Protocol-Unsupported: 0
IPv6 : 0
Port-Unsupported: 0
TTL-Exceeded: 0
Kni : 0
IPsec : 0
IPsec-NoSA : 0
IPsec-NoVTI : 0
TX-Packets : 11
TX-Bytes : 462
TX-Drops : 0
Blocked : 0
Firewall : 0
Frag-Needed : 0
No-ARP : 0
No-Memory : 0
No-Linked-Port: 0
IPsec : 0
IPsec-NoSA : 0
IPsec-NoVTI : 0
IPsec-Policy-Error: 0
IPsec-Policy-Block: 0
IP Ressemble
Fragments-OK: 0
Fragemnts-Error: 0
Fragments-Timeout: 0
IP Fragment
Fragments-OK: 0
Fragments-Error: 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information for all logical router interfaces.
Example
nsx-edge-1> get logical-router interfaces
interface : 9fd3c667-32db-5921-aaad-7a88c80b5e9f
ifuid : 258
VRF : 736a80e3-23f6-5a2d-81d6-bbefb2786666
mode : blackhole
interface : 34ca595f-fa62-5ed4-afcc-a6ef0195d4ed
ifuid : 261
VRF : 736a80e3-23f6-5a2d-81d6-bbefb2786666
mode : lif
IP/Mask : 142.134.61.36/24
MAC : 00:0c:29:5a:96:2b
VLAN id : untagged
LS port : 238d7422-e488-5cee-9639-1894b8ab56e2
urpf-mode : NONE
admin : up
op_state : up
MTU : 1600
interface : f322c6ca-4298-568b-81c7-a006ba6e6c88
ifuid : 257
VRF : 736a80e3-23f6-5a2d-81d6-bbefb2786666
mode : cpu
interface : b83cb77f-ca34-595c-a3e1-76278f0dcb00
ifuid : 265
VRF : e9d3379d-aba7-4459-9262-18bc95eaeec1
mode : blackhole
interface : 4b115e5f-1395-54c3-aaf0-0de5736f99df
ifuid : 264
VRF : e9d3379d-aba7-4459-9262-18bc95eaeec1
mode : cpu
interface : 6c427841-e151-4479-9184-4196cfcef3b6
ifuid : 266
VRF : e9d3379d-aba7-4459-9262-18bc95eaeec1
mode : lif
IP/Mask : 172.20.1.60/24
MAC : 00:0c:29:5a:96:2b
VLAN id : 101
LS port : 986ab7c0-acda-465f-8cda-1b9b84cd2518
urpf-mode : STRICT_MODE
admin : up
op_state : up
MTU : 1600
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display statistics for all logical router interfaces.
Example
nsx-edge-1> get logical-router interfaces stats
interface : 34ca595f-fa62-5ed4-afcc-a6ef0195d4ed
ifuid : 261
VRF : 736a80e3-23f6-5a2d-81d6-bbefb2786666
IP/Mask : 142.134.61.36/24
MAC : 00:0c:29:5a:96:2b
VLAN id : untagged
LS port : 238d7422-e488-5cee-9639-1894b8ab56e2
urpf-mode : NONE
admin : up
op_state : up
MTU : 1600
statistics
RX-Packets : 768
RX-Bytes : 53788
RX-Drops : 210
Blocked : 0
DST-Unsupported: 21
Firewall : 0
IP-Options : 1
Malformed : 0
No-Receiver : 0
No-Route : 0
RPF-Check : 0
Protocol-Unsupported: 101
IPv6 : 87
Port-Unsupported: 0
TTL-Exceeded: 0
Kni : 0
IPsec : 0
IPsec-NoSA : 0
IPsec-NoVTI : 0
TX-Packets : 11
TX-Bytes : 462
TX-Drops : 0
Blocked : 0
Firewall : 0
Frag-Needed : 0
No-ARP : 0
No-Memory : 0
No-Linked-Port: 0
IPsec : 0
IPsec-NoSA : 0
IPsec-NoVTI : 0
IPsec-Policy-Error: 0
IPsec-Policy-Block: 0
IP Ressemble
Fragments-OK: 0
Fragemnts-Error: 0
Fragments-Timeout: 0
IP Fragment
Fragments-OK: 0
Fragments-Error: 0
interface : 6c427841-e151-4479-9184-4196cfcef3b6
ifuid : 266
VRF : e9d3379d-aba7-4459-9262-18bc95eaeec1
IP/Mask : 172.20.1.60/24
MAC : 00:0c:29:5a:96:2b
VLAN id : 101
LS port : 986ab7c0-acda-465f-8cda-1b9b84cd2518
urpf-mode : STRICT_MODE
admin : up
op_state : up
MTU : 1600
statistics
RX-Packets : 1313
RX-Bytes : 449046
RX-Drops : 1313
Blocked : 0
DST-Unsupported: 1313
Firewall : 0
IP-Options : 0
Malformed : 0
No-Receiver : 0
No-Route : 0
RPF-Check : 0
Protocol-Unsupported: 0
IPv6 : 0
Port-Unsupported: 0
TTL-Exceeded: 0
Kni : 0
IPsec : 0
IPsec-NoSA : 0
IPsec-NoVTI : 0
TX-Packets : 11
TX-Bytes : 462
TX-Drops : 0
Blocked : 0
Firewall : 0
Frag-Needed : 0
No-ARP : 0
No-Memory : 0
No-Linked-Port: 0
IPsec : 0
IPsec-NoSA : 0
IPsec-NoVTI : 0
IPsec-Policy-Error: 0
IPsec-Policy-Block: 0
IP Ressemble
Fragments-OK: 0
Fragemnts-Error: 0
Fragments-Timeout: 0
IP Fragment
Fragments-OK: 0
Fragments-Error: 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display specific IPv4 routes from all the logical routers.
| Option | Description |
|---|---|
| <prefix> | Network Address argument |
Example
nsx-controller-1> get logical-router routes 172.16.120.0/24
LR-Id Destination Next-Hop LR-Port-Id Blackhole Route-Type Admin-Distance Admin-State-Up Route-UUID
0x5 172.16.120.0/24 169.0.0.1 8b06827f-6325-4afd-b56d-6260ebf0a1a0 false NSX_CONNECTED 0 true 00000018-ac10-7800-0000-000000000005
Mode
Basic
Availability
Controller
Display information about all logical routers.
Example
nsx-edge-1> get logical-routers
Logical Router
UUID VRF LR-ID Name Type Ports
736a80e3-23f6-5a2d-81d6-bbefb2786666 0 0 R1 TUNNEL 3
e9d3379d-aba7-4459-9262-18bc95eaeec1 1 1 R2 SERVICE_ROUTER_TIER0 5
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about all logical routers.
Example
nsx-controller-1> get logical-routers
LR-Id LR-Name Hosts[] Service-Controller Router-Type ClusterId UUID
0x5 SR-46740ffe-9bf1-406e-816d-e200a45f0707 192.168.110.111 192.168.110.108 SERVICE_ROUTER_TIER1 00002000-0000-0000-0000-000000000001 db6760b3-d9e2-44ef-b1c4-f56138665d71
192.168.110.112
0x2 DR-ef64d966-56f0-4f3f-bb02-16d07de74b5c 192.168.110.111 192.168.110.108 DISTRIBUTED_ROUTER N/A ef64d966-56f0-4f3f-bb02-16d07de74b5c
192.168.110.112
0x1 DR-46740ffe-9bf1-406e-816d-e200a45f0707 192.168.110.111 192.168.110.108 DISTRIBUTED_ROUTER N/A 46740ffe-9bf1-406e-816d-e200a45f0707
192.168.210.52
192.168.110.112
192.168.210.51
0x3 SR-ef64d966-56f0-4f3f-bb02-16d07de74b5c 192.168.110.111 192.168.110.108 SERVICE_ROUTER_TIER0 00002000-0000-0000-0000-000000000002 19772688-b220-4a34-94a3-8a094dcdd979
0x4 SR-ef64d966-56f0-4f3f-bb02-16d07de74b5c 192.168.110.112 192.168.110.108 SERVICE_ROUTER_TIER0 00002000-0000-0000-0000-000000000002 2d1667ba-ed4a-49d0-8a1d-cd8a77c324bc
Mode
Basic
Availability
Controller
Display information about logical routers on this hypervisor host.
Example
esx-1> get logical-routers
Logical Routers Summary
------------------------------------------------------------
VDR UUID LIF num Route num
d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8 4 7
Mode
Basic
Availability
ESXi
Display information about logical routers asscociated with the VIF on this public cloud host.
Example
host-1> get logical-routers
Host Logical Routers Summary
======================================================================
Router UUID ID Port Count
091a05dc-8080-41a2-a56f-baf6d32fb512 32769 1
Mode
Basic
Availability
NSX Cloud VM
Display information about logical routers on this hypervisor host.
Example
kvm-1> get logical-routers
Logical Routers Summary
======================================================================
Router UUID ID Port Count
091a05dc-8080-41a2-a56f-baf6d32fb512 32769 4
c8e5b716-fbb2-44e9-8c69-e61db332c418 40961 3
Mode
Basic
Availability
KVM
Display statistics for all logical routers.
Example
nsx-edge-1> get logical-router stats
Logical Router
UUID : 736a80e3-23f6-5a2d-81d6-bbefb2786666
VRF : 0
LR-ID : 0
name : R1
type : TUNNEL
Statistics
Dropped No Memory : 0
Dropped No Route : 0
Logical Router
UUID : e9d3379d-aba7-4459-9262-18bc95eaeec1
VRF : 1
LR-ID : 1
name : R2
type : SERVICE_ROUTER_TIER0
Statistics
Dropped No Memory : 0
Dropped No Route : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a specific logical service binding.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get logical-service binding 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d
DHCP_ID: 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d
ID: 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d
LOG_SWITCH_PORT_ID: 60905155-4378-4902-8528-7231a2f6d736
SERVICE_TYPE: DHCP
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all logical service bindings.
Example
nsx-edge-1> get logical-service bindings
DHCP_ID: 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d
ID: 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d
LOG_SWITCH_PORT_ID: 60905155-4378-4902-8528-7231a2f6d736
SERVICE_TYPE: DHCP
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information for the specified logical service port. Optionally specify an argument to display the statistics.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-service port b836eacf-3d1c-5fc9-ab18-19dc0015a57e
lservice-port: b836eacf-3d1c-5fc9-ab18-19dc0015a57e
ifuid : 262
service-type: dhcp
IP : 192.168.110.50
MAC : 00:50:56:98:7d:d7
attach-port : 60905155-4378-4902-8528-7231a2f6d736
nsx-edge-1> get logical-service port b836eacf-3d1c-5fc9-ab18-19dc0015a57e stats
lservice-port: b836eacf-3d1c-5fc9-ab18-19dc0015a57e
ifuid : 262
service-type: dhcp
Statistics
RX-Packets : 16
RX-Bytes : 1080
RX-Drops : 0
Slowpath : 0
Kni : 0
Malformed : 0
No-DHCP-Server: 0
No-Match : 0
TX-Packets : 10
TX-Bytes : 420
TX-Drops : 0
No-Memory : 0
No-Linked-Port: 0
nsx-edge-1> get logical-service port 80e93dd3-0eab-5f8a-96c5-80846c3711b5 stats
lservice-port: 80e93dd3-0eab-5f8a-96c5-80846c3711b5
ifuid : 276
service-type: mdproxy
status : UP
listen_status: UP
monitor_status: UP
err_msg :
Statistics
requests_from_clients : 5
requests_to_nova_server : 5
responses_to_clients : 5
succeeded_responses_from_nova_server: 4
error_responses_from_nova_server: 1
RX-Packets : 0
RX-Bytes : 0
RX-Drops : 0
Slowpath : 0
Kni : 0
Malformed : 0
No-DHCP-Server: 0
No-Match : 0
TX-Packets : 10
TX-Bytes : 420
TX-Drops : 0
No-Memory : 0
No-Linked-Port: 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information for all logical service ports. Optionally specify an argument to display the statistics.
Example
nsx-edge-1> get logical-service ports
lservice-port: b836eacf-3d1c-5fc9-ab18-19dc0015a57e
ifuid : 262
service-type: dhcp
IP : 192.168.110.50
MAC : 00:50:56:98:7d:d7
attach-port : 60905155-4378-4902-8528-7231a2f6d736
nsx-edge-1> get logical-service ports stats
lservice-port: b836eacf-3d1c-5fc9-ab18-19dc0015a57e
ifuid : 262
service-type: dhcp
Statistics
RX-Packets : 16
RX-Bytes : 1080
RX-Drops : 0
Slowpath : 0
Kni : 0
Malformed : 0
No-DHCP-Server: 0
No-Match : 0
TX-Packets : 10
TX-Bytes : 420
TX-Drops : 0
No-Memory : 0
No-Linked-Port: 0
lservice-port: 80e93dd3-0eab-5f8a-96c5-80846c3711b5
ifuid : 276
service-type: mdproxy
status : ERROR
listen_status: UP
monitor_status: ERROR
err_msg : backend nova server connection is broken with reason: Connect to Peer Failure;
Statistics
requests_from_clients : 5
requests_to_nova_server : 5
responses_to_clients : 5
succeeded_responses_from_nova_server: 4
error_responses_from_nova_server: 1
RX-Packets : 0
RX-Bytes : 0
RX-Drops : 0
Slowpath : 0
Kni : 0
Malformed : 0
No-DHCP-Server: 0
No-Match : 0
TX-Packets : 10
TX-Bytes : 420
TX-Drops : 0
No-Memory : 0
No-Linked-Port: 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the state of a specific logical service.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get logical-service state 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d
ID: 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d
NODE_ID: 3284f707-98f9-4e7c-b573-f7898dfa12ba
NODE_RANK: 0
PEER_MGMT_IP:
IPV4: 192.168.110.101
STATE: ACTIVE
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the state of all logical services.
Example
nsx-edge-1> get logical-service states
ID: 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d
NODE_ID: 3284f707-98f9-4e7c-b573-f7898dfa12ba
NODE_RANK: 0
PEER_MGMT_IP:
IPV4: 192.168.110.101
STATE: ACTIVE
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about the specified logical switch.
| Option | Description |
|---|---|
| <logical-switch-id> | Logical switch identifier UUID, VNI or vlan:VLAN-ID |
Example
kvm-1> get logical-switch 0a8cb2ab-d15b-4b46-a6ee-0a1cd29be34d
Logical Switch
=======================================================
UUID : 0a8cb2ab-d15b-4b46-a6ee-0a1cd29be34d
VNI/VLAN : 31624
Is VLAN backed : True
Replication mode: mtep
Controller IP : 192.168.110.51
Link status : Up
VIF count : 1
MAC entry count : 0
TEP entry count : 4
ARP entry count : 0
Mode
Basic
Availability
KVM, NSX Cloud VM
Display information about the specified logical switch.
| Option | Description |
|---|---|
| <logical-switch-id> | Logical switch identifier UUID, VNI or vlan:VLAN-ID |
Example
esx-1> get logical-switch bf543c67-3ffe-44dd-a1d3-57e7cd2e0aff
Logical Switch
-----------------------------------------------------------------
Host Kernel Entry
==================================================
DVS name : nsxvswitch
VNI : 11145
Multicast IP : 0.0.0.1
Multicast proxy enable : True
ARP proxy enable : True
CP connection up : True
Controller IP : 192.168.110.108
MAC entry count : 2
ARP entry count : 0
VIF entry count : 2
MTEP entry count : 0
LCP Entry
=================================================================
Logical switch UUID : bf543c67-3ffe-44dd-a1d3-57e7cd2e0aff
VNI : 11145
Replication mode : unicast mtep
Transport binding : None
Vlan ID : None
Admin state up : True
Mode
Basic
Availability
ESXi
Display the ARP table for the specified logical switch.
| Option | Description |
|---|---|
| <logical-switch-id> | Logical switch identifier UUID, VNI or vlan:VLAN-ID |
Example
esx-1> get logical-switch bf543c67-3ffe-44dd-a1d3-57e7cd2e0aff arp-table
Logical Switch ARP Table
--------------------------------------------------
Host Kernel Entry
==================================================
IP MAC Flags
LCP Remote Entry
==================================================
IP MAC
LCP Local Entry
==================================================
IP MAC
172.16.110.11 00:50:56:8e:91:12
172.16.110.12 00:0c:29:4d:09:19
Mode
Basic
Availability
ESXi
Display the ARP table for the specified logical switch.
| Option | Description |
|---|---|
| <logical-switch-id> | Logical switch identifier UUID, VNI or vlan:VLAN-ID |
Example
kvm-1> get logical-switch 29576 arp-table
Logical Switch ARP Table
==================================================
IP MAC
10.144.13.29 00:01:02:03:42:11
Mode
Basic
Availability
KVM, NSX Cloud VM
Display the MAC table for the specified logical switch.
| Option | Description |
|---|---|
| <logical-switch-id> | Logical switch identifier UUID, VNI or vlan:VLAN-ID |
Example
esx-1> get logical-switch bf543c67-3ffe-44dd-a1d3-57e7cd2e0aff mac-table
Logical Switch MAC Table
---------------------------------------------------------------------------
Host Kernel Entry
===========================================================================
Inner MAC Outer MAC Outer IP Flags
02:50:56:56:44:52 02:50:56:00:00:00 192.168.250.60 0xd
00:50:56:8e:3e:0b 00:50:56:62:58:be 192.168.250.61 0xf
LCP Remote Entry
===========================================================================
Inner MAC Outer MAC Outer IP
LCP Local Entry
===========================================================================
Inner MAC Outer MAC Outer IP
00:50:56:8e:91:12 00:50:56:69:ba:80 192.168.250.62
00:0c:29:4d:09:19 00:50:56:69:ba:80 192.168.250.62
Mode
Basic
Availability
ESXi
Display the MAC table for the specified logical switch.
| Option | Description |
|---|---|
| <logical-switch-id> | Logical switch identifier UUID, VNI or vlan:VLAN-ID |
Example
kvm-1> get logical-switch 29576 mac-table
Logical Switch MAC Table
============================================================
MAC VTEP Label
00:01:02:00:00:03 124928
00:01:02:00:00:04 124928
Mode
Basic
Availability
KVM, NSX Cloud VM
Display ports on the specified logical switch.
| Option | Description |
|---|---|
| <logical-switch-id> | Logical switch identifier UUID, VNI or vlan:VLAN-ID |
Example
kvm-1> get logical-switch 0a8cb2ab-d15b-4b46-a6ee-0a1cd29be34d ports
Logical Switch Ports
============================================================
Port UUID : 59d3da36-d5f8-43d0-bca0-ae98c593861c
Status : up
VIF UUID : 57601300-2e82-48c4-8c27-1e961ac70e81
Snoop Mode : dhcp
============================================================
Mode
Basic
Availability
KVM, NSX Cloud VM
Display the VTEP table for the specified logical switch.
| Option | Description |
|---|---|
| <logical-switch-id> | Logical switch identifier UUID, VNI or vlan:VLAN-ID |
Example
kvm-1> get logical-switch 0a8cb2ab-d15b-4b46-a6ee-0a1cd29be34d vtep
Logical Switch VTEP Table
==============================
Label VTEP IP
114689 192.168.140.154
2049 192.168.140.153
102401 192.168.150.151
79873 192.168.150.152
Mode
Basic
Availability
KVM, NSX Cloud VM
Display the VTEP table for the specified logical switch.
| Option | Description |
|---|---|
| <logical-switch-id> | Logical switch identifier UUID, VNI or vlan:VLAN-ID |
Example
esx-1> get logical-switch bf543c67-3ffe-44dd-a1d3-57e7cd2e0aff vtep-table
Logical Switch VTEP Table
-----------------------------------------------------------------------------------------------
Host Kernel Entry
===============================================================================================
Label VTEP IP Segment ID Is MTEP VTEP MAC BFD count
114689 192.168.250.60 192.168.250.0 False 02:50:56:00:00:00 1
40961 192.168.250.61 192.168.250.0 False 00:50:56:62:58:be 1
LCP Remote Entry
===============================================================================================
Label VTEP IP Segment ID VTEP MAC DEVICE NAME
114689 192.168.250.60 192.168.250.0 02:50:56:00:00:00 None
40961 192.168.250.61 192.168.250.0 00:50:56:62:58:be None
LCP Local Entry
===============================================================================================
Label VTEP IP Segment ID VTEP MAC DEVICE NAME
36865 192.168.250.62 192.168.250.0 00:50:56:69:ba:80 None
Mode
Basic
Availability
ESXi
Display information about the specified logical switch.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-switch 857212c6-3d87-4a4a-9700-0c9d23f74f1c
Logical Switch
UUID : 857212c6-3d87-4a4a-9700-0c9d23f74f1c
VNI : 5000
ENCAP : STT
Replication : mtep
routing-domain: 00000007-0000-0000-0000-000000000000
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the mac address table for the specified logical switch.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-switch 857212c6-3d87-4a4a-9700-0c9d23f74f1c mac-address-table
Logical Switch
UUID : 857212c6-3d87-4a4a-9700-0c9d23f74f1c
VNI : 5000
ENCAP : STT
Replication : mtep
routing-domain: 00000007-0000-0000-0000-000000000000
MAC-Table:
MAC : 00:50:56:8e:9a:a5
Tunnel : d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa
IFUID : 295
LOCAL : 192.168.250.162
REMOTE : 192.168.250.160
ENCAP : STT
MAC : 02:50:56:56:44:52
Port : bbe56ae2-0bc1-46c0-b334-a241e2a56193
IFUID : 280
MAC : 00:50:56:8e:1b:21
Tunnel : 6598ab27-95c6-50ef-85b3-89b7811ab672
IFUID : 296
LOCAL : 192.168.250.162
REMOTE : 192.168.250.161
ENCAP : STT
MAC : 04:00:c0:a8:fa:a2
Port : bbe56ae2-0bc1-46c0-b334-a241e2a56193
IFUID : 280
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display port information for the specified logical switch.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get logical-switch 857212c6-3d87-4a4a-9700-0c9d23f74f1c ports
LogSwitchPort-ID LogSwitch-ID Child-UUID Child-EntityType TransportNode-ID
335bbfdc-d6d6-4d87-8fb1-b98614fff1d8 857212c6-3d87-4a4a-9700-0c9d23f74f1c c78a1655-228c-493b-88cf-6b77dafe908d VIF 857212c6-3d87-4a4a-9700-0c9d23f74f1c
593d2540-bb7b-4abe-ad78-8727ebd5c1d2 857212c6-3d87-4a4a-9700-0c9d23f74f1c null LOG_SWITCH 857212c6-3d87-4a4a-9700-0c9d23f74f1c
abcd12c6-3d87-4a4a-9700-0c9d23f74f1c
Mode
Basic
Availability
Controller
Display port information for the specified logical switch.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-switch 857212c6-3d87-4a4a-9700-0c9d23f74f1c ports
Logical Switch
UUID : 857212c6-3d87-4a4a-9700-0c9d23f74f1c
VNI : 5000
ENCAP : STT
Replication : mtep
routing-domain: 00000007-0000-0000-0000-000000000000
Ports
Port : bbe56ae2-0bc1-46c0-b334-a241e2a56193
IFUID : 280
Peer : 70b21c84-cf3b-4fc3-a442-a941ba86ef48
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display port statistics for the specified logical switch.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-switch 973b00a2-3be8-4e01-9824-3c6b7e2bf690 ports stats
Logical Switch
UUID : 973b00a2-3be8-4e01-9824-3c6b7e2bf690
VLAN : 100
device : fp-eth0
IFUID : 0
Ports
Port : 783a05cd-033d-4891-ad11-7c082641e069
RX-Packets : 8690
RX-Bytes : 587073
RX-Drops : 0
Malformed : 0
No-Match : 0
L2-Loop : 0
TX-Packets : 10188
TX-Bytes : 687181
TX-Drops : 0
No-Memory : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the tunnel information for the specified logical switch.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-switch 857212c6-3d87-4a4a-9700-0c9d23f74f1c tunnel-ports
Logical Switch
UUID : 857212c6-3d87-4a4a-9700-0c9d23f74f1c
VNI : 5000
ENCAP : STT
Replication : mtep
routing-domain: 00000007-0000-0000-0000-000000000000
Tunnels
Tunnel : d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa
IFUID : 295
LOCAL : 192.168.250.162
REMOTE : 192.168.250.160
ENCAP : STT
Tunnel : 6598ab27-95c6-50ef-85b3-89b7811ab672
IFUID : 296
LOCAL : 192.168.250.162
REMOTE : 192.168.250.161
ENCAP : STT
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the tunnel endpoint table for the specified logical switch.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-switch 857212c6-3d87-4a4a-9700-0c9d23f74f1c vtep-table
Logical Switch
UUID : 857212c6-3d87-4a4a-9700-0c9d23f74f1c
VNI : 5000
ENCAP : STT
Replication : mtep
routing-domain: 00000007-0000-0000-0000-000000000000
Replication Tunnels
Tunnel : d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa
IFUID : 295
LOCAL : 192.168.250.162
REMOTE : 192.168.250.160
ENCAP : STT
MTEP : False
Tunnel : 6598ab27-95c6-50ef-85b3-89b7811ab672
IFUID : 296
LOCAL : 192.168.250.162
REMOTE : 192.168.250.161
ENCAP : STT
MTEP : False
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about the specified logical switch. Use the
get logical-switches command to get a list of all logical switches. You can use the VNI or UUID to specify the logical switch.| Option | Description |
|---|---|
| <vni-or-uuid> | VNI or UUID argument Allowed pattern: ^[0-9]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get logical-switch 857212c6-3d87-4a4a-9700-0c9d23f74f1c
VNI UUID
5000 857212c6-3d87-4a4a-9700-0c9d23f74f1c
or
nsx-controller-1> get logical-switch 5000
VNI UUID
5000 857212c6-3d87-4a4a-9700-0c9d23f74f1c
Mode
Basic
Availability
Controller
Display the ARP table for the specified logical switch.
