Copyright © 2014-2020 VMware, Inc. All rights reserved. Copyright and trademark information.

EN-002526-00

NSX-T Command-Line Interface Reference

NSX-T Data Center 3.0.0

Table of Contents

About This Book
Intended Audience
VMware Technical Publications Glossary
Document Feedback

Introduction to the NSX-T CLI
Logging In and Out of the CLI
CLI Command Modes
Important Note

NSX-T CLI Commands
backup node file <filename> [passphrase <passphrase>]
bottom
clear auth-policy vidm enabled
clear auth-policy vidm lb-extern enabled
clear banner
clear bfd-session local-ip <ip-address> remote-ip <ip-address> stats
clear bfd-sessions stats
clear bgp <ip-address>
clear bgp neighbors
clear dataplane flow-cache stats
clear edge-cluster history state
clear hardening-policy mandatory-access-control enabled
clear high-availability channel local-ip <ip-address> remote-ip <ip-address> stats
clear high-availability channels stats
clear high-availability history state
clear high-availability session local-service-id <service-id> peer-service-id <service-id> stats
clear high-availability sessions stats
clear interface <interface-name>
clear interface <interface-name> ip
clear interface <interface-name> plane
clear lldp neighbors
clear lldp neighbors <interface-name>
clear lldp stats
clear lldp stats <interface-name>
clear load-balancer <lb-uuid> pool <pool-uuid> stats
clear load-balancer <lb-uuid> pool <pool-uuid> stats
clear load-balancer <lb-uuid> pools stats
clear load-balancer <lb-uuid> pools stats
clear load-balancer <lb-uuid> stats
clear load-balancer <lb-uuid> stats
clear load-balancer <lb-uuid> virtual-server <vs-uuid> stats
clear load-balancer <lb-uuid> virtual-server <vs-uuid> stats
clear load-balancer <lb-uuid> virtual-servers stats
clear load-balancer <lb-uuid> virtual-servers stats
clear load-balancer perf-profile
clear logging-servers
clear logical-router <uuid> high-availability history state
clear logical-router interface <uuid> stats
clear management-plane
clear name-servers
clear physical-port <physical-port-name> stats
clear search-domains
clear service http redirect-host
clear service install-upgrade enabled
clear service manager logging-level
clear service ntp start-on-boot
clear service snmp start-on-boot
clear service ssh start-on-boot
clear user <username> password-expiration
copy file <filename> url <url>
copy url <url> [file <filename>]
deactivate cluster
del all capture sessions
del capture session <esx-session-id-arg>
del capture session <session-id-arg>
del capture session <session-number>
del capture session <session-number>
del capture session <session-number>
del capture session <session-number> interface <interface-name>
del capture session <session-number> interface <port-uuid-name>
del file <filename>
del gateway certificate <ip-address>
del gateway certificates
del gw-controller vm-certificate <vm-id>
del image <image-name> version <image-version>
del logging-server <hostname-or-ip-address[:port]> proto <proto> level <level> [facility <facility>] [messageid <messageid>] [structured-data <structured-data>]
del name-server <ip-address>
del nsx
del ntp-server <hostname-or-ip-address>
del route prefix <prefix> gateway <gateway-ip> [interface <interface-name>]
del search-domains <domain>
del snmp v2-targets <hostname-or-ip-address[:port]>
del snmp v3-targets <hostname-or-ip-address[:port]>
del snmp v3-users <v3-user>
del ssh-known-host <hostname-or-ip-address[:port]>
del user <username> ssh-keys label <key-label> [password <password>]
detach management-plane <hostname-or-ip-address[:port]> username <username> thumbprint <thumbprint> [password <password>]
detach management-plane <hostname-or-ip-address[:port]> username <username> thumbprint <thumbprint> [password <password>]
detach management-plane <ip-address[:port]> username <username> thumbprint <thumbprint> [password <password>]
detach node <node-id>
detach node <node-id> ignore-repository-ip-check
display capture session <session-id-arg>
display capture session <session-id-arg> parameters <arguments>
down
exit
get all capture sessions
get arp-table
get arp-table
get auth-policy api lockout-period
get auth-policy api lockout-reset-period
get auth-policy api max-auth-failures
get auth-policy cli lockout-period
get auth-policy cli max-auth-failures
get auth-policy minimum-password-length
get auth-policy vidm
get bfd-config
get bfd-session local-ip <ip-address> remote-ip <ip-address>
get bfd-session local-ip <ip-address> remote-ip <ip-address> stats
get bfd-sessions
get bfd-sessions [stats]
get bfd-sessions stats
get bgp
get bgp <prefix>
get bgp <prefix>
get bgp community { NO_EXPORT | NO_ADVERTISE | NO_EXPORT_SUBCONFED | AA:NN }
get bgp evpn
get bgp evpn overlay
get bgp evpn vni
get bgp ipv4
get bgp ipv6
get bgp large-community <bgp-large-community>
get bgp neighbor
get bgp neighbor <ip-address>
get bgp neighbor <ip-address> advertised-routes
get bgp neighbor <ip-address> routes
get bgp neighbor summary
get bgp neighbor summary <address-family>
get bond <bond name> [stats]
get bonds [stats]
get bridge <uuid>
get bridge <uuid> mac-table
get bridge <uuid> networks
get bridges
get capture session <esx-session-id-arg>
get capture session <session-id-arg>
get capture session <session-number>
get capture session <session-number>
get capture sessions
get capture sessions
get capture sessions
get certificate api
get certificate api thumbprint
get certificate cluster
get certificate cluster text
get cgroup <uuid> [<translation-type>]
get cgroups
get cgroups with ip <ip-address>
get cgroups with mac <hardware-address>
get cgroups with vif <vif>
get cli-timeout
get clock
get cluster config
get cluster status
get cluster status verbose
get configuration
get controllers
get cpu-stats
get current
get data <data-id>
get data with receiver <uuid>
get dataplane
get dataplane cpu stats
get dataplane device list
get dataplane flow-cache config
get dataplane flow-cache stats
get dataplane flow-cache stats <lcore-list-all>
get dataplane l2vpn-pmtu config
get dataplane l3vpn-pmtu config
get dataplane memory stats
get dataplane perfstats <interval>
get dataplane qat
get dataplane throughput <time>
get dhcp ip-pool <uuid>
get dhcp ip-pools
get dhcp ip-pools server-uuid <uuid>
get dhcp ipv6-ip-pool <uuid>
get dhcp ipv6-ip-pools
get dhcp ipv6-ip-pools server-uuid <uuid>
get dhcp ipv6-lease <string>
get dhcp ipv6-lease <string> all
get dhcp ipv6-leases
get dhcp ipv6-leases all
get dhcp ipv6-static-binding <uuid>
get dhcp ipv6-static-bindings
get dhcp ipv6-static-bindings server-uuid <uuid>
get dhcp lease <string>
get dhcp lease <string> all
get dhcp leases
get dhcp leases all
get dhcp server <uuid> [status | sync]
get dhcp servers [status | sync]
get dhcp static-binding <uuid>
get dhcp static-bindings
get dhcp static-bindings server-uuid <uuid>
get diagnosis config
get diagnosis log
get diagnosis log limit <log-num>
get diagnosis log limit <log-num> context <context-line-num>
get diagnosis topology
get dns-forwarder <uuid> cache
get dns-forwarder <uuid> config
get dns-forwarder <uuid> stats
get dns-forwarder <uuid> status
get dns-forwarder <uuid> table
get dns-forwarder cache
get dns-forwarder stats
get dns-forwarder status
get dns-forwarder table
get dns-forwarders config
get dns-forwarders status
get domain-object <uuid>
get domain-objects <domain_object_type>
get domain-objects <objects_type_with_component_name> <component-name>
get edge-cluster history state
get edge-cluster status
get ens lcore-assignment-mode <host-switch-name>
get eula
get eula acceptance
get evpn rmac
get evpn vni
get file <filename>
get file <filename> thumbprint
get files
get filesystem-stats
get firewall <uuid> addrset name <string>
get firewall <uuid> addrset sets
get firewall <uuid> attrset name <string>
get firewall <uuid> attrset sets
get firewall <uuid> connection
get firewall <uuid> connection count
get firewall <uuid> connection raw
get firewall <uuid> connection state
get firewall <uuid> ike policy [<rule-id>]
get firewall <uuid> interface stats
get firewall <uuid> ruleset [type <rule-type>] rules [<ruleset-detail>]
get firewall <uuid> ruleset [type <rule-type>] stats
get firewall <uuid> sync config
get firewall <uuid> sync stats
get firewall <uuid> timeouts
get firewall <vifuuid> addrsets
get firewall <vifuuid> fqdn
get firewall <vifuuid> profile
get firewall <vifuuid> ruleset rules
get firewall [logical-switch <uuid>] interfaces
get firewall addrset name <uuid>
get firewall addrset sets
get firewall connection state
get firewall context-profile <context-profile-id> fqdn
get firewall context-profiles
get firewall exclude
get firewall exclude-list
get firewall exclusion
get firewall interface stats
get firewall interfaces
get firewall interfaces sync
get firewall ipfix-containers
get firewall ipfix-filters
get firewall ipfix-profiles
get firewall ipfix-stats
get firewall orphaned-section
get firewall packetlog
get firewall packetlog last <lines>
get firewall published-entity
get firewall published-entity <published-entity-type> <published-entity-id>
get firewall rule-stats
get firewall rule-stats total
get firewall rules
get firewall status
get firewall status
get firewall summary
get firewall sync config
get firewall sync stats
get firewall thresholds
get firewall thresholds
get firewall vifs
get forwarding
get forwarding [<prefix>]
get gateway certificate <ip-address>
get gateway certificates
get gateway connection status
get gw-controller connections
get gw-controller logging-level
get gw-controller vm-certificate <vm-id>
get gw-controller vm-certificates
get gw-controller vm-log-forwarding
get gw-controller vm-log-forwarding <vm-id>
get gw-controller vm-state
get gw-controller vm-state <vm-id>
get hardening-policy mandatory-access-control report [file <filename> [all]]
get hardening-policy mandatory-access-control status
get high-availability channel local-ip <ip-address> remote-ip <ip-address>
get high-availability channel local-ip <ip-address> remote-ip <ip-address> stats
get high-availability channels
get high-availability channels stats
get high-availability history state
get high-availability session local-service-id <service-id> peer-service-id <service-id>
get high-availability session local-service-id <service-id> peer-service-id <service-id> stats
get high-availability sessions
get high-availability sessions remote-ip <ip-address>
get high-availability sessions service-type <service-type>
get high-availability sessions service-type <service-type> remote-ip <ip-address>
get high-availability sessions service-type <service-type> stats
get high-availability sessions service-type <service-type> sync complete
get high-availability sessions service-type <service-type> sync in-progress
get high-availability sessions service-type <service-type> sync summary
get high-availability sessions stats
get high-availability status
get host-switch <host-switch-name> dvport <dvport-id> ipfix setting
get host-switch <host-switch-name> dvport <dvport-id> ipfix stats
get host-switch <host-switch-name> dvport <dvport-id> mcast-filter
get host-switch <host-switch-name> dvport <dvport-id> mcast-filter <entry-mode> <entry-group>
get host-switch <host-switch-name> ipfix stats
get host-switch <host-switch-name> mcast-filter
get host-switch <host-switch-name> mirror-session <mirror-session-id>
get host-switch <host-switch-name> mirror-sessions
get host-switch <host-switch-name> tunnel <local_ip> <remote_ip>
get host-switch <host-switch-name> tunnels
get host-switch <host-switch-name> uplink <uplink> ipfix setting
get host-switch <host-switch-name> uplink <uplink> ipfix stats
get host-switch upgrade-status
get host-switch vlan-table
get host-switches
get hostname
get hugepage
get hyperbus app-id <string> cif-config
get hyperbus cif-table
get hyperbus connection info
get hyperbus connection info
get hyperbus lip ip-pool
get hyperbus logical-switch-port <logical-switch-port-ID> cif-config
get hyperbus vif-id <vif-ID> connection info
get hyperbus vif-id <vif-ID> lip
get hyperbus vif-lip-table
get hyperbus vif-table
get ids engine alertlog
get ids engine logging-level
get ids engine profiles
get ids engine stats
get ids engine status
get ids engine syslogstatus
get ids events stats
get ids logging-level
get ids profiles
get ids status
get image <image-name>
get image <image-name> install history
get images
get images install history
get intelligence flows config
get intelligence flows mask
get intelligence flows stats
get intelligence flows stats ack
get interface <interface-name>
get interface <interface-name>
get interfaces
get interfaces
get interfaces
get interfaces stats
get ip-discovery bindings
get ip-discovery bindings <host-switch-name> <dvport-id>
get ip-discovery bindings <host-switch-name> <dvport-id> ipv4
get ip-discovery bindings <host-switch-name> <dvport-id> ipv6
get ip-discovery bindings <logical-port>
get ip-discovery bindings <logical-port> <ip-version>
get ip-discovery config
get ip-discovery config <host-switch-name> <dvport-id>
get ip-discovery config <logical-port>
get ip-discovery ignore-list
get ip-discovery ignore-list <host-switch-name> <dvport-id>
get ip-discovery ignore-list <logical-port>
get ip-discovery ignore-list <logical-port> <ip-version>
get ip-discovery ignore-list stats
get ip-discovery ignore-list stats <host-switch-name> <dvport-id>
get ip-discovery ignore-list stats <logical-port>
get ip-discovery stats
get ip-discovery stats <host-switch-name> <dvport-id>
get ip-discovery stats <logical-port>
get ipsecvpn ca-certificate <uuid>
get ipsecvpn ca-certificates
get ipsecvpn ca-certificates verbose
get ipsecvpn certificate <uuid>
get ipsecvpn certificates
get ipsecvpn certificates verbose
get ipsecvpn config dpd-profile
get ipsecvpn config dpd-profile <uuid>
get ipsecvpn config ike-profile
get ipsecvpn config ike-profile <uuid>
get ipsecvpn config local-endpoint
get ipsecvpn config local-endpoint <uuid>
get ipsecvpn config local-endpoint <uuid> ca-certificates
get ipsecvpn config local-endpoint <uuid> certificate
get ipsecvpn config local-endpoint <uuid> crls
get ipsecvpn config peer-endpoint
get ipsecvpn config peer-endpoint <uuid>
get ipsecvpn config service
get ipsecvpn config session
get ipsecvpn config session <uuid>
get ipsecvpn config session local-ip <ip-address> remote-ip <ip-address>
get ipsecvpn config tunnel-profile
get ipsecvpn config tunnel-profile <uuid>
get ipsecvpn crl <uuid>
get ipsecvpn crls
get ipsecvpn crls verbose
get ipsecvpn ikesa
get ipsecvpn ikesa <session-id>
get ipsecvpn ikesa active
get ipsecvpn ikesa active <session-id>
get ipsecvpn ikesa active logical-router <uuid>
get ipsecvpn ikesa active logical-router <uuid> <session-id>
get ipsecvpn ikesa logical-router <uuid>
get ipsecvpn ikesa logical-router <uuid> <session-id>
get ipsecvpn ikesa negotiating
get ipsecvpn ikesa negotiating <session-id>
get ipsecvpn ikesa negotiating logical-router <uuid>
get ipsecvpn ikesa negotiating logical-router <uuid> <session-id>
get ipsecvpn ipsecsa
get ipsecvpn ipsecsa logical-router <uuid>
get ipsecvpn ipsecsa logical-router <uuid> ruleid <rule-id>
get ipsecvpn ipsecsa logical-router <uuid> sessionid <session-id>
get ipsecvpn ipsecsa ruleid <rule-id>
get ipsecvpn ipsecsa sessionid <session-id>
get ipsecvpn policy logical-router <uuid> rules <uuid>
get ipsecvpn policy rules
get ipsecvpn policy rules <uuid>
get ipsecvpn policy rules logical-router <uuid>
get ipsecvpn policy summary
get ipsecvpn policy summary logical-router <uuid>
get ipsecvpn sad
get ipsecvpn sad <uuid>
get ipsecvpn sad logical-router <uuid>
get ipsecvpn service
get ipsecvpn service <uuid>
get ipsecvpn service <uuid> verbose
get ipsecvpn service verbose
get ipsecvpn session
get ipsecvpn session <uuid>
get ipsecvpn session <uuid> history
get ipsecvpn session active
get ipsecvpn session active <uuid>
get ipsecvpn session active local-ip <ip-address> remote-ip <ip-address>
get ipsecvpn session active sessionid <session-id>
get ipsecvpn session down
get ipsecvpn session down <uuid>
get ipsecvpn session down local-ip <ip-address> remote-ip <ip-address>
get ipsecvpn session down sessionid <session-id>
get ipsecvpn session history
get ipsecvpn session local-ip <ip-address> remote-ip <ip-address>
get ipsecvpn session local-ip <ip-address> remote-ip <ip-address> history
get ipsecvpn session logical-router <uuid>
get ipsecvpn session logical-router <uuid> <uuid>
get ipsecvpn session logical-router <uuid> <uuid> negotiating
get ipsecvpn session logical-router <uuid> active
get ipsecvpn session logical-router <uuid> active <uuid>
get ipsecvpn session logical-router <uuid> active local-ip <ip-address> remote-ip <ip-address>
get ipsecvpn session logical-router <uuid> active sessionid <session-id>
get ipsecvpn session logical-router <uuid> down
get ipsecvpn session logical-router <uuid> down <uuid>
get ipsecvpn session logical-router <uuid> down local-ip <ip-address> remote-ip <ip-address>
get ipsecvpn session logical-router <uuid> down sessionid <session-id>
get ipsecvpn session logical-router <uuid> history
get ipsecvpn session logical-router <uuid> local-ip <ip-address> remote-ip <ip-address>
get ipsecvpn session logical-router <uuid> local-ip <ip-address> remote-ip <ip-address> history
get ipsecvpn session logical-router <uuid> negotiating
get ipsecvpn session logical-router <uuid> negotiating local-ip <ip-address> remote-ip <ip-address>
get ipsecvpn session logical-router <uuid> sessionid <session-id>
get ipsecvpn session logical-router <uuid> sessionid <session-id> history
get ipsecvpn session logical-router <uuid> status
get ipsecvpn session logical-router <uuid> summary
get ipsecvpn session negotiating
get ipsecvpn session negotiating <uuid>
get ipsecvpn session negotiating local-ip <ip-address> remote-ip <ip-address>
get ipsecvpn session negotiating logical-router <uuid> sessionid <session-id>
get ipsecvpn session negotiating sessionid <session-id>
get ipsecvpn session sessionid <session-id>
get ipsecvpn session sessionid <session-id> history
get ipsecvpn session status
get ipsecvpn session summary
get ipsecvpn tunnel stats
get ipsecvpn tunnel stats <keypolicy-id>
get ipsecvpn vti rules
get ipsecvpn vti rules <uuid>
get l2bridge-port <uuid>
get l2bridge-port <uuid> flush-stats
get l2bridge-port <uuid> mac-sync-table
get l2bridge-port-config <uuid>
get l2bridge-port-config <uuid> high-availability history state
get l2bridge-ports
get l2bridge-ports mac-sync-table
get l2bridge-ports-config
get l2vpn service <uuid> sessions config
get l2vpn services config
get l2vpn session <uuid> logical-switch <uuid>
get l2vpn session <uuid> logical-switch <uuid> remote-macs
get l2vpn session <uuid> logical-switch <uuid> stats
get l2vpn session <uuid> logical-switches
get l2vpn session <uuid> stats
get l2vpn session <uuid> status
get l2vpn sessions
get l2vpn sessions config
get l2vpn sessions logical-router <uuid>
get l2vpn sessions stats
get last processed barrier <uuid>
get lldp config
get lldp config
get lldp config
get lldp config <interface-name>
get lldp config <interface-name>
get lldp config <interface-name>
get lldp neighbors
get lldp neighbors
get lldp neighbors
get lldp neighbors <interface-name>
get lldp neighbors <interface-name>
get lldp neighbors <interface-name>
get lldp stats
get lldp stats <interface-name>
get load-balancer <lb-uuid>
get load-balancer <lb-uuid>
get load-balancer <lb-uuid> error-log
get load-balancer <lb-uuid> error-log
get load-balancer <lb-uuid> error-log follow
get load-balancer <lb-uuid> error-log reg-filter <regex>
get load-balancer <lb-uuid> health-check-table
get load-balancer <lb-uuid> high-availability-state
get load-balancer <lb-uuid> monitor <monitor-uuid>
get load-balancer <lb-uuid> monitor <monitor-uuid> status
get load-balancer <lb-uuid> monitors
get load-balancer <lb-uuid> persistence-tables
get load-balancer <lb-uuid> persistence-tables
get load-balancer <lb-uuid> pool <pool-uuid>
get load-balancer <lb-uuid> pool <pool-uuid> snat-pools
get load-balancer <lb-uuid> pool <pool-uuid> stats
get load-balancer <lb-uuid> pool <pool-uuid> stats
get load-balancer <lb-uuid> pool <pool-uuid> status
get load-balancer <lb-uuid> pools
get load-balancer <lb-uuid> pools
get load-balancer <lb-uuid> pools stats
get load-balancer <lb-uuid> pools stats
get load-balancer <lb-uuid> pools status
get load-balancer <lb-uuid> session-tables
get load-balancer <lb-uuid> session-tables l4
get load-balancer <lb-uuid> session-tables l7
get load-balancer <lb-uuid> snat-pools
get load-balancer <lb-uuid> stats
get load-balancer <lb-uuid> stats verbose
get load-balancer <lb-uuid> status
get load-balancer <lb-uuid> virtual-server <vs-uuid>
get load-balancer <lb-uuid> virtual-server <vs-uuid> access-log
get load-balancer <lb-uuid> virtual-server <vs-uuid> access-log follow
get load-balancer <lb-uuid> virtual-server <vs-uuid> access-log reg-filter <regex>
get load-balancer <lb-uuid> virtual-server <vs-uuid> lbrules
get load-balancer <lb-uuid> virtual-server <vs-uuid> stats
get load-balancer <lb-uuid> virtual-server <vs-uuid> stats
get load-balancer <lb-uuid> virtual-server <vs-uuid> stats verbose
get load-balancer <lb-uuid> virtual-server <vs-uuid> status
get load-balancer <lb-uuid> virtual-servers
get load-balancer <lb-uuid> virtual-servers
get load-balancer <lb-uuid> virtual-servers stats
get load-balancer <lb-uuid> virtual-servers stats
get load-balancer <lb-uuid> virtual-servers status
get load-balancer global stats
get load-balancer perf-profile config
get load-balancer pool <pool-uuid>
get load-balancer virtual-server <vs-uuid>
get load-balancer virtual-server <vs-uuid> access-log
get load-balancers
get load-balancers
get load-balancers status
get log-file <filename>
get log-file <filename> follow
get logging-servers
get logical-router <uuid>
get logical-router <uuid>
get logical-router <uuid>
get logical-router <uuid>
get logical-router <uuid> <route>
get logical-router <uuid> <route> <prefix>
get logical-router <uuid> bfd-config
get logical-router <uuid> bfd-sessions [stats]
get logical-router <uuid> bgp
get logical-router <uuid> bgp community <bgp-community>
get logical-router <uuid> bgp evpn
get logical-router <uuid> bgp evpn overlay
get logical-router <uuid> bgp evpn vni
get logical-router <uuid> bgp large-community <bgp-large-community>
get logical-router <uuid> bgp neighbor
get logical-router <uuid> bgp neighbor <ip-address>
get logical-router <uuid> bgp neighbor <ip-address> advertised-routes
get logical-router <uuid> bgp neighbor <ip-address> routes
get logical-router <uuid> bgp neighbor summary
get logical-router <uuid> bgp neighbor summary <address-family>
get logical-router <uuid> evpn rmac
get logical-router <uuid> evpn vni
get logical-router <uuid> forwarding
get logical-router <uuid> forwarding
get logical-router <uuid> forwarding <prefix>
get logical-router <uuid> forwarding <prefix>
get logical-router <uuid> forwarding [<prefix>]
get logical-router <uuid> forwarding ipv4
get logical-router <uuid> forwarding ipv4
get logical-router <uuid> forwarding ipv6
get logical-router <uuid> forwarding ipv6
get logical-router <uuid> high-availability history state
get logical-router <uuid> high-availability status
get logical-router <uuid> igmp membership
get logical-router <uuid> igmp membership <ip-address>
get logical-router <uuid> interface <interface-id>
get logical-router <uuid> interface <uuid>
get logical-router <uuid> interface <uuid>
get logical-router <uuid> interface <uuid> stats
get logical-router <uuid> interface <uuid> stats
get logical-router <uuid> interface <uuid> stats <ip-version>
get logical-router <uuid> interface <uuid> stats ipv4
get logical-router <uuid> interface <uuid> stats ipv6
get logical-router <uuid> interfaces
get logical-router <uuid> interfaces
get logical-router <uuid> interfaces
get logical-router <uuid> interfaces
get logical-router <uuid> interfaces stats
get logical-router <uuid> mfib
get logical-router <uuid> mfib <ip-address>
get logical-router <uuid> mroute <ip-address>
get logical-router <uuid> neighbor
get logical-router <uuid> neighbor <ip-or-mac-address>
get logical-router <uuid> neighbor <ip-or-mac-address>
get logical-router <uuid> neighbor stats
get logical-router <uuid> neighbors
get logical-router <uuid> neighbors
get logical-router <uuid> qos-config
get logical-router <uuid> route [<prefix>]
get logical-router <uuid> route [<prefix>]
get logical-router <uuid> route bgp [<prefix>]
get logical-router <uuid> route connected [<prefix>]
get logical-router <uuid> route static [<prefix>]
get logical-router <uuid> route static [<prefix>]
get logical-router <uuid> routing-config
get logical-router <uuid> stats
get logical-router <uuid> vrf vni
get logical-router interface <uuid>
get logical-router interface <uuid> arp-proxy
get logical-router interface <uuid> neighbor
get logical-router interface <uuid> stats
get logical-router interfaces
get logical-router interfaces stats
get logical-router neighbor
get logical-router routes <prefix>
get logical-routers
get logical-routers
get logical-routers
get logical-routers
get logical-routers
get logical-routers stats
get logical-service binding <uuid>
get logical-service bindings
get logical-service port <uuid> [stats]
get logical-service ports [stats]
get logical-service state <uuid>
get logical-service states
get logical-switch <logical-switch-id>
get logical-switch <logical-switch-id>
get logical-switch <logical-switch-id> arp-table
get logical-switch <logical-switch-id> arp-table
get logical-switch <logical-switch-id> mac-table
get logical-switch <logical-switch-id> mac-table
get logical-switch <logical-switch-id> nd-table
get logical-switch <logical-switch-id> ports
get logical-switch <logical-switch-id> vtep
get logical-switch <logical-switch-id> vtep-table
get logical-switch <uuid>
get logical-switch <uuid> l2forwarders
get logical-switch <uuid> l2forwarders high-availability history state
get logical-switch <uuid> l2forwarders high-availability state
get logical-switch <uuid> mac-address-table
get logical-switch <uuid> neighbor
get logical-switch <uuid> ports
get logical-switch <uuid> ports
get logical-switch <uuid> ports stats
get logical-switch <uuid> rtep-group-mac-address-table
get logical-switch <uuid> rtep-group-mac-address-table <rtep-group-id>
get logical-switch <uuid> rtep-groups
get logical-switch <uuid> tunnel-ports
get logical-switch <uuid> vtep-table
get logical-switch <vni-or-uuid>
get logical-switch <vni-or-uuid> arp-table
get logical-switch <vni-or-uuid> arp-table remote
get logical-switch <vni-or-uuid> arp-table remote verbose
get logical-switch <vni-or-uuid> arp-table verbose
get logical-switch <vni-or-uuid> mac-table
get logical-switch <vni-or-uuid> mac-table remote
get logical-switch <vni-or-uuid> mac-table remote verbose
get logical-switch <vni-or-uuid> mac-table verbose
get logical-switch <vni-or-uuid> stats
get logical-switch <vni-or-uuid> transport-node-table
get logical-switch <vni-or-uuid> verbose
get logical-switch <vni-or-uuid> vtep
get logical-switch <vni-or-uuid> vtep verbose
get logical-switch port <uuid>
get logical-switch port <uuid> stats
get logical-switch ports
get logical-switch ports stats
get logical-switch {local | remote} {mac-cache | arp-cache | vtep-cache} <vni>
get logical-switch-port <uuid>
get logical-switch-port status
get logical-switches
get logical-switches
get logical-switches
get logical-switches
get logical-switches
get logical-switches stats
get maintenance-mode
get maintenance-mode
get managers
get mdproxy server <uuid>
get mdproxy servers
get memory-stats
get mfib
get mfib <ip-address>
get mirror-session <mirror-session-id>
get mirror-sessions
get mroute <ip-address>
get name-servers
get namespace status <string>
get namespaces status
get neighbor
get network-stats
get node central-config
get node upgrade status
get node-uuid
get node-uuid
get nodes
get ntp-server associations
get ntp-servers
get parent
get path
get physical-port <physical-port-name>
get physical-port <physical-port-name> stats
get physical-port <physical-port-name> stats verbose
get physical-ports
get ports
get processes
get processes monitor
get processes monitor
get public-cloud-manager managed-vpcs
get public-cloud-manager status
get publication <uuid>
get publication dump <filename>
get publications with transport-node <uuid>
get realization-status <uuid>
get receivers
get route [<prefix>]
get route [<prefix>]
get route bgp [<prefix>]
get route connected [<prefix>]
get route prefix <prefix>
get route static [<prefix>]
get routes
get routing-domain <uuid>
get routing-domain <uuid>
get routing-domain <uuid>
get routing-domain <uuid> mtep
get routing-domain <uuid> vtep
get routing-domains
get routing-domains
get routing-domains
get routing-domains
get routing-domains mtep
get rtep-group <rtep-group-id>
get rtep-group <rtep-group-id> stats
get rtep-groups
get rtep-groups stats
get rteps
get search-domains
get service <service-name>
get service controller logging-config
get service controller logging-config logging-level <level>
get service controller logging-config name <string>
get service controller logging-config pattern <string>
get service controller logging-level
get service dataplane logging-level
get service dhcp logging-level
get service dhcp pool-monitor
get service hyperbus lib-metrics logging-level
get service hyperbus lib-nestdb logging-level
get service hyperbus lib-net logging-level
get service hyperbus lib-rpc logging-level
get service hyperbus logging-level
get service ike debug-tunnel
get service ike logging-level
get service local-controller logging-level
get service local-controller state
get service nsx-agent logging-level
get service nsx-cfgagent cache-table [{config | l2 | l3} {local | remote | logical-switch | logical-switch-port | logical-switch-port-list | transport-node | bridge-cluster | group-relation | mirror | ipfix | profile | container}]
get service nsx-cfgagent hyperbus vmknic
get service nsx-cfgagent lib-metrics logging-level
get service nsx-cfgagent lib-nestdb logging-level
get service nsx-cfgagent lib-net logging-level
get service nsx-cfgagent lib-rpc logging-level
get service nsx-cfgagent logging-level
get service nsx-context-mux logging-level
get service nsx-ctxteng idfw status
get service nsx-ctxteng protocol
get service nsx-netopa logging-level
get service nsx-opsagent logging-level
get service nsx-proxy central logging-level
get service nsx-proxy lib-metrics logging-level
get service nsx-proxy lib-nestdb logging-level
get service nsx-proxy lib-net logging-level
get service nsx-proxy lib-rpc logging-level
get service nsx-proxy logging-level
get service router config
get service router config redist
get service router config route-maps
get service-insertion
get service-insertion <uuid>
get service-insertion bfd-ctrl
get service-insertion flow-prog-table
get service-insertion spi-fail-table
get service-insertion vrf-to-intf
get services
get snmp v2-configured
get snmp v2-targets
get snmp v3-configured
get snmp v3-engine-id
get snmp v3-protocols
get snmp v3-targets
get snmp v3-users
get sockets
get sockets
get spoof-guard config <host-switch-name> <dvport-id>
get spoof-guard config <logical-port>
get spoof-guard stats <host-switch-name> <dvport-id>
get spoof-guard stats <logical-port>
get spoof-guard whitelist <host-switch-name> <dvport-id>
get spoof-guard whitelist <logical-port>
get stats
get stats
get support-bundle [file <filename> [all]]
get support-bundle [file <filename>]
get switch-ipfix logical-switch <logical-switch-id> setting
get switch-ipfix logical-switch-port <logical-switch-port-id> setting
get switch-security config <host-switch-name> <dvport-id>
get switch-security config <logical-port>
get switch-security stats <host-switch-name> <dvport-id>
get switch-security stats <logical-port>
get topology
get transport-node <uuid> agent-status
get transport-node <uuid> arp-table
get transport-node <uuid> mac-table
get transport-node <uuid> routing-domain
get transport-node <uuid> routing-vtep
get transport-node <uuid> status
get transport-node <uuid> threat-status
get transport-node <uuid> vifs
get transport-node <uuid> vtep
get transport-nodes status
get tunnel-port <uuid>
get tunnel-port <uuid> stats
get tunnel-ports
get tunnel-ports stats
get upgrade progress-status
get upgrade-bundle <bundle-name> playbook <playbook-file>
get upgrade-bundle playbooks
get uptime
get user <username> password-expiration
get user <username> ssh-keys
get user <username> status
get version
get version
get vif <vif>
get vm-network-mode
get vmc migration-mode
get vrf vni
get vsip-si selected-service-path <service-chain-id>
get vsip-si service-chains
get vsip-si service-paths
get vsip-si service-paths <number>
get vsip-si service-paths <service-chain-id>
get vsip-si service-paths <service-chain-id> active
get vsip-si service-paths <service-chain-id> all
get vsip-si service-paths <service-chain-id> maintenance-mode
get vsip-si service-policies
get vswitch runtime
get vtep-group <vtep-group-id>
get vtep-groups
get vteps
help
install image <image-name> version <image-version>
join <ip-address[:port]> cluster-id <cluster-id> thumbprint <thumbprint> [token <api-token>] [username <username> [password <password>]] [force]
join management-plane <hostname-or-ip-address[:port]> thumbprint <thumbprint> token <token> [node-uuid <uuid>]
join management-plane <hostname-or-ip-address[:port]> username <username> thumbprint <thumbprint> [password <password>]
join management-plane <hostname-or-ip-address[:port]> username <username> thumbprint <thumbprint> [password <password>]
join management-plane <ip-address[:port]> username <username> thumbprint <thumbprint> [password <password>] [interface-name <interface-name>]
list
nslookup <hostname>
nslookup <hostname>
nslookup dns-forwarder <hostname-or-ip-address> [[server-ip <ip-address>] [source-ip <ip-address>]]
nslookup dns-forwarder <uuid> <hostname-or-ip-address> [server-ip <ip-address>] [source-ip <ip-address>]
on <registered-node-uuid> exec [<command>]
path <uuid> <ip-address>
ping <hostname-or-ip-address>
ping <hostname-or-ip-address> [repeat <number>]
ping <hostname-or-ip-address> [repeat <number>] [size <number>] [source <hostname-or-ip-address>] [dfbit enable]
ping <hostname-or-ip-address> [repeat <number>] [size <number>] [source <hostname-or-ip-address>] [dfbit enable] [vrfid <vrf-id>]
ping6 <ip-address>
ping6 <ip6-address> [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [repeat <number>]
ping6 <ip6-address> [repeat <number>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [size <number>]
ping6 <ip6-address> [size <number>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [size <number>] [repeat <number>]
ping6 <ip6-address> [size <number>] [repeat <number>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [source <ip6-address>]
ping6 <ip6-address> [source <ip6-address>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [source <ip6-address>] [repeat <number>]
ping6 <ip6-address> [source <ip6-address>] [repeat <number>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [source <ip6-address>] [size <number>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [source <ip6-address>] [size <number>] [repeat <number>]
ping6 <ip6-address> [source <ip6-address>] [size <number>] [repeat <number>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [source <ip6-address>] [vrfid <vrf-id>]
ping6 <ip6-address> [vrfid <vrf-id>]
ping6 <ip6-address> [vrfid <vrf-id>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [vrfid <vrf-id>] [repeat <number>]
ping6 <ip6-address> [vrfid <vrf-id>] [repeat <number>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [vrfid <vrf-id>] [size <number>]
ping6 <ip6-address> [vrfid <vrf-id>] [size <number>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [vrfid <vrf-id>] [size <number>] [repeat <number>]
ping6 <ip6-address> [vrfid <vrf-id>] [size <number>] [repeat <number>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [vrfid <vrf-id>] [source <ip6-address>]
ping6 <ip6-address> [vrfid <vrf-id>] [source <ip6-address>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [vrfid <vrf-id>] [source <ip6-address>] [repeat <number>]
ping6 <ip6-address> [vrfid <vrf-id>] [source <ip6-address>] [repeat <number>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [vrfid <vrf-id>] [source <ip6-address>] [size <number>]
ping6 <ip6-address> [vrfid <vrf-id>] [source <ip6-address>] [size <number>] [egress <dpd-uuid-lrouter-port-arg>]
ping6 <ip6-address> [vrfid <vrf-id>] [source <ip6-address>] [size <number>] [repeat <number>]
ping6 <ip6-address> [vrfid <vrf-id>] [source <ip6-address>] [size <number>] [repeat <number>] [egress <dpd-uuid-lrouter-port-arg>]
push host-certificate <hostname-or-ip-address[:port]> username <username> thumbprint <thumbprint>
reboot [force]
reset dataplane corelist
reset dataplane device list
reset dataplane hugepage
reset dns-forwarder <uuid> cache
reset dns-forwarder <uuid> stats
reset dns-forwarder cache
reset dns-forwarder stats
reset management-plane <hostname-or-ip-address[:port]> username <username> thumbprint <thumbprint> [password <password>]
restart service <service-name>
restore node file <filename> [passphrase <passphrase>]
resume upgrade-bundle <bundle-name> playbook
set auth-policy api lockout-period <lockout-period>
set auth-policy api lockout-reset-period <lockout-reset-period>
set auth-policy api max-auth-failures <auth-failures>
set auth-policy cli lockout-period <lockout-period>
set auth-policy cli max-auth-failures <auth-failures>
set auth-policy minimum-password-length <password-length>
set auth-policy vidm enabled
set auth-policy vidm hostname <hostname-or-ip-address> thumbprint <thumbprint> client-id <vidm-client-id> client-secret <vidm-client-secret> node-hostname <hostname-or-ip-address>
set auth-policy vidm lb-extern enabled
set banner
set capture session <session-number>
set capture session <session-number>
set capture session <session-number> [file <filename>] [count <packet-count>] [expression <expression>]
set capture session <session-number> [file <filename>] [count <packet-count>] [expression <expression>]
set capture session <session-number> direction <capture-direction>
set capture session <session-number> interface <interface-name> direction <capture-direction>
set capture session <session-number> interface <port-uuid-name> direction <capture-direction> [core <core-id>]
set cli-timeout <timeout>
set dataplane ctrl-prio <enabled>
set dataplane device list <pci-address-arg>
set dataplane flow-cache <enabled>
set dataplane flow-cache-size <flow-cache-size>
set dataplane interrupt-mode <enabled>
set dataplane jumbo-mbuf-pool-size <jumbo-mbuf-pool-size>
set dataplane l2vpn-pmtu <enabled>
set dataplane l3vpn-pmtu <enabled>
set dataplane packet-queue-limit <number>
set dataplane qat <enabled>
set dataplane ring-size rx <ring-size>
set dataplane ring-size tx <ring-size>
set ens lcore-assignment-mode <host-switch-name> <ens-lc-mode>
set eula accepted
set firewall <uuid> local-ip <ip-address> sync-peer <uuid> sync-peer-ip <ip-address>
set firewall <uuid> sync-rank <sync-rank> sync-mode <sync-mode>
set gw-controller logging-level <level>
set gw-controller vm-log-forwarding <enabled-clear>
set gw-controller vm-log-forwarding <enabled-clear> <vm-id>
set hardening-policy mandatory-access-control enabled
set host-switch <host-switch-name> mcast-filter <mcast-filter-mode>
set host-switch upgrade-status <boolean-arg>
set hostname <hostname>
set hugepage-reserve auto
set hugepage-reserve size <hugepage-size>
set ids engine alertlog <idsengalertlog>
set ids engine logging-level <idsengloglevel>
set ids engine syslogstatus <idsengsyslogstatus>
set ids events stats clear
set ids logging-level <idsloglevel>
set interface <interface-name> [ip <prefix> [gateway <gateway-ip>] | dhcp] plane <plane>
set interface <interface-name> dhcp
set interface <interface-name> dhcp plane <plane> mode <mode> members <members> primary <primary>
set interface <interface-name> ip <prefix> [gateway <gateway-ip>]
set interface <interface-name> ip <prefix> gateway <gateway-ip> plane <plane> mode <mode> members <members> primary <primary>
set interface <interface-name> vlan <vlan> plane mgmt
set interface mac <mac-address> vlan <vlan> in-band plane mgmt
set l2bridge-port <uuid> state active
set load-balancer <lb-uuid> rule-log <enabled>
set load-balancer <lb-uuid> rule-log pool <pool-uuid> <enabled>
set load-balancer <lb-uuid> rule-log virtual-server <vs-uuid> <enabled>
set load-balancer perf-profile <perf-profile-type>
set logging-server <hostname-or-ip-address[:port]> proto <proto> level <level> [facility <facility>] [messageid <messageid>] [serverca <filename>] [clientca <filename>] [certificate <filename>] [key <filename>] [structured-data <structured-data>]
set logging-server <hostname-or-ip-address[:port]> proto <proto> level <level> [facility <facility>] [messageid <messageid>] [serverca <filename>] [structured-data <structured-data>]
set maintenance-mode <nsxproxy-maintenance-mode>
set name-servers <ip-address>
set node central-config disabled
set node central-config enabled
set ntp-server <hostname-or-ip-address>
set physical-port <physical-port-name> state <physical-port-state>
set repository-ip
set route prefix <prefix> gateway <gateway-ip> [interface <interface-name>]
set search-domains <domain>
set service async_replicator logging-level <async-replicator-level>
set service controller logging-level <level>
set service controller logging-level name <string> <level>
set service controller logging-level pattern <string> <level>
set service dataplane logging-level <level>
set service dhcp logging-level <level>
set service dhcp pool-monitor <mode> monitor-interval <number>
set service http basic-authentication <enabled>
set service http client-api-concurrency-limit <http-client-api-concurrency-limit>
set service http client-api-rate-limit <http-client-api-rate-limit>
set service http connection-timeout <http-conn-timeout>
set service http cookie-based-authentication <enabled>
set service http global-api-concurrency-limit <http-global-api-concurrency-limit>
set service http logging-level <http-level>
set service http redirect-host <hostname-or-ip-address>
set service http session-timeout <http-session-timeout>
set service hyperbus lib-metrics logging-level <level>
set service hyperbus lib-nestdb logging-level <level>
set service hyperbus lib-net logging-level <level>
set service hyperbus lib-rpc logging-level <level>
set service hyperbus logging-level <level>
set service ike debug-tunnel local-ip <ipv4-addr> remote-ip <ipv4-addr> debug-level <debug-level-arg>
set service ike debug-tunnel local-ip <ipv4-addr> remote-ip <ipv4-addr> debug-level <debug-level-arg> follow
set service ike logging-level <level>
set service install-upgrade enabled
set service keymanager logging-level <level>
set service local-controller logging-level <level>
set service manager logging-level <level>
set service manager logging-level <level> package <manager-package-name>
set service nsx-agent logging-level <level>
set service nsx-cfgagent lib-metrics logging-level <level>
set service nsx-cfgagent lib-nestdb logging-level <level>
set service nsx-cfgagent lib-net logging-level <level>
set service nsx-cfgagent lib-rpc logging-level <level>
set service nsx-cfgagent logging-level <level>
set service nsx-context-mux logging-level <level>
set service nsx-ctxteng protocol <protocol> <enable>
set service nsx-exporter logging-level <level>
set service nsx-netopa logging-level <level>
set service nsx-opsagent logging-level <level>
set service nsx-platform-client logging-level <level>
set service nsx-proxy central logging-level <level>
set service nsx-proxy lib-metrics logging-level <level>
set service nsx-proxy lib-nestdb logging-level <level>
set service nsx-proxy lib-net logging-level <level>
set service nsx-proxy lib-rpc logging-level <level>
set service nsx-proxy logging-level <level>
set service ntp start-on-boot
set service policy logging-level <level>
set service router logging-level <destination> <level>
set service routing-platform logging-level <level>
set service snmp start-on-boot
set service ssh start-on-boot
set snmp community
set snmp community <community-string>
set snmp v2-targets <hostname-or-ip-address[:port]> community <community-string>
set snmp v3-engine-id <v3-engine-id>
set snmp v3-protocols auth-protocol <v3-auth-protocol> priv-protocol <v3-priv-protocol>
set snmp v3-targets <hostname-or-ip-address[:port]> user <v3-user>
set snmp v3-users <v3-user>
set snmp v3-users <v3-user> auth-password <auth-password> priv-password <priv-password>
set timezone <timezone>
set user <username> password [<password> [old-password <old-password>]]
set user <username> password-expiration <password-expiration>
set user <username> ssh-keys label <key-label> type <key-type> value <key-value> [password <password>]
set user <username> username <new-username>
set vmc migration-mode <enabled>
set vswitch runtime <option-name> <option-value>
shutdown [force]
start capture dvfilter <esx-dvfilter-name>
start capture interface <interface-name> [direction <direction>] [core <core-id>] [snaplen <capture-snaplen-arg] [file <filename>] [expression <expression>]
start capture interface <interface-name> [direction <direction>] [file <filename>] [count <packet-count>] [expression <expression>]
start capture node <cap-node-id> fcport <fcport-id> direction <capture-direction>
start capture node <cap-node-id> fcport <fcport-id> direction <capture-direction> parameters <arguments>
start capture node <cap-node-id> fcport <fcport-id> direction <capture-direction> stream-to <receiver_address> port <port-id>
start capture node <cap-node-id> fcport <fcport-id> direction <capture-direction> stream-to <receiver_address> port <port-id> parameters <arguments>
start capture node <cap-node-id> filter <filter-name> stage <stage-type>
start capture node <cap-node-id> filter <filter-name> stage <stage-type> parameters <arguments>
start capture node <cap-node-id> filter <filter-name> stage <stage-type> stream-to <receiver_address> port <port-id>
start capture node <cap-node-id> filter <filter-name> stage <stage-type> stream-to <receiver_address> port <port-id> parameters <arguments>
start capture node <cap-node-id> interface <cap-interface-id> direction <capture-direction>
start capture node <cap-node-id> interface <cap-interface-id> direction <capture-direction> parameters <arguments>
start capture node <cap-node-id> interface <cap-interface-id> direction <capture-direction> stream-to <receiver_address> port <port-id>
start capture node <cap-node-id> interface <cap-interface-id> direction <capture-direction> stream-to <receiver_address> port <port-id> parameters <arguments>
start capture node <cap-node-id> pnic <pnic-value> direction <capture-direction>
start capture node <cap-node-id> pnic <pnic-value> direction <capture-direction> parameters <arguments>
start capture node <cap-node-id> pnic <pnic-value> direction <capture-direction> stream-to <receiver_address> port <port-id>
start capture node <cap-node-id> pnic <pnic-value> direction <capture-direction> stream-to <receiver_address> port <port-id> parameters <arguments>
start capture node <cap-node-id> vdrport <vdrport-id> direction <capture-direction>
start capture node <cap-node-id> vdrport <vdrport-id> direction <capture-direction> parameters <arguments>
start capture node <cap-node-id> vdrport <vdrport-id> direction <capture-direction> stream-to <receiver_address> port <port-id>
start capture node <cap-node-id> vdrport <vdrport-id> direction <capture-direction> stream-to <receiver_address> port <port-id> parameters <arguments>
start capture node <cap-node-id> vif <vif> direction <capture-direction>
start capture node <cap-node-id> vif <vif> direction <capture-direction> parameters <arguments>
start capture node <cap-node-id> vif <vif> direction <capture-direction> stream-to <receiver_address> port <port-id>
start capture node <cap-node-id> vif <vif> direction <capture-direction> stream-to <receiver_address> port <port-id> parameters <arguments>
start capture node <cap-node-id> vmknic <vmknic-id> direction <capture-direction>
start capture node <cap-node-id> vmknic <vmknic-id> direction <capture-direction> parameters <arguments>
start capture node <cap-node-id> vmknic <vmknic-id> direction <capture-direction> stream-to <receiver_address> port <port-id>
start capture node <cap-node-id> vmknic <vmknic-id> direction <capture-direction> stream-to <receiver_address> port <port-id> parameters <arguments>
start capture node <cap-node-id> vmnic <vmnic-id> direction <capture-direction>
start capture node <cap-node-id> vmnic <vmnic-id> direction <capture-direction> parameters <arguments>
start capture node <cap-node-id> vmnic <vmnic-id> direction <capture-direction> stream-to <receiver_address> port <port-id>
start capture node <cap-node-id> vmnic <vmnic-id> direction <capture-direction> stream-to <receiver_address> port <port-id> parameters <arguments>
start capture node <cap-node-id> vnic <vnic-id> direction <capture-direction>
start capture node <cap-node-id> vnic <vnic-id> direction <capture-direction> parameters <arguments>
start capture node <cap-node-id> vnic <vnic-id> direction <capture-direction> stream-to <receiver_address> port <port-id>
start capture node <cap-node-id> vnic <vnic-id> direction <capture-direction> stream-to <receiver_address> port <port-id> parameters <arguments>
start capture trace
start firewall <uuid> bulk-sync
start flow-monitor [core <core-id>] [timeout <time>]
start search resync <search-scope>
start service <service-name>
start upgrade-bundle <bundle-name> playbook <playbook-file>
stop capture session <session-id-arg>
stop firewall <uuid> bulk-sync
stop service <service name> [force]
top
traceflow <port-uuid-name> <base64-string>
traceroute <hostname-or-ip-address>
traceroute <ip-address>
traceroute <ip-address> [source <ip-address>] [maxttl <number>]
traceroute <ip-address> [source <ip-address>] [maxttl <number>] [vrfid <vrf-id>]
traceroute6 <ip-address>
traceroute6 <ip6-address> [maxttl <number>]
traceroute6 <ip6-address> [source <ip6-address>]
traceroute6 <ip6-address> [source <ip6-address>] [maxttl <number>]
traceroute6 <ip6-address> [vrfid <vrf-id>]
traceroute6 <ip6-address> [vrfid <vrf-id>] [maxttl <number>]
traceroute6 <ip6-address> [vrfid <vrf-id>] [source <ip6-address>]
traceroute6 <ip6-address> [vrfid <vrf-id>] [source <ip6-address>] [maxttl <number>]
up
verify image <image-filename>
verify logging-servers
verify upgrade-bundle <bundle-name>
vrf <uuid-vrfid>

About This Book

The NSX-T Command-Line Interface Reference describes how to use the NSX-T Command-Line Interface (CLI) and includes examples and command overviews.

Intended Audience

The information in this guide is written for experienced systems and network administrators who are familiar with virtual machine technology and virtual datacenter operations.

VMware Technical Publications Glossary

VMware Technical Publications provides a glossary of terms that might be unfamiliar to you. For definitions of terms as they are used in VMware technical documentation go to http://www.vmware.com/support/pubs.

Document Feedback

VMware welcomes your suggestions for improving our documentation. If you have comments, send your feedback to docfeedback@vmware.com.

Introduction to the NSX-T CLI

Each NSX-T virtual appliance contains a command-line interface (CLI). The command syntax and output format of NSX-T commands are not guaranteed to be the same from release to release. If you are automating tasks, please use the API. See the NSX-T API Guide for details.

Logging In and Out of the CLI

Before you can run CLI commands, you must connect to an NSX-T virtual appliance. You can connect to the console or through SSH.

If you did not enable SSH while installing the appliance, you can use the set service ssh start-on-boot command to enable the SSH service.

To log out, type exit from Basic mode.

CLI Command Modes

The commands available to you at any given time depend on the mode you are currently in.

  • Basic. Basic mode provides commands to manage and view the status of the NSX-T appliance.

  • VRF. VRF mode, available on NSX Edge appliances, provides commands to view properties of a VRF (Virtual Routing and Forwarding) context.

  • Tier0_sr. Tier0_sr mode, available on NSX Edge appliances, provides commands to view properties of a tier 0 service router VRF (Virtual Routing and Forwarding) context.

  • Tier1_sr. Tier0_sr mode, available on NSX Edge appliances, provides commands to view properties of a tier 1 service router VRF (Virtual Routing and Forwarding) context.

  • Path. Path mode, available on NSX Edge appliances, provides commands to view properties of the logical router interfaces and logical switch ports in the path between a logical router interface and an IP address.
  • Important Note

    Starting with NSX-T 2.1, the NSX Manager GUI uses the term N-VDS (NSX managed virtual distributed switch) to refer to what was known as host switch in previous releases. In this document, the term host switch is still used. The two terms are synonyms.

    NSX-T CLI Commands

    backup node file <filename> [passphrase <passphrase>]
    Create a backup of an NSX KeyManager node.

    If you do not provide a passphrase on the command line, you will be prompted to enter one. The passphrase is used to encrypt the backup. If you forget the passphrase, you will not be able to restore the backup.

    Important: This backup command is one part of the backup process. You must complete all backup and restore tasks in the correct order. See the NSX-T Administration Guide for information and instructions about performing backups and restores.

    Option Description
    <filename> Filename argument
    Allowed pattern: ^[^/ *;&|]+$
    <passphrase> Backup passphrase
    Example
    nsx-keymanager-1> backup node file backup-node-timestamp.tar.gz Passphrase: nsx-keymanager-1>
    Mode
    Basic
    Availability
    Key Manager

    bottom
    Move to the bottom of the path. The arrow moves to show which interface is current.
    Example
    nsx-edge-1(path)> bottom interface : de650f56-276d-46ef-959e-960752acfe19 interface : 140ca8de-61e0-4bba-b429-6a3791b0846a port : 9eff9e4e-9157-4107-a0dd-c79350dce6f7 port : 53bab4b1-f0df-451b-af80-0a9d5e580186 interface : 2a7bf881-1f89-4833-833e-47673b79901a interface : bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a port : 5b2068d0-8c28-4427-8be4-48f422f92309 port : eb3bd495-9ce3-40b4-a955-c2ddc4893cfa interface : 1fec3ffa-213d-4d2b-ae1b-e12857434846 interface : 13592f56-be3c-4d3d-88de-7d5825dd51bb port : c588fc5d-dd62-45b2-bc16-3dae466c16c7 port : 2120ef07-05e3-477f-8d96-e2be390784db interface : 3bbbd5e9-2ffe-4fb7-9edb-edc7bba67278 interface : dd10beb2-3673-43a5-b180-ecc46e830ee0 ->port : fdc429ef-d778-421b-bf84-e1063a7bf5ab
    Mode
    Path
    Availability
    Edge, Public Cloud Gateway

    clear auth-policy vidm enabled
    Clear the vidm service's enabled property.
    Example
    nsx-manager-1> clear auth-policy vidm enabled nsx-manager-1>
    Mode
    Basic
    Availability
    Manager, Policy Manager

    clear auth-policy vidm lb-extern enabled
    Clear the external load balancer enabled property.
    Example
    nsx-manager-1> clear auth-policy vidm lb-extern enabled nsx-manager-1>
    Mode
    Basic
    Availability
    Manager, Policy Manager

    clear banner
    Clear the security banner or message of the day. The banner is reset to the system default banner.
    Example
    nsx> clear banner nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    clear bfd-session local-ip <ip-address> remote-ip <ip-address> stats
    Clear the statistics for the specified BFD session
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> clear bfd-session local-ip 192.168.250.60 remote-ip 192.168.250.61 stats nsx-edge-1>
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear bfd-sessions stats
    Clear the statistics for all BFD sessions.
    Example
    nsx-edge-1> clear bfd-session stats nsx-edge-1>
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear bgp <ip-address>
    Reset specific BGP neighbor session.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1(tier0_sr)> clear bgp 2005::2828:280a nsx-edge-1(tier0_sr)>
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    clear bgp neighbors
    Reset all BGP neighbor sessions.
    Example
    nsx-edge-1(tier0_sr)> clear bgp neighbors nsx-edge-1(tier0_sr)>
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    clear dataplane flow-cache stats
    Clear flow cache statistics for all fastpath cores.
    Example
    nsx-edge-1> clear dataplane flow-cache stats nsx-edge-1>
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear edge-cluster history state
    Clear the Edge cluster state history.
    Example
    nsx-edge-1> clear edge-cluster history state nsx-edge-1>
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear hardening-policy mandatory-access-control enabled
    This command disables mandatory access control on the node. Usage for the command is clear hardening-policy mandatory-access-control enabled
    Example
    nsx-edge-1> clear hardening-policy mandatory-access-control enabled Mandatory Access Control is disabled.
    Mode
    Basic
    Availability
    Controller, Edge, Manager, Policy Manager, Public Cloud Gateway

    clear high-availability channel local-ip <ip-address> remote-ip <ip-address> stats
    Clear statistics for the specified high-availability channel
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> clear high-availability channel local-ip 30.0.246.232 remote-ip 30.0.29.0 stats
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear high-availability channels stats
    Clear statistics for all high-availability channels.
    Example
    nsx-edge-1> clear high-availability channels stats
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear high-availability history state
    Clear the high availability state history for the logical router in the VRF context.
    Example
    nsx-edge-1(tier1_sr)> clear high-availability history state nsx-edge-1(tier1_sr)>
    Mode
    Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    clear high-availability session local-service-id <service-id> peer-service-id <service-id> stats
    Clear statistics for the specified high-availability session
    Option Description
    <service-id> Service id (0-65535)
    Example
    nsx-edge-1> clear high-availability session local-service-id 101 peer-service-id 101 stats
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear high-availability sessions stats
    Clear statistics for all high-availability sessions.
    Example
    nsx-edge-1> clear high-availability sessions stats
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear interface <interface-name>
    Delete the specified VLAN network interface and all it's configuration, or the specified bond configuration, or both if a VLAN was configured over the bond. Users must configure an alternate interface for management.
    Option Description
    <interface-name> Configurable network interface argument
    Example
    nsx-edge> clear interface eth0.11 Deleted interface eth0.11. The system does not have a management IP address, you may configure one. nsx-edge> clear interface bond0 Deleted interface bond0. The system does not have a management IP address, you may configure one. nsx-edge> clear interface bond0.50 Deleted interface bond0.50. The system does not have a management IP address, you may configure one.
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear interface <interface-name> ip
    Remove all network configuration from the specified interface.
    Option Description
    <interface-name> Configurable network interface argument
    Example
    nsx-edge> clear interface eth0 ip nsx-edge>
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear interface <interface-name> plane
    Clear the network interface plane configuration.
    Option Description
    <interface-name> Configurable network interface argument
    Example
    nsx-edge> clear interface eth0 plane nsx-edge>
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear lldp neighbors
    Deletes LLDP Neighbor information on all devices.
    Example
    nsx-edge-1> clear lldp neighbors
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear lldp neighbors <interface-name>
    Deletes LLDP Neighbor information on given device.
    Option Description
    <interface-name> LLDP interface argument
    Example
    nsx-edge-1> clear lldp neighbors eth0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear lldp stats
    Deletes LLDP Statistics on all devices.
    Example
    nsx-edge-1> clear lldp stats
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear lldp stats <interface-name>
    Deletes LLDP Statistics on given device.
    Option Description
    <interface-name> LLDP interface argument
    Example
    nsx-edge-1> clear lldp stats eth0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear load-balancer <lb-uuid> pool <pool-uuid> stats
    Clear the statistics for a specific load balancer and pool. In rare cases some of the counters may not be cleared and when that happens please try issuing the command again.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    <pool-uuid> Pool UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-edge-1> clear load-balancer ed785df6-2143-4944-b918-66470886be83 pool 46e57906-413e-4075-98b1-49a3e73a2c62 stats
    Mode
    Basic
    Availability
    ESXi

    clear load-balancer <lb-uuid> pool <pool-uuid> stats
    Clear the statistics for a specific load balancer and pool. In rare cases some of the counters may not be cleared and when that happens please try issuing the command again.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <pool-uuid> Pool UUID argument
    Example
    nsx-edge-1> clear load-balancer ed785df6-2143-4944-b918-66470886be83 pool 46e57906-413e-4075-98b1-49a3e73a2c62 stats
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear load-balancer <lb-uuid> pools stats
    Clear the statistics for all pools of a specific load balancer. In rare cases some of the counters may not be cleared and when that happens please try issuing the command again.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-edge-1> clear load-balancer ed785df6-2143-4944-b918-66470886be83 pools stats
    Mode
    Basic
    Availability
    ESXi

    clear load-balancer <lb-uuid> pools stats
    Clear the statistics for all pools of a specific load balancer. In rare cases some of the counters may not be cleared and when that happens please try issuing the command again.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> clear load-balancer ed785df6-2143-4944-b918-66470886be83 pools stats
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear load-balancer <lb-uuid> stats
    Clear the statistics for a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> clear load-balancer ed785df6-2143-4944-b918-66470886be83 stats
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear load-balancer <lb-uuid> stats
    Clear the statistics for a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-edge-1> clear load-balancer ed785df6-2143-4944-b918-66470886be83 stats
    Mode
    Basic
    Availability
    ESXi

    clear load-balancer <lb-uuid> virtual-server <vs-uuid> stats
    Clear the statistics for a specific load balancer and virtual server. In rare cases some of the counters may not be cleared and when that happens please try issuing the command again.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    <vs-uuid> Virtual server UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-edge-1> clear load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-server 46e57906-413e-4075-98b1-49a3e73a2c62 stats
    Mode
    Basic
    Availability
    ESXi

    clear load-balancer <lb-uuid> virtual-server <vs-uuid> stats
    Clear the statistics for a specific load balancer and virtual server. In rare cases some of the counters may not be cleared and when that happens please try issuing the command again.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <vs-uuid> Virtual server UUID argument
    Example
    nsx-edge-1> clear load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-server 46e57906-413e-4075-98b1-49a3e73a2c62 stats
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear load-balancer <lb-uuid> virtual-servers stats
    Clear the statistics for all virtual servers of a specific load balancer. In rare cases some of the counters may not be cleared and when that happens please try issuing the command again.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> clear load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-servers stats
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear load-balancer <lb-uuid> virtual-servers stats
    Clear the statistics for all virtual servers of a specific load balancer. In rare cases some of the counters may not be cleared and when that happens please try issuing the command again.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-edge-1> clear load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-servers stats
    Mode
    Basic
    Availability
    ESXi

    clear load-balancer perf-profile
    Clear load balancer performance profile parameter settings from edge.
    Example
    nsx-edge-1> clear load-balancer perf-profile
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear logging-servers
    Clear all logging server configuration.
    Example
    nsx> clear logging-servers nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    clear logical-router <uuid> high-availability history state
    Clear the high availability state history for the specified logical router. Only service routers have a high availability status. Use the get logical-routers command to get a list of logical routers and their router types.
    Option Description
    <uuid> UUID argument
    Example
    nsx-edge-1> clear logical-router 4e425c9e-09c6-4021-bbc7-fab2895a2c09 high-availability history state nsx-edge-1>
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear logical-router interface <uuid> stats
    Clear the statistic counters for the specified logical router interface.
    Option Description
    <uuid> Datapath UUID argument
    Example
    nsx-edge-1> clear logical-router interface 9d96cb16-6d03-4117-a511-a4aeb3e6a060 stats nsx-edge-1>
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear management-plane
    Deletes all NSX configuration and modules from the host only. Please delete the corresponding transport node entries from NSX manager using GUI/API.
    Example
    host-1> clear management-plane host-1>
    Mode
    Basic
    Availability
    ESXi, KVM

    clear name-servers
    Clear all name servers from the DNS configuration.
    Example
    nsx> clear name-servers nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    clear physical-port <physical-port-name> stats
    Clear statistics for the specified physical port.
    Option Description
    <physical-port-name> Datapath String argument
    Example
    nsx-edge-1> clear physical-port fp-eth2 stats nsx-edge-1>
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    clear search-domains
    Remove all domain names from the DNS search list.
    Example
    nsx> clear search-domains nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    clear service http redirect-host
    Clear the HTTP service redirect host.
    Example
    nsx-manager-1> clear service http redirect-host nsx-manager-1>
    Mode
    Basic
    Availability
    Manager, Policy Manager

    clear service install-upgrade enabled
    Clear the install-upgrade service's enabled property.
    Example
    nsx-manager-1> clear service install-upgrade enabled nsx-manager-1>
    Mode
    Basic
    Availability
    Manager, Policy Manager

    clear service manager logging-level
    Clear the log levels of the manager service.
    Example
    nsx-manager-1> clear service manager logging-level
    Mode
    Basic
    Availability
    Manager

    clear service ntp start-on-boot
    Configure the NTP service to not start on boot.
    Example
    nsx> clear service ntp start-on-boot nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    clear service snmp start-on-boot
    Configure the snmp service to not start on boot.
    Example
    nsx> clear service snmp start-on-boot nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    clear service ssh start-on-boot
    Configure the SSH service to not start on boot.
    Example
    nsx> clear service ssh start-on-boot nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    clear user <username> password-expiration
    Disable password expiration for the user.
    Option Description
    <username> Username of user
    Example
    nsx> clear user audit password-expiration nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    copy file <filename> url <url>
    Copy a local file to a remote destination.
    Option Description
    <filename> Existing file argument
    <url> Remote file url (e.g. scp://username@ip_address/filepath/filename)
    Example
    nsx> copy file support-bundle-0.tgz url scp://admin@192.168.210.200/home/admin/ admin@192.168.210.200's password: nsx>
    Mode
    Basic
    Availability
    Controller, Edge, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    copy url <url> [file <filename>]
    Copy a remote file to the local file store. If no destination file is specified, the copied file has the same file name as the source file. You can use the file argument to specify a different destination file name.
    Option Description
    <url> Remote file url (e.g. scp://username@ip_address/filepath/filename)
    <filename> Filename argument
    Allowed pattern: ^[^/ *;&|]+$
    Example
    nsx> copy url scp://admin@192.168.210.200/home/admin/file-0.txt admin@192.168.210.200's password: nsx> or nsx> copy url scp://admin@192.168.210.200/home/admin/file-1.txt file newfile-1.txt admin@192.168.210.200's password: nsx>
    Mode
    Basic
    Availability
    Controller, Edge, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    deactivate cluster
    Remove all other management nodes from the cluster. This will effectively convert a multi-node management cluster into a single node setup. The system will prompt for confirmation for this operation. It is recommended to use GSS guidance before using this command.
    Example
    nsx-manager-1> deactivate cluster Are you sure you want to remove all other nodes from this cluster (yes/no) Cluster has been deactivated. nsx-manager-1>
    Mode
    Basic
    Availability
    Manager, Policy Manager

    del all capture sessions
    Delete all packet capture sessions.
    Example
    nsx-manager> del all capture sessions Session Count: 1 Session ID: 62fd4a28-5463-4f92-af34-42e55547ec7e Session Status: deleted Start Time: 2018-07-31 07:09:36 Stop Time: 2018-07-31 07:09:51 Request: Node: af1c570b-f78d-4ea3-8858-219f9fe73511 Capture Type: vmknic Capture Value: vmk0 Capture Direction: input Capture Mode: standalone
    Mode
    Basic
    Availability
    Manager

    del capture session <esx-session-id-arg>
    Delete a packet capture session configuration.
    Option Description
    <esx-session-id-arg> Packet Capture session id parameter
    Example
    esx-1> del capture session 1 esx-1>
    Mode
    Basic
    Availability
    ESXi

    del capture session <session-id-arg>
    Delete the specified packet capture session.
    Option Description
    <session-id-arg> Packet capture session id parameter
    Example
    nsx-manager> del capture session 2e4d5f24-88a9-4d88-8af0-e588833064d9 Session ID: 2e4d5f24-88a9-4d88-8af0-e588833064d9 Session Status: deleted Start Time: 2018-07-31 07:10:35 Stop Time: 2018-07-31 07:10:45 Request: Node: af1c570b-f78d-4ea3-8858-219f9fe73511 Capture Type: vmknic Capture Value: vmk0 Capture Direction: input Capture Mode: standalone
    Mode
    Basic
    Availability
    Manager

    del capture session <session-number>
    Delete a packet capture session configuration.
    Option Description
    <session-number> Session ID argument in numbers
    Allowed values: 1, 2, 3
    Example
    kvm-1> del capture session 1 kvm-1>
    Mode
    Basic
    Availability
    KVM