| Option | Description |
|---|---|
| <vni-or-uuid> | VNI or UUID argument Allowed pattern: ^[0-9]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get logical-switch 857212c6-3d87-4a4a-9700-0c9d23f74f1c arp-table
VNI IP MAC TransportNodeId
5000 172.16.130.12 00:50:56:8e:1b:21 857212c6-3d87-5d5d-9700-0c9d23f74f1d
Mode
Basic
Availability
Controller
Display the MAC address table for the specified logical switch.
| Option | Description |
|---|---|
| <vni-or-uuid> | VNI or UUID argument Allowed pattern: ^[0-9]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get logical-switch 857212c6-3d87-4a4a-9700-0c9d23f74f1c mac-table
VNI MAC VTEP-IP TransportNodeId
5000 00:50:56:8e:1b:21 192.168.250.161 957612c6-4321-4a4a-9700-0c9d23f74f1c
5000 00:50:56:8e:9a:a5 192.168.250.160 857212c6-3d87-5d5d-9700-0c9d23f74f1d
Mode
Basic
Availability
Controller
Display statistics information about the specified logical switch.
| Option | Description |
|---|---|
| <vni-or-uuid> | VNI or UUID argument Allowed pattern: ^[0-9]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get logical-switch 857212c6-3d87-4a4a-9700-0c9d23f74f1c stats
LogSwitchFibMsg.vtep.update 4
LogSwitchFibMsg.vtep.remove 4
LogSwitchFibMsg.vtep.size 4
LogSwitchFibMsg.mac.update 4
LogSwitchFibMsg.mac.remove 4
LogSwitchFibMsg.mac.size 4
LogSwitchFibMsg.ip.update 4
LogSwitchFibMsg.ip.remove 4
LogSwitchFibMsg.ip.size 4
Mode
Basic
Availability
Controller
Display statistics information about the specified logical switch over time.
| Option | Description |
|---|---|
| <vni-or-uuid> | VNI or UUID argument Allowed pattern: ^[0-9]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get logical-switch 857212c6-3d87-4a4a-9700-0c9d23f74f1c stats-sample
00:10:00 00:20:00 00:30:00 00:40:00 00:50:00
update.member 0 0 0 0 0
update.vtep 0 0 0 0 0
update.mac 0 0 0 0 0
update.mac.invalidate 0 0 0 0 0
update.arp 0 0 0 0 0
update.arp.duplicate 0 0 0 0 0
query.mac 0 0 0 0 0
query.mac.miss 0 0 0 0 0
query.arp 0 0 0 0 0
query.arp.miss 0 0 0 0 0
Mode
Basic
Availability
Controller
Display transport nodes which joined a given logical switch.
| Option | Description |
|---|---|
| <vni-or-uuid> | VNI or UUID argument Allowed pattern: ^[0-9]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get logical-switch 857212c6-3d87-4a4a-9700-0c9d23f74f1c transport-node-table
TransportNodeId
857212c6-3d87-4a4a-9700-0c9d23f74f1c
857212c6-3d87-3d3d-9700-0c9d23f74f1d
857212c6-3d87-5c5c-9700-0c9d23f74f1f
Mode
Basic
Availability
Controller
Display all virtual tunnel end points related to the specified logical switch.
| Option | Description |
|---|---|
| <vni-or-uuid> | VNI or UUID argument Allowed pattern: ^[0-9]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get logical-switch 857212c6-3d87-4a4a-9700-0c9d23f74f1c vtep
VNI IP LABEL Segment MAC TransportNodeId
5000 192.168.250.163 0x18801 192.168.250.0 04:00:c0:a8:fa:a3 857212c6-3d87-4a4a-9700-0c9d23f74f1c
5000 192.168.250.162 0xC801 192.168.250.0 04:00:c0:a8:fa:a2 857212c6-3d87-4a4a-9700-0c9d23f74f1d
5000 192.168.250.161 0x3001 192.168.250.0 00:50:56:62:af:a4 857212c6-3d87-4a4a-9700-0c9d23f74f1e
5000 192.168.250.160 0xF001 192.168.250.0 00:50:56:67:4b:95 857212c6-3d87-4a4a-9700-0c9d23f74f1f
Mode
Basic
Availability
Controller
Display port information for the specified logical switch.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-switch port bbe56ae2-0bc1-46c0-b334-a241e2a56193
Port : bbe56ae2-0bc1-46c0-b334-a241e2a56193
IFUID : 280
Logical Switch: 857212c6-3d87-4a4a-9700-0c9d23f74f1c
Peer : 70b21c84-cf3b-4fc3-a442-a941ba86ef48
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display statistics for the specified logical switch port.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get logical-switch port 783a05cd-033d-4891-ad11-7c082641e069 stats
Port : 783a05cd-033d-4891-ad11-7c082641e069
RX-Packets : 4474
RX-Bytes : 302966
RX-Drops : 0
Malformed : 0
No-Match : 0
L2-Loop : 0
TX-Packets : 5527
TX-Bytes : 371568
TX-Drops : 0
No-Memory : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display ports for all logical switches.
Example
nsx-edge-1> get logical-switch ports
Port : 18c26214-ab90-45ab-a2e0-78de070f9eb6
IFUID : 279
Peer : 8c4f10d5-9c4e-40a2-b239-e2eae7d39a33
Port : 271d49b0-f052-4c0c-a79f-44636229e471
IFUID : 264
Peer : a62432b5-68e7-4f95-a3f8-1b63ee4b102a
Port : 7bd1dd3d-97eb-5312-9d0d-b26c148a4fac
IFUID : 261
Peer : c2a03cab-3bad-56f3-b5ae-442ad6599bcf
Port : bbe56ae2-0bc1-46c0-b334-a241e2a56193
IFUID : 280
Peer : 70b21c84-cf3b-4fc3-a442-a941ba86ef48
Port : 58845bb9-19fc-4ec2-826f-bcbe871f99b5
IFUID : 282
Peer : e4be0c73-57bc-4b4f-b10c-f3f858ff8ccc
Port : 783a05cd-033d-4891-ad11-7c082641e069
IFUID : 276
Peer : aaec58d9-5dca-49c7-b39e-cdd8cd75901d
Port : 4ca7839f-2308-43f0-a799-f82d3911c134
IFUID : 287
Peer : 3fe772aa-8594-47cf-8a3e-20a26081ba15
Port : fe9c5ba9-3641-497f-ab95-046ffbc9356f
IFUID : 275
Peer : c7bbfc17-fbb9-4a39-a04b-0df93d788b57
Port : 1ff51f67-9ffb-446a-ae08-0a4a74adbf29
IFUID : 274
Peer : d37160fc-6e17-4c5c-8af1-54064c480798
Port : 286d2aad-ad4e-4ad6-b6c6-5256f38e9265
IFUID : 286
Peer : 6da71663-ce1a-4c2a-8557-ecfd85f031f5
Port : 93e656e1-0625-4ec2-b34c-98f2774bc8d3
IFUID : 281
Peer : 6c03a210-75b7-4a0d-8d66-cedf3c3f0750
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display port statistics for all logical switches.
Example
nsx-edge-1> get logical-switch ports stats
Port : 18c26214-ab90-45ab-a2e0-78de070f9eb6
RX-Packets : 11123
RX-Bytes : 1088318
RX-Drops : 0
Malformed : 0
No-Match : 0
L2-Loop : 0
TX-Packets : 11141
TX-Bytes : 1089386
TX-Drops : 0
No-Memory : 0
Port : 271d49b0-f052-4c0c-a79f-44636229e471
RX-Packets : 11141
RX-Bytes : 1089386
RX-Drops : 0
Malformed : 0
No-Match : 0
L2-Loop : 0
TX-Packets : 11123
TX-Bytes : 1088318
TX-Drops : 0
No-Memory : 0
Port : 7bd1dd3d-97eb-5312-9d0d-b26c148a4fac
RX-Packets : 285577
RX-Bytes : 11994234
RX-Drops : 0
Malformed : 0
No-Match : 0
L2-Loop : 0
TX-Packets : 0
TX-Bytes : 0
TX-Drops : 0
No-Memory : 0
.
.
.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a specific logical switch's local or remote MAC, ARP, or VTEP information.
| Option | Description |
|---|---|
| <vni> | vni Allowed pattern: ^[0-9]+$ |
Example
ESXi-1> get logical-switch local mac-cache 48008
VM MAC VTEP IP VTEP MAC
00:0c:29:67:4e:5c 192.168.90.55 00:50:56:6d:74:bf
ESXi-1> get logical-switch remote arp-cache 48008
VM IP VM MAC
192.168.86.47 00:50:56:6d:35:2e
ESXi-1> get logical-switch local vtep-cache 48008
VTEP IP Label Segment ID VTEP MAC
192.168.90.55 96257 192.168.0.0 00:50:56:6d:74:bf
Mode
Basic
Availability
Edge, ESXi, KVM, Public Cloud Gateway
Display information about the specified logical switch port.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get logical-switch-port 593d2540-bb7b-4abe-ad78-8727ebd5c1d2
LogSwitchPort-ID LogSwitch-ID Child-UUID Child-EntityType TransportNode-ID
593d2540-bb7b-4abe-ad78-8727ebd5c1d2 857212c6-3d87-4a4a-9700-0c9d23f74f1c null LOG_SWITCH 857212c6-3d87-4a4a-9700-0c9d23f74f1c
4f7d12c6-3d87-4a4a-9700-0c9d23f74f1c
9f4e12c6-3d87-4a4a-9700-0c9d2385ac6f
Mode
Basic
Availability
Controller
Display the status for logical switch ports on this hypervisor host.
Example
esx-host-1> get logical-switch-port status
Logical Port UUID Status DVSwitch ID Logical Switch
fa1d9fcb-94cc-4a00-b499-8413f4dcef1e up 4adaf34e-6ee4-4153-844b-485a5e30627c
9c6a1a36-b468-404c-8084-bebfb91d5a31 up 65 bf 59 08 cd 4e 42 04-bf b5 93 de 83 ee ba 56 4adaf34e-6ee4-4153-844b-485a5e30627c
Mode
Basic
Availability
ESXi
Display all logical switches associated with the VIF on this host.
Example
host-1> get logical-switches
Host Logical Switches Summary
============================================================
Switch UUID VNI/VLAN Port Count
4e0f3312-d8c5-42b7-95a5-def111d14671 vni:41864 1
Mode
Basic
Availability
NSX Cloud VM
Display all logical switches on this host.
Example
kvm-1> get logical-switches
Logical Switches Summary
============================================================
Switch UUID VNI/VLAN Port Count
16fa7892-df1b-4ffe-af87-3923efc8bdbe vni:64392 0
aacc41f2-7b32-4e0e-8679-6baff5bcbb64 vni:58248 0
da091cea-505c-4528-9b09-3f63efb8000d vni:54152 0
0a8cb2ab-d15b-4b46-a6ee-0a1cd29be34d vni:31624 1
d114f967-73aa-4dfc-8d59-a16de584b380 vni:52104 0
8b652ea8-86fe-4b03-9245-997fd2d7dfee vni:48008 0
Mode
Basic
Availability
KVM
Display information about all logical switches.
Example
nsx-edge-1> get logical-switches
Logical Switch
UUID : ea8c4460-6d15-49c5-a82e-6812a26b4200
VNI : 5001
ENCAP : STT
Replication : mtep
Logical Switch
UUID : 7943ca31-9c8a-402e-adeb-a83f5cf2455d
VNI : 7048
ENCAP : STT
Replication : mtep
Logical Switch
UUID : 1714bc89-a627-48b0-8699-9889db1f60fc
VNI : 11145
ENCAP : STT
Replication : mtep
Logical Switch
UUID : 973b00a2-3be8-4e01-9824-3c6b7e2bf690
VLAN : 100
device : fp-eth0
IFUID : 0
Logical Switch
UUID : 718f154a-c1d4-47b6-b692-11c615f91229
VNI : 11144
ENCAP : STT
Replication : mtep
Logical Switch
UUID : 857212c6-3d87-4a4a-9700-0c9d23f74f1c
VNI : 5000
ENCAP : STT
Replication : mtep
routing-domain: 00000007-0000-0000-0000-000000000000
Logical Switch
UUID : 1667b36f-dcee-5984-b401-fdc7c2f6564c
VLAN : 250
device : fp-eth1
IFUID : 1
Logical Switch
UUID : 01b59e17-d8f4-43ec-8727-7bcd3d0cc85c
VNI : 5002
ENCAP : STT
Replication : mtep
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about all logical switches.
Example
nsx-controller-1> get logical-switches
VNI UUID
15240 c31126b8-be8d-49a5-a7ab-d7c13f6013eb
5000 857212c6-3d87-4a4a-9700-0c9d23f74f1c
7048 7943ca31-9c8a-402e-adeb-a83f5cf2455d
19336 041d0ce3-4a26-415c-af4b-8324fb0a54fd
11144 718f154a-c1d4-47b6-b692-11c615f91229
41864 9985fd0a-c361-4a82-94cb-de004ce82834
Mode
Basic
Availability
Controller
Display all logical switches on this host.
Example
esx-1> get logical-switches
Logical Switches Summary
------------------------------------------------------------
Overlay Kernel Entry
============================================================
VNI DVS name VIF num
11145 nsxvswitch 2
37768 nsxvswitch 1
25480 nsxvswitch 1
27530 nsxvswitch 2
Overlay LCP Entry
============================================================
VNI Logical Switch UUID
25480 da4bd041-d19c-4a63-896e-98f50bf8b140
27530 4649f23c-6c5e-4681-a9d9-e7038074c7d0
37768 3b9fa53b-11d1-4685-9985-26fe9a05ea18
11145 bf543c67-3ffe-44dd-a1d3-57e7cd2e0aff
VLAN Backed Entry
============================================================
Logical Switch UUID VLAN ID
Mode
Basic
Availability
ESXi
Display a summary of all logical switch statistics.
Example
nsx-controller-1> get logical-switches stats
LogSwitchFibMsg.vtep.update 40
LogSwitchFibMsg.vtep.remove 40
LogSwitchFibMsg.vtep.size 40
LogSwitchFibMsg.mac.update 40
LogSwitchFibMsg.mac.remove 40
LogSwitchFibMsg.mac.size 40
LogSwitchFibMsg.ip.update 40
LogSwitchFibMsg.ip.remove 40
LogSwitchFibMsg.ip.size 40
Mode
Basic
Availability
Controller
Display a summary of all logical switch statistics over time.
Example
nsx-controller-1> get logical-switches stats-sample
00:58:10 00:58:20 00:58:30 00:58:40 00:58:50 00:59:00 00:59:10 00:59:20 00:59:30 00:59:40
messages.query 25 25 25 25 25 25 25 25 25 25
messages.update 98 98 98 98 98 98 98 98 98 98
messages.flush 0 0 0 0 0 0 0 0 0 0
messages.notification 0 0 0 0 0 0 0 0 0 0
Mode
Basic
Availability
Controller
Get maintenance mode
Example
nsx> get maintenance-mode
Maintenance Mode: enabled
Mode
Basic
Availability
ESXi, KVM
Get maintenance mode status.
Example
nsx-edge-1> get maintenance-mode
Maintenance Mode: disabled
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the status of the management cluster.
Example
nsx-manager-1> get management-cluster status
Number of nodes in management cluster: 1
- 192.168.110.105
Management cluster status: STABLE
Number of nodes in control cluster: 2
- 192.168.110.109
- 192.168.110.108
Control cluster status: STABLE
Mode
Basic
Availability
Manager
Show the current list of configured managers.
Example
nsx-controller1> get managers
- 10.1.1.101 Connected
- 10.1.1.102 Connected
- 10.1.1.103 Connected
Mode
Basic
Availability
Controller, Edge, ESXi, KVM, Public Cloud Gateway
Display a specific metadata proxy server.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
Example
nsx-edge-1> get mdproxy server d5845582-8cb5-4f6a-9d9d-d2641cd2fe55
EDGE_CLUSTER_ID: 5db40b38-05e2-4e00-ac90-74c6ff191911
EDGE_NODE_ID:
3284f707-98f9-4e7c-b573-f7898dfa12ba
ID: d5845582-8cb5-4f6a-9d9d-d2641cd2fe55
SECRET: ****
SERVER_URL: https://nova-server.example.com
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all metadata proxy servers.
Example
nsx-edge-1> get mdproxy servers
EDGE_CLUSTER_ID: 5db40b38-05e2-4e00-ac90-74c6ff191911
EDGE_NODE_ID:
3284f707-98f9-4e7c-b573-f7898dfa12ba
ID: d5845582-8cb5-4f6a-9d9d-d2641cd2fe55
SECRET: ****
SERVER_URL: https://nova-server.example.com
MONITOR_INTERVAL: 300
MONITOR_TIMEOUT: 15
MONITOR_RETRY: 3
SERVER_STATUS: CONNECTED
MONITOR_TOTAL_COUNT: 100
MONITOR_FAIL_COUNT: 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the system memory information.
Example
nsx-manager-1> get memory-stats
MemTotal: 16430284 kB
MemFree: 10472728 kB
MemAvailable: 12800580 kB
Buffers: 363356 kB
Cached: 1820988 kB
SwapCached: 0 kB
Active: 4880696 kB
Inactive: 513728 kB
Active(anon): 3212444 kB
Inactive(anon): 368 kB
Active(file): 1668252 kB
Inactive(file): 513360 kB
Unevictable: 2348 kB
Mlocked: 2348 kB
SwapTotal: 3997692 kB
SwapFree: 3997692 kB
Dirty: 244 kB
Writeback: 0 kB
AnonPages: 3212392 kB
Mapped: 52056 kB
Shmem: 780 kB
Slab: 420328 kB
SReclaimable: 399656 kB
SUnreclaim: 20672 kB
KernelStack: 10512 kB
PageTables: 11940 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
WritebackTmp: 0 kB
CommitLimit: 12212832 kB
Committed_AS: 10288852 kB
VmallocTotal: 34359738367 kB
VmallocUsed: 185388 kB
VmallocChunk: 34359440748 kB
HardwareCorrupted: 0 kB
AnonHugePages: 2764800 kB
HugePages_Total: 0
HugePages_Free: 0
HugePages_Rsvd: 0
HugePages_Surp: 0
Hugepagesize: 2048 kB
DirectMap4k: 16320 kB
DirectMap2M: 16760832 kB
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display information about the specified mirror session.
| Option | Description |
|---|---|
| <mirror-session-id> | Mirror session identifier UUID |
Example
kvm-1> get mirror-session 5a55a0e1-ec3e-40bd-9a49-1117119efe9a
Mirror Session
=======================================================
UUID : 5a55a0e1-ec3e-40bd-9a49-1117119efe9a
Direction : Both
Snap Length : 0
Source : 81286c82-67f4-40ab-84ab-1e705241134b
Destination : 10.10.10.1
EncapVlan :
OrigialVlan :
EncapType : GRE
GreKey : 0
ERspanID :
Mode
Basic
Availability
KVM
Display all mirror sessions on this host.
Example
kvm-1> get mirror-sessions
Mirror Session Summary
============================================================
Mirror UUID Direction Snap Length
5a55a0e1-ec3e-40bd-9a49-1117119efe9a Both 0
Mode
Basic
Availability
KVM
Get all name servers in the DNS configuration.
Example
nsx> get name-servers
192.168.110.10
192.168.110.11
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display a specific namespace config
| Option | Description |
|---|---|
| <string> | Generic string argument Allowed pattern: ^([A-Za-z0-9_:.-]+)$ |
Example
nsx-edge-1> get namespace status root
INTERFACE:
ADMIN_STATUS: True
IF_ID: 1
MTU: 65536
NAME: lo
VLAN_ID: 0
NAME: root
ROUTE:
DEVICE: eth0
NEXTHOP: 169957373
PREFIX:
IPV4: 0.0.0.0
PREFIX_LENGTH: 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all namespace configs.
Example
nsx-edge-1> get namespaces status
INTERFACE:
ADMIN_STATUS: True
IF_ID: 1
MTU: 65536
NAME: lo
VLAN_ID: 0
NAME: root
ROUTE:
DEVICE: eth0
NEXTHOP: 169957373
PREFIX:
IPV4: 0.0.0.0
PREFIX_LENGTH: 0
INTERFACE:
ADMIN_STATUS: True
IF_ID: 1
MTU: 65536
NAME: lo
VLAN_ID: 0
NAME: plr_sr
ROUTE:
DEVICE: lo
NEXTHOP: 0
PREFIX:
IPV4: 127.0.0.0
PREFIX_LENGTH: 32
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the system network statistics.
Example
nsx-manager-1> get network-stats
Ip:
37960281 total packets received
0 forwarded
0 incoming packets discarded
37772713 incoming packets delivered
37964008 requests sent out
Icmp:
88 ICMP messages received
0 ICMP messages failed
ICMP input historgram:
destination unreachable: 88
84 ICMP messages sent
0 ICMP messages failed
ICMP output historgram:
destination unreachable: 84
IcmpMsg:
InType3: 88
OutType3: 84
Tcp:
139102 active connections openings
207427 passive connection openings
91 failed connection attempts
83346 connection resets attempts
72 connections established
34395451 segments received
34602181 segments sent out
229 segments retransmitted
0 bad segments received
69405 resets sent
Udp:
3377167 packets received
6 packets to unknown port received
0 packet receive errors
3377193 packets sent
RcvbufErrors: 0
SndbufErrors: 0
UdpLite:
InDatagrams: 0
NoPorts: 0
InErrors: 0
OutDatagrams: 0
RcvbufErrors: 0
SndbufErrors: 0
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display upgrade status of the node.