    del capture session <session-number>
    Delete a packet capture session configuration.
    Option Description
    <session-number> Session ID argument in numbers
    Allowed values: 1, 2, 3
    Example
    nsx-edge-1(path)> del capture session 1 nsx-edge-1(path)>
    Mode
    Path
    Availability
    Edge, Public Cloud Gateway

    del capture session <session-number>
    Delete a packet capture session configuration.
    Option Description
    <session-number> Session ID argument in numbers
    Allowed values: 1, 2, 3
    Example
    nsx-edge-1> del capture session 1 nsx-edge-1>
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    del capture session <session-number> interface <interface-name>
    Delete the specified interface from a packet capture session configuration. If you are only monitoring one interface, this deletes the monitoring session configuration.
    Option Description
    <session-number> Session ID argument in numbers
    Allowed values: 1, 2, 3
    <interface-name> Network interface argument
    Example
    kvm-1> del capture session 1 interface b592a7c8-4e21-493e-b0fc-0b1d152c949c kvm-1>
    Mode
    Basic
    Availability
    KVM

    del capture session <session-number> interface <port-uuid-name>
    Delete the specified interface from a packet capture session configuration. If you are only monitoring one interface, this deletes the monitoring session configuration.
    Option Description
    <session-number> Session ID argument in numbers
    Allowed values: 1, 2, 3
    <port-uuid-name> Datapath String argument
    Example
    nsx-edge-1> del capture session 1 interface fp-eth1 nsx-edge-1>
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    del file <filename>
    Delete a local file.
    Option Description
    <filename> Existing file argument
    Example
    nsx> del file support-bundle-0.tgz nsx>
    Mode
    Basic
    Availability
    Controller, Edge, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    del gateway certificate <ip-address>
    Delete the host's public cloud gateway certificate
    Option Description
    <ip-address> Network IP address argument
    Example
    host-1> del gateway certificate 13.14.41.34
    Mode
    Basic
    Availability
    NSX Cloud VM

    del gateway certificates
    Delete all the host's public cloud gateway certificates
    Example
    host-1> del gateway certificates
    Mode
    Basic
    Availability
    NSX Cloud VM

    del gw-controller vm-certificate <vm-id>
    Remove public cloud VM certificate
    Option Description
    <vm-id> VM ID
    Mode
    Basic
    Availability
    Public Cloud Gateway

    del image <image-name> version <image-version>
    Delete NSX Edge service container image. Only images that are not in use can be deleted.
    Option Description
    <image-name> Edge service container image name
    <image-version> Edge service container image version
    Example
    nsx-edge> del image nsx-edge-mdproxy version ob-22302541 Image deleted successfully
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    del logging-server <hostname-or-ip-address[:port]> proto <proto> level <level> [facility <facility>] [messageid <messageid>] [structured-data <structured-data>]
    Delete the specified logging server configuration. You can use the get logging-servers command to display the current logging server configuration.
    Option Description
    <hostname-or-ip-address[:port]> A hostname or IP address with optional port delimited by a colon
    <proto> Logging server protocol
    Allowed values: tcp, udp, tls, li, li-tls
    <level> Level of log entries to export
    Allowed values: emerg, alert, crit, err, warning, notice, info, debug
    <facility> Comma delimited list of facilities of log entries to export
    <messageid> Comma delimited list of MSGIDs of log entries to export
    <structured-data> Structured data of log entries to export
    Allowed pattern: ^(alarmId|alarmState|audit|comp|entId|eReqId|errorCode|eventFeatureName|eventId|eventSev|eventState|eventType|euser|level|nodeId|security|subcomp|s2comp|splitId|splitIndex|threadId|update|username)=.+$
    Example
    nsx> del logging-server 192.168.110.60 proto udp level info facility syslog messageid SYSTEM,FABRIC structured-data audit=true nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    del name-server <ip-address>
    Delete the specified name server from the DNS configuration.
    Option Description
    <ip-address> Name server IP address argument
    Example
    nsx> del name-server 192.168.110.11 nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    del nsx
    Destroy NSX environment on this host without removing its transport node from management plane. If there are no resources used by the NSX host switches, this command will delete the host switches and all NSX packages. If there are any resources on the host switches, the resources will first be migrated out of the NSX host switches and then the host switches and all NSX packages will be deleted.
    Example
    host-1> del nsx host-1>
    Mode
    Basic
    Availability
    ESXi, KVM

    del ntp-server <hostname-or-ip-address>
    Remove an existing NTP server.
    Option Description
    <hostname-or-ip-address> A hostname or IP address
    Example
    nsx-manager-1> del ntp-server 172.31.32.2 nsx-manager-1>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    del route prefix <prefix> gateway <gateway-ip> [interface <interface-name>]
    Delete the specified network route.
    Option Description
    <prefix> CIDR notation argument
    <gateway-ip> Gateway IP address argument
    <interface-name> Configurable network interface argument
    Example
    nsx> del route prefix 10.10.10.0/24 gateway 192.168.110.1 nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    del search-domains <domain>
    Delete the specified domain name from the DNS search list.
    Option Description
    <domain> Search domain argument
    Example
    nsx> del search-domains eng.example.com nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    del snmp v2-targets <hostname-or-ip-address[:port]>
    Delete SNMP v2 Trap Targets.
    Option Description
    <hostname-or-ip-address[:port]> A hostname or IP address with optional port delimited by a colon
    Example
    nsx> del snmp v3-targets 10.20.125.6:1162 nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    del snmp v3-targets <hostname-or-ip-address[:port]>
    Delete SNMP v3 Trap Targets.
    Option Description
    <hostname-or-ip-address[:port]> A hostname or IP address with optional port delimited by a colon
    Example
    nsx> del snmp v3-targets 10.20.125.6:1162 nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    del snmp v3-users <v3-user>
    Delete SNMP v3 Users.
    Option Description
    <v3-user> SNMP v3 user
    Allowed pattern: ^[\S]{1,32}$
    Example
    nsx> del snmp v3-users user1 nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    del ssh-known-host <hostname-or-ip-address[:port]>
    Delete the specified host entry from the SSH known hosts file.
    Option Description
    <hostname-or-ip-address[:port]> A hostname or IP address with optional port delimited by a colon
    Example
    nsx> del ssh-known-host 192.168.110.105 nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    del user <username> ssh-keys label <key-label> [password <password>]
    Delete any SSH key with specified label from specified user's authorized_keys file. If password is not provided in the command then you are prompted to enter it. Password is required only for users root and admin.
    Option Description
    <username> Username of user
    <key-label> Unique label for SSH key
    <password> Password of user
    Example
    nsx> del user admin ssh-keys label user1@domain1 password Pa$$w0rd nsx> or nsx> del user admin ssh-keys label user1@domain1 Password (required only for users root and admin): nsx>
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    detach management-plane <hostname-or-ip-address[:port]> username <username> thumbprint <thumbprint> [password <password>]
    Detach this hypervisor host from the management plane. You can specify any NSX Manager in the management cluster in this command.

    Use the API username and password for the specified NSX Manager. If you do not provide a password on the command line, you will be prompted to enter one.

    Get the NSX Manager thumbprint by running the get certificate api thumbprint command on the specified NSX Manager.

    Option Description
    <hostname-or-ip-address[:port]> Hostname or IP address of an NSX Manager and optional port
    <username> Manager API username
    <thumbprint> Manager API thumbprint
    <password> Manager API password
    Example
    host-1> detach management-plane 192.168.110.105 username admin thumbprint 898b75618e3e56615d53f987a720ff22b6381f4b85bec1eb973214ff7361f8b8 Password for API user: Node successfully removed
    Mode
    Basic
    Availability
    ESXi, KVM

    detach management-plane <hostname-or-ip-address[:port]> username <username> thumbprint <thumbprint> [password <password>]
    Detach this Edge from the management plane.
    Option Description
    <hostname-or-ip-address[:port]> Hostname or IP address of an NSX Manager and optional port
    <username> Manager API username
    <thumbprint> Manager API thumbprint
    <password> Manager API password
    Example
    nsx-edge> detach management-plane 192.168.110.105 username admin thumbprint 7f1374c339b592da504b352857a0bdc4e77b9b998a9971f9335633210f667c97 Password for API user: Node successfully deregistered
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    detach management-plane <ip-address[:port]> username <username> thumbprint <thumbprint> [password <password>]
    Detach this keymanager from the management plane. You can specify any NSX Manager in the management cluster in this command.

    Use the API username and password for the specified NSX Manager. If you do not provide a password on the command line, you will be prompted to enter one.

    Get the NSX Manager thumbprint by running the get certificate api thumbprint command on the specified NSX Manager.

    Option Description
    <ip-address[:port]> IP address of an NSX Manager and optional port
    <username> Manager API username
    <thumbprint> Manager API thumbprint
    <password> Manager API password
    Example
    nsx-keymanager-1> detach management-plane 192.168.110.105 username admin thumbprint fef089bbfbd2e10da6ee08c7ff4a95da1368587abfd2c6db59c8db540bc43e58 Password for API user: Node successfully unregistered and keymanager service stopped
    Mode
    Basic
    Availability
    Key Manager

    detach node <node-id>
    Detach the specified node from the cluster.
    Option Description
    <node-id> Node ID of cluster node to detach
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-manager-1> detach node ac5d4a62-3203-4b31-922e-d166a4f7e860 Node has been detached. Detached node must be deleted permanently. nsx-manager-1>
    Mode
    Basic
    Availability
    Manager, Policy Manager

    detach node <node-id> ignore-repository-ip-check
    Detach specified node from the cluster without checking repository-ip modification errors.
    Option Description
    <node-id> Node ID of cluster node to detach
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-manager-1> detach node ac5d4a62-3203-4b31-922e-d166a4f7e860 ignore-repository-ip-check Node has been detached. Detached node must be deleted permanently. nsx-manager-1>
    Mode
    Basic
    Availability
    Manager, Policy Manager

    display capture session <session-id-arg>
    Display the result of the specified packet capture session with the tcpdump command.
    Option Description
    <session-id-arg> Packet capture session id parameter
    Example
    nsx-manager> display capture session 0fea2cac-5a13-44cf-b92e-b63f69572268 reading from file /tmp/pktcap/0fea2cac-5a13-44cf-b92e-b63f69572268.pcap, link-type EN10MB (Ethernet) 07:10:46.513603 IP w1-mvpcloud-164.eng.vmware.com.31181 > nsx-controller-leng1.eng.vmware.com.1235: Flags [.], ack 2218716988, win 128, length 0 07:10:48.460753 IP w1-mvpcloud-164.eng.vmware.com.52976 > nsx-controller-leng4.eng.vmware.com.amqps: Flags [P.], seq 768580848:768580898, ack 2927523439, win 128, length 50 07:10:48.463135 IP w1-mvpcloud-164.eng.vmware.com.52976 > nsx-controller-leng4.eng.vmware.com.amqps: Flags [P.], seq 50:100, ack 554, win 128, length 50
    Mode
    Basic
    Availability
    Manager

    display capture session <session-id-arg> parameters <arguments>
    Display packet capture result with command tcpdump.
    Option Description
    <session-id-arg> Packet capture session id parameter
    <arguments> Packet capture option parameter
    Example
    nsx-manager-1> display capture session ed0a79df-4e4d-4784-9f2a-d14327e511a1 parameters -c 2 nsx-manager-1>
    Mode
    Basic
    Availability
    Manager

    down
    Move down the path. The arrow moves to show which interface is current.
    Example
    nsx-edge-1(path)> get path interface : de650f56-276d-46ef-959e-960752acfe19 interface : 140ca8de-61e0-4bba-b429-6a3791b0846a port : 9eff9e4e-9157-4107-a0dd-c79350dce6f7 port : 53bab4b1-f0df-451b-af80-0a9d5e580186 interface : 2a7bf881-1f89-4833-833e-47673b79901a interface : bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a port : 5b2068d0-8c28-4427-8be4-48f422f92309 port : eb3bd495-9ce3-40b4-a955-c2ddc4893cfa interface : 1fec3ffa-213d-4d2b-ae1b-e12857434846 interface : 13592f56-be3c-4d3d-88de-7d5825dd51bb port : c588fc5d-dd62-45b2-bc16-3dae466c16c7 ->port : 2120ef07-05e3-477f-8d96-e2be390784db interface : 3bbbd5e9-2ffe-4fb7-9edb-edc7bba67278 interface : dd10beb2-3673-43a5-b180-ecc46e830ee0 port : fdc429ef-d778-421b-bf84-e1063a7bf5ab nsx-edge-1(path)> down interface : de650f56-276d-46ef-959e-960752acfe19 interface : 140ca8de-61e0-4bba-b429-6a3791b0846a port : 9eff9e4e-9157-4107-a0dd-c79350dce6f7 port : 53bab4b1-f0df-451b-af80-0a9d5e580186 interface : 2a7bf881-1f89-4833-833e-47673b79901a interface : bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a port : 5b2068d0-8c28-4427-8be4-48f422f92309 port : eb3bd495-9ce3-40b4-a955-c2ddc4893cfa interface : 1fec3ffa-213d-4d2b-ae1b-e12857434846 interface : 13592f56-be3c-4d3d-88de-7d5825dd51bb port : c588fc5d-dd62-45b2-bc16-3dae466c16c7 port : 2120ef07-05e3-477f-8d96-e2be390784db ->interface : 3bbbd5e9-2ffe-4fb7-9edb-edc7bba67278 interface : dd10beb2-3673-43a5-b180-ecc46e830ee0 port : fdc429ef-d778-421b-bf84-e1063a7bf5ab
    Mode
    Path
    Availability
    Edge, Public Cloud Gateway

    exit
    Exit the VRF context mode if you are in it. Otherwise, exit the CLI.
    Example
    nsx-edge-1> vrf 1 nsx-edge-1(tier1_sr)> exit nsx-edge-1>
    Mode
    Availability
    Controller, Edge, ESXi, KVM, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get all capture sessions
    Display information for all packet capture sessions.
    Example
    nsx-manager> get all capture sessions Session Count: 1 Session ID: 0fea2cac-5a13-44cf-b92e-b63f69572268 Session Status: stopped Start Time: 2018-07-31 07:11:54 Stop Time: 2018-07-31 07:12:10 Request: Node: af1c570b-f78d-4ea3-8858-219f9fe73511 Capture Type: vmknic Capture Value: vmk0 Capture Direction: input Capture Mode: standalone
    Mode
    Basic
    Availability
    Manager

    get arp-table
    Display the ARP table.
    Example
    nsx-manager-1> get arp-table Protocol Address Hardware Addr Type Interface Internet 192.168.110.201 00:50:56:a9:8a:8c ether eth0 Internet 192.168.110.101 00:50:56:a9:45:29 ether eth0 Internet 192.168.110.1 68:ef:bd:4e:98:7f ether eth0 Internet 192.168.110.10 00:50:56:a6:e0:14 ether eth0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get arp-table
    Display the ARP table.
    Example
    nsx-manager-1> get arp-table Protocol Address Hardware Addr Type Interface Internet 192.168.110.201 00:50:56:a9:8a:8c ether eth0 Internet 192.168.110.101 00:50:56:a9:45:29 ether eth0 Internet 192.168.110.1 68:ef:bd:4e:98:7f ether eth0 Internet 192.168.110.10 00:50:56:a6:e0:14 ether eth0
    Mode
    Basic
    Availability
    Controller, Key Manager, Manager, Policy Manager

    get auth-policy api lockout-period
    Get the amount of time, in seconds, that an account will remain locked out of the API after exceeding the maximum number of failed authentication attempts.
    Example
    nsx> get auth-policy api lockout-period 900 seconds
    Mode
    Basic
    Availability
    Manager, Policy Manager

    get auth-policy api lockout-reset-period
    In order to trigger an account lockout, all authentication failures must occur in this time window. If the reset period exprires, the failed login count is reset to zero.
    Example
    nsx> get auth-policy api lockout-reset-period 900 seconds
    Mode
    Basic
    Availability
    Manager, Policy Manager

    get auth-policy api max-auth-failures
    Get the number of failed API authentication attempts that are allowed before the account is locked. If set to 0, account lockout is disabled.
    Example
    nsx> get auth-policy api max-auth-failures 5
    Mode
    Basic
    Availability
    Manager, Policy Manager

    get auth-policy cli lockout-period
    Get the amount of time, in seconds, that an account will remain locked out of the CLI after exceeding the maximum number of failed authentication attempts.
    Example
    nsx> get auth-policy cli lockout-period 900 seconds
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get auth-policy cli max-auth-failures
    Get the number of failed CLI authentication attempts that are allowed before the account is locked. If set to 0, account lockout is disabled.
    Example
    nsx> get auth-policy cli max-auth-failures 3
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get auth-policy minimum-password-length
    Get the minimum number of characters that passwords must have.
    Example
    nsx> get auth-policy minimum-password-length 8 characters
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get auth-policy vidm
    Get the vidm's properties.
    Example
    nsx-manager-1> get auth-policy vidm nsx-manager-1> LB enabled: True vIDM Enabled: True Hostname: jt-vidm.eng.vmware.com Thumbprint: 898b75618e3e56615d53f987a720ff22b6381f4b85bec1eb973214ff7361f8b8 Client Id: OAuth2Client_NsxClientId Node Hostname: jt-nsx.eng.vmware.com
    Mode
    Basic
    Availability
    Manager, Policy Manager

    get bfd-config
    Display parameters defined in global logical router BFD
    Example
    nsx-edge(tier0_sr)> get bfd-config Logical Router UUID : d4c86bd9-cb52-4f38-b6b9-3bf521fa27f8 vrf : 6 lr-id : 6 name : type : SERVICE_ROUTER_TIER0 BFD global configuration Enabled : True Min RX Interval: 1000 Min TX Interval: 1000 Min RX TTL : 255 Multiplier : 3 Port : 4451c48f-8cff-4444-8e10-bff403783dca BFD session configuration Source : 192.168.50.1 Peer : 192.168.50.10 Enabled : True Min RX Interval: 1000 Min TX Interval: 1000 RX TTL : 255 Multiplier : 3 Source : 192.168.50.1 Peer : 192.168.50.20 Enabled : True Min RX Interval: 3000 Min TX Interval: 3000 RX TTL : 255 Multiplier : 5
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bfd-session local-ip <ip-address> remote-ip <ip-address>
    Display information about the specified BFD session.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get bfd-session local-ip 192.168.250.60 remote-ip 192.168.250.61 BFD Session Diag : Control Detection Time Expired(from local) Forwarding : last true (current true) Last_down_time : 2016-02-09 22:38:47 Last_up_time : 2016-02-09 22:38:52 Local_address : 192.168.250.60 Remote_address : 192.168.250.61 Remote_diag : No Diagnostic Remote_state : up Rx_cfg_min : 500 Rx_interval : 500 State : up Tx_cfg_min : 100 Tx_interval : 500
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get bfd-session local-ip <ip-address> remote-ip <ip-address> stats
    Display statistics for the specified BFD session.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get bfd-session local-ip 192.168.250.60 remote-ip 192.168.250.61 stats BFD Session Admin_down_count : 0 Cpath_down_count : 0 Down_count : 1 Local_address : 192.168.250.60 Remote_address : 192.168.250.61 Rx_drop : 0 Rx_drop_admin_down : 0 Rx_drop_auth_set : 0 Rx_drop_bad_version : 0 Rx_drop_intf_unmatch : 0 Rx_drop_multipoint_set: 0 Rx_drop_null_my_disc : 0 Rx_drop_null_your_disc: 0 Rx_drop_pkt_len_unmatch: 0 Rx_drop_pkt_too_short: 0 Rx_drop_rx_ttl_small : 0 Rx_drop_your_disc_unmatch: 0 Rx_drop_zero_multipier: 0 Rx_packets : 44993 Tx_error : 0 Tx_packets : 49249 Up_count : 2
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get bfd-sessions
    Display information about BFD sessions.
    Example
    nsx-edge-1> get bfd-sessions BFD Session Diag : Control Detection Time Expired(from local) Forwarding : last true (current true) Last_down_time : 2016-02-09 22:38:47 Last_up_time : 2016-02-09 22:38:52 Local_address : 192.168.250.60 Remote_address : 192.168.250.62 Remote_diag : No Diagnostic Remote_state : up Rx_cfg_min : 500 Rx_interval : 500 State : up Tx_cfg_min : 100 Tx_interval : 500 BFD Session Diag : Control Detection Time Expired(from local) Forwarding : last true (current true) Last_down_time : 2016-02-09 22:38:47 Last_up_time : 2016-02-09 22:38:52 Local_address : 192.168.250.60 Remote_address : 192.168.250.61 Remote_diag : No Diagnostic Remote_state : up Rx_cfg_min : 500 Rx_interval : 500 State : up Tx_cfg_min : 100 Tx_interval : 500
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get bfd-sessions [stats]
    Display BFD sessions in a logical router
    Example
    nsx-edge(tier0_sr)> get bfd-sessions BFD Session Dest_port : 3784 Diag : No Diagnostic Encap : vlan Forwarding : last false (current false) Interface : 4451c48f-8cff-4444-8e10-bff403783dca Last_cp_diag : No Diagnostic Last_cp_rmt_diag : No Diagnostic Last_cp_rmt_state : admin_down Last_cp_state : admin_down Last_fwd_state : NONE Local_address : 192.168.50.1 Local_discr : 2830404107 Min_rx_ttl : 255 Multiplier : 5 Prev_failure_diag : No Diagnostic Received_remote_diag : No Diagnostic Received_remote_state : down Remote_address : 192.168.50.20 Remote_admin_down : false Remote_diag : No Diagnostic Remote_discr : 0 Remote_min_rx_interval : 0 Remote_min_tx_interval : 0 Remote_multiplier : 0 Remote_state : down Rx_cfg_min : 3000 Rx_interval : 3000 Session_type : LR_PORT State : down Tx_cfg_min : 3000 Tx_interval : 3000 . . .
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bfd-sessions stats
    Display the BFD sessions statistics.
    Example
    nsx-edge-1> get bfd-sessions stats BFD Global Counters Bfd_sessions_count : 2 Last_notify_time : 2016-02-09 22:38:52 Last_nsxa_msg_receive_time: 2016-02-09 22:38:52 Nsxa_connect_count : 1 Nsxa_disconnect_count: 0 Nsxa_err_msg_receive_count: 0 Nsxa_msg_receive_count: 166085 Nsxa_notify_count : 107287 Rx_drop_bad_csum : 0 Rx_drop_count : 32 Rx_drop_intf_type : 0 Rx_drop_ip_mismatch : 0 Rx_drop_non_bfd : 0 Rx_drop_non_udp : 0 Rx_drop_null_bfd_session: 32 Rx_drop_null_intf : 0 Rx_drop_runt_pkt : 0 Rx_drop_udp_len : 0 BFD Session Admin_down_count : 0 Cpath_down_count : 0 Down_count : 1 Local_address : 192.168.250.60 Remote_address : 192.168.250.62 Rx_drop : 0 Rx_drop_admin_down : 0 Rx_drop_auth_set : 0 Rx_drop_bad_version : 0 Rx_drop_intf_unmatch : 0 Rx_drop_multipoint_set: 0 Rx_drop_null_my_disc : 0 Rx_drop_null_your_disc: 0 Rx_drop_pkt_len_unmatch: 0 Rx_drop_pkt_too_short: 0 Rx_drop_rx_ttl_small : 0 Rx_drop_your_disc_unmatch: 0 Rx_drop_zero_multipier: 0 Rx_packets : 44754 Tx_error : 0 Tx_packets : 48989 Up_count : 2 . . .
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get bgp
    Display all IPv4 & IPv6 BGP routes.
    Example
    nsx-edge-1(tier0_sr)> get bgp BGP table version is 1, local router ID is 50.50.50.1 Status flags: > - best, I - internal Origin flags: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path > 111.111.0.0/16 100.64.0.1 0 100 32768 2000 ? > 2003::/24 :: 0 100 32768 2000 ? > 2002::/64 fca9:1c1c:96b2:e000::2 0 100 32768 2000 ? > 2001::/64 fca9:1c1c:96b2:e000::2 0 100 32768 2000 ?
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp <prefix>
    Display detailed information about BGP IPv4 route.
    Option Description
    <prefix> Network Address argument
    Example
    nsx-edge-1(tier0_sr)> get bgp 111.111.0.0/16 BGP routing table entry for 111.111.0.0/16 Prefix advertised to: 50.50.50.10 1 Paths available: Origin incomplete, Metric 0, LocalPref 100, Weight 32768, best, valid Peer is 0.0.0.0 with router id 50.50.50.1 Last Updated: Sat Dec 8 03:54:07 2018
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp <prefix>
    Display detailed information about BGP IPv6 route.
    Option Description
    <prefix> Network Address argument
    Example
    nsx-edge-1(tier0_sr)> get bgp 2003::/24 BGP routing table entry for 2003::/24 Prefix advertised to: 1 Paths available: Origin incomplete, Metric 0, LocalPref 100, Weight 32768, best, valid Peer is :: with router id 50.50.50.1 Last Updated: Sat Dec 8 03:54:06 2018
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp community { NO_EXPORT | NO_ADVERTISE | NO_EXPORT_SUBCONFED | AA:NN }
    Display all BGP NLRI matching the community.
    Option Description
    <bgp-community> BGP community argument, either NO_EXPORT, NO_ADVERTISE, NO_EXPORT_SUBCONFED or community in AA:NN format
    Example
    nsx-edge-1(tier0_sr)> get bgp community 1:1 BGP table version is 1, local router ID is 50.50.50.1 Status flags: > - best, I - internal Origin flags: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path > 111.111.0.0/16 100.64.0.1 0 100 32768 2000 ? > 2003::/24 :: 0 100 32768 2000 ?
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp evpn
    Display BGP EVPN routes.
    Example
    EVPN-M0-EDGE-ONE(tier0_sr)> get bgp evpn BGP table version is 4, local router ID is 20.20.20.10 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete EVPN type-2 prefix: [2]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP] EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP] EVPN type-4 prefix: [4]:[ESI]:[IPlen]:[OrigIP] EVPN type-5 prefix: [5]:[EthTag]:[IPlen]:[IP] Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 12.1.1.2:2 *> [5]:[0]:[32]:[12.1.1.2] 70.1.1.2 0 0 200 ? *> [5]:[0]:[32]:[80.1.1.1] 70.1.1.2 0 0 200 i *> [5]:[0]:[32]:[81.1.1.1] 70.1.1.2 0 0 200 i *> [5]:[0]:[32]:[87.1.1.1] 70.1.1.2 0 0 200 i Displayed 4 prefixes (4 paths)
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp evpn overlay
    Display BGP EVPN overlay information for all RDs.
    Example
    EVPN-M0-EDGE-ONE(tier0_sr)> get bgp evpn overlay Route Distinguisher: as2 0:0 *> [5]:[0]:[24]:[101.1.1.0] 0.0.0.0 00:00:00:00:00:00:00:00:00:00/0.0.0.0 *> [5]:[0]:[32]:[12.12.12.12] 0.0.0.0 00:00:00:00:00:00:00:00:00:00/0.0.0.0 Route Distinguisher: ip 100.1.1.2:2 *> [5]:[0]:[24]:[100.1.1.0] 5.1.1.2 00:00:00:00:00:00:00:00:00:00/0.0.0.0/92:fc:ee:ac:51:61 *> [5]:[0]:[32]:[11.11.11.11] 5.1.1.2 00:00:00:00:00:00:00:00:00:00/0.0.0.0/92:fc:ee:ac:51:61 Route Distinguisher: ip 101.1.1.3:2 *> [5]:[0]:[24]:[101.1.1.0] 6.1.1.2 00:00:00:00:00:00:00:00:00:00/0.0.0.0/1a:de:dd:e7:46:b7 *> [5]:[0]:[32]:[12.12.12.12] 6.1.1.2 00:00:00:00:00:00:00:00:00:00/0.0.0.0/1a:de:dd:e7:46:b7 Route Distinguisher: ip 150.1.1.2:4 Displayed 7 out of 7 total prefixes
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp evpn vni
    Display BGP EVPN VNI information.
    Example
    EVPN-M0-EDGE-ONE(tier0_sr)> get bgp evpn vni Advertise Gateway Macip: Disabled Advertise All VNI flag: Enabled BUM flooding: Head-end replication Number of L2 VNIs: 0 Number of L3 VNIs: 1 Flags: * - Kernel VNI Type RD Import RT Export RT Tenant VRF * 10001 L3 101.1.1.3:2 1:500 1:500 vrf-blue
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp ipv4
    Display all IPv4 BGP routes.
    Example
    nsx-edge-1(tier0_sr)> get bgp ipv4 BGP table version is 1, local router ID is 50.50.50.1 Status flags: > - best, I - internal Origin flags: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path > 111.111.0.0/16 100.64.0.1 0 100 32768 2000 ?
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp ipv6
    Display all IPv6 BGP routes.
    Example
    nsx-edge-1(tier0_sr)> get bgp ipv6 BGP table version is 3, local router ID is 50.50.50.1 Status flags: > - best, I - internal Origin flags: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path > 2003::/24 :: 0 100 32768 2000 ? > 2002::/64 fca9:1c1c:96b2:e000::2 0 100 32768 2000 ? > 2001::/64 fca9:1c1c:96b2:e000::2 0 100 32768 2000 ?
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp large-community <bgp-large-community>
    Display all BGP NLRI matching the large-community.
    Option Description
    <bgp-large-community> BGP large-community argument in AA:BB:CC format
    Example
    nsx-edge-1(tier0_sr)> get bgp large-community 1:1:1 BGP table version is 1, local router ID is 50.50.50.1 Status flags: > - best, I - internal Origin flags: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path > 111.111.0.0/16 100.64.0.1 0 100 32768 2000 ? > 2003::/24 :: 0 100 32768 2000 ?
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp neighbor
    Display all BGP neighbor information.
    Example
    nsx-edge-1(tier0_sr)> get bgp neighbor BGP neighbor is 50.50.50.10, remote AS 1000, local AS 2000, external link Hostname: prome-mdt-dhcp412 BGP version 4, remote router ID 50.50.50.10, local router ID 50.50.50.1 BGP state = Established, up for 2d13h18m Last read 00:00:00, Last write 00:00:02 Hold time is 180, keepalive interval is 60 seconds Configured hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: 4 Byte AS: advertised and received AddPath: IPv4 Unicast: RX advertised IPv4 Unicast and received Route refresh: advertised and received(old & new) Address Family IPv4 Unicast: advertised and received Hostname Capability: advertised (name: nsx-edge-1,domain name: n/a) received (name: prome-mdt-dhcp412,domain name: n/a) Graceful Restart Capabilty: advertised and received Remote Restart timer is 120 seconds Address families by peer: none Graceful restart informations: End-of-RIB send: IPv4 Unicast End-of-RIB received: IPv4 Unicast Message statistics: Inq depth is 0 Outq depth is 0 Sent Rcvd Opens: 14 13 Notifications: 2 16 Updates: 10 10 Keepalives: 3822 3817 Route Refresh: 0 0 Capability: 0 0 Total: 3848 3856 Minimum time between advertisement runs is 0 seconds Update source is 50.50.50.1 For address family: IPv4 Unicast Update group 49, subgroup 49 Packet Queue length 0 Community attribute sent to this neighbor(all) 0 accepted prefixes Connections established 6; dropped 5 Last reset 2d13h18m, due to Interface down Local host: 50.50.50.1, Local port: 179 Foreign host: 50.50.50.10, Foreign port: 39948 Nexthop: 50.50.50.1 Nexthop global: 2005::2828:2801 Nexthop local: fe80::53ff:feb2:c1ad BGP connection: shared network BGP Connect Retry Timer in Seconds: 120 Estimated round trip time: 1 ms Read thread: on Write thread: on BFD Status: peer 50.50.50.10 status down
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp neighbor <ip-address>
    Display information about a specifie BGP neighbor.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1(tier0_sr)> get bgp neighbor 50.50.50.10 BGP neighbor is 50.50.50.10, remote AS 1000, local AS 2000, external link Hostname: prome-mdt-dhcp412 BGP version 4, remote router ID 50.50.50.10, local router ID 50.50.50.1 BGP state = Established, up for 2d13h46m Last read 00:00:30, Last write 00:00:32 Hold time is 180, keepalive interval is 60 seconds Configured hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: 4 Byte AS: advertised and received AddPath: IPv4 Unicast: RX advertised IPv4 Unicast and received Route refresh: advertised and received(old & new) Address Family IPv4 Unicast: advertised and received Hostname Capability: advertised (name: nsx-edge-1,domain name: n/a) received (name: prome-mdt-dhcp412,domain name: n/a) Graceful Restart Capabilty: advertised and received Remote Restart timer is 120 seconds Address families by peer: none Graceful restart informations: End-of-RIB send: IPv4 Unicast End-of-RIB received: IPv4 Unicast Message statistics: Inq depth is 0 Outq depth is 0 Sent Rcvd Opens: 14 13 Notifications: 2 16 Updates: 10 10 Keepalives: 3850 3845 Route Refresh: 0 0 Capability: 0 0 Total: 3876 3884 Minimum time between advertisement runs is 0 seconds Update source is 50.50.50.1 For address family: IPv4 Unicast Update group 49, subgroup 49 Packet Queue length 0 Community attribute sent to this neighbor(all) 0 accepted prefixes Connections established 6; dropped 5 Last reset 2d13h46m, due to Interface down Local host: 50.50.50.1, Local port: 179 Foreign host: 50.50.50.10, Foreign port: 39948 Nexthop: 50.50.50.1 Nexthop global: 2005::2828:2801 Nexthop local: fe80::53ff:feb2:c1ad BGP connection: shared network BGP Connect Retry Timer in Seconds: 120 Estimated round trip time: 1 ms Read thread: on Write thread: on BFD Status: peer 50.50.50.10 status down
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp neighbor <ip-address> advertised-routes
    Display routes advertised to a BGP neighbor.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1(tier0_sr)> get bgp neighbor 50.50.50.10 advertised-routes BGP table version is 1, local router ID is 50.50.50.1 Status flags: > - best, I - internal Origin flags: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path > 111.111.0.0/16 100.64.0.1 0 100 32768 2000 ?
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp neighbor <ip-address> routes
    Display routes learnt from a BGP neighbor.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1(tier0_sr)> get bgp neighbor 50.50.50.10 routes BGP table version is 1, local router ID is 50.50.50.1 Status flags: > - best, I - internal Origin flags: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path > 11.11.0.0/16 100.64.0.2 0 100 32768 2000 ?
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp neighbor summary
    Display summarized BGP neighbor information.
    Example
    nsx-edge-1(tier0_sr)> get bgp neighbor summary BFD States: NC - Not configured, AC - Activating,DC - Disconnected AD - Admin down, DW - Down, IN - Init,UP - Up BGP summary information for VRF default for address-family: ipv4Unicast Router ID: 50.50.50.1 Local AS: 2000 Neighbor AS State Up/DownTime BFD InMsgs OutMsgs InPfx OutPfx 50.50.50.10 1000 Estab 2d13h52m DW 3890 3882 0 1 BFD States: NC - Not configured, AC - Activating,DC - Disconnected AD - Admin down, DW - Down, IN - Init,UP - Up BGP summary information for VRF default for address-family: ipv6Unicast Router ID: 50.50.50.1 Local AS: 2000 Neighbor AS State Up/DownTime BFD InMsgs OutMsgs InPfx OutPfx 2005::2828:280a 1000 Idle never NC 0 0 0 0
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bgp neighbor summary <address-family>
    Display summarized BGP neighbor information for a given address-family.
    Option Description
    <address-family> BGP address family argument
    Allowed values: ipv4, ipv6, evpn
    Example
    nsx-edge-1(tier0_sr)> get bgp neighbor summary evpn BFD States: NC - Not configured, AC - Activating,DC - Disconnected AD - Admin down, DW - Down, IN - Init,UP - Up BGP summary information for VRF default for address-family: l2VpnEvpn Router ID: 150.1.1.3 Local AS: 200 Neighbor AS State Up/DownTime BFD InMsgs OutMsgs InPfx OutPfx 150.1.1.2 100 Estab 10:32:15 NC 762 765 3 7
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get bond <bond name> [stats]
    Display the bond interface with the specified name. Specify the stats argument to display the statistics for the interface.
    Option Description
    <bond-name> Datapath device name argument
    Example
    nsx-edge-1> get bond bond0 Bond Hash algorithm : layer 2+3+4 Mode : lacp active Name : bond0 Port id : 2 Slaves : Name : fp-eth0 LACP state : Local admin key : 11 Local oper key : 11 Local oper port state : ACT FTO AGG DEF Local port internal state: LACP_ENABLED Local port number : 1 Local port priority : 255 Local port rx machine state: DEFAULTED Local timeout cfg : fast Partner age in sec : 2 Partner device id : 00:00:00:00:00:00 Partner mode : LACP passive Partner oper key : 0 Partner oper port state: Partner port number : 0 Partner port priority : 0 Partner timeout cfg : slow State : stand-alone State : active Name : fp-eth1 LACP state : Local admin key : 11 Local oper key : 11 Local oper port state : ACT FTO AGG DEF Local port internal state: LACP_ENABLED Local port number : 2 Local port priority : 255 Local port rx machine state: DEFAULTED Local timeout cfg : fast Partner age in sec : 2 Partner device id : 00:00:00:00:00:00 Partner mode : LACP passive Partner oper key : 0 Partner oper port state: Partner port number : 0 Partner port priority : 0 Partner timeout cfg : slow State : stand-alone State : active Status : up nsx-edge-1> get bond bond0 stats Bond Name : bond0 Slaves : Name : fp-eth0 LACP drops : 0 Rx LACP errors : 0 Rx LACP pdus : 10 Tx LACP errors : 0 Tx LACP pdus : 10 Name : fp-eth1 LACP drops : 0 Rx LACP errors : 0 Rx LACP pdus : 10 Tx LACP errors : 0 Tx LACP pdus : 10 name : bond0 rx_bytes : 1488 rx_drop_no_match : 0 rx_errors : 0 rx_misses : 0 rx_nombufs : 0 rx_packets : 12 tx_bytes : 0 tx_drops : 0 tx_errors : 0 tx_packets : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get bonds [stats]
    Display all bond interfaces. Specify the stats argument to display the statistics for the interfaces.
    Example
    nsx-edge-1> get bonds Bond Hash algorithm : layer 2+3+4 Mode : lacp active Name : bond0 Port id : 2 Slaves : Name : fp-eth0 LACP state : Local admin key : 11 Local oper key : 11 Local oper port state : ACT FTO AGG DEF Local port internal state: LACP_ENABLED Local port number : 1 Local port priority : 255 Local port rx machine state: DEFAULTED Local timeout cfg : fast Partner age in sec : 2 Partner device id : 00:00:00:00:00:00 Partner mode : LACP passive Partner oper key : 0 Partner oper port state: Partner port number : 0 Partner port priority : 0 Partner timeout cfg : slow State : stand-alone State : active Name : fp-eth1 LACP state : Local admin key : 11 Local oper key : 11 Local oper port state : ACT FTO AGG DEF Local port internal state: LACP_ENABLED Local port number : 2 Local port priority : 255 Local port rx machine state: DEFAULTED Local timeout cfg : fast Partner age in sec : 2 Partner device id : 00:00:00:00:00:00 Partner mode : LACP passive Partner oper key : 0 Partner oper port state: Partner port number : 0 Partner port priority : 0 Partner timeout cfg : slow State : stand-alone State : active Status : up nsx-edge-1> get bonds stats Bond Name : bond0 Slaves : Name : fp-eth0 LACP drops : 0 Rx LACP errors : 0 Rx LACP pdus : 10 Tx LACP errors : 0 Tx LACP pdus : 10 Name : fp-eth1 LACP drops : 0 Rx LACP errors : 0 Rx LACP pdus : 10 Tx LACP errors : 0 Tx LACP pdus : 10 name : bond0 rx_bytes : 1488 rx_drop_no_match : 0 rx_errors : 0 rx_misses : 0 rx_nombufs : 0 rx_packets : 12 tx_bytes : 0 tx_drops : 0 tx_errors : 0 tx_packets : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get bridge <uuid>
    Display information about the specified bridge.
    Option Description
    <uuid> UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    esx-1> get bridge 69377c84-c661-4935-956b-e42399411b2b Bridge ------------------------------------------------------------------------------------- Bridge UUID : 69377c84-c661-4935-956b-e42399411b2b DVS name : nsxvswitch Ref count : 2 Number of networks : 2 Number of uplinks : 0
    Mode
    Basic
    Availability
    ESXi