Example
nsx-edge-1> get node upgrade status
Running "run_migration_tool" (step 7 of 10)
Running "start_manager" (step 8 of 10)
Running "update_upgrade_status" (step 9 of 10)
Running "finish_upgrade" (step 10 of 10)
Playbook finished successfully
Mode
Basic
Availability
Manager, Policy Manager
Display the UUID for the host.
Example
host-1> get node-uuid
f776222e-c95c-11e5-8e3e-23020aa2163f
Mode
Basic
Availability
ESXi, KVM
Show the UUID for the node.
Example
nsx> get node-uuid
uuid: 692eef9a-026e-4e24-8494-251990b2b4e3
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the list of registered nodes.
Example
nsx-manager-1> get nodes
761ce797-9c70-483b-9436-41d3b8cd61f7 ctl nsxcontroller
b7d381b2-c253-11e7-a6e6-02000a0ebd5a edg nsxedge-1
b08873b8-c253-11e7-9bef-02000add0b5e edg nsxedge-2
3fb2bb34-c253-11e7-925b-07f31f93af9b esx esx-1
4b371be6-c253-11e7-a3ab-7f7cf7e9f11b esx esx-2
420b6c9a-7d61-fa6d-76c7-2faceaa8288c mgr nsxmanager
Mode
Basic
Availability
Manager
Display the status of the NTP system. The delay, offset and dispersion values are in seconds.
Example
nsx-manager-1> get ntp-server associations
remote refid st t when poll reach delay offset jitter
==============================================================================
0.ubuntu.pool.n .POOL. 16 p - 64 0 0.000 0.000 0.000
1.ubuntu.pool.n .POOL. 16 p - 64 0 0.000 0.000 0.000
2.ubuntu.pool.n .POOL. 16 p - 64 0 0.000 0.000 0.000
3.ubuntu.pool.n .POOL. 16 p - 64 0 0.000 0.000 0.000
ntp.ubuntu.com .POOL. 16 p - 64 0 0.000 0.000 0.000
*ns1-time1.corp. 10.0.0.1 4 u 23 64 3 1.902 0.223 0.221
+ns2-time2.corp. 10.0.0.2 5 u 22 64 3 3.340 -1.312 0.026
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display all NTP servers.
Example
nsx-manager-1> get ntp-servers
0.ubuntu.pool.ntp.org
1.ubuntu.pool.ntp.org
2.ubuntu.pool.ntp.org
3.ubuntu.pool.ntp.org
ntp.ubuntu.com
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display the parent of the current interface.
Example
nsx-edge-1(path)> get parent
{
"arp_refresh_timeout": 600,
"number_arp_entries": 0,
"type": "SERVICE_ROUTER_TIER0",
"uuid": "f2a25dd6-4ceb-4bf5-8ad5-3e80d2970d60",
"vrf": 6
}
or
nsx-edge-1(path)> get parent
{
"encap": "STT",
"repl": "mtep",
"uuid": "d5af58f5-0616-46fd-af83-242d82983c65",
"vni": 39816
}
Mode
Path
Availability
Edge, Public Cloud Gateway
Display the path. The arrow indicates which interface is selected. Other commands, such as
get current, will display information about the selected interface.Example
nsx-edge-1(path)> get path
->interface : de650f56-276d-46ef-959e-960752acfe19
interface : 140ca8de-61e0-4bba-b429-6a3791b0846a
port : 9eff9e4e-9157-4107-a0dd-c79350dce6f7
port : 53bab4b1-f0df-451b-af80-0a9d5e580186
interface : 2a7bf881-1f89-4833-833e-47673b79901a
interface : bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a
port : 5b2068d0-8c28-4427-8be4-48f422f92309
port : eb3bd495-9ce3-40b4-a955-c2ddc4893cfa
interface : 1fec3ffa-213d-4d2b-ae1b-e12857434846
interface : 13592f56-be3c-4d3d-88de-7d5825dd51bb
port : c588fc5d-dd62-45b2-bc16-3dae466c16c7
port : 2120ef07-05e3-477f-8d96-e2be390784db
interface : 3bbbd5e9-2ffe-4fb7-9edb-edc7bba67278
interface : dd10beb2-3673-43a5-b180-ecc46e830ee0
port : fdc429ef-d778-421b-bf84-e1063a7bf5ab
Mode
Path
Availability
Edge, Public Cloud Gateway
Display the specified physical port.
| Option | Description |
|---|---|
| <physical-port-name> | Datapath String argument |
Example
nsx-edge-1> get physical-port fp-eth1
Physical Port
DRIVER : rte_vmxnet3_pmd
DUPLEX : full
ID : 1
LINK : up
MAC : 00:50:56:a9:a2:e6
MTU : 1600
NAME : fp-eth1
OFFLOAD_CAPABILITIES : TX_VLAN_INSERT TX_UDP_CKSUM TX_TCP_CKSUM TX_TCP_TSO RX_VLAN_STRIP RX_UDP_CKSUM RX_TCP_CKSUM
PCI : 0000:13:00:00
POLLING_STATUS : active
RX_QUEUE : 1
SOCKET : -1
SPEED : 10000
TX_QUEUE : 1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display statistics for the specified physical port.
| Option | Description |
|---|---|
| <physical-port-name> | Datapath String argument |
Example
nsx-edge-1> get physical-port fp-eth1 stats
Physical Port Stats
NAME : fp-eth1
RX_BYTES : 744689
RX_DROP_NO_MATCH : 0
RX_ERRORS : 0
RX_MISSES : 0
RX_NOMBUFS : 0
RX_PACKETS : 8984
TX_BYTES : 7140
TX_DROPS : 0
TX_ERRORS : 0
TX_PACKETS : 170
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display verbose statistics for the specified physical port.
| Option | Description |
|---|---|
| <physical-port-name> | Datapath String argument |
Example
nsx-edge-1> get physical-port fp-eth1 stats verbose
Physical Port Stats
NAME : fp-eth1
RX_BYTES : 749793
RX_DROP_NO_MATCH : 0
RX_ERRORS : 0
RX_MISSES : 0
RX_NOMBUFS : 0
RX_PACKETS : 9037
TX_BYTES : 7140
TX_DROPS : 0
TX_ERRORS : 0
TX_PACKETS : 170
QUEUES :
id rx_bytes rx_errors rx_packets tx_bytes tx_drops tx_packets
0 749793 0 9037 7140 0 170
1 0 0 0 0 0 0
2 0 0 0 0 0 0
3 0 0 0 0 0 0
4 0 0 0 0 0 0
5 0 0 0 0 0 0
6 0 0 0 0 0 0
7 0 0 0 0 0 0
8 0 0 0 0 0 0
9 0 0 0 0 0 0
10 0 0 0 0 0 0
11 0 0 0 0 0 0
12 0 0 0 0 0 0
13 0 0 0 0 0 0
14 0 0 0 0 0 0
15 0 0 0 0 0 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all physical ports.
Example
nsx-edge-1> get physical-ports
Physical Port
DRIVER : rte_vmxnet3_pmd
DUPLEX : full
ID : 0
LINK : up
MAC : 00:50:56:a9:51:09
MTU : 1500
NAME : fp-eth0
OFFLOAD_CAPABILITIES : TX_VLAN_INSERT TX_UDP_CKSUM TX_TCP_CKSUM TX_TCP_TSO RX_VLAN_STRIP RX_UDP_CKSUM RX_TCP_CKSUM
PCI : 0000:0b:00:00
POLLING_STATUS : inactive
RX_QUEUE : 1
SOCKET : -1
SPEED : 10000
TX_QUEUE : 1
Physical Port
DRIVER : rte_vmxnet3_pmd
DUPLEX : full
ID : 1
LINK : up
MAC : 00:50:56:a9:a2:e6
MTU : 1600
NAME : fp-eth1
OFFLOAD_CAPABILITIES : TX_VLAN_INSERT TX_UDP_CKSUM TX_TCP_CKSUM TX_TCP_TSO RX_VLAN_STRIP RX_UDP_CKSUM RX_TCP_CKSUM
PCI : 0000:13:00:00
POLLING_STATUS : active
RX_QUEUE : 1
SOCKET : -1
SPEED : 10000
TX_QUEUE : 1
Physical Port
DRIVER : rte_vmxnet3_pmd
DUPLEX : full
ID : 2
LINK : up
MAC : 00:50:56:a9:5b:33
MTU : 1500
NAME : fp-eth2
OFFLOAD_CAPABILITIES : TX_VLAN_INSERT TX_UDP_CKSUM TX_TCP_CKSUM TX_TCP_TSO RX_VLAN_STRIP RX_UDP_CKSUM RX_TCP_CKSUM
PCI : 0000:1b:00:00
POLLING_STATUS : inactive
RX_QUEUE : 1
SOCKET : -1
SPEED : 10000
TX_QUEUE : 1
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display a snapshot of the system processes.
Example
nsx> get processes
top - 01:12:28 up 3 days, 1:51, 1 user, load average: 0.06, 0.05, 0.07
Tasks: 133 total, 1 running, 132 sleeping, 0 stopped, 0 zombie
%Cpu(s): 4.2 us, 0.9 sy, 0.0 ni, 94.7 id, 0.2 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem: 16430712 total, 2604180 used, 13826532 free, 324432 buffers
KiB Swap: 3997692 total, 0 used, 3997692 free. 460404 cached Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1 root 20 0 33216 2564 1460 S 0.0 0.0 2:51.13 init
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
3 root 20 0 0 0 0 S 0.0 0.0 0:02.21 ksoftirqd/0
4 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0
5 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
7 root 20 0 0 0 0 S 0.0 0.0 1:23.74 rcu_preempt
8 root 20 0 0 0 0 S 0.0 0.0 0:39.39 rcuop/0
.
.
.
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display information about processes that are running. The display is updated every few seconds.
Example
nsx-manager-1> get processes monitor
top - 00:24:51 up 15 days, 6 min, 1 user, load average: 0.18, 0.16, 0.15
Tasks: 142 total, 2 running, 140 sleeping, 0 stopped, 0 zombie
%Cpu(s): 6.2 us, 1.3 sy, 0.0 ni, 92.3 id, 0.2 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem: 16430284 total, 5863860 used, 10566424 free, 363284 buffers
KiB Swap: 3997692 total, 0 used, 3997692 free. 1732000 cached Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1530 uproton 20 0 8867728 1.862g 23868 S 18.6 11.9 3041:54 java
2245 rabbitmq 20 0 1200504 110528 4568 S 4.6 0.7 484:17.48 beam.smp
1009 elastic+ 20 0 4611496 403996 15712 S 1.0 2.5 178:33.40 java
.
.
.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about processes that are running. The display is updated every few seconds.
Example
nsx-manager-1> get processes monitor
top - 00:24:51 up 15 days, 6 min, 1 user, load average: 0.18, 0.16, 0.15
Tasks: 142 total, 2 running, 140 sleeping, 0 stopped, 0 zombie
%Cpu(s): 6.2 us, 1.3 sy, 0.0 ni, 92.3 id, 0.2 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem: 16430284 total, 5863860 used, 10566424 free, 363284 buffers
KiB Swap: 3997692 total, 0 used, 3997692 free. 1732000 cached Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1530 uproton 20 0 8867728 1.862g 23868 S 18.6 11.9 3041:54 java
2245 rabbitmq 20 0 1200504 110528 4568 S 4.6 0.7 484:17.48 beam.smp
1009 elastic+ 20 0 4611496 403996 15712 S 1.0 2.5 178:33.40 java
.
.
.
Mode
Basic
Availability
Controller, Key Manager, Manager, Policy Manager
Display the publication for the specified object.
| Option | Description |
|---|---|
| <uuid> | Object identifier Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get publication 00000000-0000-0000-0000-000000000001
<<<Interpreted by Dfw>>>
direction = RD_BOTH
span = 8c466583-4186-4caa-abf5-8a3ff9523722,8642a216-ec51-45af-a4b2-57685d094f7e
log = false
flow = false
priority = 2305843009213693951
action = RA_PASS
type = RT_LAYER2
id = 1
publication = 3
Mode
Basic
Availability
Controller
Dump publications to a file.
| Option | Description |
|---|---|
| <filename> | Filename argument Allowed pattern: ^[^/ *;&|]+$ |
Example
nsx-controller-1> get publication dump pubs000
/var/vmware/nsx/file-store/pubs000
Mode
Basic
Availability
Controller
Display publications for the specified transport node.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get publications with transport-node 8c466583-4186-4caa-abf5-8a3ff9523722
id: 8266f308-e9d0-47bb-bd7f-d5b10d7661f5
id: 329e4c03-01cf-434b-829b-9718ae1f4c83
id: 00000000-0000-0000-0000-000000000001
id: 00000000-0000-0000-0000-000000000002
Mode
Basic
Availability
Controller
Get the realization status for the specified transport node.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get realization status 7c72c4ae-8fe8-4449-a4e2-c5e53ab0bb4f
{u'VERTICAL_ID_DFW': 1191}
Mode
Basic
Availability
Controller
Display all connected receivers.
Example
nsx-controller-1> get receivers
['e97edc33-0b56-11e7-8af3-85d3287ccc85', '6a93350e-0b57-11e7-a82e-02002a4b8864', 'f763ddf5-0b56-11e7-84aa-81f3962a9a84']
Mode
Basic
Availability
Controller
Display the routing table. Optionally specify a prefix or IP address to display only the route used for that network.
| Option | Description |
|---|---|
| <prefix> | Prefix or IP address with optional prefix length |
Example
nsx-edge-1(tier0_sr)> get route
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
Total number of routes: 7
b 11.11.11.0/24 [20/0] via 192.168.130.254
rl 100.64.1.0/31 [0/0] via 169.0.0.1
c 169.0.0.0/28 [0/0] via 169.0.0.2
ns 172.16.110.0/24 [3/3] via 169.0.0.1
ns 172.16.120.0/24 [3/3] via 169.0.0.1
ns 172.16.130.0/24 [3/3] via 169.0.0.1
c 192.168.130.0/24 [0/0] via 192.168.130.3
or
nsx-edge-1(tier0_sr)> get route 172.16.110.0/24
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
ns 172.16.110.0/24 [3/3] via 169.0.0.1
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display BGP-learned routes from the routing table. Optionally specify a prefix or IP address to display only the route used for that network.
| Option | Description |
|---|---|
| <prefix> | Prefix or IP address with optional prefix length |
Example
nsx-edge-1(tier0_sr)> get route bgp
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
b 11.11.11.0/24 [20/0] via 192.168.130.254
b 12.12.12.0/24 [20/0] via 192.168.130.254
or
nsx-edge-1(tier0_sr)> get route bgp 12.12.12.1
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
b 12.12.12.0/24 [20/0] via 192.168.130.254
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display connected routes from the routing table. Optionally specify a prefix or IP address to display only the route used for that network.
| Option | Description |
|---|---|
| <prefix> | Prefix or IP address with optional prefix length |
Example
nsx-edge-1(tier0_sr)> get route connected
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
c 169.0.0.0/28 [0/0] via 169.0.0.2
c 192.168.130.0/24 [0/0] via 192.168.130.3
or
nsx-edge-1(tier0_sr)> get route connected 192.168.130.22
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
c 192.168.130.0/24 [0/0] via 192.168.130.3
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display NAT routes from the routing table. Optionally specify a prefix or IP address to display only the route used for that network.
| Option | Description |
|---|---|
| <prefix> | Prefix or IP address with optional prefix length |
Example
nsx-edge-1(tier0_sr)> get route nat
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
t0n 11.11.1.0/24 [2/0] via 0.0.0.0
t1n 11.11.2.0/24 [3/0] via 169.254.0.1
nsx-edge-1(tier0_sr)> get route nat 11.11.2.0/24
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
t1n 11.11.2.0/24 [3/0] via 169.254.0.1
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display the specified IPv4 route.
| Option | Description |
|---|---|
| <prefix> | CIDR notation argument |
Example
nsx> get route prefix 192.168.110.0/24
192.168.110.0/24 interface eth0
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display static routes from the routing table. Optionally specify a prefix or IP address to display only the route used for that network.
| Option | Description |
|---|---|
| <prefix> | Prefix or IP address with optional prefix length |
Example
nsx-edge-1(tier0_sr)> get route static
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
rl 100.64.1.0/31 [0/0] via 169.0.0.1
ns 172.16.110.0/24 [3/3] via 169.0.0.1
ns 172.16.120.0/24 [3/3] via 169.0.0.1
ns 172.16.130.0/24 [3/3] via 169.0.0.1
or
nsx-edge-1(tier0_sr)> get route static 172.16.110.11
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
ns 172.16.110.0/24 [3/3] via 169.0.0.1
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Display all configured IPv4 routes.
Example
nsx> get routes
0.0.0.0/0 gateway 192.168.110.1 interface eth0
192.168.110.0/24 interface eth0
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display information about the specified routing domain.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge> get routing-domain b16a3ce5-e61d-43b4-b45b-66d29c8d3cf0
Routing Domain
UUID : b16a3ce5-e61d-43b4-b45b-66d29c8d3cf0
Replication Tunnels
Tunnel : 1e44a970-86e0-5a76-9e4f-ecc676b45148
IFUID : 264
Local : 200.200.200.3
Remote : 200.200.200.4
ENCAP : GENEVE
MTEP : False
Tunnel : 7305d7f1-3e84-5df6-9fdb-e29e76148542
IFUID : 273
Local : 200.200.200.3
Remote : 200.200.200.2
ENCAP : GENEVE
MTEP : False
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about the specified routing domain.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
esx-1> get routing-domain e168bb77-80f2-4cd5-8731-86025e095a78
Realized State:
Routing Domain
UUID : e168bb77-80f2-4cd5-8731-86025e095a78
Replication Tunnels
ENCAP : GENEVE
Local : 192.168.111.124
Local-subnet: /192.168.111.0
Remote : 192.168.111.99
Remote-subnet: /192.168.111.0
ENCAP : GENEVE
Local : 192.168.111.124
Local-subnet: /192.168.111.0
Remote : 192.168.111.144
Remote-subnet: /192.168.111.0
Mode
Basic
Availability
ESXi
Display information about the specified routing domain.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
kvm-1> get routing-domain e168bb77-80f2-4cd5-8731-86025e095a78
Desired State:
Routing Domain
UUID : e168bb77-80f2-4cd5-8731-86025e095a78
Realized State:
Routing Domain
UUID : e168bb77-80f2-4cd5-8731-86025e095a78
Replication Tunnels
Tunnel : "geneve3232264035"
ENCAP : GENEVE
Local : 192.168.111.124
Local-subnet: /192.168.111.0
Remote : 192.168.111.99
Remote-subnet: /192.168.111.0
Tunnel : "geneve3232264080"
ENCAP : GENEVE
Local : 192.168.111.124
Local-subnet: /192.168.111.0
Remote : 192.168.111.144
Remote-subnet: /192.168.111.0
Mode
Basic
Availability
KVM
Display information about all routing domains.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get routing-domain 857212c6-3d87-4a4a-9700-0c9d23f74f1c vtep
Routing-Domain-ID IP LABEL Segment MAC TransportNodeId
857212c6-3d87-4a4a-9700-0c9d23f74f1c 192.168.250.163 0x18801 192.168.250.0 04:00:c0:a8:fa:a3 857212c6-3d87-4a4a-9700-0c9d23f74f1c
99999999-3d87-4a4a-9700-0c9d23f74f1c 192.168.250.162 0xC801 192.168.250.0 04:00:c0:a8:fa:a2 857212c6-3d87-4a4a-9700-0c9d23f74f1d
Mode
Basic
Availability
Controller
Display information about all routing domains.
Example
kvm-1> get routing-domains
Desired State:
Routing Domain
UUID : e168bb77-80f2-4cd5-8731-86025e095a78
Realized State:
Routing Domain
UUID : e168bb77-80f2-4cd5-8731-86025e095a78
Replication Tunnels
Tunnel : "geneve3232264035"
ENCAP : GENEVE
Local : 192.168.111.124
Local-subnet: /192.168.111.0
Remote : 192.168.111.99
Remote-subnet: /192.168.111.0
Tunnel : "geneve3232264080"
ENCAP : GENEVE
Local : 192.168.111.124
Local-subnet: /192.168.111.0
Remote : 192.168.111.144
Remote-subnet: /192.168.111.0
Mode
Basic
Availability
KVM
Display information about all routing domains.
Example
esx-1> get routing-domains
Desired State:
Routing Domain
UUID : e168bb77-80f2-4cd5-8731-86025e095a78
Realized State:
Routing Domain
UUID : e168bb77-80f2-4cd5-8731-86025e095a78
Replication Tunnels
ENCAP : GENEVE
Local : 192.168.111.124
Local-subnet: /192.168.111.0
Remote : 192.168.111.99
Remote-subnet: /192.168.111.0
ENCAP : GENEVE
Local : 192.168.111.124
Local-subnet: /192.168.111.0
Remote : 192.168.111.144
Remote-subnet: /192.168.111.0
Mode
Basic
Availability
ESXi
Display information about all routing domains.
Example
nsx-edge> get routing-domain
Routing Domain
UUID : b16a3ce5-e61d-43b4-b45b-66d29c8d3cf0
Replication Tunnels
Tunnel : 1e44a970-86e0-5a76-9e4f-ecc676b45148
IFUID : 264
Local : 200.200.200.3
Remote : 200.200.200.4
ENCAP : GENEVE
MTEP : False
Tunnel : 7305d7f1-3e84-5df6-9fdb-e29e76148542
IFUID : 273
Local : 200.200.200.3
Remote : 200.200.200.2
ENCAP : GENEVE
MTEP : False
Routing Domain
UUID : bca731e7-171e-4ca0-82c2-2df4974a44a7
Replication Tunnels
Tunnel : 1e44a970-86e0-5a76-9e4f-ecc676b45148
IFUID : 264
Local : 200.200.200.3
Remote : 200.200.200.4
ENCAP : GENEVE
MTEP : False
Tunnel : 7305d7f1-3e84-5df6-9fdb-e29e76148542
IFUID : 273
Local : 200.200.200.3
Remote : 200.200.200.2
ENCAP : GENEVE
MTEP : False
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about all routing domains.
Example
nsx-controller-1> get routing-domains
Desired State:
Routing-Domain
c31126b8-be8d-49a5-a7ab-d7c13f6013eb
857212c6-3d87-4a4a-9700-0c9d23f74f1c
Mode
Basic
Availability
Controller
Get all domain names in the DNS search list.
Example
nsx> get search-domains
eng.example.com
corp.example.com
example.com
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display information about the specified service.
| Option | Description |
|---|---|
| <service-name> | Node service argument |
Example
nsx> get service snmp
Service name: snmp
Service state: running
Start on boot: True
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display the log level for the cluster-mgmt service.
Example
nsx-controller-1> get service cluster-mgmt logging-level
Logging level: debug
Mode
Basic
Availability
Controller
Display global logging configuration.
Example
nsx-controller-1> get service controller logging-config
Name: LogLevel: debug
Name: BarrierSplitter LogLevel: debug
Name: BgpConfigSplitter LogLevel: debug
Name: BgpNeighborSplitter LogLevel: debug
Name: BridgeClusterSplitter LogLevel: debug
Name: CommunityListSplitter LogLevel: debug
Name: ContainerSplitter LogLevel: debug
Name: DependencyGraphSpanUpdaterImpl:DepGraph LogLevel: debug
Name: DependencyGraphSpanUpdaterImpl:SrcGraph LogLevel: debug
Name: DhcpIpPoolSplitter LogLevel: debug
Name: DhcpRelaySplitter LogLevel: debug
Name: DhcpStaticBindingSplitter LogLevel: debug
Name: DigraphSpanComputerImpl LogLevel: debug
Name: DneRuleSectionSplitter LogLevel: debug
Name: DneRuleSplitter LogLevel: debug
Name: FilterSpanSplitter LogLevel: debug
Name: GlobalRoutingSplitter LogLevel: debug
.
.
.
Mode
Basic
Availability
Controller
Display the logging configuration for components that have the specified log level.
| Option | Description |
|---|---|
| <level> | The controller service logging level Allowed values: off, fatal, error, warn, info, debug, trace |
Example
nsx-controller-1> get service controller logging-config logging-level error
Name: BgpConfigSplitter LogLevel: error
Name: DhcpIpPoolSplitter LogLevel: error
Mode
Basic
Availability
Controller
Display the logging configuration for the specified component.
| Option | Description |
|---|---|
| <string> | String argument Allowed pattern: ^.*$ |
Example
nsx-controller-1> get service controller logging-config name BgpConfigSplitter
Name: BgpConfigSplitter LogLevel: debug
Mode
Basic
Availability
Controller
Display the logging configuration for components that match the specified pattern. The pattern can be a regular expression.
| Option | Description |
|---|---|
| <string> | String argument Allowed pattern: ^.*$ |
Example
nsx-controller-1> get service controller logging-config pattern Dhcp
Name: DhcpIpPoolSplitter LogLevel: debug
Name: DhcpRelaySplitter LogLevel: debug
Name: DhcpStaticBindingSplitter LogLevel: debug
Name: LogicalDhcpServerSplitter LogLevel: debug
Name: com.vmware.nsx.canary.span.DhcpIpPoolSpanner LogLevel: debug
Name: com.vmware.nsx.canary.span.DhcpStaticBindingSpanner LogLevel: debug
Name: com.vmware.nsx.canary.span.LogicalDhcpServerSpanner LogLevel: debug
Mode
Basic
Availability
Controller
Display the log level for the controller service.
Example
nsx-controller-1> get service controller logging-level
Logging level: debug
Mode
Basic
Availability
Controller
Display the log level of the dataplane service.
Example
nsx-edge-1> get service edge-mgmt logging-level
Log level: INFO
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the log level of the dhcp service.
Example
nsx-edge-1> get service edge-mgmt logging-level
Log level: INFO
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the log level of the edge-mgmt service.
Example
nsx-edge-1> get service edge-mgmt logging-level
Log level: INFO
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the log level of the IKE service.
Example
nsx-edge-1> get service ike logging-level
Log level: INFO
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the log level of the local-controller service.
Example
nsx-edge-1> get service local-controller logging-level
Log level: INFO
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the state of the local controller service.
Example
nsx-edge-1> get service local-controller state
Uptime : 3556847.000 seconds (since 2016-09-12 18:07:03.20)
Full Sync State : Completed at {'num': 1, 'time': '2016-09-20 10:19:24.22'}
Controller Session : Up
IPC Channel State
Datapath Config : Up since 2016-09-12 18:07:06.37
Datapath State : Up since 2016-09-12 18:07:05.49
Edge MPA Client : Up since 2016-09-12 18:07:03.84
Routing Service : Up since 2016-09-12 18:07:03.37
BFD Config : None
BFD State : None
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the whole cache table in cfgagent. Optionally specify arguments to display only the local configuration, remote configuration, local L2, or remote L2 information, and remote L3 information.
Example
ESXi-1> get service nsx-cfgagent cache-table config local
ObjectID ObjectType FullSyncVersion PropertyType PropertyValue
007ec6fd-e307-428a-8ccf-d1d0de2a26e5 VIF_STATE 1 INVALID_PROPERTY
007ec6fd-e307-428a-8ccf-d1d0de2a26e5 VIF_STATE 1 VIF_MAC id: "40d4ee0a-087e-4b38-a959-afeb2d67f23b"
vif_mac {
mac: 345046739262
}
ESXi-1> get service nsx-cfgagent cache-table l2 remote
ObjectID ObjectType FullSyncVersion PropertyType PropertyValueKey PropertyValue
ad209a8e-2f4c-40e1-ba63-5459f3922d9a LOG_SWITCH_FIB 1 L2_VTEP 2050 vtep_ip {
ipv4: 2886785032
}
vtep_label {
label: 2050
}
segment_id {
ipv4: 2886778880
}
vtep_mac {
mac: 345046978033
}
ad209a8e-2f4c-40e1-ba63-5459f3922d9a LOG_SWITCH_FIB 1 L2_VM_MAC 345047285093 mac {
mac: 345047285093
}
vtep_ip {
ipv4: 2886785032
}
vtep_mac {
mac: 345046978033
}
ESXi-1> get service nsx-cfgagent cache-table
......
Mode
Basic
Availability
ESXi
Display the entire routing configuration.
Example
nsx-edge-1> get service router config
ROUTING CONFIGURATION:
======================
{
"redist": {
"bgp_enabled": true
},
"redistri_rules": [
{
"rule": [
{
"to_proto": 1,
"seq_id": 0,
"flags": 103,
"name": {
"string": "rule3"
},
"description": {
"string": "Rule3"
}
}
]
}
],
"static_route": [
{
"prefix": {
"ipv4": "1.1.1.0",
"prefix_length": 25
},
"nexthops": [
{
"route_type": 3,
"ip": {
"ipv4": "169.254.0.1"
},
"if_index": 6,
"admin_distance": 3
}
]
},
{
"prefix": {
"ipv4": "11.11.1.0",
"prefix_length": 24
},
"nexthops": [
{
"route_type": 4,
"if_index": 1,
"admin_distance": 2
}
]
},
{
"prefix": {
"ipv4": "111.111.0.0",
"prefix_length": 16
},
"nexthops": [
{
"route_type": 3,
"ip": {
"ipv4": "169.254.0.1"
},
"if_index": 6,
"admin_distance": 3
}
]
},
{
"prefix": {
"ipv4": "11.11.2.0",
"prefix_length": 24
},
"nexthops": [
{
"route_type": 5,
"ip": {
"ipv4": "169.254.0.1"
},
"if_index": 6,
"admin_distance": 3
}
]
},
{
"prefix": {
"ipv4": "100.64.1.0",
"prefix_length": 31
},
"nexthops": [
{
"route_type": 7,
"ip": {
"ipv4": "169.254.0.1"
},
"if_index": 6,
"admin_distance": 0
}
]
},
{
"prefix": {
"ipv4": "1.1.3.0",
"prefix_length": 24
},
"nexthops": [
{
"route_type": 6,
"ip": {
"ipv4": "169.254.0.1"
},
"if_index": 6,
"admin_distance": 0
}
]
},
{
"prefix": {
"ipv4": "1.1.2.0",
"prefix_length": 24
},
"nexthops": [
{
"route_type": 3,
"ip": {
"ipv4": "169.254.0.1"
},
"if_index": 6,
"admin_distance": 3
}
]
}
],
"bgp_config": {
"enabled": true,
"local_as": 422,
"graceful_restart": false,
"neighbor": [
{
"enable": true,
"remote_as": 420,
"description": {
"string": "BGP_config created through automation"
},
"hold_down_timer": 4,
"address_family": [
{
"route_map_out": {
"route_map_seq": [
{
"action": 1,
"route_map_set": {},
"id": 1,
"match": {
"prefix_list": [
{
"prefix": [
{
"action": 1,
"index": 109,
"network": {
"ipv4": "1.1.1.0",
"prefix_length": 25
},
"seq_id": 1
}
],
"name": "1.1.1.0/25"
}
]
}
},
{
"action": 1,
"route_map_set": {
"metric": 1000
},
"id": 2,
"match": {
"prefix_list": [
{
"prefix": [
{
"index": 106,
"network": {
"ipv4": "1.1.0.0",
"prefix_length": 16
},
"seq_id": 1,
"less_or_equal_bits": 24,
"action": 1,
"greater_or_equal_bits": 16
}
],
"name": "1.1.0.0/16"
}
]
}
}
],
"name": {
"string": "1.1.0.0"
}
},
"enabled": true,
"type": "IPv4_UNICAST"
}
],
"keep_alive_timer": 1,
"src_ip_address": {
"ipv4": "40.40.40.1"
},
"ip_address": {
"ipv4": "40.40.40.10"
},
"enable_bfd": false,
"name": {
"string": "auto-bgp-config-1"
}
},
{
"enable": true,
"remote_as": 420,
"description": {
"string": "BGP_config created through automation"
},
"hold_down_timer": 3,
"address_family": [
{
"enabled": true,
"type": "IPv4_UNICAST",
"route_map_in": {
"route_map_seq": [
{
"action": 1,
"route_map_set": {
"weight": 200
},
"id": 1,
"match": {
"prefix_list": [
{
"prefix": [
{
"index": 103,
"network": {
"ipv4": "2.1.0.0",
"prefix_length": 16
},
"seq_id": 1,
"less_or_equal_bits": 28,
"action": 1,
"greater_or_equal_bits": 16
}
],
"name": "2.1.0.0"
}
]
}
}
],
"name": {
"string": "2.1.0.0"
}
}
}
],
"keep_alive_timer": 1,
"src_ip_address": {
"ipv4": "90.90.90.2"
},
"ip_address": {
"ipv4": "90.90.90.10"
},
"enable_bfd": false,
"name": {
"string": "auto-bgp-config-4"
}
}
],
"ecmp": true
},
"routing_global": {
"router_id": {
"ipv4": "40.40.40.1"
},
"op_state_up": true,
"role": 2,
"forwarding_up_timer": 0
}
}
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the redistribution configuration.
Example
nsx-edge-1> get service router config redist
REDISTRIBUTION CONFIGURATION:
=============================
redist:
{
"bgp_enabled": true
}
redistri_rules:
[
{
"rule": [
{
"to_proto": 1,
"seq_id": 0,
"flags": 103,
"name": {
"string": "rule3"
},
"description": {
"string": "Rule3"
}
}
]
}
]
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the route map configuration.
Example
nsx-edge-1> get service router config route-maps
ROUTE MAP CONFIGURATION:
============================
route_map_out:
{
"name": {
"string": "1.1.0.0"
},
"route_map_seq": [
{
"action": 1,
"id": 1,
"match": {
"prefix_list": [
{
"name": "1.1.1.0/25",
"prefix": [
{
"action": 1,
"index": 109,
"network": {
"ipv4": "1.1.1.0",
"prefix_length": 25
},
"seq_id": 1
}
]
}
]
},
"route_map_set": {}
},
{
"action": 1,
"id": 2,
"match": {
"prefix_list": [
{
"name": "1.1.0.0/16",
"prefix": [
{
"action": 1,
"greater_or_equal_bits": 16,
"index": 106,
"less_or_equal_bits": 24,
"network": {
"ipv4": "1.1.0.0",
"prefix_length": 16
},
"seq_id": 1
}
]
}
]
},
"route_map_set": {
"metric": 1000
}
}
]
}
route_map_in:
{
"name": {
"string": "2.1.0.0"
},
"route_map_seq": [
{
"action": 1,
"id": 1,
"match": {
"prefix_list": [
{
"name": "2.1.0.0",
"prefix": [
{
"action": 1,
"greater_or_equal_bits": 16,
"index": 103,
"less_or_equal_bits": 28,
"network": {
"ipv4": "2.1.0.0",
"prefix_length": 16
},
"seq_id": 1
}
]
}
]
},
"route_map_set": {
"weight": 200
}
}
]
}
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about Service Insertion.
Example
nsxedge(tier0_sr)> get service-insertion
Service Insertion Policy:
Policy UUID : ffeeddcc-bbaa-bbaa-2332-23fe33221100
Transport type : L2_BRIDGE
BFD status : BFD_DOWN
Redirected packet count north-to-south : 0
Redirected packet count south-to-north : 0
Service link1 IP : 10.10.10.1
Service link2 IP : 20.20.20.1
Service link1 nexthop IP : 10.10.10.2
Service link2 nexthop IP : 20.20.20.2
Failure policy : ON_FAILURE_DROP
Service Insertion Policy:
Policy UUID : 7fbe102d-268c-4b33-bdf5-8f1e608e9864
Transport type : L3_ROUTED
Redirected packet count : 1600
Nexthop IP : 40.40.40.10
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about Service Insertion.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsxedge(tier0_sr)> get service-insertion ffeeddcc-bbaa-bbaa-2332-23fe33221100
Service Insertion Policy:
Policy UUID : ffeeddcc-bbaa-bbaa-2332-23fe33221100
BFD status : BFD_DOWN
Redirected packet count north-to-south : 0
Redirected packet count south-to-north : 0
Service link1 IP : 10.10.10.1
Service link2 IP : 20.20.20.1
Service link1 nexthop IP : 10.10.10.2
Service link2 nexthop IP : 20.20.20.2
Failure policy : ON_FAILURE_DROP
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about all services.
Example
nsx-manager-1> get services
Service name: http
Service state: running
Session timeout: 1800
Connection timeout: 30000
Redirect host: (not configured)
Client API concurrency limit: 40
Client API rate limit: 100
Global API concurrency limit: 199
Service name: manager
Service state: running
Logging level: info
Service name: mgmt-plane-bus
Service state: running
Service name: node-mgmt
Service state: running
Service name: nsx-message-bus
Service state: running
Service name: ntp
Service state: running
Service name: install-upgrade
Service state: stopped
Enabled: False
Enabled on: 10.10.10.10
Service name: snmp
Service state: running
Start on boot: True
Service name: ssh
Service state: running
Start on boot: True
Service name: syslog
Service state: running
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display active network connections.
Example
nsx-manager-1> get sockets
Proto Remote Port Local Port In Out
tcp --listen-- 127.0.0.1 7440 0 0
tcp --listen-- 127.0.0.1 9200 0 0
tcp --listen-- 127.0.0.1 7441 0 0
tcp --listen-- --any-- 4369 0 0
tcp --listen-- 192.168.110.42 65012 0 0
tcp --listen-- 127.0.0.1 9300 0 0
tcp --listen-- 127.0.0.1 53 0 0
tcp --listen-- --any-- 22 0 0
tcp --listen-- --any-- 15671 0 0
tcp --listen-- --any-- 7000 0 0
tcp --listen-- --any-- 443 0 0
tcp --listen-- 127.0.0.1 2812 0 0
tcp --listen-- 192.168.110.42 7070 0 0
tcp --listen-- 192.168.110.42 7071 0 0
tcp --listen-- 127.0.0.1 32000 0 0
tcp --listen-- --any-- 8001 0 0
tcp --listen-- 127.0.0.1 32001 0 0
.
.
.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display active network connections.
Example
nsx-manager-1> get sockets
Proto Remote Port Local Port In Out
tcp --listen-- 127.0.0.1 7440 0 0
tcp --listen-- 127.0.0.1 9200 0 0
tcp --listen-- 127.0.0.1 7441 0 0
tcp --listen-- --any-- 4369 0 0
tcp --listen-- 192.168.110.42 65012 0 0
tcp --listen-- 127.0.0.1 9300 0 0
tcp --listen-- 127.0.0.1 53 0 0
tcp --listen-- --any-- 22 0 0
tcp --listen-- --any-- 15671 0 0
tcp --listen-- --any-- 7000 0 0
tcp --listen-- --any-- 443 0 0
tcp --listen-- 127.0.0.1 2812 0 0
tcp --listen-- 192.168.110.42 7070 0 0
tcp --listen-- 192.168.110.42 7071 0 0
tcp --listen-- 127.0.0.1 32000 0 0
tcp --listen-- --any-- 8001 0 0
tcp --listen-- 127.0.0.1 32001 0 0
.
.
.
Mode
Basic
Availability
Controller, Key Manager, Manager, Policy Manager
Display the statistics for all interfaces in the path.
Example
nsx-edge-1(path)> get stats
UUID RX PKTS TX PKTS RX BYTES TX BYTES RX Drops TX Drops
de650f56-276d-46ef-959e-960752acfe19 23796 14321 1576814 957858 3 0
140ca8de-61e0-4bba-b429-6a3791b0846a 38 127 2807 9150 15 0
9eff9e4e-9157-4107-a0dd-c79350dce6f7 127 38 9150 2807 0 0
53bab4b1-f0df-451b-af80-0a9d5e580186 38 127 2807 9150 0 0
2a7bf881-1f89-4833-833e-47673b79901a 127 38 9150 2807 8 0
bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a 29 14 1890 980 0 0
->5b2068d0-8c28-4427-8be4-48f422f92309 14 29 980 1890 0 0
eb3bd495-9ce3-40b4-a955-c2ddc4893cfa 29 14 1890 980 0 0
1fec3ffa-213d-4d2b-ae1b-e12857434846 14 29 980 1890 0 0
13592f56-be3c-4d3d-88de-7d5825dd51bb 17 22 1422 1316 0 0
c588fc5d-dd62-45b2-bc16-3dae466c16c7 22 17 1316 1422 0 0
2120ef07-05e3-477f-8d96-e2be390784db 3 23 126 1394 0 0
3bbbd5e9-2ffe-4fb7-9edb-edc7bba67278 23 3 1394 126 2 0
dd10beb2-3673-43a5-b180-ecc46e830ee0 0 7 0 686 0 0
fdc429ef-d778-421b-bf84-e1063a7bf5ab 7 0 686 0 0 0
Mode
Path
Availability
Edge, Public Cloud Gateway
Display statistics for the logical router in the VRF context.
Example
nsx-edge-1(vrf)> get stats
Logical Router
UUID : 736a80e3-23f6-5a2d-81d6-bbefb2786666
VRF : 0
LR-ID : 0
name : R1
type : TUNNEL
Statistics
Dropped No Memory : 0
Dropped No Route : 0
Mode
VRF, Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Display the contents of the tech support bundle. Specify the
file argument to save the bundle to a file with the specified file name in the file store. This support bundle does not contain core or audit log files. To include those files, specify the all argument. Core files contain system information and all information stored in memory at the time of the dump (this may include confidential, sensitive or personal information such as passwords and encryption keys, if they are being processed in memory at that time). If you choose to send the support bundle to VMware, it will be processed in accordance with VMware’s standard processes and policies, to provide you with support, fix problems and improve the product and services.
| Option | Description |
|---|---|
| <filename> | Name of file to generate, for example support-bundle.tgz Allowed pattern: ^[^/ *;&|]+$ |
Example
nsx-manager-1> get support-bundle
--------------------------------------------------------------------------------
/usr/sbin/arp -n
--------------------------------------------------------------------------------
Address HWtype HWaddress Flags Mask Iface
192.168.110.201 ether 00:50:56:a9:8a:8c C eth0
192.168.110.101 ether 00:50:56:a9:45:29 C eth0
192.168.110.1 ether 68:ef:bd:4e:98:7f C eth0
192.168.110.10 ether 00:50:56:a6:e0:14 C eth0
--------------------------------------------------------------------------------
/bin/df -lT -x securityfs
--------------------------------------------------------------------------------
Filesystem Type 1K-blocks Used Available Use% Mounted on
udev devtmpfs 8206240 4 8206236 1% /dev
tmpfs tmpfs 1643032 772 1642260 1% /run
/dev/sda2 ext4 19554584 2229116 16309100 13% /
none tmpfs 4 0 4 0% /sys/fs/cgroup
none tmpfs 5120 0 5120 0% /run/lock
none tmpfs 8215140 4 8215136 1% /run/shm
none tmpfs 102400 0 102400 0% /run/user
/dev/mapper/nsx-repository ext4 19551512 308428 18226868 2% /repository
.
.
.
nsx-manager-1> get support-bundle file support-bundle.tgz
support-bundle.tgz created, use the following command to transfer the file:
copy file support-bundle.tgz url
After transferring support-bundle.tgz, extract it using: tar xzf support-bundle.tgz
nsx-manager-1> get support-bundle file support-bundle-all.tgz all
support-bundle-all.tgz created, use the following command to transfer the file:
copy file support-bundle-all.tgz url
After transferring support-bundle-all.tgz, extract it using: tar xzf support-bundle-all.tgz
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Saves support bundle to the specified filename in the filestore.
| Option | Description |
|---|---|
| <filename> | Name of file to generate, for example support-bundle.tgz Allowed pattern: ^[^/ *;&|]+$ |
Example
host-1> get support-bundle file
Name of file to generate, for example support-bundle.tgz
host-1> get support-bundle file support-bundle.tgz
support-bundle.tgz is created in /var/vmware/nsx/file-store
Mode
Basic
Availability
NSX Cloud VM
Display IPFIX configuration about the specified logical switch.
| Option | Description |
|---|---|
| <logical-switch-id> | Logical switch UUID |
Example
kvm-1> get switch-ipfix logical-switch 9e5adc03-df5a-490d-be52-d62629c6527d setting
Switch IPFIX setting
============================================================
obsDomainID : 0
activeTimeout : 60
maxFlow : 65535
sampleRate : 1
collectors : 10.117.7.163 4739
10.117.7.162 4739
Mode
Basic
Availability
KVM, NSX Cloud VM
Display information about the specified IPFIX configuration.
| Option | Description |
|---|---|
| <logical-switch-port-id> | Logical switch port UUID |
Example
kvm-1> get switch-ipfix logical-switch-port 6cb56e83-9ccf-4991-94e7-26471b4ca93e setting
Switch IPFIX setting
============================================================
obsDomainID : 0
activeTimeout : 60
maxFlow : 65535
sampleRate : 1
collectors : 10.117.7.163 4739
10.117.7.162 4739
Mode
Basic
Availability
KVM, NSX Cloud VM
Display the topology of the system.
Example
nsx-edge-1> get topology
Machine (3949MB)
Socket L#0 + Core L#0 + PU L#0 (P#0)
Socket L#1 + Core L#1 + PU L#1 (P#1)
HostBridge L#0
PCI 8086:7111
PCI 15ad:0405
GPU L#0 "card0"
GPU L#1 "controlD64"
PCI 1000:0030
Block L#2 "sda"
PCIBridge
PCI 15ad:07b0
Net L#3 "eth0"
PCIBridge
PCI 15ad:07b0
PCIBridge
PCI 15ad:07b0
PCIBridge
PCI 15ad:07b0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the ARP table for the specified transport node.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get transport-node bfd72df1-ed5f-405f-a9d1-585e550bc677 arp-table
VNI IP MAC TransportNode-ID
17288 172.16.110.11 00:50:56:8e:91:12 bfd72df1-ed5f-405f-a9d1-585e550bc677
Mode
Basic
Availability
Controller
Display the MAC address table for the specified transport node.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get transport-node bfd72df1-ed5f-405f-a9d1-585e550bc677 mac-table
VNI MAC VTEP-IP TransportNode-ID
17288 00:50:56:8e:91:12 192.168.210.100 bfd72df1-ed5f-405f-a9d1-585e550bc677
Mode
Basic
Availability
Controller
Display routing domains joined by the specified transport node.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get transport-node bfd72df1-ed5f-405f-a9d1-585e550bc677 routing-domain
Routing-Domain-ID
133fa69c-756e-4d7e-8ac2-1317b9e02e31
133fa69c-756e-4d7e-8ac2-1317b9e02e32
Mode
Basic
Availability
Controller
Display the routing vtep table for the specified transport node.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get transport-node bfd72df1-ed5f-405f-a9d1-585e550bc677 routing-vtep
Routing-Domain-ID IP LABEL Segment MAC TransportNode-ID
133fa69c-756e-4d7e-8ac2-1317b9e02e31 92.168.210.100 0x15801 192.168.210.0 00:50:56:67:af:f4 bfd72df1-ed5f-405f-a9d1-585e550bc677
133fa69c-756e-4d7e-8ac2-1317b9e02e32 192.168.210.100 0x15801 192.168.210.0 00:50:56:67:af:f4 bfd72df1-ed5f-405f-a9d1-585e550bc677
Mode
Basic
Availability
Controller
Display status information for the specified transport node.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get transport-node bfd72df1-ed5f-405f-a9d1-585e550bc677 status
TransportNode-ID Controller SSL-Enabled Connection-State Supported-Versions
bfd72df1-ed5f-405f-a9d1-585e550bc677 127.0.0.1 true OPENED 1.1.0.0.0.0
Mode
Basic
Availability
Controller
Display VIF information for the specified transport node.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get transport-node bfd72df1-ed5f-405f-a9d1-585e550bc677 vifs
VIF LogSwitchPort-ID TransportNode-ID TransportNode-IP
133fa69c-756e-4d7e-8ac2-1317b9e02e31 9a71e870-f386-47c6-ae7f-f5e0895dba8b bfd72df1-ed5f-405f-a9d1-585e550bc677 192.168.210.51
Mode
Basic
Availability
Controller
Display all tunnel end points for the specified transport node.
| Option | Description |
|---|---|
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> get transport-node bfd72df1-ed5f-405f-a9d1-585e550bc677 vtep
VNI IP LABEL Segment MAC TransportNode-ID
39816 192.168.210.100 0x15801 192.168.210.0 00:50:56:67:af:f4 bfd72df1-ed5f-405f-a9d1-585e550bc677
17288 192.168.210.100 0x15801 192.168.210.0 00:50:56:67:af:f4 bfd72df1-ed5f-405f-a9d1-585e550bc677
Mode
Basic
Availability
Controller
Display status information for all transport nodes.