    get bridge <uuid> mac-table
    Display MAC table for the specified bridge.
    Option Description
    <uuid> UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    esx-1> get bridge 255e190d-2a9e-4ca0-917e-80dfbb89ac34 mac-table Bridge MAC Table ----------------------------------------------------------------------------------------------- MAC Address Type VLAN ID VXLAN ID Destination Port Age =============================================================================================== 00:50:56:86:7c:9f Dynamic 0 33672 50331650 2 00:50:56:86:ee:f1 Dynamic 16 0 50331650 2
    Mode
    Basic
    Availability
    ESXi

    get bridge <uuid> networks
    Display networks on the specified bridge.
    Option Description
    <uuid> UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    esx-1> get bridge 69377c84-c661-4935-956b-e42399411b2b networks Bridge Networks ----------------------------------------------------------------------------------------------- Network name : vxlan-48009-type-bridging Ref count : 2 Network type : 1 VLAN ID : 0 VXLAN ID : 48009 Ageing time : 300 Fdb entry hold time : 1 FRP filter enable : True port ID : 50331679 Ref count : 1 VLAN ID : 4095 IOChains installed : 0 Network name : vlan-150-type-bridging Ref count : 2 Network type : 1 VLAN ID : 150 VXLAN ID : 0 Ageing time : 300 Fdb entry hold time : 1 FRP filter enable : True port ID : 50331679 Ref count : 1 VLAN ID : 4095 IOChains installed : 0
    Mode
    Basic
    Availability
    ESXi

    get bridges
    Display information about bridges on this bridge node.
    Example
    esx-1> get bridges Bridges Summary ---------------------------------------------------------------------- Bridge UUID Number of networks Ref count 69377c84-c661-4935-956b-e42399411b2b 2 1
    Mode
    Basic
    Availability
    ESXi

    get capture session <esx-session-id-arg>
    Display information about the specified packet capture session.
    Option Description
    <esx-session-id-arg> Packet Capture session id parameter
    Example
    esx-1> get capture session 1 Packet Capture Session ID : 1 PORT : b2dce32f-8312-4c10-a7fe-320d4cb226ff VNI : 24580
    Mode
    Basic
    Availability
    ESXi

    get capture session <session-id-arg>
    Display information for the specified packet capture session.
    Option Description
    <session-id-arg> Packet capture session id parameter
    Example
    nsx-manager-leng5> get capture session 0fea2cac-5a13-44cf-b92e-b63f69572268 Session ID: 0fea2cac-5a13-44cf-b92e-b63f69572268 Session Status: stopped Start Time: 2018-07-31 07:11:54 Stop Time: 2018-07-31 07:12:10 Request: Node: af1c570b-f78d-4ea3-8858-219f9fe73511 Capture Type: vmknic Capture Value: vmk0 Capture Direction: input Capture Mode: standalone
    Mode
    Basic
    Availability
    Manager

    get capture session <session-number>
    Display information about the specified packet capture session.
    Option Description
    <session-number> Session ID argument in numbers
    Allowed values: 1, 2, 3
    Example
    nsx-edge-1> get capture session 1 Packet Capture Session ID : 1 PORTS : ['fp-eth0', 'fp-eth1']
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get capture session <session-number>
    Display information about the specified packet capture session.
    Option Description
    <session-number> Session ID argument in numbers
    Allowed values: 1, 2, 3
    Example
    kvm-1> get capture session 1 Packet Capture Session ID : 1 PORTS : ['b592a7c8-4e21-493e-b0fc-0b1d152c949c']
    Mode
    Basic
    Availability
    KVM

    get capture sessions
    Display configured packet capture sessions.
    Example
    esx-1> get capture sessions Packet Capture Session ID : 0 PORT : b2dce32f-8312-4c10-a7fe-320d4cb226ff VNI : 24580 Packet Capture Session ID : 1 PORT : 10 Packet Capture Session ID : 2 TRACE : True Packet Capture Session ID : 3 PORT : uplink1
    Mode
    Basic
    Availability
    ESXi

    get capture sessions
    Display configured packet capture sessions. Session 0 is reserved for captures started with the start capture interface <interface-name> command.
    Example
    kvm-1> get capture sessions Packet Capture Session ID : 0 PORTS : [] Packet Capture Session ID : 1 PORTS : ['b592a7c8-4e21-493e-b0fc-0b1d152c949c'] Packet Capture Session ID : 2 PORTS : ['b592a7c8-4e21-493e-b0fc-0b1d152c949c', 'd0c59cee-6095-5eeb-815b-ae6732d749e4'] Packet Capture Session ID : 3 PORTS : []
    Mode
    Basic
    Availability
    KVM

    get capture sessions
    Display configured packet capture sessions. Session 0 is reserved for captures started with the start capture interface <interface-name> command.
    Example
    nsx-edge-1> get capture sessions Packet Capture Session ID : 0 PORTS : [] Packet Capture Session ID : 1 PORTS : ['fp-eth0', 'fp-eth1'] Packet Capture Session ID : 2 PORTS : ['d0c59cee-6095-5eeb-815b-ae6732d749e4'] Packet Capture Session ID : 3 PORTS : []
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get certificate api
    Display the API server's certificate.
    Example
    nsx-manager-1> get certificate api -----BEGIN CERTIFICATE----- MIIDfzCCAmegAwIBAgIEVQEDTTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzELMAkGA1UE ... /JbzbimmEgaC3Yy5rOZXUnhn+dANkUShIeGIpOnH7rpLrrPYcB1Hx31jieY= -----END CERTIFICATE-----
    Mode
    Basic
    Availability
    Manager, Policy Manager

    get certificate api thumbprint
    Display the API server's certificate thumbprint.
    Example
    nsx-manager-1> get certificate api thumbprint 82d99b793ff84f1f1f01f420656975522a03b9bebe87c50bcff80e7d3ebe8705
    Mode
    Basic
    Availability
    Manager, Policy Manager

    get certificate cluster
    Display the clsuter certificate.
    Example
    nsx-manager-1> get certificate cluster -----BEGIN CERTIFICATE----- MIIDfjCCAmagAwIBAgIETzOK8zANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJV ... QaWyyFxNFfuCLibJPuiO5scGJmGB6UvZLGt/7stcuLIQ3A== -----END CERTIFICATE-----
    Mode
    Basic
    Availability
    Manager, Policy Manager

    get certificate cluster text
    Display the cluster certificate text.
    Example
    nsx-manager-1> get certificate cluster text Certificate: Data: Version: 3 (0x2) Serial Number: 897458966 (0x357e2316) Signature Algorithm: sha256 Issuer: C=US, ST=CA, L=Palo Alto, O=VMware Inc., OU=NSX, CN=localhost.nsxmanager Validity Not Before: Nov 18 09:38:43 2019 GMT Not After : Nov 15 09:38:43 2029 GMT Subject: C=US, ST=CA, L=Palo Alto, O=VMware Inc., OU=NSX, CN=localhost.nsxmanager ... -----BEGIN CERTIFICATE----- MIIDfjCCAmagAwIBAgIETzOK8zANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJV ... QaWyyFxNFfuCLibJPuiO5scGJmGB6UvZLGt/7stcuLIQ3A== -----END CERTIFICATE-----
    Mode
    Basic
    Availability
    Manager, Policy Manager

    get cgroup <uuid> [<translation-type>]
    Display the translations for the specified container group. Optionally specify a translation type to display translations of that type.
    Option Description
    <uuid> Cgroup identifier
    <translation-type> Translation type
    Allowed values: logical-objects, ips, vifs, macs, tns, vms
    Example
    nsx-controller-1> get cgroup 5539c4dc-621e-4d8b-8a40-2ee299f1ec73 logical-objects id: 5539c4dc-621e-4d8b-8a40-2ee299f1ec73, type: Container, name: testNSGroup6 id: 34adf781-4fc1-4418-a63d-72e2d4fb9786, type: LogicalSwitchPort
    Mode
    Basic
    Availability
    Controller

    get cgroups
    Display all container groups.
    Example
    nsx-controller-1> get cgroups id: 9e0b012c-c93c-4693-9c32-f9e29b7aa928, type: Container, name: Edge_NSGroup id: 5539c4dc-621e-4d8b-8a40-2ee299f1ec73, type: Container, name: testNSGroup6 id: 8eeb7875-ef19-4d91-9e5d-a5690914338f, type: Container, name: ServiceInsertion_NSGroup
    Mode
    Basic
    Availability
    Controller

    get cgroups with ip <ip-address>
    Display container groups with the specified IP address.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-controller-1> get cgroups with ip 192.168.1.123 id: 5539c4dc-621e-4d8b-8a40-2ee299f1ec73, type: Container, name: testNSGroup6 id: 141e822d-c0eb-4bb3-ba8d-61c58379c928, type: LogicalSwitch id: 192.168.1.123/32, type: IpSpec id: 34adf781-4fc1-4418-a63d-72e2d4fb9786, type: LogicalSwitchPort
    Mode
    Basic
    Availability
    Controller

    get cgroups with mac <hardware-address>
    Display container groups with the specified MAC address.
    Option Description
    <hardware-address> Network hardware address argument
    Example
    nsx-controller-1> get cgroups with mac af:bb:cc:dd:ee:ff id: af:bb:cc:dd:ee:ff, type: MacAddress id: 5539c4dc-621e-4d8b-8a40-2ee299f1ec73, type: Container, name: testNSGroup6 id: 141e822d-c0eb-4bb3-ba8d-61c58379c928, type: LogicalSwitch id: 34adf781-4fc1-4418-a63d-72e2d4fb9786, type: LogicalSwitchPort
    Mode
    Basic
    Availability
    Controller

    get cgroups with vif <vif>
    Display container groups with the specified network interface.
    Option Description
    <vif> VIF ID
    Example
    nsx-controller-1> get cgroups with vif vif2 id: 5539c4dc-621e-4d8b-8a40-2ee299f1ec73, type: Container, name: testNSGroup6 id: 141e822d-c0eb-4bb3-ba8d-61c58379c928, type: LogicalSwitch id: vif2, type: Vif id: 34adf781-4fc1-4418-a63d-72e2d4fb9786, type: LogicalSwitchPort
    Mode
    Basic
    Availability
    Controller

    get cli-timeout
    Show inactivity timeout in seconds.
    Example
    nsx> get cli-timeout 1200 seconds
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get clock
    Display the current date and time.
    Example
    nsx> get clock Sat Dec 12 2015 UTC 00:11:33.168
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get cluster config
    Get Cluster Config.
    Example
    nsx-manager-1> get cluster config Cluster Id: 27589e28-66c1-4fa4-aca9-7c336d43a276 Cluster Configuration Version: 1 Number of nodes in the cluster: 2 Node UUID: ac5d4a62-3203-4b31-922e-d166a4f7e860 Node Status: JOINED ENTITY UUID IP ADDRESS PORT FQDN DATASTORE b920c7ef-b951-4490-9d82-0314074a10d9 192.168.0.2 9000 nsxmanager-sb-16755132-1 MANAGER d1763d71-d660-458d-bbb4-39c103cab7ae 192.168.0.2 - nsxmanager-sb-16755132-1 CLUSTER_BOOT_MANAGER 3ddbc3d4-16a6-404d-9737-b8e7726f89eb 192.168.0.2 - nsxmanager-sb-16755132-1 HTTP 560ddc87-d318-4a2f-ad48-89678126dd20 192.168.0.2 443 nsxmanager-sb-16755132-1 Node UUID: f024fffb-e63e-4b58-88ba-a92b01467460 Node Status: JOINED ENTITY UUID IP ADDRESS PORT FQDN DATASTORE dedb1f73-82a5-4c3f-a26e-cabe80c60151 192.168.0.3 9000 nsxmanager-sb-16755132-2 MANAGER 5311d3c2-4840-49c3-81e2-a524e5af0245 192.168.0.3 - nsxmanager-sb-16755132-2 CLUSTER_BOOT_MANAGER e17a1a5e-eb89-431c-b27c-a5346078468d 192.168.0.3 - nsxmanager-sb-16755132-2 HTTP c82547f6-e75c-473b-ba69-54ec4986390a 192.168.0.3 443 nsxmanager-sb-16755132-2
    Mode
    Basic
    Availability
    Manager, Policy Manager

    get cluster status
    Get status of all the groups.
    Example
    nsx-manager-1> get cluster status Cluster Id: 27589e28-66c1-4fa4-aca9-7c336d43a276 Overall Status: STABLE Group Type: HTTP Group Status: STABLE Members: UUID FQDN IP STATUS c0a1cbad-2506-400d-be22-9fd4d71c9a6f nsx-a01.vmware.com 1.1.1.1 UP Group Type: CLUSTER_BOOT_MANAGER Group Status: STABLE Members: UUID FQDN IP STATUS 331dcb2e-c339-4111-bc74-3fed715d735e nsx-a01.vmware.com 1.1.1.1 UP Group Type: DATASTORE Group Status: STABLE Members: UUID FQDN IP STATUS c3801017-42ba-45d2-9ef7-f4f9717c49a2 nsx-a01.vmware.com 1.1.1.1 UP Group Type: MANAGER Group Status: STABLE Members: UUID FQDN IP STATUS dfb2eea5-cd45-40c7-be0d-683f277c1bbf nsx-a01.vmware.com 1.1.1.1 UP
    Mode
    Basic
    Availability
    Manager, Policy Manager

    get cluster status verbose
    Get status of all the groups. Show leadership if there is any.
    Example
    nsx-manager-1> get cluster status verbose Cluster Id: 27589e28-66c1-4fa4-aca9-7c336d43a276 Overall Status: STABLE Group Type: HTTP Group Status: STABLE Members: UUID FQDN IP STATUS c0a1cbad-2506-400d-be22-9fd4d71c9a6f nsx-a01.vmware.com 1.1.1.1 UP Group Type: CLUSTER_BOOT_MANAGER Group Status: STABLE Members: UUID FQDN IP STATUS 331dcb2e-c339-4111-bc74-3fed715d735e nsx-a01.vmware.com 1.1.1.1 UP Group Type: DATASTORE Group Status: STABLE Members: UUID FQDN IP STATUS c3801017-42ba-45d2-9ef7-f4f9717c49a2 nsx-a01.vmware.com 1.1.1.1 UP Group Type: MANAGER Group Status: STABLE Members: UUID FQDN IP STATUS dfb2eea5-cd45-40c7-be0d-683f277c1bbf nsx-a01.vmware.com 1.1.1.1 UP Leaders: SERVICE LEADER LEASE VERSION POLICY_SVC_GROUPING dfb2eea5-cd45-40c7-be0d-683f277c1bbf 379 ActivityPurger dfb2eea5-cd45-40c7-be0d-683f277c1bbf 379 POLICY_SVC_IDENTITY dfb2eea5-cd45-40c7-be0d-683f277c1bbf 379
    Mode
    Basic
    Availability
    Manager, Policy Manager

    get configuration
    Display configuration settings in command line syntax.
    Example
    nsx> get configuration ! set route prefix 0.0.0.0/0 gateway 192.168.110.1 interface eth0 set route prefix 192.168.110.0/24 interface eth0 set search-domains example.com set timezone Etc/UTC set name-servers 192.168.110.10 set ntp-server 0.ubuntu.pool.ntp.org set ntp-server 1.ubuntu.pool.ntp.org set ntp-server 2.ubuntu.pool.ntp.org set ntp-server 3.ubuntu.pool.ntp.org set ntp-server ntp.ubuntu.com set hostname nsx
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get controllers
    Display the controllers connected to this node.
    Example
    nsx> get controllers Controller IP Port SSL Status Is Physical Master Session State Controller FQDN NA 1234 enabled not used false null CCP1.COM 10.160.193.174 1234 enabled connected true up CCP2.COM NA 1234 enabled not used false null CCP3.COM
    Mode
    Basic
    Availability
    Edge, ESXi, KVM, Public Cloud Gateway

    get cpu-stats
    Display the system CPU information.
    Example
    nsx-manager-1> get cpu-stats processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 62 model name : Intel(R) Xeon(R) CPU E5-2440 v2 @ 1.90GHz stepping : 4 microcode : 0x427 cpu MHz : 1900.000 cache size : 20480 KB physical id : 0 siblings : 1 core id : 0 cpu cores : 1 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm ida arat pln pts dtherm fsgsbase tsc_adjust smep bogomips : 3800.00 clflush size : 64 cache_alignment : 64 address sizes : 42 bits physical, 48 bits virtual power management: processor : 1 vendor_id : GenuineIntel cpu family : 6 model : 62 model name : Intel(R) Xeon(R) CPU E5-2440 v2 @ 1.90GHz stepping : 4 microcode : 0x427 cpu MHz : 1900.000 cache size : 20480 KB physical id : 2 siblings : 1 core id : 0 cpu cores : 1 apicid : 2 initial apicid : 2 fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf pni pclmulqdq ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm ida arat pln pts dtherm fsgsbase tsc_adjust smep bogomips : 3800.00 clflush size : 64 cache_alignment : 64 address sizes : 42 bits physical, 48 bits virtual power management:
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get current
    Display information about the current interface.
    Example
    nsx-edge-1(path)> get current { "admin": "up", "enable-firewall": false, "enable-span": false, "force-reassemble": false, "ifuid": 289, "ifuuid": "de650f56-276d-46ef-959e-960752acfe19", "internal_operation": "up", "ipns": [ "192.168.130.3/24" ], "lrouter": "f2a25dd6-4ceb-4bf5-8ad5-3e80d2970d60", "mac": "02:50:56:00:00:04", "mtu": 1600, "peer": "54710465-99a0-481b-ac04-2ff4eda2f270", "redirect-to-kernel": true, "stats": { "rx_bytes": 1564840, "rx_drop_blocked": 0, "rx_drop_dst_unsupported": 0, "rx_drop_firewall": 0, "rx_drop_ipv6": 0, "rx_drop_kni": 0, "rx_drop_l4port_unsupported": 0, "rx_drop_malformed": 0, "rx_drop_no_receiver": 0, "rx_drop_no_route": 0, "rx_drop_proto_unsupported": 0, "rx_drop_rpf_check": 0, "rx_drop_ttl_exceeded": 3, "rx_drops": 3, "rx_frag_error": 0, "rx_frag_ok": 0, "rx_frag_timeout": 0, "rx_frags": 0, "rx_pkts": 23609, "tx_bytes": 957372, "tx_drop_blocked": 0, "tx_drop_firewall": 0, "tx_drop_frag_needed": 0, "tx_drop_no_arp": 0, "tx_drops": 0, "tx_frag_error": 0, "tx_frag_ok": 0, "tx_pkts": 14312 }, "ttl": 1, "type": "lif", "urpf-mode": "STRICT_MODE" } or nsx-edge-1(path)> get current { "ifuid": 285, "ifuuid": "9eff9e4e-9157-4107-a0dd-c79350dce6f7", "lswitch": "d5af58f5-0616-46fd-af83-242d82983c65", "peer": "140ca8de-61e0-4bba-b429-6a3791b0846a", "stats": { "rx_bytes": 9150, "rx_drop_l2_loop": 0, "rx_drop_malformed": 0, "rx_drop_no_match": 0, "rx_drops": 0, "rx_pkts": 127, "tx_bytes": 2807, "tx_drop_no_mem": 0, "tx_drops": 0, "tx_pkts": 38 } }
    Mode
    Path
    Availability
    Edge, Public Cloud Gateway

    get data <data-id>
    Display the datum ID(s) and span(s) for the specified message ID.
    Option Description
    <data-id> ID of the datum
    Allowed pattern: ^.*$
    Example
    nsx-controller-1> get data c22a70f9-c592-49fb-9df7-33b161160354 id: c22a70f9-c592-49fb-9df7-33b161160354, type: vmware.nsx.nestdb.RuleSectionMsg span: 7c72c4ae-8fe8-4449-a4e2-c5e53ab0bb4f, 6ca7e1fc-1690-450f-aad3-a2f642fb70c5
    Mode
    Basic
    Availability
    Controller

    get data with receiver <uuid>
    Display datum ID(s) for the specified receiver.
    Option Description
    <uuid> UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-controller-1> get data with receiver 7c72c4ae-8fe8-4449-a4e2-c5e53ab0bb4f id: c22a70f9-c592-49fb-9df7-33b161160354, type: vmware.nsx.nestdb.RuleSectionMsg id: 7c72c4ae-8fe8-4449-a4e2-c5e53ab0bb4f, type: vmware.nsx.nestdb.TransportNodeConfigMsg id: 4e5d3a8c-5be8-4df6-9a0f-b0458715b036, type: vmware.nsx.nestdb.IpfixConfigurationMsg id: 73f0fe85-4b28-42d3-8b7c-94cec3879451, type: vmware.nsx.nestdb.RuleSectionMsg id: 00000000-0000-0000-0000-000000000001, type: vmware.nsx.nestdb.RuleMsg id: 00000000-0000-0000-0000-000000000002, type: vmware.nsx.nestdb.RuleMsg status: synced
    Mode
    Basic
    Availability
    Controller