Example
nsx-controller-1> get transport-nodes status
TransportNode-ID Controller SSL-Enabled Connection-State Supported-Versions
bfd72df1-ed5f-405f-a9d1-585e550bc677 127.0.0.1 true OPENED 1.1.0.0.0.0
e12ce1d1-b3d9-4602-ba81-91e1fa6a60e4 127.0.0.1 true OPENED 1.1.0.0.0.0
Mode
Basic
Availability
Controller
Display information about the specified tunnel port.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get tunnel-port d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa
Tunnel : d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa
IFUID : 295
LOCAL : 192.168.250.162
REMOTE : 192.168.250.160
ENCAP : STT
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display statistics for the specified tunnel port.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
Example
nsx-edge-1> get tunnel-port 6598ab27-95c6-50ef-85b3-89b7811ab672 stats
Tunnel : 6598ab27-95c6-50ef-85b3-89b7811ab672
RX-Packets : 0
RX-Bytes : 0
RX-Drops : 0
Malformed : 0
No-Match : 0
L2-Loop : 0
TX-Packets : 3498
TX-Bytes : 433752
TX-Drops : 0
No-Memory : 0
No-Route : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display information about all tunnel ports.
Example
nsx-edge-1> get tunnel-ports
Tunnel : d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa
IFUID : 295
LOCAL : 192.168.250.162
REMOTE : 192.168.250.160
ENCAP : STT
Tunnel : 6598ab27-95c6-50ef-85b3-89b7811ab672
IFUID : 296
LOCAL : 192.168.250.162
REMOTE : 192.168.250.161
ENCAP : STT
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display statistics for all tunnel ports.
Example
nsx-edge-1> get tunnel-ports stats
Tunnel : d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa
RX-Packets : 0
RX-Bytes : 0
RX-Drops : 0
Malformed : 0
No-Match : 0
L2-Loop : 0
TX-Packets : 3325
TX-Bytes : 412300
TX-Drops : 0
No-Memory : 0
No-Route : 0
Tunnel : 6598ab27-95c6-50ef-85b3-89b7811ab672
RX-Packets : 0
RX-Bytes : 0
RX-Drops : 0
Malformed : 0
No-Match : 0
L2-Loop : 0
TX-Packets : 3331
TX-Bytes : 413044
TX-Drops : 0
No-Memory : 0
No-Route : 0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display the contents of the specified playbook for the specified upgrade bundle.
| Option | Description |
|---|---|
| <bundle-name> | Name of NSX upgrade bundle in the file store |
| <playbook-file> | Name of Playbook file to use |
Example
nsx-edge-1> get upgrade-bundle VMware-NSX-edge-2.0.0.0.0.5298714 playbook VMware-NSX-edge-2.0.0.0.0.5298714-playbook
steps:
- name: 11-preinstall-enter_maintenance_mode
- name: install_os
- name: reboot
- name: 41-postboot-exit_maintenance_mode
- name: finish_upgrade
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display all playbooks in the file store.
Example
nsx-edge-1> get upgrade-bundle playbooks
playbook
VMware-NSX-edge-2.0.0.0.0.5298714-playbook
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display the system uptime information.
Example
nsx-manager-1> get uptime
16:34:39 up 15 days, 16:16, 1 user, load average: 0.55, 0.25, 0.26
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Get SSH keys from authorized_keys file for specified user.
| Option | Description |
|---|---|
| <username> | Username of user |
Example
nsx> get user admin ssh-keys
label: user1@domain1
type: ssh-rsa
value:
AAAAB3NzaC1yc2EAAAABIwAAAIEAywWhrwq4FjHt+UuwZcZePxtjtZOENFpOjufycaYso2nTlzNwnAQEQRfbqsUxKVtOtGxgApIkUvjRIjNBdJE6iOzvBXZhhJrM0GUDJragw7SMVIs/5xJBGAyHKJ1YUMGO7+nJTmsCLx6PFOlQYveuriiVVCCZerGCLH+UtSXK3z+l7hx9NiDg3/ylOLc3f3SLxrJKn0gMTgK7BHJFXo4PguuPjWZLVdUDX+XKiqtT2n4IsYs6N9qVFG3zUgNlEjZM47NK/ytAC0max98pK+QNzsuaQOo/IShJ1TOw5wwScflPArVJ2AyROqAe7cfQg7q12I9olASFd3U5NazfZCTYAvWA1kz9UZEWLJ1Br1XOkPqOleMM8KCp/PXzz8H0kISkMIji0/QuiZOPEBsKlszXjlALcXR8Mg1uiZVWy48i9JheyXyj1ToCj6cPScpgFHp3DAGSlKKbE1EFaVfeeyGAnHESuXC9wkSeFZCEyMJ+RgJxMkBXNZmyycbwsSqAeGJpMEUDlwzu2GD0obBz0HXqg9J1Xallop5AVDKfeszZcc=
label: user2@domain2
type: ssh-rsa
value:
AAAAB3NzaC1yc2EAAAABIwAAAIEA0KJDLOiiXj9XdMxiCT9KvaKfuxFQi+CIiklaN5hHsNgYOu7TijqyONEu5fONLoAo/cshLa+KuargyTrtizwcP4TPcTXZhhJrM0GUDJragw7SMVIs/5xJBGAyHKJ1YUMGO7+nJTmsCLx6PFOlQYveuriiVVCCZerGCLH+UtSXK3z+l7hx9NiDg3/ylOLc3f3SLxrJKn0gMTgK7BHJFXo4PguuPjWZLVdUDX+XKiqtT2n4IsYs6N9qVFG3zUgNlEjZM47NK/ytAC0max98pK+QNzsuaQOo/IShJ1TOw5wwScflPArVJ2AyROqAe7cfQg7q12I9olASFd3U5NazfZCTYAvWA1kz9UZEWLJ1Br1XOkPqOleMM8KCp/PXzz8H0kISkMIji0/QuiZOPEBsKlszXjlALcXR8Mg1uiZVWy48i9JheyXyj1ToCj6cPScpgFHp3DAGSlKKbE1EFaVfeeyGAnHESlnDDg3Gq5xSsB9Okqm3V5t8GpFaJbV68BxQ4BK6HJ21A3CinV4LdV3hR/OBUbDG2EcI+ZKRDjlpJuu4YU=
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display the version of the NSX appliance.
Example
nsx> get version
VMware NSX Software, Version 1.0.0.0.0.3255655
Technical Support: http://www.vmware.com/support.html
Copyright © 2014-2018 VMware, Inc. All rights reserved. This
product is protected by copyright and intellectual property
laws in the United States and other countries as well as by
international treaties. VMware products are covered by one
or more patents listed at http://www.vmware.com/go/patents.
VMware is a registered trademark or trademark of VMware, Inc.
in the United States and other jurisdictions. All other marks
and names mentioned herein may be trademarks of their respective
companies.
Mode
Basic
Availability
ESXi, KVM, NSX Cloud VM
Display the version of the NSX appliance.
Example
nsx> get version
VMware NSX Software, Version 1.0.0.0.0.3255655
Technical Support: http://www.vmware.com/support.html
Copyright © 2014-2018 VMware, Inc. All rights reserved. This
product is protected by copyright and intellectual property
laws in the United States and other countries as well as by
international treaties. VMware products are covered by one
or more patents listed at http://www.vmware.com/go/patents.
VMware is a registered trademark or trademark of VMware, Inc.
in the United States and other jurisdictions. All other marks
and names mentioned herein may be trademarks of their respective
companies.
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display information about the sepcified VIF. You can find VIF IDs with the
get transport-node <uuid> vif command or the get logical-switch <uuid> ports command (see Child-UUID where Child-EntityType is VIF).| Option | Description |
|---|---|
| <vif> | VIF ID |
Example
nsx-controller-1> get vif c78a1655-228c-493b-88cf-6b77dafe908d
VIF LogSwitchPort-ID TransportNode-ID TransportNode-IP
c78a1655-228c-493b-88cf-6b77dafe908d 335bbfdc-d6d6-4d87-8fb1-b98614fff1d8 de9dca49-fc90-43ae-aa65-3b0148da4eee 192.168.210.51
Mode
Basic
Availability
Controller
Display information about the specified VIF.
| Option | Description |
|---|---|
| <vif> | VIF ID |
Example
esx-1> get vif 1a29d525-6086-4d48-a849-5d11e2a6d37a
IP: 196.168.100.3 MAC: 00:50:56:98:80:c9
Mode
Basic
Availability
ESXi
Dump the host's network mode and tagged interface.
Example
host-1> get vm-network-mode
VM-Network-Mode : Overlay
Interface : eth1
Mode
Basic
Availability
NSX Cloud VM
Get VMC migration mode status.
Example
nsx-edge-1> get vmc migration-mode
VMC Migration Mode: enabled
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display all vSwitch runtime options on this host.
Example
esx-1> get vswitch runtime
IGMPQueries: 2
IGMPQueryInterval: 125
IGMPRouterIP: 0.0.0.0
IGMPV3MaxSrcIPNum: 10
IGMPVersion: 3
MLDRouterIP: FE80::FFFF:FFFF:FFFF:FFFF
MLDV2MaxSrcIPNum: 10
MLDVersion: 2
MaxRARPsPerInterval: 128
RARPAdvertisementDuration: 60
TeamPolicyUpDelay: 100
Mode
Basic
Availability
ESXi
Display information about all tunnel endpoints.
Example
nsx-edge-1> get vteps
Remote VTEP IP : 192.168.250.161
Remote VTEP Label : 12289
Local VTEP IP : 192.168.250.162
Local VTEP Label : 51201
Remote VTEP IP : 192.168.250.160
Remote VTEP Label : 61441
Mode
Basic
Availability
Edge, Public Cloud Gateway
Display help information. See the example below.
Example
nsx-manager-1> help
NSX CLI help is available via a variety of different ways:
1. From the command prompt, enter: help
This full help message is shown.
2. Tab completion
Tab completion is always available to either complete a valid
command word or complete a valid argument. If completion cannot
be performed, a message is shown to indicate the reason.
For example: ge<tab>
3. Pressing ?
At any time, pressing ? shows possible options for the command
entered. If no options are available, a helpful message is
shown to indicate the reason.
For example: get ?
4. From the command prompt, enter: list
View all supported commands and command parameters.
Mode
Availability
Controller, Edge, ESXi, KVM, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Initialize the cluster on the first controller.
Example
nsx-controller-1> initialize control-cluster
Control cluster initialization successful.
Mode
Basic
Availability
Controller
Join a new controller to the cluster. Run the
join control-cluster command on a controller that already belongs to the cluster. Run the get control-cluster certificate thumbprint command on the new controller to get the thumbprint.| Option | Description |
|---|---|
| <ip-address[:port]> | IP address of an NSX Controller and optional port |
| <thumbprint> | The thumbprint of the controller |
Example
nsx-controller-1> join control-cluster 192.168.110.110 thumbprint 4afe87618879065e20dec4e880be3ec91302e1cb55461c18e3a6b1a2b2ba4373
Node 192.168.110.110 has successfully joined the control cluster.
Please run 'activate control-cluster' command on the new node.
Mode
Basic
Availability
Controller
Join this node to the management plane.
| Option | Description |
|---|---|
| <hostname-or-ip-address[:port]> | Hostname or IP address of an NSX Manager and optional port |
| <thumbprint> | Manager API thumbprint |
| <token> | Manager API token Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
| <uuid> | UUID argument Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-edge> join management-plane 192.168.110.105 node-uuid 692eef9a-026e-4e24-8494-251990b2b4e3 thumbprint 7f1374c339b592da504b352857a0bdc4e77b9b998a9971f9335633210f667c97 token fd872487-07db-43c6-9067-acb2b9fe1fe4
Node successfully registered as Fabric Node: 692eef9a-026e-4e24-8494-251990b2b4e3
Mode
Basic
Availability
Edge, Public Cloud Gateway
Join this node to the management plane.
| Option | Description |
|---|---|
| <hostname-or-ip-address[:port]> | Hostname or IP address of an NSX Manager and optional port |
| <username> | Manager API username |
| <thumbprint> | Manager API thumbprint |
| <password> | Manager API password |
Example
nsx-edge> join management-plane 192.168.110.105 username admin thumbprint 7f1374c339b592da504b352857a0bdc4e77b9b998a9971f9335633210f667c97
Password for API user:
Node successfully registered as Fabric Node: 692eef9a-026e-4e24-8494-251990b2b4e3
Mode
Basic
Availability
Edge, Public Cloud Gateway
Join this hypervisor host with the management plane. You can
specify any NSX Manager in the management cluster in this command.
Use the API username and password for the specified NSX Manager. If you do not provide a password on the command line, you will be prompted to enter one.
Get the NSX Manager thumbprint by running the
get certificate api thumbprint command on the
specified NSX Manager.
| Option | Description |
|---|---|
| <hostname-or-ip-address[:port]> | Hostname or IP address of an NSX Manager and optional port |
| <username> | Manager API username |
| <thumbprint> | Manager API thumbprint |
| <password> | Manager API password |
Example
host-1> join management-plane 192.168.110.105 username admin thumbprint 898b75618e3e56615d53f987a720ff22b6381f4b85bec1eb973214ff7361f8b8
Password for API user:
Node successfully joined
Mode
Basic
Availability
ESXi, KVM
Join this node with the management plane.
| Option | Description |
|---|---|
| <ip-address[:port]> | IP address of an NSX Manager and optional port |
| <thumbprint> | Manager API thumbprint |
| <token> | Manager API token Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
Example
nsx-controller-1> join management-plane 192.168.110.105 thumbprint 7f1374c339b592da504b352857a0bdc4e77b9b998a9971f9335633210f667c97 token fd872487-07db-43c6-9067-acb2b9fe1fe4
Node successfully registered and controller restarted
Mode
Basic
Availability
Controller
Join this controller with the management plane. You can specify any NSX Manager in the management cluster in this command.
Use the API username and password for the specified NSX Manager. If you do not provide a password on the command line, you will be prompted to enter one.
Get the NSX Manager thumbprint by running the get certificate api thumbprint command on the specified NSX Manager.
| Option | Description |
|---|---|
| <ip-address[:port]> | IP address of an NSX Manager and optional port |
| <username> | Manager API username |
| <thumbprint> | Manager API thumbprint |
| <password> | Manager API password |
Example
nsx-controller-1> join management-plane 192.168.110.105 username admin thumbprint fef089bbfbd2e10da6ee08c7ff4a95da1368587abfd2c6db59c8db540bc43e58
Password for API user:
Node successfully registered and controller restarted
Mode
Basic
Availability
Controller
Join this keymanager with the management plane. You can specify any NSX Manager in the management cluster in this command.
Use the API username and password for the specified NSX Manager. If you do not provide a password on the command line, you will be prompted to enter one.
Get the NSX Manager thumbprint by running the get certificate api thumbprint command on the specified NSX Manager.
Specify the network interface name used for hypervisors to request keys.
| Option | Description |
|---|---|
| <ip-address[:port]> | IP address of an NSX Manager and optional port |
| <username> | Manager API username |
| <thumbprint> | Manager API thumbprint |
| <password> | Manager API password |
| <interface-name> | Network interface argument |
Example
nsx-keymanager-1> join management-plane 192.168.110.105 username admin thumbprint fef089bbfbd2e10da6ee08c7ff4a95da1368587abfd2c6db59c8db540bc43e58 interface-name eth0
Password for API user:
KeyManager node successfully registered and service restarted
Mode
Basic
Availability
Key Manager
This command lists all available commands.
Mode
Availability
Controller, Edge, ESXi, KVM, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display nslookup information.
| Option | Description |
|---|---|
| <hostname> | System hostname argument |
Example
nsx-manager-1> nslookup nsx-edge-1
Server: ns1.corp.local
Address: 192.168.110.10
Name: nsx-edge-1
Address: 192.168.110.101
Mode
Basic
Availability
Edge, Public Cloud Gateway
Get DNS lookup information.
Note that when run on an NSX Manager, the responding server is reported as 127.0.0.1 instead of the configured name server.
| Option | Description |
|---|---|
| <hostname> | System hostname argument |
Example
nslookup from an NSX Manager:
nsx-manager-1> nslookup nsx-manager-2
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: nsx-manager-2.corp.local
Address: 192.168.110.202
nslookup from an NSX Controller:
nsx-controller-1> nslookup nsx-manager-2
Server: 192.168.110.10
Address: 192.168.110.10#53
Name: nsx-manager-2.corp.local
Address: 192.168.110.202
Mode
Basic
Availability
Controller, Key Manager, Manager, Policy Manager
Display Nslookup DNS Forwarder result.
| Option | Description |
|---|---|
| <hostname-or-ip-address> | A hostname or IP address |
Example
nsx-edge-1(tier0_sr)> nslookup dns-forwarder vmware.com
ERR_MSG:
RESULT:
Server: 11.11.11.11
Address: 11.11.11.11#53
Non-authoritative answer:
Name: host1.vmc.example.com
Address: 199.199.2.10
Name: host1.vmc.example.com
Address: 199.199.2.11
STATE: ACTIVE
UUID: cd7036e2-c25d-4d07-9c4c-e6291473fb26
Mode
Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Display Nslookup DNS Forwarder result.
| Option | Description |
|---|---|
| <uuid> | Generic UUID string argument Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$ |
| <hostname-or-ip-address> | A hostname or IP address |
Example
nsx-edge-1> nslookup dns-forwarder 9b032ded-a109-42ee-b49b-ae05e7b9edf6 vmware.com
ERR_MSG:
RESULT:
Server: 11.11.11.11
Address: 11.11.11.11#53
Non-authoritative answer:
Name: host1.vmc.example.com
Address: 199.199.2.10
Name: host1.vmc.example.com
Address: 199.199.2.11
STATE: ACTIVE
UUID: cd7036e2-c25d-4d07-9c4c-e6291473fb26
Mode
Basic
Availability
Edge, Public Cloud Gateway
Run a command on the specified cluster/fabric node.
| Option | Description |
|---|---|
| <registered-node-uuid> | First UUID of any registered node |
Example
nsx-manager-1> on 761ce797-9c70-483b-9436-41d3b8cd61f7 exec get logical-switches
-------------------------------------------------------------------------------------
761ce797-9c70-483b-9436-41d3b8cd61f7 ctl ychin-nsxcontroller-ob-7056821-1-TB1105DGO
-------------------------------------------------------------------------------------
VNI UUID Name
60304 9c9d40be-b4c2-4aed-b109-c89fdb36fcb1 transit-bp-33f9e0d3-82ca-4617-8283-c6872f5e1efe
60297 ea10e5a5-1b61-48a6-90ef-f252a5248461 3-switch-24
60299 980f22ef-d49b-4759-8e8b-6404e3bf26bb 22-switch-28
60306 be31a40f-4e63-420a-b490-7360a09697e2 transit-rl-5e76249b-8e67-4545-9c52-edca4ba8577e
60305 3abbb822-e631-46e3-9d25-7b6bba8b0023 transit-bp-5e76249b-8e67-4545-9c52-edca4ba8577e
60302 85fcfb8b-55f6-4ad5-8362-d69ae421f1cb 21-switch-28
60298 dbb3903e-d24f-46d7-b2af-9fa33f7becce 2-switch-24
60296 bffe57f3-6a71-485c-ab29-64af96e1f713 1-switch-24
Mode
Basic
Availability
Manager
Enter path context mode. This mode allows you to get information about each interface that is in the path between the specified logical router port and the specified IP address.
You can get a list of logical router interfaces with the get logical-router interfaces command.
Once you are in the path context, use the path commands to navigate and get information, for example, get path, get current, up and down.
| Option | Description |
|---|---|
| <uuid> | Datapath UUID argument |
| <ip-address> | Network IP address argument |
Example
nsx-edge-1> path de650f56-276d-46ef-959e-960752acfe19 172.16.10.11
nsx-edge-1(path)>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Ping an IP address. Use Control-C to stop the ping command.
| Option | Description |
|---|---|
| <hostname-or-ip-address> | A hostname or IP address |
Example
nsx-edge-1> ping 192.168.110.1
PING 192.168.110.1 (192.168.110.1): 56 data bytes
64 bytes from 192.168.110.1: icmp_seq=0 ttl=64 time=0.610 ms
64 bytes from 192.168.110.1: icmp_seq=1 ttl=64 time=0.645 ms
64 bytes from 192.168.110.1: icmp_seq=2 ttl=64 time=0.889 ms
^C
--- 192.168.110.1 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.610/0.715/0.889/0.124 ms
Mode
Basic
Availability
Edge, Public Cloud Gateway
Ping a host or IP address. Use Control-C to stop the command. Optionally use the
repeat argument to specify how many packets to transmit.| Option | Description |
|---|---|
| <hostname-or-ip-address> | A hostname or IP address |
| <number> | Number argument Allowed pattern: ^[0-9]+$ |
Example
nsx-manager-1> ping 10.192.43.71
PING 10.192.43.71 (10.192.43.71) 56(84) bytes of data.
64 bytes from 10.192.43.71: icmp_seq=1 ttl=58 time=1.66 ms
64 bytes from 10.192.43.71: icmp_seq=2 ttl=58 time=0.961 ms
64 bytes from 10.192.43.71: icmp_seq=3 ttl=58 time=0.962 ms
64 bytes from 10.192.43.71: icmp_seq=4 ttl=58 time=0.883 ms
64 bytes from 10.192.43.71: icmp_seq=5 ttl=58 time=1.15 ms
^C
--- 10.192.43.71 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4003ms
rtt min/avg/max/mdev = 0.883/1.125/1.665/0.285 ms
Mode
Basic
Availability
Controller, Key Manager, Manager, Policy Manager
Ping an IP address. Use Control-C to stop the ping command.
The
repeat argument specifies how many ping
packets to transmit.
The size argument specifies the size of the ping
packet. The dfbit argument specifies whether to
set the "don't fragment" bit in the ping packet. If enabled, the
packet will not be fragmented.
The source argument specifies which IP
address to ping from. This may be required in some circumstances
for ping to work as expected. For example, if there is overlap
in IP addresses used in the tier 0 and tier 1 router transit
subnets, pings from the tier 0 VRF will not reach virtual
machines on networks routed by the tier 1 router.