    get dataplane
    Display Data Plane Development Kit (DPDK) configurations, which include fastpath cores, hugepage reserved, NUMA, physical port bindings, etc.
    Example
    nsx-edge-1> get dataplane Bfd_ring_size : 512 Corelist : 0 Ctrl_prio_on : True Fc_max_mem_percore : 394 Fc_mega_cache_size : 262144 Fc_mega_hard_timeout_ms: 423 Fc_mega_soft_timeout_ms: 353 Fc_micro_cache_size: 262144 Firewall_flow_cache_on: 1 Firewall_max_purge_rate: 5 Firewall_max_sessions: 8388608 Firewall_purge_timeout_ms: 10 Firewall_timer_resolution_ms: 50 Flow_cache_mega : True Flow_cache_micro : True Hugepage_mem : 1974 Intr_mode_on : True Ip_reass4_gc_period: 2 Ip_reass4_interfrag_ms: 1000 Ip_reass4_max_ms : 5000 Ip_reass4_maxq_len : 45 Ip_reass4_qhash_order: 8 Ip_reass4_qlist_order: 9 Lacp_ring_size : 512 Learning_ring_size : 512 Link_speed : 0 Mainloop_sleep_threshold: 10 Mainloop_wait_timeout_ms: 1 Mbuf_pool_size : 48128 N_mem_channel : 3 Numa_on : True Pkt_queue_limit : 0 Pkt_queue_rx_burst_size: 128 Pkt_seg_pnic_limit : 24 Prio_rx_queue_per_core: 8 Rss : c0=0:2:1 Rx_queue_per_core : 8 Rx_ring_size : 512 Slowpath_ring_size : 512 Stt_frag_queue_expire_ms: 3000 Stt_mbuf_queued_limit: 16000 Stt_reass_gc_period_ms: 3000 Tx_ring_size : 512 Devices: Device_id : 0x07b0 Name : fp-eth0 Numa_node : -1 Pci : 0000:0b:00.00 Vendor : 0x15ad Device_id : 0x07b0 Name : fp-eth1 Numa_node : -1 Pci : 0000:13:00.00 Vendor : 0x15ad Device_id : 0x07b0 Name : fp-eth2 Numa_node : -1 Pci : 0000:1b:00.00 Vendor : 0x15ad
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dataplane cpu stats
    Display data plane cpu statistics.
    Example
    nsx-edge-1> get dataplane cpu stats CPU Usage Core : 0 Crypto : 0 pps Intercore : 0 pps Kni : 0 pps Rx : 0 pps Slowpath : 0 pps Tx : 0 pps Usage : 0%
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dataplane device list
    Get the list of supported devices on the system.
    Example
    edge> get dataplane device list System datapath-supported devices: 0000:03:00.0 - VMXNET3 Ethernet Controller | Vendor: VMware ^ Kernel interfaces detected: eth0 0000:0b:00.0 - VMXNET3 Ethernet Controller | Vendor: VMware 0000:13:00.0 - VMXNET3 Ethernet Controller | Vendor: VMware 0000:04:00.0 - Ethernet Controller XL710 for 40GbE QSFP+ | Vendor: Intel Corporation 0000:1b:00.0 - VMXNET3 Ethernet Controller | Vendor: VMware
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dataplane flow-cache config
    Display the flow cache configurations.
    Example
    nsx-edge-1> get dataplane flow-cache config Enabled : true Mega_hard_timeout_ms: 4944 Mega_size : 262144 Mega_soft_timeout_ms: 4874 Micro_size : 262144
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dataplane flow-cache stats
    Display flow cache statistics for all fastpath cores.
    Example
    nsx-edge-1> get dataplane flow-cache stats Micro Core : 0 Active : 0/262144 Dont cache : 0 Hit rate : 0% Hits : 0 Insertions : 0 Misses : 1602651 Skipped : 1018653 Bucket collisions : 0 Key collisions : 0 Mega Core : 0 Active : 0/262144 Dont cache : 2693444 Hit rate : 0% Hits : 0 Insertions : 0 Misses : 1602651 Skipped : 1018653 Bucket collisions : 0 Key collisions : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dataplane flow-cache stats <lcore-list-all>
    Display the flow cache statistics for the specified fastpath cores.
    Option Description
    <lcore-list-all> Specify a list of lcore ids or "all"
    Allowed pattern: ^([0-9]+,)*([0-9]+)$|(all)$
    Example
    nsx-edge-1> get dataplane flow-cache stats 0 Micro Core : 0 Active : 0/262144 Dont cache : 0 Hit rate : 0% Hits : 0 Insertions : 0 Misses : 1602797 Skipped : 1018748 Bucket collisions : 0 Key collisions : 0 Mega Core : 0 Active : 0/262144 Dont cache : 2693695 Hit rate : 0% Hits : 0 Insertions : 0 Misses : 1602797 Skipped : 1018748 Bucket collisions : 0 Key collisions : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dataplane l2vpn-pmtu config
    Display the l2vpn pmtu configurations.
    Example
    nsx-edge-1> get dataplane l2vpn-pmtu config Enabled : true
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dataplane l3vpn-pmtu config
    Display the l3vpn pmtu configurations.
    Example
    nsx-edge-1> get dataplane l3vpn-pmtu config Enabled : true
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dataplane memory stats
    Display data plane memory statistics.
    Example
    nsx-edge-1> get dataplane memory stats Memory Usage Available_entries : 55712 Available_entries_in_cache : 39 Cache_size_per_core : 128 Name : mbuf_pool_socket_0 Per_core_cache Available_entries : 39 Core_id : 0 Size : 56704 Available_entries : 17407 Cache_size_per_core : 0 Name : sp_pktmbuf_pool Size : 17408
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dataplane perfstats <interval>
    Display data plane performance statistics.
    Option Description
    <interval> Specify sample interval
    Example
    nsx-edge-1> get dataplane perfstats 2 [ { "CpuStats": [ { "core": "0", "tx": "0 pps", "kni": "0 pps", "rx": "0 pps", "intercore": "0 pps", "usage": "0%", "slowpath": "0 pps" }, { "core": "1", "tx": "0 pps", "kni": "0 pps", "rx": "0 pps", "intercore": "0 pps", "usage": "0%", "slowpath": "0 pps" }, { "core": "2", "tx": "0 pps", "kni": "0 pps", "rx": "0 pps", "intercore": "0 pps", "usage": "0%", "slowpath": "0 pps" }, { "core": "3", "tx": "0 pps", "kni": "0 pps", "rx": "0 pps", "intercore": "0 pps", "usage": "0%", "slowpath": "0 pps" } ] }, { "PortStats": [ { "RxPkts": 5.0, "RxTput": 375.0, "TxThput": 309.0, "PortID": "fp-eth0", "TxPkts": 4.0 }, { "RxPkts": 0.0, "RxTput": 0.0, "TxThput": 0.0, "PortID": "fp-eth1", "TxPkts": 0.0 }, { "RxPkts": 0.0, "RxTput": 0.0, "TxThput": 0.0, "PortID": "fp-eth2", "TxPkts": 0.0 } ] }, { "FlowCacheStats": { "micro": [ { "core": "0", "hits": "0", "skipped": "1235795", "insertions": "0", "active": "0/262144", "misses": "0", "bucket collisions": "0", "dont cache": "0", "key collisions": "0", "hit rate": "n/a" }, { "core": "1", "hits": "0", "skipped": "19380", "insertions": "0", "active": "0/262144", "misses": "1104864", "bucket collisions": "0", "dont cache": "0", "key collisions": "0", "hit rate": "0%" }, { "core": "2", "hits": "0", "skipped": "9701", "insertions": "0", "active": "0/262144", "misses": "2754887", "bucket collisions": "0", "dont cache": "0", "key collisions": "0", "hit rate": "0%" }, { "core": "3", "hits": "0", "skipped": "8", "insertions": "0", "active": "0/262144", "misses": "904935", "bucket collisions": "0", "dont cache": "0", "key collisions": "0", "hit rate": "0%" } ], "mega": [ { "core": "0", "hits": "0", "skipped": "1235795", "insertions": "0", "active": "0/262144", "misses": "0", "bucket collisions": "0", "dont cache": "6567381", "key collisions": "0", "hit rate": "n/a" }, { "core": "1", "hits": "0", "skipped": "19380", "insertions": "0", "active": "0/262144", "misses": "1104864", "bucket collisions": "0", "dont cache": "2932004", "key collisions": "0", "hit rate": "0%" }, { "core": "2", "hits": "0", "skipped": "9701", "insertions": "0", "active": "0/262144", "misses": "2754887", "bucket collisions": "0", "dont cache": "3457790", "key collisions": "0", "hit rate": "0%" }, { "core": "3", "hits": "0", "skipped": "8", "insertions": "0", "active": "0/262144", "misses": "904935", "bucket collisions": "0", "dont cache": "2503080", "key collisions": "0", "hit rate": "0%" } ] } }, { "NUMAStats": "CPU model not supported" }, { "PerfStats": "CPU model not supported" } ]
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dataplane qat
    Get admin and operational state of QAT crypto acceleration.
    Example
    nsx-edge-1> get dataplane qat QAT present, enabled, running
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dataplane throughput <time>
    Calculate all nics throughput given an interval
    Option Description
    <time> Time measurement in seconds
    Allowed pattern: [1-9][0-9]*$
    Example
    nsx-edge-1> get physical-port throughput 1 { "fp-eth0": { "rx Gbps": 0, "rx K err/s": 0, "rx MB/s": 0, "rx k_err/s": 0, "rx k_miss/s": 0, "rx k_no_mbufs/s": 0, "rx kpps": 0, "tx Gbps": 0, "tx K drops/s": 0, "tx MB/s": 0, "tx kpps": 0 }, "fp-eth1": { "rx Gbps": 0, "rx K err/s": 0, "rx MB/s": 0, "rx k_err/s": 0, "rx k_miss/s": 0, "rx k_no_mbufs/s": 0, "rx kpps": 0, "tx Gbps": 0, "tx K drops/s": 0, "tx MB/s": 0, "tx kpps": 0 }, "fp-eth2": { "rx Gbps": 0, "rx K err/s": 0, "rx MB/s": 0, "rx k_err/s": 0, "rx k_miss/s": 0, "rx k_no_mbufs/s": 0, "rx kpps": 0, "tx Gbps": 0, "tx K drops/s": 0, "tx MB/s": 0, "tx kpps": 0 }, "fp-eth3": { "rx Gbps": 0, "rx K err/s": 0, "rx MB/s": 0, "rx k_err/s": 0, "rx k_miss/s": 0, "rx k_no_mbufs/s": 0, "rx kpps": 0, "tx Gbps": 0, "tx K drops/s": 0, "tx MB/s": 0, "tx kpps": 0 }, "fp-eth4": { "rx Gbps": 0, "rx K err/s": 0, "rx MB/s": 0, "rx k_err/s": 0, "rx k_miss/s": 0, "rx k_no_mbufs/s": 0, "rx kpps": 0, "tx Gbps": 0, "tx K drops/s": 0, "tx MB/s": 0, "tx kpps": 0 }, "fp-eth5": { "rx Gbps": 0, "rx K err/s": 0, "rx MB/s": 0, "rx k_err/s": 0, "rx k_miss/s": 0, "rx k_no_mbufs/s": 0, "rx kpps": 0, "tx Gbps": 0, "tx K drops/s": 0, "tx MB/s": 0, "tx kpps": 0 }, "fp-eth6": { "rx Gbps": 0, "rx K err/s": 0, "rx MB/s": 0, "rx k_err/s": 0, "rx k_miss/s": 0, "rx k_no_mbufs/s": 0, "rx kpps": 0, "tx Gbps": 0, "tx K drops/s": 0, "tx MB/s": 0, "tx kpps": 0 } }
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp ip-pool <uuid>
    Display a specific DHCP IP pool.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dhcp ip-pool 31b79159-c160-40ba-a9d7-be37186ac658 DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 ERROR_THRESHOLD: 100 ID: 31b79159-c160-40ba-a9d7-be37186ac658 OPTIONS: GENERIC_OPTIONS: CODE: 51 VALUES: 86400 CODE: 3 VALUES: 192.168.1.1 RANGE: END: IPV4: 192.168.1.200 START: IPV4: 192.168.1.100 WARNING_THRESHOLD: 80
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp ip-pools
    Display all DHCP IP pools.
    Example
    nsx-edge-1> get dhcp ip-pools DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 ERROR_THRESHOLD: 100 ID: 31b79159-c160-40ba-a9d7-be37186ac658 OPTIONS: GENERIC_OPTIONS: CODE: 51 VALUES: 86400 CODE: 3 VALUES: 192.168.1.1 RANGE: END: IPV4: 192.168.1.200 START: IPV4: 192.168.1.100 WARNING_THRESHOLD: 80
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp ip-pools server-uuid <uuid>
    Display DHCP IP pools which matched a specific server UUID.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dhcp ip-pools server-uuid efc4fc20-e00d-416d-819a-88eff8674602 DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 ERROR_THRESHOLD: 100 ID: 31b79159-c160-40ba-a9d7-be37186ac658 OPTIONS: GENERIC_OPTIONS: CODE: 51 VALUES: 86400 CODE: 3 VALUES: 192.168.1.1 RANGE: END: IPV4: 192.168.1.200 START: IPV4: 192.168.1.100 WARNING_THRESHOLD: 80
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp ipv6-ip-pool <uuid>
    Display a specific DHCPv6 IP pool.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dhcp ipv6-ip-pool e1df2e11-282b-4790-99c8-7df094424c5c DHCP_ID: bac6fff3-64b7-4ec3-9063-ac4cdfd7a097 ID: e1df2e11-282b-4790-99c8-7df094424c5c NA_EXCLUDE_RANGE: END: IPV6: 1300:1222::1999 START: IPV6: 1300:1222::1001 END: IPV6: 1400:1222::6999 START: IPV6: 1400:1222::6001 NA_LEASE_TIME: 16000 NA_PREFERRED_TIME: 1970-01-01 00:00:12 (timestamp: 12000) NA_RANGE: END: IPV6: 1300:1222::2999 START: IPV6: 1300:1222::1222 END: IPV6: 1300:1222::6999 START: IPV6: 1300:1222::6031 V6_OPTIONS: DNS_SERVER: IPV6: 1546:2005::10 IPV6: 1546:2005::111 DOMAIN_NAME: abc.org def.org SNTP_SERVER: IPV6: 1546:2005::100 IPV6: 1546:2005::200
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp ipv6-ip-pools
    Display all DHCPv6 IP pools.
    Example
    nsx-edge-1> get dhcp ipv6-ip-pools DHCP_ID: bac6fff3-64b7-4ec3-9063-ac4cdfd7a097 ID: e1df2e11-282b-4790-99c8-7df094424c5c NA_EXCLUDE_RANGE: END: IPV6: 1300:1222::1999 START: IPV6: 1300:1222::1001 END: IPV6: 1400:1222::6999 START: IPV6: 1400:1222::6001 NA_LEASE_TIME: 16000 NA_PREFERRED_TIME: 1970-01-01 00:00:12 (timestamp: 12000) NA_RANGE: END: IPV6: 1300:1222::2999 START: IPV6: 1300:1222::1222 END: IPV6: 1300:1222::6999 START: IPV6: 1300:1222::6031 V6_OPTIONS: DNS_SERVER: IPV6: 1546:2005::10 IPV6: 1546:2005::111 DOMAIN_NAME: abc.org def.org SNTP_SERVER: IPV6: 1546:2005::100 IPV6: 1546:2005::200
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp ipv6-ip-pools server-uuid <uuid>
    Display DHCPv6 IP pools which match a specific server UUID.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dhcp ipv6-ip-pools server-uuid e1df2e11-282b-4790-99c8-7df094424c5c DHCP_ID: bac6fff3-64b7-4ec3-9063-ac4cdfd7a097 ID: e1df2e11-282b-4790-99c8-7df094424c5c NA_EXCLUDE_RANGE: END: IPV6: 1300:1222::1999 START: IPV6: 1300:1222::1001 END: IPV6: 1400:1222::6999 START: IPV6: 1400:1222::6001 NA_LEASE_TIME: 16000 NA_PREFERRED_TIME: 1970-01-01 00:00:12 (timestamp: 12000) NA_RANGE: END: IPV6: 1300:1222::2999 START: IPV6: 1300:1222::1222 END: IPV6: 1300:1222::6999 START: IPV6: 1300:1222::6031 V6_OPTIONS: DNS_SERVER: IPV6: 1546:2005::10 IPV6: 1546:2005::111 DOMAIN_NAME: abc.org def.org SNTP_SERVER: IPV6: 1546:2005::100 IPV6: 1546:2005::200
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp ipv6-lease <string>
    Display all non-released DHCPv6 leases by search string.
    Option Description
    <string> Generic string argument
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    Example
    nsx-edge-1> get dhcp ipv6-lease 2b2d9a19-eb4c-4be3-8399-9698321ef9cd DHCP_IP_DUID: 2b2d9a19-eb4c-4be3-8399-9698321ef9cd_582c0f59-db80-440b-a417-329c965d31c9_1300:1222::199a_pool_lease_000124e7ead2000c298ecc78_IA_NA_697224312 DUID_IAID: DUID: 000124e7ead2000c298ecc78 IA_TYPE: IA_NA IAID: 697224312 EXPIRE_TIME: 2019-08-16 03:08:49.293000 (timestamp: 1565924929293) IP_WITH_PREFIX: IPV6: 1300:1222::199a PREFIX_LENGTH: 64 LEASE_TIME: 120 PARENT_ID: 582c0f59-db80-440b-a417-329c965d31c9 START_TIME: 2019-08-16 03:06:49.293000 (timestamp: 1565924809293) TYPE: POOL
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp ipv6-lease <string> all
    Display all DHCPv6 leases(both released and non-released) by search string.
    Option Description
    <string> Generic string argument
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    Example
    nsx-edge-1> get dhcp ipv6-lease 000124e7ead2000c298ecc78 all DHCP_IP_DUID: 2b2d9a19-eb4c-4be3-8399-9698321ef9cd_582c0f59-db80-440b-a417-329c965d31c9_1300:1222::199a_pool_lease_000124e7ead2000c298ecc78_IA_NA_697224312 DUID_IAID: DUID: 000124e7ead2000c298ecc78 IA_TYPE: IA_NA IAID: 697224312 EXPIRE_TIME: 2019-08-16 03:08:49.293000 (timestamp: 1565924929293) IP_WITH_PREFIX: IPV6: 1300:1222::199a PREFIX_LENGTH: 64 LEASE_TIME: 120 PARENT_ID: 582c0f59-db80-440b-a417-329c965d31c9 START_TIME: 2019-08-16 03:06:49.293000 (timestamp: 1565924809293) TYPE: POOL
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp ipv6-leases
    Display all non-released DHCPv6 leases.
    Example
    nsx-edge-1> get dhcp ipv6-leases DUID_IAID: DUID: IA_TYPE: IA_NA IAID: 701847352 EXPIRE_TIME: 2019-07-18 07:06:40.103000 (timestamp: 1563433600103) IP_WITH_PREFIX: IPV6: 1300:1222::199a PREFIX_LENGTH: 0 LEASE_TIME: 16000 PARENT_ID: e1df2e11-282b-4790-99c8-7df094424c5c START_TIME: 2019-07-18 02:40:00.103000 (timestamp: 1563417600103) TYPE: POOL
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp ipv6-leases all
    Display all DHCPv6 leases.
    Example
    nsx-edge-1> get dhcp ipv6-leases all DUID_IAID: DUID: IA_TYPE: IA_NA IAID: 701847352 EXPIRE_TIME: 2019-07-18 07:06:40.103000 (timestamp: 1563433600103) IP_WITH_PREFIX: IPV6: 1300:1222::199a PREFIX_LENGTH: 0 LEASE_TIME: 16000 PARENT_ID: e1df2e11-282b-4790-99c8-7df094424c5c START_TIME: 2019-07-18 02:40:00.103000 (timestamp: 1563417600103) TYPE: POOL
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp ipv6-static-binding <uuid>
    Display a specific DHCPv6 static binding.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dhcp ipv6-static-binding 71e7d2e0-2002-4c71-803c-e1ea9865cd81 DHCP_ID: bac6fff3-64b7-4ec3-9063-ac4cdfd7a097 ID: 71e7d2e0-2002-4c71-803c-e1ea9865cd81 MAC: MAC: 00:50:56:c0:00:08 NA: IPV6: 1300:1222::1011 IPV6: 1300:1222::2022 NA_LEASE_TIME: 12200 V6_OPTIONS: DNS_SERVER: IPV6: 1234:2005::10 IPV6: 1234:2005::111 DOMAIN_NAME: abc.net def.net SNTP_SERVER: IPV6: 1234:2005::100 IPV6: 1234:2005::200 IPV6: 1300:1222::1011 IPV6: 1300:1222::2022
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp ipv6-static-bindings
    Display all DHCPv6 static bindings.
    Example
    nsx-edge-1> get dhcp ipv6-static-bindings DHCP_ID: bac6fff3-64b7-4ec3-9063-ac4cdfd7a097 ID: 71e7d2e0-2002-4c71-803c-e1ea9865cd81 MAC: MAC: 00:50:56:c0:00:08 NA: IPV6: 1300:1222::1011 IPV6: 1300:1222::2022 NA_LEASE_TIME: 12200 V6_OPTIONS: DNS_SERVER: IPV6: 1234:2005::10 IPV6: 1234:2005::111 DOMAIN_NAME: abc.net def.net SNTP_SERVER: IPV6: 1234:2005::100 IPV6: 1234:2005::200 IPV6: 1300:1222::1011 IPV6: 1300:1222::2022
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp ipv6-static-bindings server-uuid <uuid>
    Display DHCPv6 static bindings which match a specific server UUID.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dhcp ipv6-static-bindings server-uuid bac6fff3-64b7-4ec3-9063-ac4cdfd7a097 DHCP_ID: bac6fff3-64b7-4ec3-9063-ac4cdfd7a097 ID: 71e7d2e0-2002-4c71-803c-e1ea9865cd81 MAC: MAC: 00:50:56:c0:00:08 NA: IPV6: 1300:1222::1011 IPV6: 1300:1222::2022 NA_LEASE_TIME: 12200 V6_OPTIONS: DNS_SERVER: IPV6: 1234:2005::10 IPV6: 1234:2005::111 DOMAIN_NAME: abc.net def.net SNTP_SERVER: IPV6: 1234:2005::100 IPV6: 1234:2005::200 IPV6: 1300:1222::1011 IPV6: 1300:1222::2022
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp lease <string>
    Display a specific DHCP lease. You can specify a DHCP server's UUID, or a MAC address, or an IP address.
    Option Description
    <string> Generic string argument
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    Example
    nsx-edge-1> get dhcp lease efc4fc20-e00d-416d-819a-88eff8674602 DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2 EXPIRE_TIME: 2016-10-11 23:48:07.136000 (timestamp: 1476229687136) IP: IPV4: 192.168.1.100 LEASE_TIME: 86400 MAC: MAC: 00:0c:29:03:9c:b2 START_TIME: 2016-10-10 23:48:07.136000 (timestamp: 1476143287136) SUBNET: 192.168.1.0 nsx-edge-1> get dhcp lease 00:0c:29:03:9c:b2 DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2 EXPIRE_TIME: 2016-10-12 19:53:13.057000 (timestamp: 1476301993057) IP: IPV4: 192.168.1.100 LEASE_TIME: 86400 MAC: MAC: 00:0c:29:03:9c:b2 START_TIME: 2016-10-11 19:53:13.057000 (timestamp: 1476215593057) SUBNET: 192.168.1.0 nsx-edge-1> get dhcp lease 192.168.1.100 DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2 EXPIRE_TIME: 2016-10-12 19:53:13.057000 (timestamp: 1476301993057) IP: IPV4: 192.168.1.100 LEASE_TIME: 86400 MAC: MAC: 00:0c:29:03:9c:b2 START_TIME: 2016-10-11 19:53:13.057000 (timestamp: 1476215593057) SUBNET: 192.168.1.0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp lease <string> all
    Display a specific DHCP lease. You can specify a DHCP server's UUID, or a MAC address, or an IP address.
    Option Description
    <string> Generic string argument
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    Example
    nsx-edge-1> get dhcp lease efc4fc20-e00d-416d-819a-88eff8674602 DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2 EXPIRE_TIME: 2016-10-11 23:48:07.136000 (timestamp: 1476229687136) IP: IPV4: 192.168.1.100 LEASE_TIME: 0 MAC: MAC: 00:0c:29:03:9c:b2 START_TIME: 2016-10-10 23:48:07.136000 (timestamp: 1476143287136) SUBNET: 192.168.1.0 nsx-edge-1> get dhcp lease 00:0c:29:03:9c:b2 DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2 EXPIRE_TIME: 2016-10-12 19:53:13.057000 (timestamp: 1476301993057) IP: IPV4: 192.168.1.100 LEASE_TIME: 86400 MAC: MAC: 00:0c:29:03:9c:b2 START_TIME: 2016-10-11 19:53:13.057000 (timestamp: 1476215593057) SUBNET: 192.168.1.0 nsx-edge-1> get dhcp lease 192.168.1.100 DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2 EXPIRE_TIME: 2016-10-12 19:53:13.057000 (timestamp: 1476301993057) IP: IPV4: 192.168.1.100 LEASE_TIME: 86400 MAC: MAC: 00:0c:29:03:9c:b2 START_TIME: 2016-10-11 19:53:13.057000 (timestamp: 1476215593057) SUBNET: 192.168.1.0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp leases
    Display all non-released DHCP leases.
    Example
    nsx-edge-1> get dhcp leases DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2 EXPIRE_TIME: 2016-10-11 23:48:07.136000 (timestamp: 1476229687136) IP: IPV4: 192.168.1.100 LEASE_TIME: 86400 MAC: MAC: 00:0c:29:03:9c:b2 START_TIME: 2016-10-10 23:48:07.136000 (timestamp: 1476143287136) SUBNET: 192.168.1.0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp leases all
    Display all DHCP leases.
    Example
    nsx-edge-1> get dhcp leases DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 DHCP_SUBNET_MAC: efc4fc20-e00d-416d-819a-88eff8674602_192.168.1.100_00:0c:29:03:9c:b2 EXPIRE_TIME: 2016-10-11 23:48:07.136000 (timestamp: 1476229687136) IP: IPV4: 192.168.1.100 LEASE_TIME: 0 MAC: MAC: 00:0c:29:03:9c:b2 START_TIME: 2016-10-10 23:48:07.136000 (timestamp: 1476143287136) SUBNET: 192.168.1.0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp server <uuid> [status | sync]
    Display a specific DHCP server. Optionally specify an argument to display only the status or the synchronization information.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dhcp server efc4fc20-e00d-416d-819a-88eff8674602 EDGE_CLUSTER_ID: 46944f73-89d0-40b8-86f2-6fd651ba4fb9 EDGE_NODE_ID: 0e10a15f-ca0d-47a7-92ff-9b0aa8d18b4d b084f07f-bd1f-4d91-bf48-775b896296d5 ID: efc4fc20-e00d-416d-819a-88eff8674602 OPTIONS: GENERIC_OPTIONS: CODE: 54 VALUES: 192.168.1.2 CODE: 1 VALUES: 255.255.255.0 SERVER_MAC: MAC: 00:50:56:98:7d:d7 SERVER_PREFIX: IPV4: 192.168.1.2 PREFIX_LENGTH: 24 nsx-edge-1> get dhcp server efc4fc20-e00d-416d-819a-88eff8674602 status DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 STATUS: READY nsx-edge-1> get dhcp server efc4fc20-e00d-416d-819a-88eff8674602 sync DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 LAST_ERROR_TIME: N/A LAST_SYNC_TIME: N/A STATUS: OK
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp servers [status | sync]
    Display all DHCP servers. Optionally specify an argument to display only the status or the synchronization information.

    If the edge node is the only member of the edge cluster, the STATUS property will be displayed as UNKNOWN when you call get dhcp servers status because HA (high availability) is not available.
    Example
    nsx-edge-1> get dhcp servers EDGE_CLUSTER_ID: 46944f73-89d0-40b8-86f2-6fd651ba4fb9 EDGE_NODE_ID: 0e10a15f-ca0d-47a7-92ff-9b0aa8d18b4d b084f07f-bd1f-4d91-bf48-775b896296d5 ID: efc4fc20-e00d-416d-819a-88eff8674602 OPTIONS: GENERIC_OPTIONS: CODE: 54 VALUES: 192.168.1.2 CODE: 1 VALUES: 255.255.255.0 SERVER_MAC: MAC: 00:50:56:98:7d:d7 SERVER_PREFIX: IPV4: 192.168.1.2 PREFIX_LENGTH: 24 nsx-edge-1> get dhcp servers status DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 STATUS: READY nsx-edge-1> get dhcp servers sync DHCP_ID: efc4fc20-e00d-416d-819a-88eff8674602 LAST_ERROR_TIME: N/A LAST_SYNC_TIME: N/A STATUS: OK
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp static-binding <uuid>
    Display a specific DHCP static binding.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dhcp static-binding 3773289c-32f6-4892-a94e-c74a47bf1e71 DHCP_ID: 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d ID: 3773289c-32f6-4892-a94e-c74a47bf1e71 MAC: MAC: 12:34:56:78:9a:bc OPTIONS: GENERIC_OPTIONS: CODE: 3 VALUES: 192.168.150.1 CODE: 12 VALUES: machine-1 CODE: 51 VALUES: 86400 PREFIX: IPV4: 192.168.150.201 PREFIX_LENGTH: 24
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp static-bindings
    Display all DHCP static bindings.
    Example
    nsx-edge-1> get dhcp static-bindings DHCP_ID: 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d ID: 3773289c-32f6-4892-a94e-c74a47bf1e71 MAC: MAC: 12:34:56:78:9a:bc OPTIONS: GENERIC_OPTIONS: CODE: 3 VALUES: 192.168.150.1 CODE: 12 VALUES: machine-1 CODE: 51 VALUES: 86400 PREFIX: IPV4: 192.168.150.201 PREFIX_LENGTH: 24
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dhcp static-bindings server-uuid <uuid>
    Display a specific DHCP static bindings which matched a specific server UUID.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dhcp static-bindings server-uuid 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d DHCP_ID: 8bc04d52-b1f9-4258-8d13-b8fdbf031a0d ID: 3773289c-32f6-4892-a94e-c74a47bf1e71 MAC: MAC: 12:34:56:78:9a:bc OPTIONS: GENERIC_OPTIONS: CODE: 3 VALUES: 192.168.150.1 CODE: 12 VALUES: machine-1 CODE: 51 VALUES: 86400 PREFIX: IPV4: 192.168.150.201 PREFIX_LENGTH: 24
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get diagnosis config
    Get edge config diagnosis
    Example
    nsx-edge-1> get diagnosis config Passed: nsxa-state, nsxa-edge-cluster, nsxa-lrouter, nsxa-service-router, nestdb Failed: Warning: nsxa-edge-cluster : no peers
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get diagnosis log
    Get diagnosis analysis
    Example
    nsx-edge-c0-1> get diagnosis log 2018-01-03T20:04:14.767Z host-326432070547636738750820273082671025578 NSX 6190 SYSTEM [nsx@6876 comp="nsx-edge" subcomp="lb-dispatcher.nestdb" level="INFO"] nsx-agent nestdb thread started 2018-01-03T20:04:14.767431Z host-326432070547636738750820273082671025578 NSX 5929 - [nsx@6876 comp="nsx-edge" subcomp="nestdb" tid="5929" level="INFO"] CreateVDb: main_vdb 2018-01-03T20:04:14.767467Z host-326432070547636738750820273082671025578 NSX 5929 - [nsx@6876 comp="nsx-edge" subcomp="nestdb" tid="5929" level="ERROR" errorCode="NST0601"] CreateVDb failed: Attempt to create main VDb *********************************************************************** ERROR:2018-01-03T20:04:14.767523Z host-326432070547636738750820273082671025578 NSX 5929 - [nsx@6876 comp="nsx-edge" subcomp="nsx-rpc" tid="5929" level="ERROR" errorCode="RPC102"] Server:UnaryCall[Service[nestdb::NestDbServer, vmware.nsx.nestdb.NestDb/CreateVDb, RMT_SIMPLE], 0x0000, LOCAL_ERROR] Is in error state (INVALID_ARGUMENT: Attempt to create main VDb, status is reported to the Client) *********************************************************************** 2018-01-03T20:04:14.767728Z host-326432070547636738750820273082671025578 NSX 6190 - [nsx@6876 comp="nsx-edge" subcomp="nsx-rpc" tid="6192" level="ERROR" errorCode="RPC102"] Client:UnaryCall[RpcMethod[vmware.nsx.nestdb.NestDb/CreateVDb, RMT_SIMPLE], 0x0000, REMOTE_ERROR] Is in error state (INVALID_ARGUMENT reported by Server) 2018-01-03T20:04:14.767741Z host-326432070547636738750820273082671025578 NSX 5929 - [nsx@6876 comp="nsx-edge" subcomp="nestdb" tid="5929" level="INFO"] GetVDbId: 2018-01-03T20:04:14.767Z host-326432070547636738750820273082671025578 NSX 6190 SYSTEM [nsx@6876 comp="nsx-edge" subcomp="lb-dispatcher.nestdb" level="WARN"] Failed to create vdb object. The vdb may already exist. RPC status 2: INVALID_ARGUMENT
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get diagnosis log limit <log-num>
    Get number of diagnosis entries
    Option Description
    <log-num> Specify number of log entries
    Allowed pattern: ^([0-9]+)$
    Example
    nsx-edge-c0-1> get diagnosis log limit 1 2018-01-03T20:04:16.548319+00:00 host-326432070547636738750820273082671025578 cfgAgent 6075 - - [DEBUG] Attempting to send data to client 11 2018-01-03T20:04:16.548798+00:00 host-326432070547636738750820273082671025578 cfgAgent 6075 - - [DEBUG] Sent Data to Client 11 2018-01-03T20:04:17.102262+00:00 host-326432070547636738750820273082671025578 NSX 5838 - [nsx@6876 comp="nsx-manager" subcomp="node-mgmt" username="root" level="INFO" audit="True"] 127.0.0.1 - - [2018-01-03 20:04:17] 'GET /api/v1/node/configuration' 200 1201 "" "curl/7.47.0" 0.144964 *********************************************************************** ERROR:2018-01-03T20:04:17.421993+00:00 host-326432070547636738750820273082671025578 NSX 5838 - [nsx@6876 comp="nsx-manager" subcomp="node-mgmt" username="root" level="ERROR" errorCode="NODE10"] Error setting system time, rc: 1, err: Failed to create bus connection: No such file or directory *********************************************************************** 2018-01-03T20:04:17.526811Z host-326432070547636738750820273082671025578 NSX 6075 - [nsx@6876 comp="nsx-controller" subcomp="cfgAgent" tid="71757700" level="verbose"] Checking global lock, current checked count: 1 2018-01-03T20:04:17.577539Z host-326432070547636738750820273082671025578 NSX 6075 - [nsx@6876 comp="nsx-controller" subcomp="cfgAgent" tid="71757700" level="verbose"] TCP connection started: 127.0.0.1:0::00000000-0000-0000-0000-000000000000:1234 2018-01-03T20:04:17.577589Z host-326432070547636738750820273082671025578 NSX 6075 - [nsx@6876 comp="nsx-controller" subcomp="cfgAgent" tid="71757700" level="warning"] socket async connect callback failed. Error code: Connection refused, system
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get diagnosis log limit <log-num> context <context-line-num>
    Get two number of diagnosis entries
    Option Description
    <log-num> Specify number of log entries
    Allowed pattern: ^([0-9]+)$
    <context-line-num> Specify the numbers of context logs before and after the error log
    Allowed pattern: ^([0-9]+)$
    Example
    nsx-edge-c0-1> get diagnosis log limit 1 context 1 2018-01-03T20:04:17.102262+00:00 host-326432070547636738750820273082671025578 NSX 5838 - [nsx@6876 comp="nsx-manager" subcomp="node-mgmt" username="root" level="INFO" audit="True"] 127.0.0.1 - - [2018-01-03 20:04:17] 'GET /api/v1/node/configuration' 200 1201 "" "curl/7.47.0" 0.144964 *********************************************************************** ERROR:2018-01-03T20:04:17.421993+00:00 host-326432070547636738750820273082671025578 NSX 5838 - [nsx@6876 comp="nsx-manager" subcomp="node-mgmt" username="root" level="ERROR" errorCode="NODE10"] Error setting system time, rc: 1, err: Failed to create bus connection: No such file or directory *********************************************************************** 2018-01-03T20:04:17.526811Z host-326432070547636738750820273082671025578 NSX 6075 - [nsx@6876 comp="nsx-controller" subcomp="cfgAgent" tid="71757700" level="verbose"] Checking global lock, current checked count: 1
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get diagnosis topology
    Get logical topology on edge
    Example
    nsx-edge-1> get diagnosis topology Edge node ========= UUID: 5214.*f675 / status: Up MGMT 10.172.153.228 / VTEP 26.23.26.4 Loss of all tunnels events: (none) Max BFD rx packet gap: 887 ms @ 2019-01-11 18:20:01 peer edge ca17.*e06c --> 10.172.155.100 (mgm BFD) Dn/Dn tx/rx: 654437/650396 --> 26.23.26.3 (tun BFD) Dn/Dn tx/rx: 654495/650490 peer edge cc02.*2111 --> 10.172.154.85 (mgm BFD) Up/Up tx/rx: 654514/654360 --> 27.23.27.3 (tun BFD) Up/Up tx/rx: 654498/654290
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dns-forwarder <uuid> cache
    Display the DNS Forwarder Cache Entries.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dns-forwarder 9b032ded-a109-42ee-b49b-ae05e7b9edf6 cache CACHE: Cache size: 150 Cache insertions 0 Cache-Live-freed 0. Queries forwarded 0, Queries answered locally 0Host Address Flags Expires ERR_MSG: UUID: 9b032ded-a109-42ee-b49b-ae05e7b9edf6
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dns-forwarder <uuid> config
    Display the DNS Forwarder Config.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dns-forwarder 7f304144-9df2-477f-ad36-89232200a6a7 config CACHE_SIZE: 1024 DEFAULT_ZONE: SOURCE_IP: IPV4: 11.11.11.11 UPSTREAM_SERVERS: IPV4: 10.117.0.1 ID: 7f304144-9df2-477f-ad36-89232200a6a7 LISTENER_IP: IPV4: 11.11.11.11 LOG_LEVEL: LB_LOG_LEVEL_INFO LOGICAL_ROUTER_ID: a5e4fb83-ed0a-45ef-9407-b73740ca9277 SR_CLUSTER_ID: 00002000-0000-0000-0000-000000000001
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dns-forwarder <uuid> stats
    Display the DNS Forwarder Stats Entries.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dns-forwarder 9b032ded-a109-42ee-b49b-ae05e7b9edf6 stats STATS: CACHED_ENTRIES: 3 CONDITIONAL_FORWARDER_STATISTICS: DOMAIN_NAMES: vmc.example.com UPSTREAM_STATISTICS: QUERIES_FAILED: 0 QUERIES_SUCCEEDED: 2 UPSTREAM_SERVER: 3.3.5.10 DOMAIN_NAMES: 2.199.199.in-addr.arpa UPSTREAM_STATISTICS: QUERIES_FAILED: 0 QUERIES_SUCCEEDED: 0 UPSTREAM_SERVER: 3.3.5.20 CONFIGURED_CACHE_SIZE: 300 DEFAULT_FORWARDER_STATISTICS: DOMAIN_NAMES: UPSTREAM_STATISTICS: QUERIES_FAILED: 0 QUERIES_SUCCEEDED: 3 UPSTREAM_SERVER: 1.1.5.10 QUERIES_FAILED: 2 QUERIES_SUCCEEDED: 1 UPSTREAM_SERVER: 1.1.5.20 QUERIES_ANSWERED_LOCALLY: 1 QUERIES_FORWARDED: 5 RECEIVED_QUERIES_NUMBER: 6 TIME_STAMP: 2018-07-24 10:05:19.895000 (timestamp: 1532426719895) USED_CACHE_SIZE: 0 UUID: 9b032ded-a109-42ee-b49b-ae05e7b9edf6
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dns-forwarder <uuid> status
    Display DNS Forwarder Status
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dns-forwarder 7f304144-9df2-477f-ad36-89232200a6a7 status ID : 7f304144-9df2-477f-ad36-89232200a6a7 STATUS : up ERR_MSG :
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dns-forwarder <uuid> table
    Display the DNS Forwarder Entries.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get dns-forwarder 9b032ded-a109-42ee-b49b-ae05e7b9edf6 table ERR_MSG: TABLE: Domain-name Forwarder-Source-Address DNS-Server-Address Number-of-Queries Failed-Queries (null) 10.117.0.1 11.11.11.13 0 0 UUID: 9b032ded-a109-42ee-b49b-ae05e7b9edf6
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dns-forwarder cache
    Display the DNS Forwarder Cache Entries Per SR.
    Example
    nsx-edge-1(tier0_sr)> get dns-forwarder cache CACHE: Cache size: 150 Cache insertions 0 Cache-Live-freed 0. Queries forwarded 0, Queries answered locally 0Host Address Flags Expires ERR_MSG: UUID: 9b032ded-a109-42ee-b49b-ae05e7b9edf6
    Mode
    Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get dns-forwarder stats
    Display the DNS Forwarder Stats Entries Per SR.
    Example
    nsx-edge-1(tier0_sr)> get dns-forwarder stats STATS: CACHED_ENTRIES: 3 CONDITIONAL_FORWARDER_STATISTICS: DOMAIN_NAMES: vmc.example.com UPSTREAM_STATISTICS: QUERIES_FAILED: 0 QUERIES_SUCCEEDED: 2 UPSTREAM_SERVER: 3.3.5.10 DOMAIN_NAMES: 2.199.199.in-addr.arpa UPSTREAM_STATISTICS: QUERIES_FAILED: 0 QUERIES_SUCCEEDED: 0 UPSTREAM_SERVER: 3.3.5.20 CONFIGURED_CACHE_SIZE: 300 DEFAULT_FORWARDER_STATISTICS: DOMAIN_NAMES: UPSTREAM_STATISTICS: QUERIES_FAILED: 0 QUERIES_SUCCEEDED: 3 UPSTREAM_SERVER: 1.1.5.10 QUERIES_FAILED: 2 QUERIES_SUCCEEDED: 1 UPSTREAM_SERVER: 1.1.5.20 QUERIES_ANSWERED_LOCALLY: 1 QUERIES_FORWARDED: 5 RECEIVED_QUERIES_NUMBER: 6 TIME_STAMP: 2018-07-24 10:05:19.895000 (timestamp: 1532426719895) USED_CACHE_SIZE: 0 UUID: 630ccdc4-4b8e-4d2e-9242-b27b689e0feb
    Mode
    Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get dns-forwarder status
    Display the DNS Forwarder Entries Per SR.
    Example
    nsx-edge-1(tier0_sr)> get dns-forwarder status ERR_MSG: STATUS: up UUID: 14590164-e8fc-4949-bad7-fe6909fb1099
    Mode
    Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get dns-forwarder table
    Display the DNS Forwarder Entries Per SR.
    Example
    nsx-edge-1(tier0_sr)> get dns-forwarder table ERR_MSG: TABLE: Domain-name Forwarder-Source-Address DNS-Server-Address Number-of-Queries Failed-Queries (null) 10.117.0.1 11.11.11.13 0 0 UUID: 9b032ded-a109-42ee-b49b-ae05e7b9edf6
    Mode
    Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get dns-forwarders config
    Display the DNS Forwarders Config.
    Example
    nsx-edge-1> get dns-forwarders config CACHE_SIZE: 1024 DEFAULT_ZONE: SOURCE_IP: IPV4: 11.11.11.11 UPSTREAM_SERVERS: IPV4: 10.117.0.1 ID: 7f304144-9df2-477f-ad36-89232200a6a7 LISTENER_IP: IPV4: 11.11.11.11 LOG_LEVEL: LB_LOG_LEVEL_INFO LOGICAL_ROUTER_ID: a5e4fb83-ed0a-45ef-9407-b73740ca9277 SR_CLUSTER_ID: 00002000-0000-0000-0000-000000000001
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get dns-forwarders status
    Display DNS Forwarder Status
    Example
    nsx-edge-1> get dns-forwarders status ERR_MSG: STATUS: up UUID: 14590164-e8fc-4949-bad7-fe6909fb1099 ERR_MSG: STATUS: up UUID: 9b032ded-a109-42ee-b49b-ae05e7b9edf6
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get domain-object <uuid>
    Display information about the specified domain object.
    Option Description
    <uuid> Domain object identifier
    Example
    nsx-controller-1> get domain-object 348e20a9-8b6e-4209-81df-779bff97781d id: 348e20a9-8b6e-4209-81df-779bff97781d type: RuleSection content: com.vmware.nsx.ccp.domain.entity.RuleSection@1642d5b0[message=priority: 2305843009213693951 name: "Default Layer2 Section" version: "0" ,id=348e20a9-8b6e-4209-81df-779bff97781d,resolver=com.vmware.nsx.falcon.FalconImpl@6306e14c]
    Mode
    Basic
    Availability
    Controller

    get domain-objects <domain_object_type>
    Display domain objects of the specified type.
    Option Description
    <domain_object_type> Domain object type
    Allowed values: ArpTableConfig, Container, ContextProfile, Cif, DhcpIpPool, DhcpStaticBinding, EdgeNode, Hypervisor, EdgeClusterConfig, EvpnService, EvpnTunnelEndpoint, SiRedirectionPolicy, IpfixCollectorConfiguration, IpfixDfwConfiguration, LogicalDhcpServer, LogicalMDProxyServer, LogicalSwitch, LogicalSwitchPort, LogicalSwitchPortBindings, LogicalRouter, LogicalRouterPort, MacAddress, PublicCloudGatewayNode, RemoteSiteContainer, Rule, RuleSection, UrlCategorizationConfig, Vif, ServicePath, ServiceChain, ServiceVM, ServiceVmStatus, EwSiRedirectionPolicy, NsSiRedirectionPolicy, ServiceProfile, SiService, ComputedDadState, LogicalRouterPortDadState, VifTnBindingExpiration
    Example
    nsx-controller-1> get domain-objects RuleSection id: 348e20a9-8b6e-4209-81df-779bff97781d, type: RuleSection id: a9ccd570-9b6f-42e9-a372-162c4b00238e, type: RuleSection id: 00003200-0000-0000-0000-000000000001, type: RuleSection id: 00003200-0000-0000-0000-000000000002, type: RuleSection
    Mode
    Basic
    Availability
    Controller

    get domain-objects <objects_type_with_component_name> <component-name>
    Display domain objects of the specified type with the specified component name
    Option Description
    <objects_type_with_component_name> Object type with component name
    Allowed values: rule, rulesection
    <component-name> Component name
    Allowed values: dfw
    Example
    nsx-controller-1> get domain-objects rule dfw id: 00000000-0000-0000-0000-000000000401, type: Rule, rule config message id: 1025, section: 17df3754-73df-4809-8820-fe01ee57d02a id: 00000000-0000-0000-0000-000000000402, type: Rule, rule config message id: 1026, section: ba6ae44f-4ea2-4167-a298-75849a458273
    Mode
    Basic
    Availability
    Controller

    get edge-cluster history state
    Display the Edge cluster state history.
    Example
    nsx-edge-1> get edge-cluster history state State : Disabled Time : 2016-09-12 18:07:03.20 Event : Init Reason : Init State : Offline Time : 2016-09-20 10:19:24.22 Event : Config Updated Reason : Config State : Discover Time : 2016-09-20 10:19:24.22 Event : Config Updated Reason : Config State : StateSync Time : 2016-09-20 10:19:25.19 Event : BFD State Updated Reason : Updated State : Inactive Time : 2016-09-20 10:19:30.50 Event : State Sync Completed Reason : Updated State : Active Time : 2016-09-20 10:19:30.50 Event : State Sync Completed Reason : Updated State : Inactive Time : 2016-10-10 13:53:30.88 Event : Node State Changed Reason : Tunnels Down
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get edge-cluster status
    Display the Edge cluster status.
    Example
    nsx-edge-1> get edge-cluster status High Availability State : Inactive Since : 2016-10-10 13:53:30.88 Edge Node Id : f9933e11-96a5-48fa-9f64-9c3b789d530c Edge Node Status : Down Admin State : Up Vtep State : Up Configuration : applied Health Check Config : Interval : 1000 msec Deadtime : 3000 msec Max Hops : 255 Service Status : Datapath Config Channel : Up Datapath Status Channel : Up Routing Status Channel : Up Routing Status : Down Peer Status : Node Id : 14693d4d-de8b-417e-a53c-315702fc72c5 Node Status : Admin Down Healthcheck Sessions : Interface : eth0 Session : 192.168.110.111:192.168.110.112 Status : Admin Down Interface : nsx-edge-vtep Device : fp-eth0 Session : 192.168.150.201:192.168.150.202 Status : Unreachable
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ens lcore-assignment-mode <host-switch-name>
    Show the current mode of enhanced datapath lcore assignment.
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    Example
    esx-1> get ens lcore-assignment-mode nsxvswitch LCore assignment mode for nsxvswitch is vNIC count
    Mode
    Basic
    Availability
    ESXi

    get eula
    Show the content of End User License Agreement
    Mode
    Basic
    Availability
    Manager

    get eula acceptance
    Show the acceptance of End User License Agreement
    Mode
    Basic
    Availability
    Manager

    get evpn rmac
    Display router MACs for all VNIs.
    Example
    EVPN-M0-EDGE-ONE(tier0_sr)> get evpn rmac VNI 10001 #RMACs 1 RMAC Remote VTEP 92:fc:ee:ac:51:61 5.1.1.2
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get evpn vni
    Display all EVPN VNI information.
    Example
    EVPN-M0-EDGE-ONE(tier0_sr)> get evpn vni VNI: 100000 Type: L3 Tenant VRF: vrf-2 Local Vtep Ip: 70.1.1.1 Vxlan-Intf: vxlan-100000 SVI-If: kni-275 State: Up VNI Filter: none Router MAC: 02:50:56:56:54:00 L2 VNIs:
    Mode
    Tier0_sr
    Availability
    Edge, Public Cloud Gateway

    get file <filename>
    Display information about the specified file in the filestore.
    Option Description
    <filename> Existing file argument
    Example
    nsx> get file support-bundle-0.tgz Directory of filestore:/ -rw- 24932275 Feb 05 2016 05:58:46 UTC support-bundle-0.tgz
    Mode
    Basic
    Availability
    Controller, Edge, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get file <filename> thumbprint
    Display the file thumbprint.
    Option Description
    <filename> Existing file argument
    Example
    nsx> get file support-bundle-0.tgz thumbprint SHA1SUM: d0fc5c741bdc0be8eacce3e8f581b74c32bc4d62 SHA256SUM: 13cfaccbfc44193eaee3a729b6c4a810b276df6d8086fc82ed1720d23906473d
    Mode
    Basic
    Availability
    Controller, Edge, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get files
    Display information about the files in the filestore.
    Example
    nsx> get files Directory of filestore:/ -rw- 24950960 Feb 05 2016 05:59:23 UTC support-bundle-1.tgz -rw- 24932275 Feb 05 2016 05:58:46 UTC support-bundle-0.tgz
    Mode
    Basic
    Availability
    Controller, Edge, NSX Cloud VM, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get filesystem-stats
    Display the file system information.
    Example
    nsx-manager-1> get filesystem-stats Filesystem Size Used Avail Use% Mounted on udev 7.9G 4.0K 7.9G 1% /dev tmpfs 1.6G 768K 1.6G 1% /run /dev/sda2 19G 2.2G 16G 13% / none 4.0K 0 4.0K 0% /sys/fs/cgroup none 5.0M 0 5.0M 0% /run/lock none 7.9G 4.0K 7.9G 1% /run/shm none 100M 0 100M 0% /run/user /dev/mapper/nsx-repository 19G 302M 18G 2% /repository /dev/mapper/nsx-tmp 3.7G 8.0M 3.5G 1% /tmp /dev/sda1 945M 6.0M 874M 1% /boot /dev/mapper/nsx-config 19G 44M 18G 1% /config /dev/mapper/nsx-config__bak 19G 44M 18G 1% /config_bak /dev/mapper/nsx-image 19G 44M 18G 1% /image /dev/sda3 19G 44M 18G 1% /os_bak /dev/mapper/nsx-var+log 9.3G 623M 8.2G 7% /var/log
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get firewall <uuid> addrset name <string>
    Display the specified firewall address set for the logical router interface.
    Option Description
    <uuid> Firewall logical interface UUID argument
    <string> Generic string argument
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e addrset name srcep Addrset count: 1 Name : srcep Address(es) : 11.1.1.1,11.1.2.1
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> addrset sets
    Display all the firewall address sets for the logical router interface.
    Option Description
    <uuid> Firewall logical interface UUID argument
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e addrset sets Addrset count: 2 Name : dstep Address(es) : 11.1.1.1,11.1.2.1 Name : srcep Address(es) : 10.1.1.1,10.1.1.10
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> attrset name <string>
    Display the specified firewall attribute set for the logical router interface.
    Option Description
    <uuid> Firewall logical interface UUID argument
    <string> Generic string argument
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e attrset name attriSet1 Container count: 1 Name : attriSet1 Element(s) : APP_ID : 1, APP_ID : 2
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> attrset sets
    Display all the firewall attribute sets for the logical router interface.
    Option Description
    <uuid> Firewall logical interface UUID argument
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e attrset sets Container count: 2 Name : attriSet1 Element(s) : APP_ID : 1, APP_ID : 2 Name : attriSet2 Element(s) : TLS_VERSION : 1.1, TLS_VERSION : 1.2
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> connection
    Display the firewall connections on the specified logical router interface.
    Option Description
    <uuid> Firewall logical interface UUID argument
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e connection Connection count: 1 0x00001c0c08000007: 192.168.130.254:57336 -> 172.16.10.11:80 (80.80.80.11:80) in protocol tcp state ESTABLISHED:ESTABLISHED
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> connection count
    Display the firewall connection count.
    Option Description
    <uuid> Firewall logical interface UUID argument
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e connection count Connection count: 1
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> connection raw
    Display the firewall connections on the specified logical router interface.
    Option Description
    <uuid> Firewall logical interface UUID argument
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e connection raw Connection count: 1 0x00001c0c08000007 af 2 ethertype 0x0000 proto icmp 192.168.1.1 -> 172.16.10.11 (80.80.80.11) dir 1 2418 0 6e 0 f-0 n-420 flg:200000040909
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> connection state
    Display the state of the firewall connections.
    Option Description
    <uuid> Firewall logical interface UUID argument
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e connection state Connection count: 1 192.168.130.254:57101 -> 172.16.10.11:80 (80.80.80.11:80) in protocol tcp state ESTABLISHED:ESTABLISHED f-0 n-421
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> ike policy [<rule-id>]
    Display IKE policy for the specified logical router interface.
    Option Description
    <uuid> Firewall logical interface UUID argument
    <rule-id> Rule ID
    Allowed pattern: ^[1-9][0-9]*$
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e ike policy 2052 Policy count: 1 Rule ID : 2052 Policy : in protocol any from ip 2.2.2.0/24 to ip 1.1.1.0/24 encrypt keypolicy 00000000-0000-0000-0b00-000000000000
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> interface stats
    Display firewall interface statistics for the specified logical router interface.
    Option Description
    <uuid> Firewall logical interface UUID argument
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e interface stats Failed IP option : 0 Failed NAT translation : 0 Failed SYN proxy : 0 Failed Spoofguard : 0 Failed bad offset : 0 Failed bad timestamp : 0 Failed checksum : 0 Failed congestion : 0 Failed expected state : 0 Failed fragment : 0 Failed memory allocation : 0 Failed normalization : 0 Failed short header : 0 Failed source limit : 0 Failed state insertion : 0 Failed state limit : 0 Firewall deletions : 13 Firewall insertions : 15 Firewall lookups : 0 Found match : 67 Input bytes allowed : 5741 Input bytes dropped : 0 Input packets allowed : 61 Input packets dropped : 0 Number of state collisions : 0 Number of states : 2 Output bytes allowed : 12628 Output bytes dropped : 0 Output packets allowed : 138 Output packets dropped : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> ruleset [type <rule-type>] rules [<ruleset-detail>]
    Display firewall rules with expanded address sets for the specified logical router interface.
    Option Description
    <uuid> Firewall logical interface UUID argument
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e ruleset rules DNAT rule count: 1 Rule ID : 2053 Rule : in protocol any from any to ip 80.80.80.11 dnat ip 172.16.10.11 SNAT rule count: 1 Rule ID : 2052 Rule : out protocol any from ip 172.16.10.11 to any snat ip 80.80.80.11
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> ruleset [type <rule-type>] stats
    Display firewall rule statistics for the specified logical router interface.
    Option Description
    <uuid> Firewall logical interface UUID argument
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e ruleset stats DNAT rule count: 1 Rule ID : 2053 Input bytes : 1367 Output bytes : 2374 Input packets : 24 Output packets : 19 Evaluations : 8 Active connections : 1 SNAT rule count: 1 Rule ID : 2052 Input bytes : 4478 Output bytes : 6106 Input packets : 39 Output packets : 68 Evaluations : 7 Active connections : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> sync config
    Display the active/standby configuration for the firewall on the specified logical router interface.
    Option Description
    <uuid> Firewall logical interface UUID argument
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e sync config HA mode : primary-active Firewall enabled : true Sync pending : false Bulk sync pending : false Last status: ok Local VTEP IP : 192.168.250.62 Peer VTEP IP : 192.168.250.63 Local context : 56eead22-3bb9-4586-8de3-9412941f9116 Peer context : 56eead22-3bb9-4586-8de3-9412941f9116
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> sync stats
    Display the firewall synchronization statistics.
    Option Description
    <uuid> Firewall logical interface UUID argument
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e sync stats bad-action : 0 bad-c-delete : 0 bad-c-update : 0 bad-delete : 0 bad-header : 0 bad-len : 0 bad-request : 0 bad-rule-id : 0 bad-stale-c-update : 0 bad-stale-update : 0 bad-state-c-update : 0 bad-state-insert : 0 bad-state-update : 0 bad-total : 0 bad-ttl : 0 bad-update : 0 bad-val : 0 bad-version : 0 failed-module-insert : 0 failed-no-mem : 0 failed-no-module : 0 failed-output : 0 input-ipv4 : 5 output-ipv4 : 138 send-bulk-update : 0 send-c-delete : 13 send-c-update : 135 send-update : 0 state-c-delete : 0 state-c-update : 0 state-delete : 0 state-insert : 0 state-request : 2 state-update : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <uuid> timeouts
    Display the fixed timeouts for connection events.
    Option Description
    <uuid> Firewall logical interface UUID argument
    Example
    nsx-edge-1> get firewall e159f0db-d8e4-4973-9cbb-8cc30def2c3e timeouts Timeout count: 12 dfw.icmp.error_reply : 10 dfw.icmp.first_packet : 20 dfw.ip.frag : 30 dfw.tcp.closed : 5 dfw.tcp.closing : 900 dfw.tcp.established : 7200 dfw.tcp.fin_wait : 7 dfw.tcp.first_packet : 120 dfw.tcp.opening : 30 dfw.udp.first_packet : 60 dfw.udp.multiple : 60 dfw.udp.single : 30
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall <vifuuid> addrsets
    Display firewall address sets
    Option Description
    <vifuuid> UUID argument
    Example
    > get firewall e0b4c45b-7df8-40d5-a229-2b2a5be2d4d0 addrset Firewall Address Sets --------------------------------------------------
    Mode
    Basic
    Availability
    ESXi, KVM

    get firewall <vifuuid> fqdn
    Display firewall fqdn attribute of profiles.
    Option Description
    <vifuuid> UUID argument
    Example
    > get firewall 89e14dfc-98a8-47bc-adb1-ed26091123ee fqdn Firewall Profile FQDN ---------------------------------------------------------------------- Profiles count : 1 Profile UUID : 941e03a3-1da9-43ba-963e-9e6e467e9ce0 FQDN count : 2 FQDN UUID : 2b90ce0d-f1d2-4092-adb8-1e61b5c05ca8 Value : .*\.office\.com IP set : 192.168.11.1, 2001::192:168:11:1 FQDN UUID : 15d3bd4f-3e23-41ef-955f-5d2c3df49c3c Value : .*\.outlook\.com IP set : 192.168.22.1, 2001::192:168:22:1
    Mode
    Basic
    Availability
    KVM

    get firewall <vifuuid> profile
    Display firewall attribute profiles.
    Option Description
    <vifuuid> UUID argument
    Example
    > get firewall e0b4c45b-7df8-40d5-a229-2b2a5be2d4d0 profiles Firewall Profiles -------------------------------------------------- Profiles count : 1 UUID : 35ab482b-1c37-4168-a7d4-176a0c91788e Attribute count : 2 APP_ID : APP_NTP APP_ID : APP_SVN
    Mode
    Basic
    Availability
    ESXi, KVM

    get firewall <vifuuid> ruleset rules
    Display firewall rules
    Option Description
    <vifuuid> UUID argument
    Example
    > get firewall e0b4c45b-7df8-40d5-a229-2b2a5be2d4d0 ruleset rules Firewall Rules -------------------------------------------------- VIF UUID : e0b4c45b-7df8-40d5-a229-2b2a5be2d4d0 Ruleset UUID : 3d04fa69-5faa-4127-b55f-c08c5de5a134 Rule count : 4 rule 1031 inout protocol any from any to any accept; rule 1032 inout protocol any from any to any accept; rule 1033 inout protocol any from any to any accept; rule 1034 inout protocol any from any to any accept;
    Mode
    Basic
    Availability
    ESXi, KVM

    get firewall [logical-switch <uuid>] interfaces
    Display the logical router or switch interfaces which have firewall rules.
    Example
    nsx-edge-1> get firewall interfaces Interface : e159f0db-d8e4-4973-9cbb-8cc30def2c3e Type : UPLINK Sync enabled : true Name : lrp265 VRF ID : 22 Context entity : 627171f9-ba99-4d81-971e-54ec857b9693 Context name : SR-Tier0-LR-1
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall addrset name <uuid>
    Display firewall addresses for the specified address set.
    Option Description
    <uuid> UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    host-1> get firewall addrset name 986cf106-b987-48bb-bdaa-8b55e1e82756 Address Count: 2 Address : ip 14.14.14.14 Address : ip 12.12.12.12
    Mode
    Basic
    Availability
    NSX Cloud VM

    get firewall addrset sets
    Display firewall address sets for the available virtual interface.
    Example
    host-1> get firewall addrset sets VIF ID : eni-d36ce980 Addrset Count : 1 Addrset UUID : 986cf106-b987-48bb-bdaa-8b55e1e82756 Address Count : 2 Address : 14.14.14.14 Address : 12.12.12.12
    Mode
    Basic
    Availability
    NSX Cloud VM

    get firewall connection state
    Display the state of the firewall connections in the VRF context.
    Example
    nsx-edge-1(vrf)> get firewall connection state Connection count: 1 192.168.130.254:57101 -> 172.16.10.11:80 (80.80.80.11:80) in protocol tcp state ESTABLISHED:ESTABLISHED f-0 n-421
    Mode
    VRF, Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get firewall context-profile <context-profile-id> fqdn
    Display firewall fqdn attribute of profiles.
    Option Description
    <context-profile-id> Context profile ID argument
    Allowed pattern: ^[0-9a-zA-Z-]+$
    Example
    host> get firewall context-profile 5fe464fd-6c50-4c12-92cc-91a52ea83cbf fqdn Context Profile ID: 5fe464fd-6c50-4c12-92cc-91a52ea83cbf FQDN count : 2 FQDN ID : 45e5a417-8f50-4a24-b564-7c8676dff34b Value : www.youtube.com IP set : 216.58.193.78, 172.217.14.206, 172.217.3.174, 2607:f8b0:400a:808::200e, 172.217.3.206 FQDN ID : b264e526-f47d-4c95-9427-c835c4dd02c8 Value : m.facebook.com
    Mode
    Basic
    Availability
    NSX Cloud VM

    get firewall context-profiles
    Display firewall fqdn attribute of profiles.
    Example
    host> get firewall context-profiles Context Profile ID: 5fe464fd-6c50-4c12-92cc-91a52ea83cbf Attribute count : 3 APP ID : APP_HTTP FQDN : www.youtube.com FQDN : m.facebook.com Context Profile ID: bf41df9f-2d79-4f73-b582-f87085935dbe Attribute count : 1 APP ID : APP_DNS
    Mode
    Basic
    Availability
    NSX Cloud VM

    get firewall exclude
    Display firewall exclude interfaces.
    Example
    host-1> get firewall exclude VIF count: 1 VIF ID : eni-d36ce980
    Mode
    Basic
    Availability
    NSX Cloud VM

    get firewall exclude-list
    Display the firewall exclusion list.
    Example
    nsx-manager-1> get firewall exclude-list target_id target_type target_display_name ---------- ------------ -------------------- 954dd9f7-0280-4aff-aebd-8323fd00d770 LogicalSwitch ls01 3b30045a-9166-43b6-85a0-a07d23af5e01 LogicalPort lport02 2 row (s)
    Mode
    Basic
    Availability
    Manager

    get firewall exclusion
    Display firewall exclusions.
    Example
    esx-1> get firewall exclusion Firewall Exclusion ---------------------------------------------------------------------- None
    Mode
    Basic
    Availability
    ESXi, KVM

    get firewall interface stats
    Display firewall interface statistics for the specified logical router interface in the VRF context.
    Example
    nsx-edge-1(vrf)> get firewall interface stats Failed IP option : 0 Failed NAT translation : 0 Failed SYN proxy : 0 Failed Spoofguard : 0 Failed bad offset : 0 Failed bad timestamp : 0 Failed checksum : 0 Failed congestion : 0 Failed expected state : 0 Failed fragment : 0 Failed memory allocation : 0 Failed normalization : 0 Failed short header : 0 Failed source limit : 0 Failed state insertion : 0 Failed state limit : 0 Firewall deletions : 13 Firewall insertions : 15 Firewall lookups : 0 Found match : 67 Input bytes allowed : 5741 Input bytes dropped : 0 Input packets allowed : 61 Input packets dropped : 0 Number of state collisions : 0 Number of states : 2 Output bytes allowed : 12628 Output bytes dropped : 0 Output packets allowed : 138 Output packets dropped : 0
    Mode
    VRF, Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get firewall interfaces
    Display the logical router or switch interfaces which have firewall rules.
    Example
    nsx-edge-1(vrf)> get firewall interfaces Interface : e159f0db-d8e4-4973-9cbb-8cc30def2c3e Type : UPLINK Sync enabled : true Name : lrp265 VRF ID : 22 Context entity : 627171f9-ba99-4d81-971e-54ec857b9693 Context name : SR-Tier0-LR-1
    Mode
    VRF, Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get firewall interfaces sync
    Display sync configuration for logical router interfaces with firewall rules.
    Example
    nsx-edge-1> get firewall interfaces sync Total count: 1 Interface : e159f0db-d8e4-4973-9cbb-8cc30def2c3e HA mode : primary-active Firewall enabled : true Sync pending : false Bulk sync pending : false Last status: ok Local VTEP IP : 192.168.250.62 Peer VTEP IP : 192.168.250.63 Local context : 56eead22-3bb9-4586-8de3-9412941f9116 Peer context : 56eead22-3bb9-4586-8de3-9412941f9116
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get firewall ipfix-containers
    Display firewall ipfix containers.
    Example
    esx-1> get firewall ipfix-containers Firewall IPFIX Containers ---------------------------------------------------------------------- Container UUID VIF UUID daa4a875-9050... 1b78faa3-d8b9... 879e25c1-cf28... 14417daf-ce52... a0286cfe-73d2... 36124bcf-5bdf... 14417daf-ce52... e30a0072-1930... e5e6fee8-61f7...
    Mode
    Basic
    Availability
    ESXi, KVM, NSX Cloud VM

    get firewall ipfix-filters
    Display firewall ipfix filters.
    Example
    esx-1> get firewall ipfix-filters Firewall IPFIX VIFs ---------------------------------------------------------------------- e0b4c45b-7df8-40d5-a229-2b2a5be2d4d0 e30a0072-1930-48a0-adaa-9412e758eea7
    Mode
    Basic
    Availability
    ESXi, KVM, NSX Cloud VM

    get firewall ipfix-profiles
    Display firewall ipfix profile configration.
    Example
    esx-1> get firewall ipfix-profiles Firewall IPFIX Profiles ---------------------------------------------------------------------- UUID Priority Timeout Domain ID AppliedTo Count Collector UUID 0a988e9e-725d... 10 5 100 8 035cad05-0dc8... 6f25a736-646e... 0 3 1 2 188da901-1bd0...
    Mode
    Basic
    Availability
    ESXi, KVM, NSX Cloud VM

    get firewall ipfix-stats
    Display firewall ipfix statistics.
    Example
    esx-1> get firewall ipfix-stats Firewall IPFIX Statistics ---------------------------------------------------------------------- Collector config: 188da901-1bd0-402b-9b57-3521cb59910b IP address port # bytes sent sequence # sent errors 10.2.117.211 2828 38016 355 0 Collector config: 035cad05-0dc8-44a8-b320-d6ebb8112515 IP address port # bytes sent sequence # sent errors 2.2.2.2 200 344 0 0 1.1.1.1 100 344 0 0
    Mode
    Basic
    Availability
    ESXi, KVM, NSX Cloud VM

    get firewall orphaned-section
    Get orphaned sections from the firewall.
    Example
    nsx-manager-1> get firewall orphan_section ---------------------- delta_in_section_table ---------------------- id enforced_on section_type ------------------------------------ ----------- ------------ 1a91e6de-cf01-4610-a1a0-535e51500c6d DFW LAYER2 1 row(s) ---------------------- delta_in_priority_list ---------------------- id enforced_on section_type ------------------------------------ ----------- ------------ 166abe33-8ea6-4cf0-a264-a6a2496fffca EDGE LAYER3 1 row(s)
    Mode
    Basic
    Availability
    Manager

    get firewall packetlog
    Display the contents of the DFW packet log file.
    Example
    2018-07-17T18:41:20.708Z f1007e48 INET match PASS 2 OUT 84 ICMP 1.1.1.10->1.1.3.10 2018-07-17T18:41:20.716Z a8de7313 INET match PASS 2 IN 84 ICMP 1.1.1.10->1.1.3.10 . . .
    Mode
    Basic
    Availability
    ESXi, KVM

    get firewall packetlog last <lines>
    Display last lines of the DFW packet log file.
    Option Description
    <lines> Line count, up to 80
    Example
    . . . 2018-07-17T18:41:20.708Z f1007e48 INET match PASS 2 OUT 84 ICMP 1.1.1.10->1.1.3.10 2018-07-17T18:41:20.716Z a8de7313 INET match PASS 2 IN 84 ICMP 1.1.1.10->1.1.3.10
    Mode
    Basic
    Availability
    ESXi, KVM

    get firewall published-entity
    Get list of published entities from the firewall.
    Example
    nsx-manager-1> get firewall published-entity entity_id entity_type sync_operation_type firewall_type priority last_modified_time entity_revision ------------------------------------ ------------ ------------------- ------------- ------------------- ------------------ --------------- 1a91e6de-cf01-4610-a1a0-535e51500c6d RULE_SECTION FULLSYNC DFW 2089670227099910143 1537220678865 0 166abe33-8ea6-4cf0-a264-a6a2496fffca RULE_SECTION FULLSYNC DFW 2089670227099910143 1537220678841 0 2 row(s)
    Mode
    Basic
    Availability
    Manager

    get firewall published-entity <published-entity-type> <published-entity-id>
    Get a published entity of given type and id.
    Option Description
    <published-entity-type> Firewall entity type
    Allowed values: RULE_SECTION
    <published-entity-id> Firewall entity id
    Example
    nsx-manager-1> get firewall published-entity section 1a91e6de-cf01-4610-a1a0-535e51500c6d entity_id entity_type sync_operation_type firewall_type priority last_modified_time entity_revision ------------------------------------ ------------ ------------------- ------------- ------------------- ------------------ --------------- 1a91e6de-cf01-4610-a1a0-535e51500c6d RULE_SECTION FULLSYNC DFW 2089670227099910143 1537220678865 0
    Mode
    Basic
    Availability
    Manager

    get firewall rule-stats
    Display firewall rule statistics.
    Example
    sc-rdops-vm09-dhcp-1-10.eng.vmware.com> get firewall rule-stats total Firewall Rule Statistics ------------------------------------------------------------------------------------------ RuleId Packets Bytes Sessions hits 1 0 0 0 0 2 511 33276 0 511
    Mode
    Basic
    Availability
    ESXi, KVM, NSX Cloud VM

    get firewall rule-stats total
    Display total firewall rule statistics.
    Example
    sc-rdops-vm09-dhcp-1-10.eng.vmware.com> get firewall rule-stats total Firewall Rule Statistics ------------------------------------------------------------------------------------------ RuleId Packets Bytes Sessions hits 1 0 0 0 0 2 511 33276 0 511
    Mode
    Basic
    Availability
    ESXi, KVM, NSX Cloud VM

    get firewall rules
    Display the summary of firewall rules.
    Example
    host-1> get firewall rules VIF ID : eni-d36ce980 Rule Count : 2 Ruleset UUID : e83c8855-2541-4965-90dd-522435853409 Rule ID : 1025 Rule : inout protocol any from any to addrset 986cf106-b987-48bb-bdaa-8b55e1e82756 accept Rule ID : 2 Rule : inout protocol any from any to any accept Rule UUID : 8f03714c-4d60-48d2-9767-7654d90c079e Rule ID : 1 Rule : inout ethertype any stateless from any to any accept
    Mode
    Basic
    Availability
    NSX Cloud VM

    get firewall status
    Display the firewall status.
    Example
    nsx-manager-1> get firewall status context global_status _revision ------- ------------- --------- logical_routers ENABLED 0 transport_nodes ENABLED 0 2 row(s)
    Mode
    Basic
    Availability
    Manager

    get firewall status
    Display the firewall status.
    Example
    esx-1> get firewall status Firewall Status ---------------------------------------------------------------------- enabled
    Mode
    Basic
    Availability
    ESXi, KVM

    get firewall summary
    Display the firewall summary.
    Example
    nsx-manager-1> get firewall summary section_type section_count rule_count ------------ ------------- ---------- L2DFW 1 1 L3DFW 1 1 2 row(s)
    Mode
    Basic
    Availability
    Manager

    get firewall sync config
    Display the active/standby configuration for the firewall on the specified logical router interface.
    Example
    nsx-edge-1(vrf)> get firewall sync config HA mode : primary-active Firewall enabled : true Sync pending : false Bulk sync pending : false Last status: ok Local VTEP IP : 192.168.250.62 Peer VTEP IP : 192.168.250.63 Local context : 56eead22-3bb9-4586-8de3-9412941f9116 Peer context : 56eead22-3bb9-4586-8de3-9412941f9116
    Mode
    VRF, Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get firewall sync stats
    Display the firewall synchronization statistics in the VRF context.
    Example
    nsx-edge-1(vrf)> get firewall sync stats bad-action : 0 bad-c-delete : 0 bad-c-update : 0 bad-delete : 0 bad-header : 0 bad-len : 0 bad-request : 0 bad-rule-id : 0 bad-stale-c-update : 0 bad-stale-update : 0 bad-state-c-update : 0 bad-state-insert : 0 bad-state-update : 0 bad-total : 0 bad-ttl : 0 bad-update : 0 bad-val : 0 bad-version : 0 failed-module-insert : 0 failed-no-mem : 0 failed-no-module : 0 failed-output : 0 input-ipv4 : 5 output-ipv4 : 138 send-bulk-update : 0 send-c-delete : 13 send-c-update : 135 send-update : 0 state-c-delete : 0 state-c-update : 0 state-delete : 0 state-insert : 0 state-request : 2 state-update : 0
    Mode
    VRF, Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get firewall thresholds
    Display firewall thresholds.
    Example
    kvm> get firewall thresholds Firewall Threshold Monitors ------------------------------------------------------------------------------------------- # Name Raised Threshold CurrValue CurrSize MaxSize PeakEver EverTime(ago) 1 total-cpu False 90 0 -- -- 0 --:--:-- 2 total-memory False 90 2 2 MB 96 MB 2 05:42:08
    Mode
    Basic
    Availability
    KVM