If you use the source argument to specify a unique
IP used by that VRF (in this case, the
tier 0 uplink IP) the pings will reach the virtual machines.
| Option | Description |
|---|---|
| <hostname-or-ip-address> | A hostname or IP address |
| <number> | Number argument Allowed pattern: ^[0-9]+$ |
| <enable> | Enable argument Allowed values: ENABLE |
Example
nsx-edge-1(tier0_sr)> ping 172.16.110.11 source 192.168.130.3 repeat 3
PING 172.16.110.11 (172.16.110.11) from 192.168.130.3: 56 data bytes
64 bytes from 172.16.110.11: icmp_seq=0 ttl=62 time=4.300 ms
64 bytes from 172.16.110.11: icmp_seq=1 ttl=62 time=1.879 ms
64 bytes from 172.16.110.11: icmp_seq=2 ttl=62 time=1.406 ms
--- 172.16.110.11 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 1.406/2.528/4.300/1.268 ms
Mode
Basic, VRF, Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Ping an IP address. Use Control-C to stop the ping command.
The
repeat argument specifies how many ping
packets to transmit. The vrf argument
specifies which VRF to send the pings from. You can get a list of
available VRFs with the get logical-routers command.
The size argument specifies the size of the ping
packet. The dfbit argument specifies whether to
set the "don't fragment" bit in the ping packet. If enabled, the
packet will not be fragmented.
The source argument specifies which IP
address to ping from. This may be required in some circumstances
for ping to work as expected. For example, if there is overlap
in IP addresses used in the tier 0 and tier 1 router transit
subnets, pings from the tier 0 VRF will not reach virtual
machines on networks routed by the tier 1 router.
If you use the source argument to specify a unique
IP used by that VRF (in this case, the
tier 0 uplink IP) the pings will reach the virtual machines.
| Option | Description |
|---|---|
| <hostname-or-ip-address> | A hostname or IP address |
| <number> | Number argument Allowed pattern: ^[0-9]+$ |
| <enable> | Enable argument Allowed values: ENABLE |
| <vrf-id> | VRF ID argument Allowed pattern: ^[0-9]+$ |
Example
nsx-edge-1> ping 172.16.110.11 vrf 3 source 192.168.130.3 repeat 3
PING 172.16.110.11 (172.16.110.11) from 192.168.130.3: 56 data bytes
64 bytes from 172.16.110.11: icmp_seq=0 ttl=62 time=6.203 ms
64 bytes from 172.16.110.11: icmp_seq=1 ttl=62 time=3.908 ms
64 bytes from 172.16.110.11: icmp_seq=2 ttl=62 time=4.633 ms
--- 172.16.110.11 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 3.908/4.915/6.203/0.958 ms
Mode
Basic
Availability
Edge, Public Cloud Gateway
Reboot the system. If you specify the
force argument, the system will reboot immediately without prompting for confirmation.Example
nsx> reboot
Are you sure you want to reboot (yes/no): yes
Broadcast message from root@nsx
(unknown) at 1:21 ...
The system is going down for reboot NOW!
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Reset the corelist-related boot time option to factory default.
Example
nsx-edge-1> reset dataplane corelist
0000:0b:00.0 already bound to driver vfio-pci, skipping
0000:1b:00.0 already bound to driver vfio-pci, skipping
0000:13:00.0 already bound to driver vfio-pci, skipping
INFO: Config was written to: /config/vmware/edge/config.json
Generating grub configuration file ...
Found linux image: /vmlinuz-3.14.17-nn4-server
Found initrd image: //initrd.img-3.14.17-nn4-server
File descriptor 4 (/tmp/ffix5oWn5 (deleted)) leaked on lvs invocation. Parent PID 30810: /bin/sh
done
INFO: Updated grub. Please reboot to take effect.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Reset the hugepage-related boot time option to factory default.
Example
nsx-edge-1> reset dataplane hugepage
0000:0b:00.0 already bound to driver vfio-pci, skipping
0000:1b:00.0 already bound to driver vfio-pci, skipping
0000:13:00.0 already bound to driver vfio-pci, skipping
INFO: Config was written to: /config/vmware/edge/config.json
Generating grub configuration file ...
Found linux image: /vmlinuz-3.14.17-nn4-server
Found initrd image: //initrd.img-3.14.17-nn4-server
File descriptor 4 (/tmp/ffinvYglp (deleted)) leaked on lvs invocation. Parent PID 32203: /bin/sh
done
INFO: Updated grub. Please reboot to take effect.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Recover management plane account on the host. You can specify any NSX Manager in the management cluster in this command.
Use the API username and password for the specified NSX Manager. If you do not provide a password on the command line, you will be prompted to enter one.
Get the NSX Manager thumbprint by running the get certificate api thumbprint command on the specified NSX Manager.
| Option | Description |
|---|---|
| <hostname-or-ip-address[:port]> | Hostname or IP address of an NSX Manager and optional port |
| <username> | Manager API username |
| <thumbprint> | Manager API thumbprint |
| <password> | Manager API password |
Example
host-1> reset management-plane 192.168.110.105 username admin thumbprint 898b75618e3e56615d53f987a720ff22b6381f4b85bec1eb973214ff7361f8b8
Password for API user:
Node successfully joined
Mode
Basic
Availability
ESXi, KVM
Restart the specified service.
| Option | Description |
|---|---|
| <service-name> | Node restartable service argument |
Example
nsx> restart service snmp
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Restore a backup of NSX KeyManager node data.
If you do not provide a passphrase on the command line, you will be prompted to enter one. If you cannot remember the passphrase used to create the backup, you will not be able to restore the backup.
Important: This restore request is one part of the restore process. You must complete all backup and restore tasks in the correct order. See the NSX-T Administration Guide for information and instructions about performing backups and restores.
| Option | Description |
|---|---|
| <filename> | Existing file argument |
| <passphrase> | Backup passphrase |
Example
nsx-keymanager-1> restore node file backup-node-timestamp.tar.gz
Passphrase:
nsx-keymanagermanager-1>
Mode
Basic
Availability
Key Manager
Resume an upgrade after running the command
start upgrade-bundle <bundle-name> playbook <playbook-file> and the system was rebooted.| Option | Description |
|---|---|
| <bundle-name> | Name of NSX upgrade bundle in the file store |
Example
nsx-edge-1> resume upgrade-bundle VMware-NSX-edge-2.0.0.0.0.5298714 playbook
Resuming paused playbook /var/vmware/nsx/file-store/VMware-NSX-edge-2.0.0.0.0.5298714-playbook.yml
Validating playbook /var/vmware/nsx/file-store/VMware-NSX-edge-2.0.0.0.0.5298714-playbook.yml
Running "41-postboot-exit_maintenance_mode" (step 4 of 5)
Running "finish_upgrade" (step 5 of 5)
Playbook finished successfully
{
"info": "",
"body": null,
"state": 1,
"state_text": "CMD_SUCCESS"
}
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Sets the amount of time, in seconds, that an account will remain locked
out of the API after exceeding the maximum number of failed
authentication attempts.
| Option | Description |
|---|---|
| <lockout-period> | Lockout period in seconds |
Example
nsx> set auth-policy api lockout-period 900
nsx>
Mode
Basic
Availability
Manager, Policy Manager
In order to trigger an account lockout, all authentication
failures must occur in this time window. If the reset
period exprires, the failed login count is reset to zero.
| Option | Description |
|---|---|
| <lockout-reset-period> | Lockout reset period in seconds |
Example
nsx> set auth-policy api lockout-reset-period 300
nsx>
Mode
Basic
Availability
Manager, Policy Manager
Set the number of failed API authentication attempts that are
allowed before the account is locked. If set to 0, account
lockout is disabled.
| Option | Description |
|---|---|
| <auth-failures> | Number of authentication failures to trigger lockout |
Example
nsx> set auth-policy api max-auth-failures 5
nsx>
Mode
Basic
Availability
Manager, Policy Manager
Sets the amount of time, in seconds, that an account will remain locked
out of the CLI after exceeding the maximum number of failed
authentication attempts. While the lockout period is in effect, additional
authentication attempts restart the lockout period, even if a valid
password is specified.
| Option | Description |
|---|---|
| <lockout-period> | Lockout period in seconds |
Example
nsx> set auth-policy cli lockout-period 900
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Set the number of failed CLI authentication attempts that are
allowed before the account is locked. If set to 0, account
lockout is disabled.
| Option | Description |
|---|---|
| <auth-failures> | Number of authentication failures to trigger lockout |
Example
nsx> set auth-policy cli max-auth-failures 5
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Set the minimum number of characters that passwords must have. The
smallest value that can be set is 8.
| Option | Description |
|---|---|
| <password-length> | Password length argument |
Example
nsx> set auth-policy minimum-password-length 12
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Set the vidm service's enabled property.
Example
nsx-manager-1> set auth-policy vidm enabled
nsx-manager-1>
Mode
Basic
Availability
Manager, Policy Manager
Set the vidm's properties.
| Option | Description |
|---|---|
| <hostname-or-ip-address> | A hostname or IP address |
| <thumbprint> | The thumbprint of the vidm host |
| <vidm-client-id> | vIDM client id parameter Allowed pattern: .* |
| <vidm-client-secret> | vIDM client secret parameter Allowed pattern: .* |
Example
nsx-manager-1> set auth-policy vidm hostname jt-vidm.eng.vmware.com thumbprint
898b75618e3e56615d53f987a720ff22b6381f4b85bec1eb973214ff7361f8b8
client-id myClient client-secret mySecret node-hostname
jt-nsx.eng.vmware.com
nsx-manager-1>
Mode
Basic
Availability
Manager, Policy Manager
Set the security banner or message of the day.
Example
nsx> set banner
Enter TEXT message. End with 'Ctrl-D'
Authorized access only
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Start a packet capture. You must have already configured the packet capture with the
set capture session <session-number> interface <port-uuid-name> direction <direction> command in basic mode, or with the set capture session <session-number> direction <direction> command in path mode. Use the get capture sessions command in basic mode to see all configured capture sessions.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
Example
nsx-edge-1(path)> set capture session 1
01:39:58.374489 20:00:00:00:00:f1 > 33:33:00:00:00:16, ethertype IPv6 (0x86dd), length 90: fe80::2200:ff:fe00:f1 > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
<base64>MzMAAAAWIAAAAADxht1gAAAAACQAAf6AAAAAAAAAIgAA//4AAPH/AgAAAAAAAAAAAAAAAAAWOgAFAgAAAQCPAE4nAAAAAQQAAAD/AgAAAAAAAAAAAAH/AADx<base64>
01:39:58.374506 20:00:00:00:00:f1 > 33:33:00:00:00:02, ethertype IPv6 (0x86dd), length 70: fe80::2200:ff:fe00:f1 > ff02::2: ICMP6, router solicitation, length 16
<base64>MzMAAAACIAAAAADxht1gAAAAABA6//6AAAAAAAAAIgAA//4AAPH/AgAAAAAAAAAAAAAAAAAChQA5TAAAAAABASAAAAAA8Q==<base64>
.
.
.
Mode
Basic, Path
Availability
Edge, Public Cloud Gateway
Start a packet capture. You must have already configured the packet capture with the
set capture session <session-number> interface <port-uuid-name> direction <direction> command in basic mode, or with the set capture session <session-number> direction <direction> command in path mode. Use the get capture sessions command in basic mode to see all configured capture sessions.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
Example
kvm-1(path)> set capture session 1
01:39:58.374489 20:00:00:00:00:f1 > 33:33:00:00:00:16, ethertype IPv6 (0x86dd), length 90: fe80::2200:ff:fe00:f1 > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
<base64>MzMAAAAWIAAAAADxht1gAAAAACQAAf6AAAAAAAAAIgAA//4AAPH/AgAAAAAAAAAAAAAAAAAWOgAFAgAAAQCPAE4nAAAAAQQAAAD/AgAAAAAAAAAAAAH/AADx<base64>
01:39:58.374506 20:00:00:00:00:f1 > 33:33:00:00:00:02, ethertype IPv6 (0x86dd), length 70: fe80::2200:ff:fe00:f1 > ff02::2: ICMP6, router solicitation, length 16
<base64>MzMAAAACIAAAAADxht1gAAAAABA6//6AAAAAAAAAIgAA//4AAPH/AgAAAAAAAAAAAAAAAAAChQA5TAAAAAABASAAAAAA8Q==<base64>
.
.
.
Mode
Basic, Path
Availability
KVM
Start a packet capture. You must have already configured the
packet capture with the
set capture session
<session-number> interface <port-uuid-name>
direction <direction> command.
If you don't specify a file, the output displays on the terminal.
Type Control-C to end the packet capture.
You can filter the capture using tcpdump expressions. The expression must be the last argument of the command.
Use the get capture sessions command
to see all configured capture sessions.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
| <filename> | Capture file name Allowed pattern: ^[^/ *;&|]+$ |
| <packet-count> | Packet count value greater than or equal to 1 |
| <expression> | Packet capture expression |
Example
nsx-edge-1> set capture session 1 count 1 expression host 192.168.130.254 and port 22
02:59:09.825531 00:50:56:8e:29:c7 > 02:50:56:00:00:01, ethertype 802.1Q (0x8100), length 78: vlan 130, p 0, ethertype IPv4, 192.168.130.254.36792 > 192.168.130.3.22: Flags [S], seq 2401912755, win 29200, options [mss 1460,sackOK,TS val 60617296 ecr 0,nop,wscale 6], length 0
nsx-edge-1>
or
nsx-edge-1> set capture session 1 file capturefile count 5 expression port 22
Capture 5 packets to file initiated,
enter Ctrl-C to terminate before all packets captured
5 packets captured
5 packets received by filter
0 packets dropped by kernel
110 packets dropped by interface
Mode
Basic
Availability
Edge, Public Cloud Gateway
Start a packet capture. You must have already configured the
packet capture with the
set capture session
<session-number> interface <port-uuid-name>
direction <direction> command.
If you don't specify a file, the output displays on the terminal.
Type Control-C to end the packet capture.
You can filter the capture using tcpdump expressions. The expression must be the last argument of the command.
Use the get capture sessions command
to see all configured capture sessions.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
| <filename> | Capture file name Allowed pattern: ^[^/ *;&|]+$ |
| <packet-count> | Packet count value greater than or equal to 1 |
| <expression> | Packet capture expression |
Example
kvm-1> set capture session 1 count 1 expression host 192.168.130.254 and port 22
02:59:09.825531 00:50:56:8e:29:c7 > 02:50:56:00:00:01, ethertype 802.1Q (0x8100), length 78: vlan 130, p 0, ethertype IPv4, 192.168.130.254.36792 > 192.168.130.3.22: Flags [S], seq 2401912755, win 29200, options [mss 1460,sackOK,TS val 60617296 ecr 0,nop,wscale 6], length 0
kvm-1>
or
kvm-1> set capture session 1 file capturefile count 5 expression port 22
Capture 5 packets to file initiated,
enter Ctrl-C to terminate before all packets captured
5 packets captured
5 packets received by filter
0 packets dropped by kernel
110 packets dropped by interface
Mode
Basic
Availability
KVM
Configure a packet capture using the current
interface in the path. You can change the current interface and
run this command again to configure multiple interfaces on the
same packet capture session.
Start the packet capture with the set capture session
<session-number> command in either basic or path
mode, or with the set capture session
<session-number> [file <filename> [count
<packet-count> [expression <expression>
command in basic mode.
Use the get capture sesssions command in basic mode
to see all configured capture sessions.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
Example
nsx-edge-1(path)> set capture session 1 direction both
nsx-edge-1(path)>
Mode
Path
Availability
Edge, Public Cloud Gateway
Configure a packet capture using the specified interface. You can
run this command multiple times to configure multiple interfaces
on the same packet capture session.
To run the packet capture using this configuration, use the
set capture session <session-number>
[file <filename>] [count <packet-count>]
[expression <expression>] command.
If you need to capture packets from only one interface, you
can configure and run the packet capture with a single command:
start capture interface <interface-name>
[file <filename>] [count <packet-count>]
[expression <expression>].
Use the get capture sessions command
to see all configured capture sessions.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
| <interface-name> | Network interface argument |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
Example
kvm-1> set capture session 1 interface b592a7c8-4e21-493e-b0fc-0b1d152c949c direction dual
kvm-1> get capture session 1
Packet Capture Session
ID : 1
PORTS : ['b592a7c8-4e21-493e-b0fc-0b1d152c949c']
Mode
Basic
Availability
KVM
Configure a packet capture using the specified interface. You can
run this command multiple times to configure multiple interfaces
on the same packet capture session.
To run the packet capture using this configuration, use the
set capture session <session-number>
[file <filename>] [count <packet-count>]
[expression <expression>] command.
If you need to capture packets from only one interface, you
can configure and run the packet capture with a single command:
start capture interface <interface-name>
[file <filename>] [count <packet-count>]
[expression <expression>].
Use the get capture sessions command
to see all configured capture sessions.
| Option | Description |
|---|---|
| <session-number> | Session ID argument in numbers Allowed values: 1, 2, 3 |
| <port-uuid-name> | Datapath String argument |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
Example
nsx-edge-1> set capture session 1 interface fp-eth0 direction dual
nsx-edge-1> set capture session 1 interface fp-eth1 direction dual
nsx-edge-1> get capture session 1
Packet Capture Session
ID : 1
PORTS : ['fp-eth0', 'fp-eth1']
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set inactivity timeout in seconds. To disable the timeout, specify 0.
| Option | Description |
|---|---|
| <timeout> | Number of seconds before timeout or 0 to disable timeout |
Example
nsx> set cli-timeout 0
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Enable/Disable security for the controller cluster. Security is enabled by default.
| Option | Description |
|---|---|
| <on|off> | Control cluster security setting Allowed values: on, off |
Example
nsx-controller-1> set control-cluster security off force
Control cluster security disabled
Mode
Basic
Availability
Controller
Initialize the shared secret security mode on the controller. All controllers that use this security mode must use the same shared secret.
| Option | Description |
|---|---|
| <secret> | Controller cluster shared secret |
Example
nsx-controller-1> set control-cluster security-model shared-secret
Secret:
Security secret successfully set on the node.
Mode
Basic
Availability
Controller
Enable or disable flow cache.
| Option | Description |
|---|---|
| <enabled> | One of {enabled|disabled} Allowed values: enabled, disabled |
Example
nsx-edge-1> set dataplane flow-cache enabled
Please restart datapathd service for change to take effect.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set the flow cache size for each core
| Option | Description |
|---|---|
| <flow-cache-size> | Flow cache size of a core |
Example
nsx-edge-1> set dataplane flow-cache-size 524288
0000:0b:00.0 already bound to driver vfio-pci, skipping
0000:1b:00.0 already bound to driver vfio-pci, skipping
0000:13:00.0 already bound to driver vfio-pci, skipping
INFO: Config was written to: /config/vmware/edge/config.json
INFO: Updated flow cache size. Please reboot to take effect.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Enable or disable interrupt mode.
| Option | Description |
|---|---|
| <enabled> | One of {enabled|disabled} Allowed values: enabled, disabled |
Example
nsx-edge-1> set dataplane interrupt-mode enabled
Please restart datapathd service for change to take effect.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Change the per-core packet queue limit
| Option | Description |
|---|---|
| <number> | Max number of packets queued by each core |
Example
nsx-edge-1> set dataplane packet-queue-limit 1024
Please restart datapathd service for change to take effect.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set the rx ring size for physical ports.
| Option | Description |
|---|---|
| <ring-size> | Ring size of a physical port |
Example
nsx-edge-1> set dataplane ring-size rx 1024
0000:0b:00.0 already bound to driver vfio-pci, skipping
0000:1b:00.0 already bound to driver vfio-pci, skipping
0000:13:00.0 already bound to driver vfio-pci, skipping
INFO: Config was written to: /config/vmware/edge/config.json
Please restart datapathd service for change to take effect.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set the tx ring size for physical ports.
| Option | Description |
|---|---|
| <ring-size> | Ring size of a physical port |
Example
nsx-edge-1> set dataplane ring-size tx 1024
0000:0b:00.0 already bound to driver vfio-pci, skipping
0000:1b:00.0 already bound to driver vfio-pci, skipping
0000:13:00.0 already bound to driver vfio-pci, skipping
INFO: Config was written to: /config/vmware/edge/config.json
Please restart datapathd service for change to take effect.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Turn on BGP debugging.
Example
nsx-edge-1(tier0_sr)> set debug bgp
nsx-edge-1(tier0_sr)>
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Turn on IPS tracing.
Example
nsx-edge-1(tier0_sr)> set debug routing ipstrace
nsx-edge-1(tier0_sr)>
Mode
Tier0_sr
Availability
Edge, Public Cloud Gateway
Set the acceptance of the end user license agreement.
Example
nsx-manager-1> set eula accepted
nsx-manager-1>
Mode
Basic
Availability
Manager
Set the peer configuration for active/standby
configuration. This configuration happens automatically
when firewall rules are added to an active/standby
logical router via the NSX Manager web interface or API.
This command should be used for advanced configuration or troubleshooting only.
If you manually configure the active/standby peer on an edge node, you must also configure its peer.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
| <ip-address> | Network IP address argument |
| <uuid> | UUID argument |
Example
nsx-edge> set firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e local-ip 192.168.250.62 sync-peer e159f0db-d8e4-4973-9cbb-8cc30def2c3e sync-peer-ip 192.168.250.63
nsx-edge>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set the firewall synchronization mode for active/standby
configuration. This configuration happens automatically
when firewall rules are added to an active/standby
logical router via the NSX Manager web interface or API.
This command should be used for advanced configuration or troubleshooting only.
If you manually configure the active/standby sync, you must correctly configure both edge nodes in the active/standby configuration. One node must be configured as primary and one as secondary. One node must be configured as active, and one as passive.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
| <sync-rank> | One of {primary|secondary} Allowed values: primary, secondary |
| <sync-mode> | One of {active|passive} Allowed values: active, passive |
Example
nsx-edge> set firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e sync-rank primary sync-mode active
nsx-edge>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Enable/Disable VM log forwarding for all VMs
| Option | Description |
|---|---|
| <enabled> | One of {enabled|disabled} Allowed values: enabled, disabled |
Example
nsx-public-cloud-gateway> set gw-controller vm-log-forwarding enabled
ID: i-0cf00e04160ef35fc
Output:
* Exiting ovs-l3d (16331)
* Starting ovs-l3d
ID: i-027873e6b2d042258
Output:
* Exiting ovs-l3d (16348)
* Starting ovs-l3d
Mode
Basic
Availability
Public Cloud Gateway
Enable/Disable VM log forwarding for one VM
| Option | Description |
|---|---|
| <enabled> | One of {enabled|disabled} Allowed values: enabled, disabled |
| <vm-id> | VM ID |
Example
nsx-public-cloud-gateway> set gw-controller vm-log-forwarding enabled i-0cf00e04160ef35fc
ID: i-0cf00e04160ef35fc
Output:
* Exiting ovs-l3d (16331)
* Starting ovs-l3d
Mode
Basic
Availability
Public Cloud Gateway
This command enables mandatory access control on the node. Usage for the command is
set hardening-policy mandatory-access-control enabledExample
nsx-edge-1> set hardening-policy mandatory-access-control enabled
Mandatory Access Control is enabled, but requires a reboot.
Mode
Basic
Availability
Controller, Edge, Manager, Policy Manager, Public Cloud Gateway
Set the mcast filter mode for the specified host switch.
| Option | Description |
|---|---|
| <host-switch-name> | Host switch name Allowed pattern: ^([A-Za-z0-9_:-]+)$ |
| <mcast-filter-mode> | Mode of mcast filter Allowed values: legacy, snooping |
Example
esx-1> set host-switch nsxvswitch mcast-filter snooping
esx-1>
Mode
Basic
Availability
ESXi
Set the system hostname. Changing the hostname changes the command line prompt.
| Option | Description |
|---|---|
| <hostname> | System hostname argument |
Example
nsx> set hostname nsx-3
nsx-3>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Set the hugepage reserve size for the data plane using system default.
Example
nsx-edge-1> set hugepage-reserve auto
0000:0b:00.0 already bound to driver vfio-pci, skipping
0000:1b:00.0 already bound to driver vfio-pci, skipping
0000:13:00.0 already bound to driver vfio-pci, skipping
INFO: Config was written to: /config/vmware/edge/config.json
Generating grub configuration file ...
Found linux image: /vmlinuz-3.14.17-nn4-server
Found initrd image: //initrd.img-3.14.17-nn4-server
File descriptor 4 (/tmp/ffisOHe0b (deleted)) leaked on lvs invocation. Parent PID 5321: /bin/sh
done
INFO: Updated grub. Please reboot to take effect.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set the hugepage reserve size for the data plane.
| Option | Description |
|---|---|
| <hugepage-size> | Hugepage size in MB or GB Allowed pattern: ^[0-9]+([M|G]B)?$ |
Example
nsx-edge-1> set hugepage-reserve size 1003MB
0000:0b:00.0 already bound to driver vfio-pci, skipping
0000:1b:00.0 already bound to driver vfio-pci, skipping
0000:13:00.0 already bound to driver vfio-pci, skipping
INFO: Config was written to: /config/vmware/edge/config.json
Generating grub configuration file ...
Found linux image: /vmlinuz-3.14.17-nn4-server
Found initrd image: //initrd.img-3.14.17-nn4-server
File descriptor 4 (/tmp/ffilsggoY (deleted)) leaked on lvs invocation. Parent PID 3853: /bin/sh
done
INFO: Updated grub. Please reboot to take effect.
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set the
plane property of the interface and optionally configure the IP address. By default, the plane property is not configured, the dataplane component takes control of the interface for the data path and the interface is not visible to the Linux kernel. If plane is set to mgmt, it is reported as such to the management plane (MP) via MPA, and the corresponding interface is not consumed by the dataplane for dataplane operations and is available for configuration from the CLI. If it is set to debug, the dataplane does not consume the interface for dataplane operations and the interface is available for configuration from the CLI. Optionally, you can configure the interface with a DHCP or static IP address. If you configure a static IP address, make sure an appropriate network route is also configured. You can use the optional gateway argument, or set a route using the set route command.
For NSX Manager or a controller, you cannot configure the plane property. You also cannot configure a DHCP or static IP address because both NSX Manager and a controller have a static IP address that is set at installation and cannot be changed.
| Option | Description |
|---|---|
| <interface-name> | Configurable network interface argument |
| <prefix> | CIDR notation argument |
| <gateway-ip> | Gateway IP address argument |
| <plane> | Interface plane argument Allowed values: mgmt, debug |
Example
nsx-edge> set interface eth0 plane mgmt
nsx-edge>
or
nsx-edge> set interface eth0 dhcp plane mgmt
nsx-edge>
or
nsx-edge> set interface eth0 ip 192.168.110.111/24 gateway 192.168.110.1 plane mgmt
nsx-edge>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Configure the specified interface to use DHCP. You cannot configure DHCP for NSX Manager or a controller because both must have a static IP address.
| Option | Description |
|---|---|
| <interface-name> | Configurable network interface argument |
Example
nsx-edge> set interface eth0 dhcp
nsx-edge>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Configure the specified interface to use DHCP.
| Option | Description |
|---|---|
| <interface-name> | Configurable network interface argument |
| <plane> | Interface plane argument Allowed values: mgmt, debug |
| <mode> | Bond mode (e.g. active-backup) Allowed values: active-backup |
| <members> | Bond member devices (e.g. eth0,eth1) |
| <primary> | Bond primary device (in active-backup mode, e.g. eth0) |
Example
nsx-edge> set interface bond0 dhcp plane mgmt mode active-backup members eth0,eth1 primary eth0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Configure a static IP address and netmask. Make sure an appropriate network route is also configured. You can use the optional
gateway argument, or set a route using the set route command. You cannot configure a static IP address for NSX Manager or a controller because their static IP address is set at installation and cannot be changed.
| Option | Description |
|---|---|
| <interface-name> | Configurable network interface argument |
| <prefix> | CIDR notation argument |
| <gateway-ip> | Gateway IP address argument |
Example
nsx-edge> set interface eth0 ip 192.168.110.110/24 gateway 192.168.110.1
nsx-edge>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Create bond interface and set the
plane property of the interface and config the IP address. If plane is set to mgmt, it is reported as such to the management plane (MP) via MPA, and the slave devices are not consumed by dataplane for dataplane operations. You can configure the bond interface with a DHCP or static IP address. If you configure a static IP address, make sure an appropriate network route is also configured.
| Option | Description |
|---|---|
| <interface-name> | Configurable network interface argument |
| <prefix> | CIDR notation argument |
| <gateway-ip> | Gateway IP address argument |
| <plane> | Interface plane argument Allowed values: mgmt, debug |
| <mode> | Bond mode (e.g. active-backup) Allowed values: active-backup |
| <members> | Bond member devices (e.g. eth0,eth1) |
| <primary> | Bond primary device (in active-backup mode, e.g. eth0) |
Example
nsx-edge> set interface bond0 ip 192.168.110.111/24 gateway 192.168.110.1 plane mgmt mode active-backup members eth0,eth1 primary eth0
Mode
Basic
Availability
Edge, Public Cloud Gateway
Enable or disable rule log for a specific load balancer
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <enabled> | One of {enabled|disabled} Allowed values: enabled, disabled |
Example
nsx-edge-1> set load-balancer ed785df6-2143-4944-b918-66470886be83 rule-log enabled
Mode
Basic
Availability
Edge, Public Cloud Gateway
Enable or disable rule log for a specific pool
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <pool-uuid> | Pool UUID argument |
| <enabled> | One of {enabled|disabled} Allowed values: enabled, disabled |
Example
nsx-edge-1> set load-balancer ed785df6-2143-4944-b918-66470886be83 rule-log pool ed785df6-2143-4944-b918-66470886be82 enabled
Mode
Basic
Availability
Edge, Public Cloud Gateway
Enable or disable rule log for a specific virtual server
| Option | Description |
|---|---|
| <lb-uuid> | LoadBalancer UUID argument |
| <vs-uuid> | Virtual server UUID argument |
| <enabled> | One of {enabled|disabled} Allowed values: enabled, disabled |
Example
nsx-edge-1> set load-balancer ed785df6-2143-4944-b918-66470886be83 rule-log virtual-server ed785df6-2143-4944-b918-66470886be81 enabled
Mode
Basic
Availability
Edge, Public Cloud Gateway
Apply edge parameters to accelerate load balancer performance.
| Option | Description |
|---|---|
| <perf-profile-type> | Performance profile type argument Allowed values: http, https, l4 |
Example
nsx-edge-1> set load-balancer perf-profile http
Mode
Basic
Availability
Edge, Public Cloud Gateway
Configure a logging server. The logging system uses the facility
codes defined in RFC 5424. Facility local7 is used for audit messages,
and local6 is used for non-audit messages.
| Option | Description |
|---|---|
| <hostname-or-ip-address[:port]> | A hostname or IP address with optional port delimited by a colon |
| <proto> | Logging server protocol Allowed values: tcp, udp, tls, li, li-tls |
| <level> | Level of log entries to export Allowed values: emerg, alert, crit, err, warning, notice, info, debug |
| <facility> | Comma delimited list of facilities of log entries to export |
| <messageid> | Comma delimited list of MSGIDs of log entries to export |
| <filename> | Existing file argument |
| <structured-data> | Structured data of log entries to export Allowed pattern: ^(comp|subcomp|s2comp|security|audit|reqId|ereqId|entId|errorCode|eventId|euser|threadId|splitId|splitIndex)=.+$ |
Example
nsx> set logging-server 192.168.110.60 proto udp level info facility syslog messageid SYSTEM,FABRIC structured-data audit=true
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Enable or disable maintenance mode. Maintenance mode can be used during upgrade and debugging. When an Edge is in maintenance mode only management traffic will be passed; data traffic will be dropped.
| Option | Description |
|---|---|
| <enabled> | One of {enabled|disabled} Allowed values: enabled, disabled |
Example
nsx-edge-1> set maintenance-mode enabled
Maintenance Mode: enabled
Mode
Basic
Availability
Edge, Public Cloud Gateway
Enable or disable maintenance mode. Maintenance mode can be used during upgrade and debugging. When an TN is in maintenance mode only management traffic will be passed; data traffic will be dropped.
| Option | Description |
|---|---|
| <nsxproxy-maintenance-mode> | One of {enabled|disabled} Allowed values: enabled, disabled |
Example
nsx> set maintenance-mode enabled
Maintenance Mode: enabled
Mode
Basic
Availability
ESXi, KVM
Add a name server to the DNS configuration.
| Option | Description |
|---|---|
| <ip-address> | Name server IP address argument |
Example
nsx> set name-servers 192.168.110.10
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Configure a new NTP server.
| Option | Description |
|---|---|
| <hostname-or-ip-address> | A hostname or IP address |
Example
nsx-manager-1> set ntp-server 172.31.32.2
nsx-manager-1>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Set the specified physical port admin state up or down.
| Option | Description |
|---|---|
| <physical-port-name> | Datapath String argument |
| <physical-port-state> | One of {up|down} Allowed values: up, down |
Example
nsx-edge-1> set physical-port fp-eth2 state down
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Add a network route. You can also just set a gateway by specifying a
prefix value of 0.0.0.0/0.| Option | Description |
|---|---|
| <prefix> | CIDR notation argument |
| <gateway-ip> | Gateway IP address argument |
| <interface-name> | Configurable network interface argument |
Example
nsx> set route prefix 10.10.10.0/24 gateway 192.168.110.1
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Add a domain name to the DNS search list.
| Option | Description |
|---|---|
| <domain> | Search domain argument |
Example
nsx> set search-domains example.com
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Set the cluster-mgmt service logging level.
| Option | Description |
|---|---|
| <level> | The cluster-mgmt service logging level Allowed values: error, warn, info, debug |
Example
nsx-controller-1> set service cluster-mgmt logging-level info
nsx-controller-1>
Mode
Basic
Availability
Controller
Set the log level for the controller service.
| Option | Description |
|---|---|
| <level> | The controller service logging level Allowed values: off, fatal, error, warn, info, debug, trace |
Example
nsx-controller-1> set service controller logging-level info
nsx-controller-1>
Mode
Basic
Availability
Controller
Set the log level for the specified component.
| Option | Description |
|---|---|
| <string> | String argument Allowed pattern: ^.*$ |
| <level> | The controller service logging level Allowed values: off, fatal, error, warn, info, debug, trace |
Example
nsx-controller-1> set service controller logging-level name BgpConfigSplitter error
Name: BgpConfigSplitter LogLevel: error
Mode
Basic
Availability
Controller
Set the log level for components that match the specified pattern. The pattern can be a regular expression.
| Option | Description |
|---|---|
| <string> | String argument Allowed pattern: ^.*$ |
| <level> | The controller service logging level Allowed values: off, fatal, error, warn, info, debug, trace |
Example
nsx-controller-1> set service controller logging-level pattern Dhcp error
Name: DhcpIpPoolSplitter LogLevel: error
Name: DhcpRelaySplitter LogLevel: error
Name: DhcpStaticBindingSplitter LogLevel: error
Name: LogicalDhcpServerSplitter LogLevel: error
Name: com.vmware.nsx.canary.span.DhcpIpPoolSpanner LogLevel: error
Name: com.vmware.nsx.canary.span.DhcpStaticBindingSpanner LogLevel: error
Name: com.vmware.nsx.canary.span.LogicalDhcpServerSpanner LogLevel: error
Mode
Basic
Availability
Controller
Set the log level of the Dataplane service.
| Option | Description |
|---|---|
| <level> | Edge service logging level argument Allowed values: off, fatal, error, warn, info, debug |
Example
nsx-edge-1> set service dataplane logging-level warn
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set the log level of the DHCP service.
| Option | Description |
|---|---|
| <level> | Edge service logging level argument Allowed values: off, fatal, error, warn, info, debug |
Example
nsx-edge-1> set service dhcp logging-level warn
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set the log level of the Edge Management service.
| Option | Description |
|---|---|
| <level> | Edge service logging level argument Allowed values: off, fatal, error, warn, info, debug |
Example
nsx-edge-1> set service edge-mgmt logging-level warn
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set the HTTP API per-client concurrency limit value.
| Option | Description |
|---|---|
| <http-client-api-concurrency-limit> | HTTP API per-client concurrency limit |
Example
nsx-manager-1> set service http client-api-concurrency-limit 40
nsx-manager-1>
Mode
Basic
Availability
Manager, Policy Manager
Set the HTTP API per-client rate limit value.
| Option | Description |
|---|---|
| <http-client-api-rate-limit> | HTTP API per-client rate limit in calls per second |
Example
nsx-manager-1> set service http client-api-rate-limit 100
nsx-manager-1>
Mode
Basic
Availability
Manager, Policy Manager
Set the HTTP service connection timeout value.
| Option | Description |
|---|---|
| <http-conn-timeout> | HTTP connection timeout in seconds |
Example
nsx-manager-1> set service http connection-timeout 60
nsx-manager-1>
Mode
Basic
Availability
Manager, Policy Manager
Set the HTTP API global concurrency limit value.
| Option | Description |
|---|---|
| <http-global-api-concurrency-limit> | HTTP API global concurrency limit |
Example
nsx-manager-1> set service http global-api-concurrency-limit 100
nsx-manager-1>
Mode
Basic
Availability
Manager, Policy Manager
Set the HTTP service redirect host.
| Option | Description |
|---|---|
| <hostname-or-ip-address> | A hostname or IP address |
Example
nsx-manager-1> set service http redirect-host 10.0.0.1
nsx-manager-1>
Mode
Basic
Availability
Manager, Policy Manager
Set the HTTP service session timeout value.
| Option | Description |
|---|---|
| <http-session-timeout> | HTTP session timeout in seconds |
Example
nsx-manager-1> set service http session-timeout 60
nsx-manager-1>
Mode
Basic
Availability
Manager, Policy Manager
Set the log level of the IKE service.
| Option | Description |
|---|---|
| <level> | Edge service logging level argument Allowed values: off, fatal, error, warn, info, debug |
Example
nsx-edge-1> set service ike logging-level warn
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set the install-upgrade service's enabled property.
Example
nsx-manager-1> set service install-upgrade enabled
nsx-manager-1>
Mode
Basic
Availability
Manager, Policy Manager
Set the log level of the keymanager service.
| Option | Description |
|---|---|
| <level> | Keymanager logging level argument Allowed values: error, warn, info, debug, trace |
Example
nsx-keymanager-1> set service keymanager logging-level warn
Logging level: warn
Mode
Basic
Availability
Key Manager
Set the log level of the Local Controller service.
| Option | Description |
|---|---|
| <level> | Edge service logging level argument Allowed values: off, fatal, error, warn, info, debug |
Example
nsx-edge-1> set service local-controller logging-level warn
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set the log level of the manager service.
| Option | Description |
|---|---|
| <level> | Manager logging level argument Allowed values: fatal, error, warn, info, debug, trace |
Example
nsx-manager-1> set service manager logging-level warn
Logging level: warn
Mode
Basic
Availability
Manager
Dynamically set service daemon log level.
| Option | Description |
|---|---|
| <level> | Exporter service logging level argument Allowed values: fatal, error, warn, info, debug, trace |
Example
nsx-1> set service nsx-exporter logging-level warn
Logging level updated
Mode
Basic
Availability
Controller, Edge, ESXi, KVM, Manager, Public Cloud Gateway
Set the log level of the policy service.
| Option | Description |
|---|---|
| <level> | Policy logging level argument Allowed values: error, warn, info, debug, trace |
Example
nsx-policy-1> set service policy logging-level warn
Logging level: warn
Mode
Basic
Availability
Policy Manager
Set the log level of the routing service.
| Option | Description |
|---|---|
| <level> | Edge service logging level argument Allowed values: off, fatal, error, warn, info, debug |
Example
nsx-edge-1> set service router logging-level warn
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set the log level of the routing configuration service.
| Option | Description |
|---|---|
| <level> | Edge service logging level argument Allowed values: off, fatal, error, warn, info, debug |
Example
nsx-edge-1> set service routing-config logging-level dbg
nsx-edge-1>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Configure the snmp service to start on boot.
Example
nsx> set service snmp start-on-boot
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Configure the SSH service to start on boot.
Example
nsx> set service ssh start-on-boot
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Set the SNMP service v1/v2c community string. This must be set before MIBs can be queried. Choose a string that is difficult to guess.
| Option | Description |
|---|---|
| <community-string> | SNMP community string argument at most 64 characters long Allowed pattern: ^[\S]{1,64}$ |
Example
nsx> set snmp community Q_cHeHUBe7Ud2+sayuReq2t3
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Set the system timezone.
| Option | Description |
|---|---|
| <timezone> | Timezone (e.g. UTC, America/New_York, Asia/Tokyo, Europe/Zurich) |
Example
nsx> set timezone America/Los_Angeles
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Set the password for the specified user. If you do not specify
the password on the command line, you will be prompted for it.
For details on setting passwords during installation, see
the NSX-T Installation Guide.
| Option | Description |
|---|---|
| <username> | Username of user |
| <password> | Password of user |
| <old-password> | Current password of user |
Example
nsx> set user admin password NewPass789! old-password Testing123$
nsx>
or
nsx> set user admin password NewerPass789!
Current password:
nsx>
or
nsx> set user admin
Current password:
New password:
Confirm new password:
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Add SSH service key to authorized_keys file for specified user. If password is not provided in the command then you are prompted to enter it. Password is required only for users root and admin.
| Option | Description |
|---|---|
| <username> | Username of user |
| <key-label> | Unique label for SSH key |
| <key-type> | SSH key type Allowed values: ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, ssh-dss, ssh-ed25519, ssh-rsa |
| <key-value> | SSH key value |
| <password> | Password of user |
Example
nsx> set user admin ssh-keys label user1@domain1 type ssh-rsa key AAAAB3NzaC1yc2EAAAABIwAAAIEAywWhrwq4FjHt+UuwZcZePxtjtZOENFpOjufycaYso2nTlzNwnAQEQRfbqsUxKVtOtGxgApIkUvjRIjNBdJE6iOzvBXZhhJrM0GUDJragw7SMVIs/5xJBGAyHKJ1YUMGO7+nJTmsCLx6PFOlQYveuriiVVCCZerGCLH+UtSXK3z+l7hx9NiDg3/ylOLc3f3SLxrJKn0gMTgK7BHJFXo4PguuPjWZLVdUDX+XKiqtT2n4IsYs6N9qVFG3zUgNlEjZM47NK/ytAC0max98pK+QNzsuaQOo/IShJ1TOw5wwScflPArVJ2AyROqAe7cfQg7q12I9olASFd3U5NazfZCTYAvWA1kz9UZEWLJ1Br1XOkPqOleMM8KCp/PXzz8H0kISkMIji0/QuiZOPEBsKlszXjlALcXR8Mg1uiZVWy48i9JheyXyj1ToCj6cPScpgFHp3DAGSlKKbE1EFaVfeeyGAnHESuXC9wkSeFZCEyMJ+RgJxMkBXNZmyycbwsSqAeGJpMEUDlwzu2GD0obBz0HXqg9J1Xallop5AVDKfeszZcc= password Pa$$w0rd
nsx>
or
nsx> set user admin ssh-keys label user1@domain1 type ssh-rsa key AAAAB3NzaC1yc2EAAAABIwAAAIEAywWhrwq4FjHt+UuwZcZePxtjtZOENFpOjufycaYso2nTlzNwnAQEQRfbqsUxKVtOtGxgApIkUvjRIjNBdJE6iOzvBXZhhJrM0GUDJragw7SMVIs/5xJBGAyHKJ1YUMGO7+nJTmsCLx6PFOlQYveuriiVVCCZerGCLH+UtSXK3z+l7hx9NiDg3/ylOLc3f3SLxrJKn0gMTgK7BHJFXo4PguuPjWZLVdUDX+XKiqtT2n4IsYs6N9qVFG3zUgNlEjZM47NK/ytAC0max98pK+QNzsuaQOo/IShJ1TOw5wwScflPArVJ2AyROqAe7cfQg7q12I9olASFd3U5NazfZCTYAvWA1kz9UZEWLJ1Br1XOkPqOleMM8KCp/PXzz8H0kISkMIji0/QuiZOPEBsKlszXjlALcXR8Mg1uiZVWy48i9JheyXyj1ToCj6cPScpgFHp3DAGSlKKbE1EFaVfeeyGAnHESuXC9wkSeFZCEyMJ+RgJxMkBXNZmyycbwsSqAeGJpMEUDlwzu2GD0obBz0HXqg9J1Xallop5AVDKfeszZcc=
Password (required only for users root and admin):
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Set new user name for the specified non-root user.
| Option | Description |
|---|---|
| <username> | Username of user |
| <new-username> | Username of user |
Example
nsx> set user audit username audit-user1
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Enable or disable VMC migration mode. Migration mode is used during upgrade. When an Edge is in VMC migration mode, VMC config will not be written to nestdb.
| Option | Description |
|---|---|
| <enabled> | One of {enabled|disabled} Allowed values: enabled, disabled |
Example
nsx-edge-1> set vmc migration-mode disabled
Mode
Basic
Availability
Edge, Public Cloud Gateway
Set a runtime option for the specified vSwitch.
| Option | Description |
|---|---|
| <option-name> | Runtime option name Allowed values: IGMPQueries, IGMPQueryInterval, IGMPRouterIP, IGMPV3MaxSrcIPNum, IGMPVersion, MLDRouterIP, MLDV2MaxSrcIPNum, MLDVersion, MaxRARPsPerInterval, RARPAdvertisementDuration, TeamPolicyUpDelay |
| <option-value> | Runtime option value Allowed pattern: ^(([0-9]+)|(((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9]).){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9]))|(([A-Za-z0-9]{0,4}:){5}[A-Za-z0-9]{0,4}))$ |
Example
esx-1> set vswitch runtime IGMPQueries 1
esx-1>
Mode
Basic
Availability
ESXi
Shut down the system. If you specify the
force argument, the system will shut down immediately without prompting for confirmation.Example
nsx> shutdown
Are you sure you want to shutdown (yes/no): yes
Broadcast message from root@nsx
(unknown) at 1:26 ...
The system is going down for halt NOW!
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Display a packet capture on a given dvfilter. To get a list of dvfilter names, enter
start capture dvfilter followed by a space and the Tab key.| Option | Description |
|---|---|
| <esx-dvfilter-name> | dvfilter name argument |
Example
esx-1> start capture dvfilter nic-1000053347-eth0-vmware-sfw.2
The name of the dvfilter is nic-1000053347-eth0-vmware-sfw.2
No server port specifed, select 31661 as the port
Output the packet info to console.
Local CID 2
Listen on port 31661
Accept...Vsock connection from port 1030 cid 2
22:09:38.563545[1] Captured at PreDVFilter point, TSO not enabled, Checksum not offloaded and not verified, length 60.
Segment[0] ---- 2048 bytes:
0x0000: ffff ffff ffff 0200 2b8a 60e6 0806 0001
0x0010: 0800 0604 0001 0200 2b8a 60e6 0ac0 5ec2
0x0020: 0000 0000 0000 0ac0 57eb 0000 0000 0000
0x0030: 0000 0000 0000 0000 0000 0000
22:09:38.569533[2] Captured at PreDVFilter point, TSO not enabled, Checksum not offloaded and not verified, length 60.