    get firewall thresholds
    Display firewall thresholds.
    Example
    esx> get firewall thresholds Firewall Threshold Monitors ------------------------------------------------------------------------------------------- # Name Raised Threshold CurrValue CurrSize MaxSize PeakEver EverTime(ago) 1 dfw-cpu False 90 0 -- -- 0 --:--:-- 2 vsip-attr False 90 2 2 MB 96 MB 2 05:42:08 3 vsip-flow False 90 0 0 MB 168 MB 0 --:--:-- 4 vsip-fqdn False 90 0 0 MB 96 MB 0 --:--:-- 5 vsip-module False 90 4 22 MB 512 MB 4 05:42:08 6 vsip-rules False 90 0 0 MB 128 MB 0 --:--:-- 7 vsip-state False 90 0 0 MB 192 MB 0 --:--:--
    Mode
    Basic
    Availability
    ESXi

    get firewall vifs
    Display firewall VIFs
    Example
    > get firewall vifs Firewall VIFs -------------------------------------------------- VIF count: 2 1. e0b4c45b-7df8-40d5-a229-2b2a5be2d4d0 2. e30a0072-1930-48a0-adaa-9412e758eea7
    Mode
    Basic
    Availability
    ESXi, KVM

    get forwarding
    Display forwarding information for the current interface. If the interface is a switch port, the MAC address table is displayed. If the interface is a router interface, the IP forwarding table is displayed.
    Example
    nsx-edge-1(path)> get forwarding IP Neighbor Table: IP UUID MAC State Last Update Time IP Forwarding Table: IP Prefix Type UUID Gateway IP Gateway MAC 0.0.0.0/0 route 2a7bf881-1f89-4833-833e-47673b79901a 169.0.0.2 80.80.80.11/32 route 3eb2d5aa-3d11-4de3-98df-3cdebf5094e0 100.64.1.3 100.64.1.0/32 route 01f737d3-a66a-5b14-9ff7-6fc64af6a613 100.64.1.0/31 route bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a 100.64.1.2/32 route 01f737d3-a66a-5b14-9ff7-6fc64af6a613 100.64.1.2/31 route 3eb2d5aa-3d11-4de3-98df-3cdebf5094e0 169.0.0.0/28 route 2a7bf881-1f89-4833-833e-47673b79901a 169.0.0.1/32 route 01f737d3-a66a-5b14-9ff7-6fc64af6a613 172.16.10.0/24 route bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a 100.64.1.1 172.16.20.0/24 route bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a 100.64.1.1 172.16.30.0/24 route bbf5b23c-3f0a-4afe-b3b3-b19814d4dd2a 100.64.1.1 172.16.40.0/24 route 3eb2d5aa-3d11-4de3-98df-3cdebf5094e0 100.64.1.3 192.168.130.0/24 route 2a7bf881-1f89-4833-833e-47673b79901a 169.0.0.2 192.168.130.3/32 route 2a7bf881-1f89-4833-833e-47673b79901a 169.0.0.2 or nsx-edge-1(path)> get forwarding MAC Table: MAC UUID Source 02:50:56:00:00:00 5b2068d0-8c28-4427-8be4-48f422f92309 controller 02:50:56:00:00:02 eb3bd495-9ce3-40b4-a955-c2ddc4893cfa controller 02:50:56:56:44:52 5b2068d0-8c28-4427-8be4-48f422f92309 controller Replication Tunnels: UUID Local VTEP Remote VTEP MTEP 704d9577-39d4-5b7c-b890-5e5e0bba8d0e 192.168.250.62 192.168.250.63 False
    Mode
    Path
    Availability
    Edge, Public Cloud Gateway

    get forwarding [<prefix>]
    Display the forwarding table for the logical router in the VRF context. Optionally specify a prefix to display only the entry that matches that network.
    Option Description
    <prefix> Network Address argument
    Example
    nsx-edge-1(tier0_sr)> get forwarding Logical Router UUID VRF LR-ID Name Type e9d3379d-aba7-4459-9262-18bc95eaeec1 1 1 SERVICE_ROUTER_TIER0 IPv4 Forwarding Table IP Prefix Gateway IP Type UUID Gateway MAC 127.0.0.1/32 route 4b115e5f-1395-54c3-aaf0-0de5736f99df 172.20.1.0/24 route 6c427841-e151-4479-9184-4196cfcef3b6 172.20.1.60/32 route 4b115e5f-1395-54c3-aaf0-0de5736f99df 172.24.4.1/32 172.20.1.50 route 6c427841-e151-4479-9184-4196cfcef3b6 or nsx-edge-1(tier0_sr)> get forwarding 172.16.110.0/24 Logical Router UUID VRF Name Type e9d3379d-aba7-4459-9262-18bc95eaeec1 1 SERVICE_ROUTER_TIER0 IPv4 Forwarding Table IP Prefix Gateway IP Type UUID Gateway MAC 172.24.4.1/32 172.20.1.50 route 6c427841-e151-4479-9184-4196cfcef3b6
    Mode
    VRF, Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get gateway certificate <ip-address>
    Dump the host's public cloud gateway certificate
    Option Description
    <ip-address> Network IP address argument
    Example
    host-1> get gateway certificate 13.14.41.34 Public Cloud Gateway : 13.14.41.34 Certificate Thumbprint : 2A0489D8990FFB51D9F72190FBCC4052E42BB31F SHA : sha256
    Mode
    Basic
    Availability
    NSX Cloud VM

    get gateway certificates
    Dump the host's public cloud gateway certificates.
    Example
    host-1> get gateway certificates Public Cloud Gateway : 13.14.41.34 Certificate Thumbprint : 2A0489D8990FFB51D9F72190FBCC4052E42BB31F SHA : sha256 Public Cloud Gateway : 13.14.41.35 Certificate Thumbprint : 345489B8990FDB51D9A72190FB0A7042842BB32C SHA : sha256
    Mode
    Basic
    Availability
    NSX Cloud VM

    get gateway connection status
    Dump the host's public cloud gateway connection status.
    Example
    host-1> get gateway connection status Public Cloud Gateway : 13.14.41.34:5555 Connection Status : ESTABLISHED Connection Time : Thu Jun 15 19:12:34 2017 Last Known Error : None
    Mode
    Basic
    Availability
    NSX Cloud VM

    get gw-controller connections
    Dump public cloud gateway connections
    Example
    nsx-public-cloud-gateway> get gw-controller connections ConnectionId Remote IP Endpoint 0 10.10.4.226 ccp 1 127.0.0.1 edge-nsx-agent 6 10.10.4.65 i-0c61c378b52c1588c 7 10.10.4.247 i-05e1618bdffb8e521 8 10.10.4.170 i-0b28602753dbf4e51
    Mode
    Basic
    Availability
    Public Cloud Gateway

    get gw-controller logging-level
    Get gw-controller logging level.
    Mode
    Basic
    Availability
    Public Cloud Gateway

    get gw-controller vm-certificate <vm-id>
    Display public cloud VM certificate
    Option Description
    <vm-id> VM ID
    Example
    nsx-public-cloud-gateway>get gw-controller vm-certificate i-00dd27a50b99b29b6 [{'ID': 'i-00dd27a50b99b29b6', 'Thumbprint': '9EB31557EE6B4733E588F4CA51449707132DDC79', 'SHA': 'sha256'}]
    Mode
    Basic
    Availability
    Public Cloud Gateway

    get gw-controller vm-certificates
    Display all public cloud VM certificates
    Example
    nsx-public-cloud-gateway> get gw-controller vm-certificates ID Thumbprint SHA i-00dd27a50b99b29b6 9EB31557EE6B4733E588F4CA51449707132DDC79 sha256 i-05e1618bdffb8e521 2966DCA6F755D04FA87625A18A2671460A753A9E sha256
    Mode
    Basic
    Availability
    Public Cloud Gateway

    get gw-controller vm-log-forwarding
    Get VM log forwarding status
    Example
    nsx-gw1> get gw-controller vm-log-forwarding VM_ID InstanceName Status 200eb4cc-8d9b-4604-be2e-1e9a1022c91c nsx-workload-1 disabled all * enabled
    Mode
    Basic
    Availability
    Public Cloud Gateway

    get gw-controller vm-log-forwarding <vm-id>
    Get VM log forwarding status
    Option Description
    <vm-id> VM ID
    Example
    nsx-gw1> get gw-controller vm-log-forwarding 200eb4cc-8d9b-4604-be2e-1e9a1022c91c VM_ID InstanceName Status 200eb4cc-8d9b-4604-be2e-1e9a1022c91c nsx-workload-1 disabled
    Mode
    Basic
    Availability
    Public Cloud Gateway

    get gw-controller vm-state
    Display public cloud VM state for all VMs
    Example
    nsx-public-cloud-gateway-AWS> get gw-controller vm-state ConnID VM ID InstanceName State Quarantine Valid 3 i-00275186c5eab8d1e vm1-test-1 VM_STATE_NORMAL QUARANTINE_STATE_NORMAL TRUE 5 i-00dd27a50b99b29b6 vm2-test-2 VM_STATE_NORMAL QUARANTINE_STATE_NORMAL TRUE NO_AGENT i-00aa27a50b99b2999 vm3-test-3 VM_STATE_NORMAL QUARANTINE_STATE_NORMAL TRUE nsx-gw1-AZURE> get gw-controller vm-state ConnID VM ID InstanceName State Quarantine Valid 8 0502182d-4db9-48d2-aaf7-a737c8a2f630 vm-test-102 VM_STATE_NORMAL QUARANTINE_STATE_NORMAL TRUE - 3ad0eb11-23c0-4f2f-8855-ee69e747a7a9 vm-test-101 VM_STATE_UNKNOWN QUARANTINE_STATE_ENABLED FALSE NO_AGENT 7aeeeb11-23c0-4f2f-8855-ee69e747a711 vm-test-103 VM_STATE_NORMAL QUARANTINE_STATE_ENABLED FALSE
    Mode
    Basic
    Availability
    Public Cloud Gateway

    get gw-controller vm-state <vm-id>
    Display public cloud VM state for specific VM
    Option Description
    <vm-id> VM ID
    Example
    nsx-public-cloud-gateway>get gw-controller vm-state i-0c61c378b52c1588c ID: i-0c61c378b52c1588c Config: Name: vm-10-overlay-test-5 VM ID: i-0c61c378b52c1588c Power State: POWER_STATE_ON Desired version: Interfaces: {'attachment_id': 'eni-b0dd8c8c', 'mac_address_string': '06:95:92:91:ba:0c', 'Secondary_IP': [], 'Tags': [{'value': 'b15e32de-5c02-4b12-999b-86595e3bfa46', 'key': 'nsx:network'}], 'IP': '10.10.4.65', 'Name': u'', 'Device index': '0', 'MAC address': '06:95:92:91:ba:0c', 'ID': 'eni-b0dd8c8c', 'NSX assigned IP': []} Tags: {'value': 'vm-10-overlay-test-5', 'key': 'Name'} {'value': 'vpc-7d0fea1b', 'key': 'aws:vpc'} {'value': 'us-west-2b', 'key': 'aws:availabilityzone'} VM Services: [] Quarantine state: QUARANTINE_STATE_NORMAL SystemTags: [] VM Security groups: [{'Security group': 'sg-6e300315'}] VM Identifiers: [{'value': 'vpc-7d0fea1b', 'key': 'vpc-id'}] State: {'timestamp(ms)': '0', 'VM Version': '2.0.0.0.0.5706753', 'VM OS Version': '14.04', 'VM OS Type': 'UBUNTU', 'State': 'VM_STATE_NORMAL'} ActiveConn: 14 Valid: 1
    Mode
    Basic
    Availability
    Public Cloud Gateway

    get hardening-policy mandatory-access-control report [file <filename> [all]]
    Display the mandatory access control report for possible policy violations. Specify the file argument to write the information to a file with the specified file name. The report is written to this file in a concise format. You can specify the all argument to have a verbose report, which includes exact log messages.
    Option Description
    <filename> Name of file to generate, for example report-bundle.tgz
    Allowed pattern: ^[^/ *;&|]+$
    Example
    nsx-edge-1> get hardening-policy mandatory-access-control report ACTION OPERATION PROFILE DENIED Capable /usr/sbin/tcpdump DENIED Capable /sbin/dhclient nsx-edge-1> get hardening-policy mandatory-access-control report file report.tar.gz report.tar.gz created, use the following command to transfer the file: copy file report.tar.gz url <url> After transferring report.tar.gz, extract it using: tar xzf report.tar.gz nsx-edge-1> get hardening-policy mandatory-access-control report file report_all.tar.gz all report_all.tar.gz created, use the following command to transfer the file: copy file report_all.tar.gz url <url> After transferring report.tar.gz, extract it using: tar xzf report_all.tar.gz
    Mode
    Basic
    Availability
    Controller, Edge, Manager, Policy Manager, Public Cloud Gateway

    get hardening-policy mandatory-access-control status
    This command gets the current status of mandatory access control. Usage for the command is get hardening-policy mandatory-access-control status
    Example
    nsx-edge-1> get hardening-policy mandatory-access-control status Mandatory Access Control is enabled.
    Mode
    Basic
    Availability
    Controller, Edge, Manager, Policy Manager, Public Cloud Gateway

    get high-availability channel local-ip <ip-address> remote-ip <ip-address>
    Display information about the specified high-availability channel.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get high-availability channel local-ip 30.0.246.232 remote-ip 30.0.29.0 High-Availability Channel Cfg_flags : 0x00000000 Ha_transport : 0bb0495e-b525-11e8-b7e8-020045ee019c Channel_if_uuid : 0f02ccfe-0cbf-524a-ba32-6bedaa0429ec Channel_sessions : 1 Channel_state : SYN Ctl_req_seq : 1 Egress_inst_id : b75cdf09-e71f-4574-960a-45f7cc43300b Ingress_inst_id : 00000000-0000-0000-0000-000000000000 Last_tx : 0x1eff538 Local_address : 30.0.246.232 Next_tx : 0x1eff894 Remote_address : 30.0.29.0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability channel local-ip <ip-address> remote-ip <ip-address> stats
    Display statistics for the specified high-availability channel.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get high-availability channel local-ip 30.0.246.232 remote-ip 30.0.29.0 stats High-Availability Session Local_address : 30.0.246.232 Remote_address : 30.0.29.0 Rx_ack_packets : 0 Rx_drop : 0 Rx_drop_bad_version : 0 Rx_drop_inst_unmatch : 0 Rx_drop_intf_unmatch : 0 Rx_drop_ip_unmatch : 0 Rx_drop_pkt_len_unmatch : 0 Rx_drop_pkt_too_short : 0 Rx_drop_seq_unmatch : 0 Rx_drop_wait_syn_ack : 0 Rx_packets : 0 Tx_drop : 0 Tx_error : 0 Tx_packets : 754
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability channels
    Display information about high-availability channels.
    Example
    nsx-edge-1> get high-availability channels High-Availability Channel Cfg_flags : 0x00000000 Ha_transport : 0bb0495e-b525-11e8-b7e8-020045ee019c Channel_if_uuid : 0f02ccfe-0cbf-524a-ba32-6bedaa0429ec Channel_sessions : 1 Channel_state : SYN Ctl_req_seq : 1 Egress_inst_id : b75cdf09-e71f-4574-960a-45f7cc43300b Ingress_inst_id : 00000000-0000-0000-0000-000000000000 Last_tx : 0x1eb115c Local_address : 30.0.246.232 Next_tx : 0x1eb1512 Remote_address : 30.0.29.0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability channels stats
    Display statistics for the high-availability channels.
    Example
    nsx-edge-1> get high-avaiability channels stats High-Availability Session Local_address : 30.0.246.232 Remote_address : 30.0.29.0 Rx_ack_packets : 0 Rx_drop : 0 Rx_drop_bad_version : 0 Rx_drop_inst_unmatch : 0 Rx_drop_intf_unmatch : 0 Rx_drop_ip_unmatch : 0 Rx_drop_pkt_len_unmatch : 0 Rx_drop_pkt_too_short : 0 Rx_drop_seq_unmatch : 0 Rx_drop_wait_syn_ack : 0 Rx_packets : 0 Tx_drop : 0 Tx_error : 0 Tx_packets : 476
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability history state
    Display the high availability state history for the logical router in the VRF context.
    Example
    nsx-edge-1(tier0_sr)> get high-availability history state State : Down Event : Init Resources : Time : 2016-02-02 18:41:22.80 State : Active Event : Node Up Resources : 0 Time : 2016-02-02 18:41:26.91
    Mode
    Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get high-availability session local-service-id <service-id> peer-service-id <service-id>
    Display information about the specified high-availability session.
    Option Description
    <service-id> Service id (0-65535)
    Example
    nsx-edge-1> get high-availability session local-service-id 5 peer-service-id 5 High-Availability Session Cfg_flags : 0x00000000 Ha_transport : 0bb0495e-b525-11e8-b7e8-020045ee019c Last_tx : 0x0 Local_address : 30.0.246.232 Local_service_id : 5 Next_tx : 0x0 Nsxa_req_ha_state : 1 Nsxa_req_msg_type : 0 Peer_ha_state : 255 Peer_service_id : 5 Remote_address : 30.0.29.0 Req_seq : 1 Req_state : active Service_type : service-router
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability session local-service-id <service-id> peer-service-id <service-id> stats
    Display statistics for the specified high-availability session.
    Option Description
    <service-id> Service id (0-65535)
    Example
    nsx-edge-1> get high-availability session local-service-id 5 peer-service-id 5 High-Availability Session Cfg_flags : 0x00000000 Ha_transport : 0bb0495e-b525-11e8-b7e8-020045ee019c Last_tx : 0x0 Local_address : 30.0.246.232 Local_service_id : 5 Next_tx : 0x0 Nsxa_req_ha_state : 1 Nsxa_req_msg_type : 0 Peer_ha_state : 255 Peer_service_id : 5 Remote_address : 30.0.29.0 Req_seq : 1 Req_state : active Service_type : service-router
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability sessions
    Display information about high-availability sessions.
    Example
    nsx-edge-1> get high-availability sessions High-Availability Session Cfg_flags : 0x00000000 Ha_transport : 0bb0495e-b525-11e8-b7e8-020045ee019c Last_tx : 0x0 Local_address : 30.0.246.232 Local_service_id : 5 Next_tx : 0x0 Nsxa_req_ha_state : 1 Nsxa_req_msg_type : 0 Peer_ha_state : 255 Peer_service_id : 5 Remote_address : 30.0.29.0 Req_seq : 1 Req_state : active Service_type : service-router
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability sessions remote-ip <ip-address>
    Display information about high-availability sessions by remote-ip of the channel
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get high-availability sessions remote-ip 30.0.29.0 High-Availability Session Cfg_flags : 0x00000000 Ha_transport : 0bb0495e-b525-11e8-b7e8-020045ee019c Last_tx : 0x0 Local_address : 30.0.246.232 Local_service_id : 5 Next_tx : 0x0 Nsxa_req_ha_state : 1 Nsxa_req_msg_type : 0 Peer_ha_state : 255 Peer_service_id : 5 Remote_address : 30.0.29.0 Req_seq : 1 Req_state : active Service_type : service-router
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability sessions service-type <service-type>
    Display information about high-availability sessions by service-type.
    Option Description
    <service-type> Service type argument is one of {service-router}
    Allowed values: service-router, l2-bridge
    Example
    nsx-edge-1> get high-availability sessions service-type service-router High-Availability Session Cfg_flags : 0x00000000 Ha_transport : 0bb0495e-b525-11e8-b7e8-020045ee019c Last_tx : 0x0 Local_address : 30.0.246.232 Local_service_id : 5 Next_tx : 0x0 Nsxa_req_ha_state : 1 Nsxa_req_msg_type : 0 Peer_ha_state : 255 Peer_service_id : 5 Remote_address : 30.0.29.0 Req_seq : 1 Req_state : active Service_type : service-router
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability sessions service-type <service-type> remote-ip <ip-address>
    Display information about high-availability sessions by service-type and remote-ip of the channel
    Option Description
    <service-type> Service type argument is one of {service-router}
    Allowed values: service-router, l2-bridge
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get high-availability sessions service-type service-router remote-ip 30.0.29.0 High-Availability Session Cfg_flags : 0x00000000 Ha_transport : 0bb0495e-b525-11e8-b7e8-020045ee019c Last_tx : 0x0 Local_address : 30.0.246.232 Local_service_id : 5 Next_tx : 0x0 Nsxa_req_ha_state : 1 Nsxa_req_msg_type : 0 Peer_ha_state : 255 Peer_service_id : 5 Remote_address : 30.0.29.0 Req_seq : 1 Req_state : active Service_type : service-router
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability sessions service-type <service-type> stats
    Display statistics for the high-availability sessions of specified service-type.
    Option Description
    <service-type> Service type argument is one of {service-router}
    Allowed values: service-router, l2-bridge
    Example
    nsx-edge-1> get high-availability session service-type service-router stats High-Availability Session Local_service_id : 5 Peer_service_id : 5 Rx_ack_packets : 0 Rx_drop : 0 Rx_drop_bad_version : 0 Rx_drop_inst_unmatch : 0 Rx_drop_intf_unmatch : 0 Rx_drop_ip_unmatch : 0 Rx_drop_pkt_len_unmatch : 0 Rx_drop_pkt_too_short : 0 Rx_drop_seq_unmatch : 0 Rx_packets : 0 Rx_packets_to_conf_thread : 0 Service_type : service-router Tx_drop : 0 Tx_error : 0 Tx_packets : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability sessions service-type <service-type> sync complete
    Displays any high-availability sessions of a given type who have completed synchronization with peer
    Option Description
    <service-type> Service type argument is one of {service-router}
    Allowed values: service-router, l2-bridge
    Example
    nsx-edge-1> get high-availability sessions service-type service-router sync complete Total : 2 UUID : e371701a-3e7d-4173-a0fc-7311d70f50e6 Type : TIER1 State : Active UUID : 4e425c9e-09c6-4021-bbc7-fab2895a2c09 Type : TIER1 State : Standby
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability sessions service-type <service-type> sync in-progress
    Displays any high-availability sessions of a given type who have not yet completed synchronization with peer
    Option Description
    <service-type> Service type argument is one of {service-router}
    Allowed values: service-router, l2-bridge
    Example
    nsx-edge-1> get high-availability sessions service-type service-router sync in-progress Total : 2 UUID : e371701a-3e7d-4173-a0fc-7311d70f50e6 Type : TIER1 State : Active, waiting for peer to confirm UUID : 4e425c9e-09c6-4021-bbc7-fab2895a2c09 Type : TIER1 State : Down
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability sessions service-type <service-type> sync summary
    Display the synchronization status of high-availability sessions of a given type on current node
    Option Description
    <service-type> Service type argument is one of {service-router}
    Allowed values: service-router, l2-bridge
    Example
    nsx-edge-1> get high-availability service-type service-router sync summary Overview Sync in progress: 2 Sync done : 100 All sync done : false
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability sessions stats
    Display statistics for the high-availability sessions.
    Example
    nsx-edge-1> get high-availability sessions stats High-Availability Global Counters Ha_sessions : 1 Nsxa_err_msg_receive_count : 0 Nsxa_msg_receive_count : 0 Nsxa_notify_count : 0 Nsxa_notify_drop_count : 0 Rx_drop_bad_csum : 0 Rx_drop_bad_version : 0 Rx_drop_count : 0 Rx_drop_intf_type : 0 Rx_drop_non_app : 0 Rx_drop_non_udp : 0 Rx_drop_null_app_peer_session : 0 Rx_drop_null_app_session : 0 Rx_drop_null_intf : 0 Rx_drop_runt_pkt : 0 Rx_drop_udp_len : 0 Tx_drop_count : 0 Tx_drop_no_route : 0 High-Availability Session Local_service_id : 5 Peer_service_id : 5 Rx_ack_packets : 0 Rx_drop : 0 Rx_drop_bad_version : 0 Rx_drop_inst_unmatch : 0 Rx_drop_intf_unmatch : 0 Rx_drop_ip_unmatch : 0 Rx_drop_pkt_len_unmatch : 0 Rx_drop_pkt_too_short : 0 Rx_drop_seq_unmatch : 0 Rx_packets : 0 Rx_packets_to_conf_thread : 0 Service_type : service-router Tx_drop : 0 Tx_error : 0 Tx_packets : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get high-availability status
    Display the high availability status for the logical router in the VRF context.
    Example
    nsx-edge-1(tier1_sr)> get high-availability status Service Router UUID : 4e425c9e-09c6-4021-bbc7-fab2895a2c09 state : Active type : TIER1 mode : A/S failover mode : Non-preemptive rank : 0 service count : 1 service score : 0 HA ports state UUID : 733d7ed3-1daa-4c28-bc0a-77e3736fea14 op_state : Up addresses : 169.0.0.2/28 Peer Routers Node UUID : e13dbba8-542e-11e9-a177-020021d58d1d HA state : Standby
    Mode
    Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get host-switch <host-switch-name> dvport <dvport-id> ipfix setting
    Display IPFIX setting on the specified DVPort of the specified host switch
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <dvport-id> DVPort identifier
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    Example
    esx-1> get host-switch nsxvswitch dvport cdb36fdd-a3ec-494e-9b7b-60a8c6af5b70 ipfix setting Host IPFIX setting -------------------------------------------------------------------------- activeTimeout : 8 idleTimeout : 15 sampleRate : 1000 obsDomainID : 0 sourceIP : 0.0.0.0 internalFlowsOnly : False vNICFlowOnly : False virtualObsID : collectors : 192.168.7.3 5003
    Mode
    Basic
    Availability
    ESXi

    get host-switch <host-switch-name> dvport <dvport-id> ipfix stats
    Display IPFIX stats on the specified DVPort of the specified host switch
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <dvport-id> DVPort identifier
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    Example
    esx-1> get host-switch nsxvswitch dvport cdb36fdd-a3ec-494e-9b7b-60a8c6af5b70 ipfix stats Host IPFIX stats -------------------------------------------------------------------------- flows : 0 currentFlows : 0 pktsSent : 10 pktsSenterrors : 0 sampleok : 0 ipv4ok : 0 ipv6ok : 0 sampleerrors : 0 unsupportedproto : 0 ipv4errors : 0 ipv6errors : 0 etherrors : 0 inputiferrors : 0 outputiferrors : 0 allocerrors : 0 ipv4headererrors : 0 ipv6headererrors : 0 ipv4unsupportedproto: 0 ipv6unsupportedproto: 0 ipv4missingfrags : 0 ipv6missingfrags : 0 pktattrerrors : 0 accesserrors : 0
    Mode
    Basic
    Availability
    ESXi

    get host-switch <host-switch-name> dvport <dvport-id> mcast-filter
    Display the mcast filter mode for the specified host switch and dvPort
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <dvport-id> DVPort identifier
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    Example
    esx-1> get host-switch nsxvswitch dvport 73c6d671-32e0-4e74-95a0-bf604c0e0669 mcast-filter Host Switch DVPort Mcast Filter Entry --------------------------------------------------------------------------- Legacy Filter Entry =========================================================================== 33:33:ff:69:ae:cd 33:33:00:00:00:01 01:00:5e:00:00:01 IGMP Filter Entry =========================================================================== 224.1.1.2 MLD Filter Entry ===========================================================================
    Mode
    Basic
    Availability
    ESXi

    get host-switch <host-switch-name> dvport <dvport-id> mcast-filter <entry-mode> <entry-group>
    Display the mcast filter stata of the specified entry
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <dvport-id> DVPort identifier
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    <entry-mode> Mode of a mcast filter entry
    Allowed values: igmp, mld
    <entry-group> Group address of a mcast filter entry
    Allowed pattern: ^([A-Fa-f0-9.:]+)$
    Example
    esx-1> get host-switch nsxvswitch dvport 73c6d671-32e0-4e74-95a0-bf604c0e0669 mcast-filter igmp 224.1.1.2 Host Switch DVPort Mcast Filter Entry Status --------------------------------------------------------------------------- VNI : 41864 version : 3 srcIPFilterMode : INCLUDE updateTime : 35 srcIPs : 192.168.1.4 192.168.1.5
    Mode
    Basic
    Availability
    ESXi

    get host-switch <host-switch-name> ipfix stats
    Display IPFIX stats on the specified host switch
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    Example
    esx-1> get host-switch nsxvswitch ipfix stats Host IPFIX stats -------------------------------------------------------------------------- flows : 0 currentFlows : 0 pktsSent : 10 pktsSenterrors : 0 sampleok : 0 ipv4ok : 0 ipv6ok : 0 sampleerrors : 0 unsupportedproto : 4 ipv4errors : 0 ipv6errors : 0 etherrors : 0 inputiferrors : 0 outputiferrors : 0 allocerrors : 0 ipv4headererrors : 0 ipv6headererrors : 0 ipv4unsupportedproto: 0 ipv6unsupportedproto: 0 ipv4missingfrags : 0 ipv6missingfrags : 0 pktattrerrors : 0 accesserrors : 0
    Mode
    Basic
    Availability
    ESXi

    get host-switch <host-switch-name> mcast-filter
    Display the mcast filter mode for the specified host switch.
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    Example
    esx-1> get Host-switch nsxvswitch mcast-filter Host Switch Mcast Filter --------------------------------------------------------------------------- Mode : Snooping
    Mode
    Basic
    Availability
    ESXi

    get host-switch <host-switch-name> mirror-session <mirror-session-id>
    Display the stats of mirror on the specified host switch.
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <mirror-session-id> Mirror session identifier UUID
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    Example
    esx-1> get host-switch nsxvswitch mirror-session a779b62e-7711-47ad-8d54- 5cb166d061af Mirror Session ========================================================== UUID : a779b62e-7711-47ad-8d54-5cb166d061af Direction : Both Snap Length : 0 Source : 9484c882-76e6-4f9e-85c4-087968963769;34b19ace-8396-4 dd2-9b92-5867b1bf30ef;vmnic1(Encap) Destination : 79b8f233-4c22-49ce-b270-3802796de856 EncapVlan : OrigialVlan : EncapType : GreKey : ERspanID : Filter : Source IPs : 10.1.1.1 : 2000:1/64 Destination IPs : 20.1.1.1 : 2000:2/64 IP Protocol : TCP Source Ports : 234 Destination Ports : 2999-4000 Action : Mirror
    Mode
    Basic
    Availability
    ESXi

    get host-switch <host-switch-name> mirror-sessions
    Display the mirror settings on the specified host switch.
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    Example
    esx-1> get host-switch nsxvswitch mirror-sessions Mirror Session Summary ============================================================ Mirror UUID Direction Snap Length a779b62e-7711-47ad-8d54-5cb166d061af Both 0
    Mode
    Basic
    Availability
    ESXi

    get host-switch <host-switch-name> tunnel <local_ip> <remote_ip>
    Display Tunnel Detail info on the specified DVPort of the specified host switch.
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <local_ip> Local IP
    <remote_ip> Remote IP
    Example
    esx-1> get host-switch tunnel 10.0.0.1 20.0.0.1 Local State :up Remote State :up Local Diag :None Remote Diag :None min_rx :100 min_tx :1000 local_disc :0xabcdef remote_disc :0x123456 Tx Interval :1000 Rx Interval :100 mult :3
    Mode
    Basic
    Availability
    ESXi

    get host-switch <host-switch-name> tunnels
    Display Tunnels info on the specified host switch.
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    Example
    esx-1> get host-switch tunnels Local IP Remote IP Local State Remote State 10.0.0.1 20.0.0.1 Up Init 10.0.0.1 30.0.0.1 Up Up 10.0.0.1 40.0.0.1 Down Down
    Mode
    Basic
    Availability
    ESXi

    get host-switch <host-switch-name> uplink <uplink> ipfix setting
    Display IPFIX setting on the specified uplink of the specified host switch
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <uplink> Uplink identifier
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    Example
    esx-1> get host-switch nsxvswitch uplink vmnic1 ipfix setting Host IPFIX setting -------------------------------------------------------------------------- activeTimeout : 8 idleTimeout : 15 sampleRate : 1000 obsDomainID : 0 sourceIP : 0.0.0.0 internalFlowsOnly : False vNICFlowOnly : False virtualObsID : Uplink-0x03000002 collectors : 192.168.7.3 5003
    Mode
    Basic
    Availability
    ESXi

    get host-switch <host-switch-name> uplink <uplink> ipfix stats
    Display IPFIX stats on the specified uplink of the specified host switch
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <uplink> Uplink identifier
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    Example
    esx-1> get host-switch nsxvswitch uplink vmnic1 ipfix stats Host IPFIX stats -------------------------------------------------------------------------- flows : 0 currentFlows : 0 pktsSent : 0 pktsSenterrors : 0 sampleok : 0 ipv4ok : 0 ipv6ok : 0 sampleerrors : 0 unsupportedproto : 4 ipv4errors : 0 ipv6errors : 0 etherrors : 0 inputiferrors : 0 outputiferrors : 0 allocerrors : 0 ipv4headererrors : 0 ipv6headererrors : 0 ipv4unsupportedproto: 0 ipv6unsupportedproto: 0 ipv4missingfrags : 0 ipv6missingfrags : 0 pktattrerrors : 0 accesserrors : 0
    Mode
    Basic
    Availability
    ESXi

    get host-switch upgrade-status
    Display if host switch is getting upgraded.
    Example
    esx-1> get host-switch upgrade-status Host Upgrade Status =============================================================================================== Host Switch | UpgradeInProgress =============================================================================================== nsxDefaultHostSwitch | true
    Mode
    Basic
    Availability
    ESXi