Segment[0] ---- 2048 bytes:
0x0000: ffff ffff ffff 0200 2d8b a5c2 0806 0001
0x0010: 0800 0604 0001 0200 2d8b a5c2 0ac0 49f8
0x0020: 0000 0000 0000 0ac0 5561 0000 0000 0000
0x0030: 0000 0000 0000 0000 0000 0000
.
.
.
Mode
Basic
Availability
ESXi
Start a packet capture on the specified interface. If you do not specify a
file, the output is displayed on the terminal. Type Control-C to end the
packet capture. You can filter the capture using tcpdump expressions. The
expression must be the last argument of the command. The expression is a
keyword followed by a value. You can specify multiple keyword-value pairs.
The list of keywords and acceptable values are:
| Keyword | Value |
| ethtype | Ethernet type in HEX format. 0x<ETHTYPE> |
| mac | Source or destination MAC address |
| srcmac | Source MAC address |
| dstmac | Destination MAC address |
| ipproto | IP protocol in HEX format. 0x<PROTO> |
| ip | Source or destination IPv4 address |
| srcip | Source IPv4 address |
| dstip | Destination IPv4 address |
| port | Source or destination TCP port |
| srcport | Source TCP port |
| dstport | Destination TCP port |
| vni | VNI of the flow |
| vlan | VLAN ID |
| Option | Description |
|---|---|
| <interface-name> | Network interface argument |
| <filename> | Capture file name Allowed pattern: ^[^/ *;&|]+$ |
| <packet-count> | Packet count value greater than or equal to 1 |
| <expression> | Packet capture expression |
Example
nsx> start capture interface eth0 count 5 file capture.pcap expression ip 192.168.110.10 port 22
Capture 5 packets to file initiated,
enter Ctrl-C to terminate before all packets captured
5 packets captured
13 packets received by filter
0 packets dropped by kernel
Mode
Basic
Availability
Controller, Edge, ESXi, KVM, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Start packet capture in standalone mode with given filter.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <filter-name> | Packet capture filter name parameter |
| <stage-type> | Packet capture filter stage parameter Allowed values: pre, post |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 filter nic-1000052870-eth1-vmware-sfw.2 stage pre
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in standalone mode with given filter.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <filter-name> | Packet capture filter name parameter |
| <stage-type> | Packet capture filter stage parameter Allowed values: pre, post |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 filter nic-1000052870-eth1-vmware-sfw.2 stage pre parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in stream mode with given filter.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <filter-name> | Packet capture filter name parameter |
| <stage-type> | Packet capture filter stage parameter Allowed values: pre, post |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 filter nic-1000052870-eth1-vmware-sfw.2 stage pre stream-to 127.0.0.1 port 9999
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in stream mode with given filter.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <filter-name> | Packet capture filter name parameter |
| <stage-type> | Packet capture filter stage parameter Allowed values: pre, post |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 filter nic-1000052870-eth1-vmware-sfw.2 stage pre stream-to 127.0.0.1 port 9999 parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in standalone mode with given interface.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <cap-interface-id> | Interface id Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 interface fed75492-d335-11e7-ac91-c3fa7e7f6b23 direction input
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in standalone mode with given interface.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <cap-interface-id> | Interface id Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 interface fed75492-d335-11e7-ac91-c3fa7e7f6b23 direction input parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in stream mode with given interface.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <cap-interface-id> | Interface id Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 interface fed75492-d335-11e7-ac91-c3fa7e7f6b23 direction input stream-to 127.0.0.1 port 9999
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in stream mode with given interface.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <cap-interface-id> | Interface id Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 interface fed75492-d335-11e7-ac91-c3fa7e7f6b23 direction input stream-to 127.0.0.1 port 9999 parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in standalone mode with given parameters.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vdrport direction input
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in standalone mode with given parameters.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vdrport direction input parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture on ESXi node with given parameters.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vdrport direction input stream-to 127.0.0.1 port 9999
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture on ESXi node with given parameters.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vdrport direction input stream-to 127.0.0.1 port 9999 parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in standalone mode with given vif.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vif> | VIF ID |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vif facb8cd1-2bf4-49c3-bb30-ed826986499b direction input
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in standalone mode with given vif.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vif> | VIF ID |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vif facb8cd1-2bf4-49c3-bb30-ed826986499b direction input parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in stream mode with given vif.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vif> | VIF ID |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vif facb8cd1-2bf4-49c3-bb30-ed826986499b direction input stream-to 127.0.0.1 port 9999
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in stream mode with given vif.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vif> | VIF ID |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vif facb8cd1-2bf4-49c3-bb30-ed826986499b direction input stream-to 127.0.0.1 port 9999 parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in standalone mode on ESXi node with given vmknic.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vmknic-id> | Vmknic id parameter |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vmknic vmk0 direction input
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in standalone mode with given parameters.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vmknic-id> | Vmknic id parameter |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vmknic vmk0 direction input parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture on ESXi node with given vmknic.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vmknic-id> | Vmknic id parameter |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vmknic vmk0 direction input stream-to 127.0.0.1 port 9999
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture on ESXi node with given vmknic.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vmknic-id> | Vmknic id parameter |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vmknic vmk0 direction input stream-to 127.0.0.1 port 9999 parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in standalone mode on ESXi node with given vmnic.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vmnic-id> | Vmnic id parameter |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vmnic vmnic0 direction input
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in standalone mode with given parameters.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vmnic-id> | Vmnic id parameter |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vmnic vmnic0 direction input parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture on ESXi node with given vmnic.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vmnic-id> | Vmnic id parameter |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vmnic vmnic0 direction input stream-to 127.0.0.1 port 9999
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture on ESXi node with given vmnic.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vmnic-id> | Vmnic id parameter |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vmnic vmnic0 direction input stream-to 127.0.0.1 port 9999 parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture in standalone mode on ESXi node with given vnic.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vnic-id> | Vnic id parameter |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vnic e21e1397-c5c1-4b37-b7f0-1741d1809e61 direction input
nsx-manager-1>
Mode
Basic
Availability
Manager
start capture node <cap-node-id> vnic <vnic-id> direction <capture-direction> parameters <arguments>
Start packet capture in standalone mode with given parameters.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vnic-id> | Vnic id parameter |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vnic e21e1397-c5c1-4b37-b7f0-1741d1809e61 direction input parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture on ESXi node with given vnic.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vnic-id> | Vnic id parameter |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vnic e21e1397-c5c1-4b37-b7f0-1741d1809e61 direction input stream-to 127.0.0.1 port 9999
nsx-manager-1>
Mode
Basic
Availability
Manager
Start packet capture on ESXi node with given vnic.
| Option | Description |
|---|---|
| <cap-node-id> | Capture node id parameter Allowed pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ |
| <vnic-id> | Vnic id parameter |
| <capture-direction> | Packet capture direction parameter Allowed values: input, output, dual |
| <receiver_address> | Packet capture address parameter |
| <port-id> | Packet capture port parameter Allowed pattern: ^[0-9]+$ |
| <arguments> | Packet capture option parameter |
Example
nsx-manager-1> start capture node fed75492-d335-11e7-ac91-c3fa7e7f6b23 vnic e21e1397-c5c1-4b37-b7f0-1741d1809e61 direction input stream-to 127.0.0.1 port 9999 parameters srcport 1556
nsx-manager-1>
Mode
Basic
Availability
Manager
Display a packet capture on all available interfaces.
Example
esx-1> start capture trace
22:51:17.831714[61] Captured at PktFree point, TSO not enabled, Checksum not offloaded and not verified, length 60.
PATH:
+- [22:51:17.831582] | UplinkRcvKernel
+- [22:51:17.831584] | PortInput
+- [22:51:17.831585] | IOChain
+- [22:51:17.831587] | EtherswitchDispath
+- [22:51:17.831591] | EtherswitchOutput
+- [22:51:17.831591] | PortOutput
+- [22:51:17.831594] | IOChain
+- [22:51:17.831595] | IOChain
+- [22:51:17.831597] | EtherswitchOutput
+- [22:51:17.831597] | PortOutput
+- [22:51:17.831599] | IOChain
+- [22:51:17.831600] | EtherswitchOutput
Segment[0] ---- 2048 bytes:
0x0000: ffff ffff ffff 0200 2d26 a8ff 0806 0001
0x0010: 0800 0604 0001 0200 2d26 a8ff 0ac0 5c53
0x0020: 0000 0000 0000 0ac0 5157 0000 0000 0000
0x0030: 0000 0000 0000 0000 0000 0000
.
.
.
Mode
Basic
Availability
ESXi
Start firewall synchronization for the logical router interface. Synchronization happens automatically, but you can optionally start a bulk sync to more quickly synchronize a new or restarted standby router. The sync must be started from the primary router.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
Example
nsx-edge> start firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e bulk-sync
nsx-edge>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Start the specified service.
| Option | Description |
|---|---|
| <service-name> | Node startable and stoppable service argument |
Example
nsx> start service snmp
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Start an upgrade with the specified upgrade bundle and according to the specified playbook.
| Option | Description |
|---|---|
| <bundle-name> | Name of NSX upgrade bundle in the file store |
| <playbook-file> | Name of Playbook file to use |
Example
nsx-edge-1> start upgrade-bundle VMware-NSX-edge-2.0.0.0.0.5298714 playbook VMware-NSX-edge-2.0.0.0.0.5298714-playbook
Validating playbook /var/vmware/nsx/file-store/VMware-NSX-edge-2.0.0.0.0.5298714-playbook.yml
Running "11-preinstall-enter_maintenance_mode" (step 1 of 5)
Running "install_os" (step 2 of 5)
System will now reboot (step 3 of 5)
After the system reboots, use "resume" to start the next step, "41-postboot-exit_maintenance_mode".
{
"info": "",
"body": null,
"state": 1,
"state_text": "CMD_SUCCESS"
}
nsx-edge-1>
Broadcast message from admin@nsx-edge-1
(unknown) at 1:33 ...
The system is going down for reboot NOW!
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Stop packet capture by session id.
| Option | Description |
|---|---|
| <session-id-arg> | Packet capture session id parameter |
Mode
Basic
Availability
Manager
Stop firewall bulk synchronization for the logical router interface.
| Option | Description |
|---|---|
| <uuid> | Firewall logical interface UUID argument |
Example
nsx-edge> stop firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e bulk-sync
nsx-edge>
Mode
Basic
Availability
Edge, Public Cloud Gateway
Stop the specified service.
| Option | Description |
|---|---|
| <service-name> | Node startable and stoppable service argument |
Example
nsx> stop service snmp
nsx>
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
Move to the top of the path. The arrow moves to show which interface is current.
Example
nsx-edge-1(path)> top
->interface : de650f56-276d-46ef-959e-960752acfe19
interface : 140ca8de-61e0-4bba-b429-6a3791b0846a
port : 9eff9e4e-9157-4107-a0dd-c79350dce6f7
port : 53bab4b1-f0df-451b-af80-0a9d5e580186
interface : 2a7bf881-1f89-4833-833e-47673b79901a
interface : bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a
port : 5b2068d0-8c28-4427-8be4-48f422f92309
port : eb3bd495-9ce3-40b4-a955-c2ddc4893cfa
interface : 1fec3ffa-213d-4d2b-ae1b-e12857434846
interface : 13592f56-be3c-4d3d-88de-7d5825dd51bb
port : c588fc5d-dd62-45b2-bc16-3dae466c16c7
port : 2120ef07-05e3-477f-8d96-e2be390784db
interface : 3bbbd5e9-2ffe-4fb7-9edb-edc7bba67278
interface : dd10beb2-3673-43a5-b180-ecc46e830ee0
port : fdc429ef-d778-421b-bf84-e1063a7bf5ab
Mode
Path
Availability
Edge, Public Cloud Gateway
Trace the specified packet.
| Option | Description |
|---|---|
| <port-uuid-name> | Datapath String argument |
| <base64-string> | Datapath Base64 Encoded String argument |
Example
nsx-edge-1> traceflow fp-eth1 AQAMzMzNaO+9TphYADKqqgMAAAwBCwAAAAAAgG5o771OmEAAAAAAgG5o771OmECAGQAAFAACAA8AAAAAAAIAbg==
Packet Trace Results
EVENT : physical_received
PACKET_BASE64 : AQAMzMzNaO+9TphYADKqqgMAAAwBCwAAAAAAgG5o771OmEAAAAAAgG5o771OmECAGQAAFAACAA8AAAAAAAIAbg==
PACKET_HEADER : 68:ef:bd:4e:98:58 > 01:00:0c:cc:cc:cd, 802.3, length 64: LLC, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x00000c), pid PVST (0x010b): STP 802.1d, Config, Flags [none], bridge-id 806e.68:ef:bd:4e:98:40.8019, length 42
PARENT_UUID : 3284f707-98f9-4e7c-b573-f7898dfa12ba
TIMESTAMP : 2018-06-14 21:40:54.830903
TRACE_UUID : 09c4513c-9c8e-11e6-b333-005056a94529
TYPE : physical_node
EVENT : logical_forwarded
PACKET_BASE64 : AQAMzMzNaO+9TphYADKqqgMAAAwBCwAAAAAAgG5o771OmEAAAAAAgG5o771OmECAGQAAFAACAA8AAAAAAAIAbg==
PACKET_HEADER : 68:ef:bd:4e:98:58 > 01:00:0c:cc:cc:cd, 802.3, length 64: LLC, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x00000c), pid PVST (0x010b): STP 802.1d, Config, Flags [none], bridge-id 806e.68:ef:bd:4e:98:40.8019, length 42
PARENT_UUID : 6e8ad2e8-15eb-553a-ae2e-e3a6bcd890cc
TIMESTAMP : 2018-06-14 21:40:54.883850
TRACE_UUID : 09c4513c-9c8e-11e6-b333-005056a94529
TYPE : logical_switch_port
UUID : 6fea361f-cf04-5391-bac1-281119bce14d
EVENT : logical_received
PACKET_BASE64 : AQAMzMzNaO+9TphYADKqqgMAAAwBCwAAAAAAgG5o771OmEAAAAAAgG5o771OmECAGQAAFAACAA8AAAAAAAIAbg==
PACKET_HEADER : 68:ef:bd:4e:98:58 > 01:00:0c:cc:cc:cd, 802.3, length 64: LLC, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x00000c), pid PVST (0x010b): STP 802.1d, Config, Flags [none], bridge-id 806e.68:ef:bd:4e:98:40.8019, length 42
PARENT_UUID : 736a80e3-23f6-5a2d-81d6-bbefb2786666
TIMESTAMP : 2018-06-14 21:40:54.936503
TRACE_UUID : 09c4513c-9c8e-11e6-b333-005056a94529
TYPE : logical_router_port
UUID : c96c41bc-f689-5e28-9b04-d614a746fa1a
EVENT : logical_dropped
PACKET_BASE64 : AQAMzMzNaO+9TphYADKqqgMAAAwBCwAAAAAAgG5o771OmEAAAAAAgG5o771OmECAGQAAFAACAA8AAAAAAAIAbg==
PACKET_HEADER : 68:ef:bd:4e:98:58 > 01:00:0c:cc:cc:cd, 802.3, length 64: LLC, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x00000c), pid PVST (0x010b): STP 802.1d, Config, Flags [none], bridge-id 806e.68:ef:bd:4e:98:40.8019, length 42
PARENT_UUID : 736a80e3-23f6-5a2d-81d6-bbefb2786666
TIMESTAMP : 2018-06-14 21:40:54.989125
TRACE_UUID : 09c4513c-9c8e-11e6-b333-005056a94529
TYPE : logical_router_port
Mode
Basic
Availability
Edge, Public Cloud Gateway
Trace the route to the specified IPv4 address or host.
| Option | Description |
|---|---|
| <hostname-or-ip-address> | A hostname or IP address |
Example
nsx-manager-1> traceroute 10.192.43.71
traceroute to 10.192.43.71 (10.192.43.71), 30 hops max, 60 byte packets
1 10.160.127.251 (10.160.127.251) 0.824 ms 2.589 ms 1.529 ms
2 10.250.228.1 (10.250.228.1) 2.570 ms 10.250.228.9 (10.250.228.9) 1.992 ms 1.116 ms
3 10.250.22.25 (10.250.22.25) 1.647 ms 10.250.22.85 (10.250.22.85) 2.487 ms 10.250.22.25 (10.250.22.25) 1.529 ms
4 10.250.22.186 (10.250.22.186) 2.464 ms 1.903 ms 2.425 ms
5 10.250.23.26 (10.250.23.26) 1.553 ms 1.676 ms 2.504 ms
6 10.250.232.34 (10.250.232.34) 2.355 ms 10.250.232.42 (10.250.232.42) 1.229 ms 10.250.232.38 (10.250.232.38) 1.379 ms
7 10.192.43.71 (10.192.43.71) 1.398 ms 1.689 ms 1.619 ms
Mode
Basic
Availability
Controller, Key Manager, Manager, Policy Manager
Trace the route to the specified IP address.
The maxttl specifies the maximum time-to-live, or
maximum number of routers the traceroute packet will traverse.
The source argument specifies which source IP
address to use for traceroute. This may be required in some
circumstances for traceroute to work as expected. For example,
if there is overlap in IP addresses used in the tier 0 and
tier 1 router transit subnets, traceroute packets from the
tier 0 VRF will not reach virtual machines on networks routed
by the tier 1 router. If you use the source argument
to specify a unique IP used by that VRF (in this case, the tier 0
uplink IP) the traceroute packets will reach the virtual machines.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
| <number> | Number argument Allowed pattern: ^[0-9]+$ |
Example
nsx-edge-1(tier0_sr)> traceroute 172.16.110.11 source 192.168.130.3
edge-tracert to 172.16.110.11 (172.16.110.11) from VRF 3, 64 hops max, 52 byte packets
1 100.64.1.1 (100.64.1.1) 0.656 ms 0.354 ms 0.353 ms
2 172.16.110.11 (172.16.110.11) 28.142 ms 4.427 ms 2.765 ms
Mode
Basic, VRF, Tier0_sr, Tier1_sr
Availability
Edge, Public Cloud Gateway
Trace the route to the specified IP address.
The
maxttl specifies the maximum time-to-live, or
maximum number of routers the traceroute packet will traverse.
The vrfid argument
specifies which VRF to send the traceroute packets from. You can
get a list of available VRFs with the
get logical-routers command.
The source argument specifies which source IP
address to use for traceroute. This may be required in some
circumstances for traceroute to work as expected. For example,
if there is overlap in IP addresses used in the tier 0 and
tier 1 router transit subnets, traceroute packets from the
tier 0 VRF will not reach virtual machines on networks routed
by the tier 1 router. If you use the source argument
to specify a unique IP used by that VRF (in this case, the tier 0
uplink IP) the traceroute packets will reach the virtual machines.
| Option | Description |
|---|---|
| <ip-address> | Network IP address argument |
| <number> | Number argument Allowed pattern: ^[0-9]+$ |
| <vrf-id> | VRF ID argument Allowed pattern: ^[0-9]+$ |
Example
nsx-edge-1> traceroute 172.16.110.11 source 192.168.130.3 vrfid 3
edge-tracert to 172.16.110.11 (172.16.110.11) from VRF 3, 64 hops max, 52 byte packets
1 100.64.1.1 (100.64.1.1) 0.560 ms 0.261 ms 0.366 ms
2 172.16.110.11 (172.16.110.11) 3.544 ms 5.696 ms 3.928 ms
Mode
Basic
Availability
Edge, Public Cloud Gateway
Move up the path. The arrow moves to show which interface is current.
Example
nsx-edge-1(path)> get path
interface : de650f56-276d-46ef-959e-960752acfe19
interface : 140ca8de-61e0-4bba-b429-6a3791b0846a
port : 9eff9e4e-9157-4107-a0dd-c79350dce6f7
port : 53bab4b1-f0df-451b-af80-0a9d5e580186
interface : 2a7bf881-1f89-4833-833e-47673b79901a
interface : bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a
->port : 5b2068d0-8c28-4427-8be4-48f422f92309
port : eb3bd495-9ce3-40b4-a955-c2ddc4893cfa
interface : 1fec3ffa-213d-4d2b-ae1b-e12857434846
interface : 13592f56-be3c-4d3d-88de-7d5825dd51bb
port : c588fc5d-dd62-45b2-bc16-3dae466c16c7
port : 2120ef07-05e3-477f-8d96-e2be390784db
interface : 3bbbd5e9-2ffe-4fb7-9edb-edc7bba67278
interface : dd10beb2-3673-43a5-b180-ecc46e830ee0
port : fdc429ef-d778-421b-bf84-e1063a7bf5ab
nsx-edge-1(path)> up
interface : de650f56-276d-46ef-959e-960752acfe19
interface : 140ca8de-61e0-4bba-b429-6a3791b0846a
port : 9eff9e4e-9157-4107-a0dd-c79350dce6f7
port : 53bab4b1-f0df-451b-af80-0a9d5e580186
interface : 2a7bf881-1f89-4833-833e-47673b79901a
->interface : bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a
port : 5b2068d0-8c28-4427-8be4-48f422f92309
port : eb3bd495-9ce3-40b4-a955-c2ddc4893cfa
interface : 1fec3ffa-213d-4d2b-ae1b-e12857434846
interface : 13592f56-be3c-4d3d-88de-7d5825dd51bb
port : c588fc5d-dd62-45b2-bc16-3dae466c16c7
port : 2120ef07-05e3-477f-8d96-e2be390784db
interface : 3bbbd5e9-2ffe-4fb7-9edb-edc7bba67278
interface : dd10beb2-3673-43a5-b180-ecc46e830ee0
port : fdc429ef-d778-421b-bf84-e1063a7bf5ab
Mode
Path
Availability
Edge, Public Cloud Gateway
Verify and extract the specified upgrade bundle to the default location.
| Option | Description |
|---|---|
| <bundle-name> | Name of NSX upgrade bundle in the file store |
Example
nsx-edge-1> verify upgrade-bundle VMware-NSX-edge-2.0.0.0.0.5298714
Checking upgrade bundle /var/vmware/nsx/file-store/VMware-NSX-edge-2.0.0.0.0.5298714.nub contents
Verifying bundle VMware-NSX-edge-2.0.0.0.0.5298714.bundle with signature VMware-NSX-edge-2.0.0.0.0.5298714.bundle.sig
Moving bundle to /image/VMware-NSX-edge-2.0.0.0.0.5298714.bundle
Extracting bundle payload
Successfully verified upgrade bundle
Bundle manifest:
appliance_type: 'nsx-edge'
version: '2.0.0.0.0.5298714'
os_image_path: 'files/nsx-root.fsa'
Current upgrade info:
{
"info": "",
"body": {
"meta": {
"from_version": "1.1.0.0.0.5214485",
"old_config_dev": "/dev/mapper/nsx-config",
"to_version": "2.0.0.0.0.5298714",
"new_config_dev": "/dev/mapper/nsx-config__bak",
"old_os_dev": "/dev/sda2",
"bundle_path": "/image/VMware-NSX-edge-2.0.0.0.0.5298714",
"new_os_dev": "/dev/sda3"
},
"history": []
},
"state": 1,
"state_text": "CMD_SUCCESS"
}
Mode
Basic
Availability
Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway
This command enters VRF context mode. You can find VRF IDs with the
get logical-routers command.| Option | Description |
|---|---|
| <uuid-vrfid> | Datapath UUID or VRF ID argument |
Example
nsx-edge-1> vrf 3
nsx-edge-1(tier0_sr)>
or
nsx-edge-1> vrf 19772688-b220-4a34-94a3-8a094dcdd979
nsx-edge-1(tier0_sr)>
Mode
Basic
Availability
Edge, Public Cloud Gateway