    get host-switch vlan-table
    Display VLAN table for the host switch.
    Example
    nsx-edge-1> get host-switch vlan-table VLAN : 100 MAC : 02:50:56:00:00:03 Ingress Port name : fp-eth0 ID : 0 Egress Port port : 783a05cd-033d-4891-ad11-7c082641e069 ifuid : 274 VLAN : 250 MAC : 04:00:c0:a8:fa:a2 Ingress Port name : fp-eth1 ID : 1 Egress Port port : 7bd1dd3d-97eb-5312-9d0d-b26c148a4fac ifuid : 296
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get host-switches
    Display information about all host switches.
    Example
    nsx-edge-1> get host-switches Host Switch : 8d4c2128-e748-4878-8314-ad8414f7f943 Switch Name : vlanswitch Transport Zone : 4e9a90b7-96de-4102-a9bf-1f3733eb3375 Physical Port : fp-eth0 Uplink Name : uplink1 Host Switch : d7ea327f-2569-4b1c-b7cf-8cd4c85ebb18 Switch Name : hostswitch Transport Zone : 9bc2392d-b7ee-4cf9-9200-7d082f199aef Physical Port : fp-eth1 Uplink Name : uplink1 Transport VLAN : 250 Default Gateway : 192.168.250.1 Subnet Mask : 255.255.255.0 Local VTEP Device : fp-eth1 Local VTEP IP : 192.168.250.162
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get hostname
    Display the system hostname.
    Example
    nsx> get hostname nsx
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get hugepage
    Display hugepage information, including total system memory, hugepage sizes supported and hugepage pools.
    Example
    nsx-edge-1> get hugepage Total system memory 3949 MB Hugepage sizes supported 2097152 Hugepage pools Size Minimum Current Maximum Default 2097152 987 987 987 *
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get hyperbus app-id <string> cif-config
    Display the container interface (CIF) configuration for the specified app.
    Option Description
    <string> Application ID
    Allowed pattern: ^.*$
    Example
    kvm-1> get hyperbus app-id c1-vm2ebc cif-config AppID LSPID LRPID VIFID LSID MAC IP GatewayIP Vlan Version c1-vm2ebc 939e3ef4-3f42-4a12-a125-24a9ef5035a9 00000000-0000-0000-0000-000000000000 b819f915-6f8f-4b9d-a816-9c7c3f44f830 db3d238f-4528-4fb3-9f94-bb2f61cc49b5 aa:bb:cc:dd:ee:11 192.168.102.11 0.0.0.0 11 1
    Mode
    Basic
    Availability
    ESXi, KVM

    get hyperbus cif-table
    Display the container interface (CIF) configuration table.
    Example
    kvm-1> get hyperbus cif-table Type AppID LSPID LRPID VIFID LSID MAC IP GatewayIP Vlan Version Parent VIF 93d80cc9-9654-4300-93d2-8a27925feebd 00000000-0000-0000-0000-000000000000 b819f915-6f8f-4b9d-a816-9c7c3f44f830 775a3d45-063d-40b2-8a89-8e102fc7bbb9 00:00:00:00:00:00 0.0.0.0 0.0.0.0 0 1 Link LSP 0dd90579-e3cc-4f9c-b5f3-cfbe16d82d0d be3d0a5a-f80d-456f-89c7-33219090fdcb db3d238f-4528-4fb3-9f94-bb2f61cc49b5 00:00:00:00:00:00 0.0.0.0 192.168.102.1 0 1 Link LSP 22e38f1c-453a-4821-a0f1-de77af397000 3ad6ec1f-72f3-45ad-8201-eb8b67d25682 18f9821a-9844-4ba1-bb0e-b975eacbdabf 00:00:00:00:00:00 0.0.0.0 192.168.101.1 0 1 Child CIF c1-vm2ebc 939e3ef4-3f42-4a12-a125-24a9ef5035a9 00000000-0000-0000-0000-000000000000 b819f915-6f8f-4b9d-a816-9c7c3f44f830 db3d238f-4528-4fb3-9f94-bb2f61cc49b5 aa:bb:cc:dd:ee:11 192.168.102.11 0.0.0.0 11 1
    Mode
    Basic
    Availability
    ESXi, KVM

    get hyperbus connection info
    Display the virtual interface (VIF) connection information.
    Example
    esx-1> get hyperbus connection info VIFID Connection Status HostSwitchID da527051-fb35-4f54-8658-96d3802e2c24 169.254.1.10:2345 HEALTHY 75 eb 8c 05 46 95 4f a4-83 e5 52 f6 81 b9 8f ac
    Mode
    Basic
    Availability
    ESXi

    get hyperbus connection info
    Display the virtual interface (VIF) connection information.
    Example
    kvm-1> get hyperbus connection info VIFID Connection Status db4f717e-d0dd-4552-a99b-5a5839f3e06d 169.254.1.10:2345 HEALTHY
    Mode
    Basic
    Availability
    KVM

    get hyperbus lip ip-pool
    Display the LIP allocation pool.
    Example
    sc2-rdops-vm06-dhcp-192-143.eng.vmware.com> get hyperbus lip ip-pool HostSwitchID LIPStart LIPEnd c1 88 7f ee da 08 47 a2-af fb c5 86 bd 96 df ce 169.254.1.10 169.254.255.255
    Mode
    Basic
    Availability
    ESXi, KVM

    get hyperbus logical-switch-port <logical-switch-port-ID> cif-config
    Display the container interface (CIF) configuration for the specified logical switch port.
    Option Description
    <logical-switch-port-ID> Logical switch port ID
    Allowed pattern: ^[0-9]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    kvm-1> get hyperbus logical-switch-port 939e3ef4-3f42-4a12-a125-24a9ef5035a9 cif-config Type AppID LSPID LRPID VIFID LSID MAC IP GatewayIP Vlan Version Child CIF c1-vm2ebc 939e3ef4-3f42-4a12-a125-24a9ef5035a9 00000000-0000-0000-0000-000000000000 b819f915-6f8f-4b9d-a816-9c7c3f44f830 db3d238f-4528-4fb3-9f94-bb2f61cc49b5 aa:bb:cc:dd:ee:11 192.168.102.11 0.0.0.0 11 1
    Mode
    Basic
    Availability
    ESXi, KVM

    get hyperbus vif-id <vif-ID> connection info
    Display the connection information for the specified virtual interface (VIF).
    Option Description
    <vif-ID> VIF ID
    Allowed pattern: ^[0-9]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    kvm-1> get hyperbus vif-id db4f717e-d0dd-4552-a99b-5a5839f3e06d connection info VIFID Connection Status db4f717e-d0dd-4552-a99b-5a5839f3e06d 169.254.1.10:2345 HEALTHY
    Mode
    Basic
    Availability
    ESXi, KVM

    get hyperbus vif-id <vif-ID> lip
    Display the logical IP (LIP) for the specified virtual interface (VIF).
    Option Description
    <vif-ID> VIF ID
    Allowed pattern: ^[0-9]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    kvm-1> get hyperbus vif-id db4f717e-d0dd-4552-a99b-5a5839f3e06d lip VIFID LIP db4f717e-d0dd-4552-a99b-5a5839f3e06d 169.254.1.10
    Mode
    Basic
    Availability
    ESXi, KVM

    get hyperbus vif-lip-table
    Display the VIF (virtual interface) LIP (logical IP) table.
    Example
    kvm-1> get hyperbus vif-lip-table VIFID LIP State db4f717e-d0dd-4552-a99b-5a5839f3e06d 169.254.1.10 LSP_ATTACHMENT/VIF_CONNECT
    Mode
    Basic
    Availability
    ESXi, KVM

    get hyperbus vif-table
    Display the connected virtual interfaces (VIFs). For ESXi, all connected container host VIFs are displayed. For KVM, all connected container host VIFs and CIFs are displayed.
    Example
    kvm-1> get hyperbus vif-table VIFID Version b819f915-6f8f-4b9d-a816-9c7c3f44f830 1 c1-vm2ebc 1
    Mode
    Basic
    Availability
    ESXi, KVM

    get ids engine alertlog
    Display NSX IDS Engine Fast Log setting.
    Example
    > get ids engine logging-level NSX IDS Engine Fast Log Setting -------------------------------------------------- enabled
    Mode
    Basic
    Availability
    ESXi

    get ids engine logging-level
    Display NSX IDS Engine Log Level.
    Example
    > get ids engine logging-level NSX IDS Engine Log Level -------------------------------------------------- info
    Mode
    Basic
    Availability
    ESXi

    get ids engine profiles
    Display NSX IDS Engine Profiles.
    Example
    > get ids engine profiles NSX IDS Engine Profiles -------------------------------------------------- Profile count: 1 1. 97f6465c-2201-4770-a157-a854041439a6
    Mode
    Basic
    Availability
    ESXi

    get ids engine stats
    Display NSX IDS Engine global statistics.
    Example
    > get ids engine stats NSX IDS Engine Statistics -------------------------------------------------- uptime: 213471 (2 days 11:17:51) app_layer: --------- flow: ftp: 1 ftp-data: 1 http: 5 ssh: 2 tx: dcerpc_tcp: 1 dcerpc_udp: 1 ftp: 1 ftp-data: 1 http: 5 ssh: 2 detect: ------ engines: id: 3 last_reload: 2019-11-05T18:30:30.549981+0000 rules_failed: 0 rules_loaded: 3 tcp: --- memuse: 3031040 reassembly_memuse: 491520
    Mode
    Basic
    Availability
    ESXi

    get ids engine status
    Display NSX IDS Engine Status.
    Example
    > get ids engine status NSX IDS Engine Status -------------------------------------------------- status: enabled uptime: 181232 (2 days 02:20:32)
    Mode
    Basic
    Availability
    ESXi

    get ids engine syslogstatus
    Display NSX IDS Engine Fast Log setting.
    Example
    > get ids engine syslogstatus NSX IDS Engine Syslog Status Setting -------------------------------------------------- enabled
    Mode
    Basic
    Availability
    ESXi

    get ids events stats
    Get IDS Event Engine stats.
    Example
    esx> get ids events stats -------------------------------------------------- NSX Intrusion Detection Service Statistics -------------------------------------------------- Total 10 Critical 0 Non-Critical 10 Protos to MP Sent 0 Dropped 2 Alerts to MP Sent 0 Dropped 10 Event Queue Dropped 0 --------------------------------------------------
    Mode
    Basic
    Availability
    ESXi

    get ids logging-level
    Display NSX IDS Log Level.
    Example
    > get ids logging-level NSX IDS Log Level -------------------------------------------------- info
    Mode
    Basic
    Availability
    ESXi

    get ids profiles
    Display NSX IDS Profiles.
    Example
    > get ids profiles NSX IDS Profiles -------------------------------------------------- Profile count: 1 1. 97f6465c-2201-4770-a157-a854041439a6
    Mode
    Basic
    Availability
    ESXi

    get ids status
    Display NSX IDS Status.
    Example
    > get ids status NSX IDS Status -------------------------------------------------- status: disabled uptime: 181232 (2 days 02:20:32)
    Mode
    Basic
    Availability
    ESXi

    get image <image-name>
    List all container images for given service.
    Option Description
    <image-name> Edge service container image name
    Example
    nsx-edge> get image nsx-edge-iked Image Name Version Tag Created nsx-edge-iked ob-13148208 previous 2019-04-04 (40 hours ago) nsx-edge-iked ob-13129113 current 2019-04-03 (2 days ago) nsx-edge-iked ob-13094493 2019-04-01 (4 days ago)
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get image <image-name> install history
    List install history of container images for given service.
    Option Description
    <image-name> Edge service container image name
    Example
    nsx-edge> get image nsx-edge-datapath install history Image Name Version Install time Uninstall time nsx-edge-datapath ob-13336865 2019-04-16 23:16:47.502 UTC 2019-04-16 23:17:12.213 UTC nsx-edge-datapath ob-13344839 2019-04-16 23:17:15.314 UTC 2019-04-16 23:16:44.372 UTC
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get images
    List all service container images.
    Example
    nsx-edge> get images Image Name Version Tag Created nsx-edge-iked ob-13148208 previous 2019-04-04 (40 hours ago) nsx-edge-mdproxy ob-13135660 current 2019-04-03 (2 days ago) nsx-edge-iked ob-13129113 current 2019-04-03 (2 days ago) nsx-edge-dispatcher ob-13094493 current 2019-04-01 (4 days ago) nsx-edge-datapath ob-13094493 current 2019-04-01 (4 days ago) nsx-edge-frr ob-13094493 current 2019-04-01 (4 days ago) nsx-edge-lb ob-13094493 current 2019-04-01 (4 days ago) nsx-edge-iked ob-13094493 2019-04-01 (4 days ago) nsx-edge-nsxa ob-13094493 current 2019-04-01 (4 days ago) nsx-edge-mdproxy ob-13094493 previous 2019-04-01 (4 days ago) nsx-edge-dhcp ob-13094493 current 2019-04-01 (4 days ago) nsx-edge-dns ob-13094493 current 2019-04-01 (4 days ago)
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get images install history
    List install history for all service container images.
    Example
    nsx-edge> get images install history Image Name Version Install time Uninstall time nsx-edge-nsxa ob-13336865 2019-04-16 23:14:45.050 UTC 2019-04-16 23:15:33.223 UTC nsx-edge-nsxa ob-13344839 2019-04-16 22:52:17.530 UTC nsx-edge-nsxa ob-13348244 2019-04-16 23:15:33.781 UTC 2019-04-16 23:14:44.427 UTC nsx-edge-datapath ob-13336865 2019-04-16 23:16:47.502 UTC 2019-04-16 23:17:12.213 UTC nsx-edge-datapath ob-13344839 2019-04-16 23:17:15.314 UTC 2019-04-16 23:16:44.372 UTC
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get intelligence flows config
    Display NSX Intelligence flows configuration.
    Example
    > get intelligence flows config NSX Intelligence Host Flows Configuration ---------------------------------------------------------------------- Enabled Max Active Max Nonactive Interval(min) Long Lived(min) True 100 100 10 5 V4 Private IP count: 0 V4 Private CIDR count: 3 1. ip 10.0.0.0/8 2. ip 172.16.0.0/12 3. ip 192.168.0.0/16 V6 Private IP count: 0 V6 Private CIDR count: 2 1. ip fc00::/7 2. ip fe80::/10
    Mode
    Basic
    Availability
    ESXi

    get intelligence flows mask
    Display NSX Intelligence flows aggregation mask.
    Example
    >get intelligence flows mask NSX Intelligence Host Flows Aggregation Masks ------------------------------------------------------------ 1. Source IP 2. Destination IP 3. Protocol 4. Destination Port 5. Direction 6. Rule ID 7. SID and Hash
    Mode
    Basic
    Availability
    ESXi

    get intelligence flows stats
    Display NSX Intelligence flows statistics.
    Example
    >get intelligence flows stats NSX Intelligence Host Flows Statistics ----------------------------------------------------------------- Topic Items Sent Msgs Sent Bytes Sent raw_flow 18 9 2955 demo-kifstats-topic 0 0 0
    Mode
    Basic
    Availability
    ESXi

    get intelligence flows stats ack
    Display NSX Intelligence flows acknowledgement statistics.
    Example
    >get intelligence flows stats ack NSX Intelligence Host Flows Acknowledgement Statistics ------------------------------------------------------------ Total Sent Total Ack'ed 9 9
    Mode
    Basic
    Availability
    ESXi

    get interface <interface-name>
    Display information about the specified network interface.
    Option Description
    <interface-name> Network interface argument
    Example
    nsx> get interface eth0 Interface: eth0 Address: 192.168.110.108/24 MAC address: 00:50:56:8e:13:51 MTU: 1500 Default gateway: 192.168.110.1 Broadcast address: 192.168.110.255 Link status: up Admin status: up RX packets: 1634378 RX bytes: 333335650 RX errors: 0 RX dropped: 276 TX packets: 1441590 TX bytes: 286624283 TX errors: 0 TX dropped: 0 TX collisions: 0
    Mode
    Basic
    Availability
    Controller, Manager, Policy Manager

    get interface <interface-name>
    Display information about the specified network interface.
    Option Description
    <interface-name> Network interface argument
    Example
    nsx-edge> get interface eth0 Interface: eth0 Address: 192.168.110.111/24 MAC address: 00:50:56:8e:e8:2e MTU: 1500 Default gateway: 192.168.110.1 Broadcast address: 0.0.0.0 Link status: up Admin status: up RX packets: 66493 RX bytes: 12712191 RX errors: 0 RX dropped: 0 TX packets: 58436 TX bytes: 15051574 TX errors: 0 TX dropped: 0 TX collisions: 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get interfaces
    Display interface information for the logical router in the VRF context.
    Example
    nsx-edge-1(vrf)> get interfaces UUID VRF LR-ID Name Type 736a80e3-23f6-5a2d-81d6-bbefb2786666 0 0 R1 TUNNEL interfaces interface : 9fd3c667-32db-5921-aaad-7a88c80b5e9f ifuid : 258 mode : blackhole interface : 34ca595f-fa62-5ed4-afcc-a6ef0195d4ed ifuid : 261 mode : lif IP/Mask : 142.134.61.36/24 MAC : 00:0c:29:5a:96:2b VLAN id : untagged LS port : 238d7422-e488-5cee-9639-1894b8ab56e2 urpf-mode : NONE admin : up op_state : up MTU : 1600 interface : f322c6ca-4298-568b-81c7-a006ba6e6c88 ifuid : 257 mode : cpu
    Mode
    VRF, Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get interfaces
    Display information about all network interfaces.
    Example
    nsx-edge> get interfaces Interface: eth0 Address: 192.168.110.111/24 MAC address: 00:50:56:8e:e8:2e MTU: 1500 Default gateway: 192.168.110.1 Broadcast address: 0.0.0.0 Link status: up Admin status: up RX packets: 66307 RX bytes: 12698263 RX errors: 0 RX dropped: 0 TX packets: 58340 TX bytes: 15041724 TX errors: 0 TX dropped: 0 TX collisions: 0 Interface: lo Address: 127.0.0.1/8 MTU: 65536 Link status: up Admin status: up RX packets: 221628 RX bytes: 54868485 RX errors: 0 RX dropped: 0 TX packets: 221628 TX bytes: 54868485 TX errors: 0 TX dropped: 0 TX collisions: 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get interfaces
    Display information about all network interfaces.
    Example
    nsx> get interfaces Interface: eth0 Address: 192.168.110.108/24 MAC address: 00:50:56:8e:13:51 MTU: 1500 Default gateway: 192.168.110.1 Broadcast address: 192.168.110.255 Link status: up Admin status: up RX packets: 1636181 RX bytes: 333661267 RX errors: 0 RX dropped: 276 TX packets: 1443225 TX bytes: 286925131 TX errors: 0 TX dropped: 0 TX collisions: 0 Interface: lo Address: 127.0.0.1/8 MTU: 65536 Link status: up Admin status: up RX packets: 10410417 RX bytes: 2281216307 RX errors: 0 RX dropped: 0 TX packets: 10410417 TX bytes: 2281216307 TX errors: 0 TX dropped: 0 TX collisions: 0
    Mode
    Basic
    Availability
    Controller, Manager, Policy Manager

    get interfaces stats
    Display the interface statistics for the logical router in the VRF context.
    Example
    nsx-edge-1(tier0_sr)> get interfaces stats Logical Router UUID : e9d3379d-aba7-4459-9262-18bc95eaeec1 VRF : 1 LR-ID : 1 name : R2 type : SERVICE_ROUTER_TIER0 Statistics Interface Type RX PKTS TX PKTS RX BYTES TX BYTES RX Drops TX Drops b83cb77f-ca34-595c-a3e1-76278f0dcb00 blackhole 0 0 0 0 0 0 4b115e5f-1395-54c3-aaf0-0de5736f99df cpu 8 0 648 0 8 0 6c427841-e151-4479-9184-4196cfcef3b6 lif 5601 11 1915542 462 5601 0 081e2e50-2f0e-42e1-8764-80a127dd3918 lif 0 0 0 0 0 0 00003300-0000-0000-0000-000000000002 loopback 8 0 648 0 8 0 Total 5617 11 1916838 462 5617 0
    Mode
    VRF, Tier0_sr, Tier1_sr
    Availability
    Edge, Public Cloud Gateway

    get ip-discovery bindings
    Display discovered bindings.
    Example
    kvm-1> get ip-discovery bindings IP Discovery Bindings -------------------------------------------------------------------------------------------------------------------------------------------- Logical Port Discovery Type IP MAC VLAN Expires In Sec d722c9c8-cd9d-4218-91c0-2728ced19d74 ND_Snooping 5000::10 ca:2c:ff:ec:3c:87 0 403 d722c9c8-cd9d-4218-91c0-2728ced19d74 ND_Snooping fe80::c82c:ffff:feec:3c87 ca:2c:ff:ec:3c:87 0 413 d722c9c8-cd9d-4218-91c0-2728ced19d74 ARP_Snooping 172.16.1.10 ca:2c:ff:ec:3c:87 0 153
    Mode
    Basic
    Availability
    KVM

    get ip-discovery bindings <host-switch-name> <dvport-id>
    Display ip discovery bindings for a host switch and dvport.
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <dvport-id> DVPort identifier
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    Example
    esx-1> get ip-discovery bindings nsxvswitch nsxvswitch b65dcac9-6611-41ce-b96c-69255120b473 IP Discovery Bindings ---------------------------------------------------------------------------------------------------- Discovery Type IP MAC VLAN Expires in sec ARP Snooping 192.168.1.10 00:50:56:a9:fb:f1 0 599
    Mode
    Basic
    Availability
    ESXi

    get ip-discovery bindings <host-switch-name> <dvport-id> ipv4
    Display ipv4 discovery bindings for a host switch and dvport.
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <dvport-id> DVPort identifier
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    Example
    esx-1> get ip-discovery bindings nsxvswitch b65dcac9-6611-41ce-b96c-69255120b473 ipv4 IP Discovery Bindings ---------------------------------------------------------------------------------------------------- Discovery Type IP MAC VLAN Expires in sec ARP Snooping 192.168.1.10 00:50:56:a9:fb:f1 0 599
    Mode
    Basic
    Availability
    ESXi

    get ip-discovery bindings <host-switch-name> <dvport-id> ipv6
    Display ipv6 discovery bindings for a host switch and dvport.
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <dvport-id> DVPort identifier
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    Example
    esx-1> get ip-discovery bindings nsxvswitch b65dcac9-6611-41ce-b96c-69255120b473 ipv6 IP Discovery Bindings ---------------------------------------------------------------------------------------------------- Discovery Type IP MAC VLAN Expires in sec ARP Snooping 2000::1 00:50:56:a9:fb:f1 0 599
    Mode
    Basic
    Availability
    ESXi

    get ip-discovery bindings <logical-port>
    Display discovered bindings for a given logical port.
    Option Description
    <logical-port> Log port ID argument
    Example
    kvm-1> get ip-discovery bindings d722c9c8-cd9d-4218-91c0-2728ced19d74 IP Discovery Bindings -------------------------------------------------------------------------------------------------------------- Discovery Type IP MAC VLAN Expires In Sec ND_Snooping 5000::10 ca:2c:ff:ec:3c:87 0 598 ARP_Snooping 172.16.1.10 ca:2c:ff:ec:3c:87 0 600 ND_Snooping fe80::c82c:ffff:feec:3c87 ca:2c:ff:ec:3c:87 0 598
    Mode
    Basic
    Availability
    KVM

    get ip-discovery bindings <logical-port> <ip-version>
    Display discovered bindings for a given logical port and type.
    Option Description
    <logical-port> Log port ID argument
    <ip-version> Internet Protocol Version (IPV4 or IPV6)
    Allowed values: ipv4, ipv6
    Example
    kvm-1> get ip-discovery bindings d722c9c8-cd9d-4218-91c0-2728ced19d74 ipv4 IP Discovery Bindings -------------------------------------------------------------------------------------------------------------- Discovery Type IP MAC VLAN Expires In Sec ARP_Snooping 172.16.1.10 ca:2c:ff:ec:3c:87 0 600 kvm-1> get ip-discovery bindings d722c9c8-cd9d-4218-91c0-2728ced19d74 ipv6 IP Discovery Bindings -------------------------------------------------------------------------------------------------------------- Discovery Type IP MAC VLAN Expires In Sec ND_Snooping 5000::10 ca:2c:ff:ec:3c:87 0 598
    Mode
    Basic
    Availability
    KVM

    get ip-discovery config
    Display ip-discovery profile for all logical ports.
    Example
    kvm-1> get ip-discovery config IP Discovery Config --------------------------------------------------------------------------- Logical Port : d722c9c8-cd9d-4218-91c0-2728ced19d74 ARP Snooping : Enabled DHCPV4 Snooping : Enabled ND Snooping : Disabled DHCPV6 Snooping : Disabled ARP/ND Expiry Timeout : 10 min Logical Port : 0fe4864f-b2d9-4a91-af8b-9b92593f548e ARP Snooping : Enabled DHCPV4 Snooping : Enabled ND Snooping : Disabled DHCPV6 Snooping : Disabled ARP/ND Expiry Timeout : 10 min
    Mode
    Basic
    Availability
    KVM

    get ip-discovery config <host-switch-name> <dvport-id>
    Display IP discovery config for a host switch and dvport.
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <dvport-id> DVPort identifier
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    Example
    esx-1> get ip-discovery config nsxvswitch b65dcac9-6611-41ce-b96c-69255120b473 IP Discovery Config --------------------------------------------------------------------------- ARP Snooping : Enabled DHCPV4 Snooping : Enabled ND Snooping : Enabled DHCPV6 snooping : Enabled ARP/ND Expiry Timeout : 600
    Mode
    Basic
    Availability
    ESXi

    get ip-discovery config <logical-port>
    Display ip-discovery config for a given logical port.
    Option Description
    <logical-port> Log port ID argument
    Example
    kvm-1> get ip-discovery config 2339fe58-b71f-42d3-ae67-41957cbb18da IP Discovery Config --------------------------------------------------------------------------- ARP Snooping : Enabled DHCPV4 Snooping : Enabled ND Snooping : Disabled DHCPV6 Snooping : Disabled ARP/ND Expiry Timeout : 10 min
    Mode
    Basic
    Availability
    KVM

    get ip-discovery ignore-list
    Display ignore bindings list.
    Example
    kvm-1> get ip-discovery ignore-list IP Discovery Ignore List -------------------------------------------------------------------------------------------------------------- LogicalPort IP MAC VLAN 2339fe58-b71f-42d3-ae67-41957cbb18da 6000::254 00:23:20:05:5f:5d 0 2339fe58-b71f-42d3-ae67-41957cbb18da 192.168.37.143 00:23:20:05:5f:5d 0 2339fe58-b71f-42d3-ae67-41957cbb18da 192.168.37.150 00:23:20:05:5f:5d 0
    Mode
    Basic
    Availability
    KVM

    get ip-discovery ignore-list <host-switch-name> <dvport-id>
    Display ip discovery ignore list for a host switch and dvport.
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <dvport-id> DVPort identifier
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    Example
    esx-1> get ip-discovery ignore-list nsxvswitch b65dcac9-6611-41ce-b96c-69255120b473 IP Discovery Ignore List ------------------------------------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    ESXi

    get ip-discovery ignore-list <logical-port>
    Display ignore bindings list for a given logical port.
    Option Description
    <logical-port> Log port ID argument
    Example
    kvm-1> get ip-discovery ignore-list 2339fe58-b71f-42d3-ae67-41957cbb18da IP Discovery Ignore List --------------------------------------------------------------------------- IP MAC VLAN 6000::254 00:23:20:05:5f:5d 0 192.168.37.143 00:23:20:05:5f:5d 0 192.168.37.150 00:23:20:05:5f:5d 0
    Mode
    Basic
    Availability
    KVM

    get ip-discovery ignore-list <logical-port> <ip-version>
    Display ignore bindings list for a given logical port and type.
    Option Description
    <logical-port> Log port ID argument
    <ip-version> Internet Protocol Version (IPV4 or IPV6)
    Allowed values: ipv4, ipv6
    Example
    kvm-1> get ip-discovery ignore-list 2339fe58-b71f-42d3-ae67-41957cbb18da ipv6 IP Discovery Ignore List --------------------------------------------------------------------------- IP MAC VLAN 6000::254 00:23:20:05:5f:5d 0
    Mode
    Basic
    Availability
    KVM

    get ip-discovery ignore-list stats
    Display ip-discovery ignore list stats for all logical ports.
    Example
    kvm-1> get ip-discovery ignore-list stats IP Discovery Ignore List Stats ------------------------------------------------------------------------------------------ LogicalPort V4 Ignore Count V6 Ignore Count 2339fe58-b71f-42d3-ae67-41957cbb18da 0 0
    Mode
    Basic
    Availability
    KVM

    get ip-discovery ignore-list stats <host-switch-name> <dvport-id>
    Display ip discovery ignore list stats for a host switch and dvport.
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <dvport-id> DVPort identifier
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    Example
    esx-1> get ip-discovery ignore-list stats nsxvswitch b65dcac9-6611-41ce-b96c-69255120b473 IP Discovery Ignorelist Stats ------------------------------------------------------------------------------------------------------------------------ V4 Ignore Count : 0 V6 Ignore Count : 0
    Mode
    Basic
    Availability
    ESXi

    get ip-discovery ignore-list stats <logical-port>
    Display ip-discovery ignore list stats for a given logical ports.
    Option Description
    <logical-port> Log port ID argument
    Example
    kvm-1> get ip-discovery ignore-list stats 2339fe58-b71f-42d3-ae67-41957cbb18da IP Discovery Ignore List Stats -------------------------------------------------- V4 Ignore Count V6 Ignore Count 0 0
    Mode
    Basic
    Availability
    KVM

    get ip-discovery stats
    Display ip-discovery stats for all logical ports.
    Example
    kvm-1> get ip-discovery stats IP Discovery Stats --------------------------------------------------------------------------- Logical Port : 2339fe58-b71f-42d3-ae67-41957cbb18da MAX ARP Entries : 3 Total Active ARP Entries : 0 Total Expired ARP Entries : 3 MAX DHCPV4 Entries : 128 Total DHCPV4 Entries : 0 MAX Pending DHCPV4 Reqs : 128 Total Pending DHCPV4 Reqs : 0 MAX ND Entries : 3 Total Active ND Entries : 0 Total Expired ND Entries : 0 MAX DHCPV6 Entries : 15 Total DHCPV6 Entries : 0 MAX Pending DHCPV6 Reqs : 15 Total Pending DHCPV6 Reqs : 0
    Mode
    Basic
    Availability
    KVM

    get ip-discovery stats <host-switch-name> <dvport-id>
    Display ip discovery stats for a host switch and dvport.
    Option Description
    <host-switch-name> Host switch name
    Allowed pattern: ^([A-Za-z0-9_:.-]+)$
    <dvport-id> DVPort identifier
    Allowed pattern: ^([A-Za-z0-9_:-]+)$
    Example
    esx-1> get ip-discovery stats nsxvswitch b65dcac9-6611-41ce-b96c-69255120b473 IP Discovery Stats ------------------------------------------------------------------------------------------------------------------------ MAX ARP Entries : 256 Total Active ARP Entries : 0 Total Expired ARP Entries : 0 MAX DHCPV4 Entries : 128 Total DHCPV4 Entries : 0 MAX Pending DHCPV4 Reqs : 128 Total Pending DHCPV4 Reqs : 0 MAX ND Entries : 30 Total Active ND Entries : 0 Total Expired ND Entries : 0 MAX DHCPV6 Entries : 15 Total DHCPV6 Entries : 0 MAX Pending DHCPV6 Reqs : 15 Total Pending DHCPV6 Reqs : 0
    Mode
    Basic
    Availability
    ESXi

    get ip-discovery stats <logical-port>
    Display ip-discovery profile for a given logical port.
    Option Description
    <logical-port> Log port ID argument
    Example
    kvm-1> get ip-discovery stats 2339fe58-b71f-42d3-ae67-41957cbb18da IP Discovery Stats --------------------------------------------------------------------------- MAX ARP Entries : 3 Total Active ARP Entries : 0 Total Expired ARP Entries : 3 MAX DHCPV4 Entries : 128 Total DHCPV4 Entries : 0 MAX Pending DHCPV4 Reqs : 128 Total Pending DHCPV4 Reqs : 0 MAX ND Entries : 3 Total Active ND Entries : 0 Total Expired ND Entries : 0 MAX DHCPV6 Entries : 15 Total DHCPV6 Entries : 0 MAX Pending DHCPV6 Reqs : 15 Total Pending DHCPV6 Reqs : 0
    Mode
    Basic
    Availability
    KVM

    get ipsecvpn ca-certificate <uuid>
    Display full information from a specific CA Certificate
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn ca-certificate 77d3d1fb-82f9-4805-b7db-848465304001 UUID : 77d3d1fb-82f9-4805-b7db-848465304001 Certificate:
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ca-certificates
    Display Subject Name from all CA Certificates.
    Example
    nsx-edge-1>get ipsecvpn ca-certificates UUID : 77d3d1fb-82f9-4805-b7db-848465304001 Subject : UUID : 77d3d1fb-82f9-4805-b7db-848465304002 Subject : UUID : 77d3d1fb-82f9-4805-b7db-848465304003 Subject :
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ca-certificates verbose
    Display full information from all CA Certificates.
    Example
    nsx-edge-1>get ipsecvpn ca-certificates verbose UUID : 77d3d1fb-82f9-4805-b7db-848465304001 Certificate: UUID : 77d3d1fb-82f9-4805-b7db-848465304001 Certificate: UUID : 77d3d1fb-82f9-4805-b7db-848465304001 Certificate:
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn certificate <uuid>
    Display complete information from a specific Certifiate.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn certificate 77d3d1fb-82f9-4805-b7db-848465304000 UUID : 77d3d1fb-82f9-4805-b7db-848465304000 Certificate:
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn certificates
    Display Subject Names from all Certificates.
    Example
    nsx-edge-1> get ipsecvpn certificates UUID : 77d3d1fb-82f9-4805-b7db-848465304000 Subject : C=IN, ST=Maharashtra, O=VMware, OU=NSBU, CN=left
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn certificates verbose
    Display complete information from all Certificates.
    Example
    nsx-edge-1> get ipsecvpn certificates verbose UUID : 77d3d1fb-82f9-4805-b7db-848465304000
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config dpd-profile
    Display all configured Dead Peer Detection profiles.
    Example
    nsx-edge-1> get ipsecvpn config dpd-profile UUID : 00000000-0000-0001-0000-000000000001 Enabled : True DPD Probe Interval : 200 sec
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config dpd-profile <uuid>
    Display configured Dead Peer Detection profile.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn config dpd-profile 78b17d39-22ad-47bb-a23d-bea7dc13bc44 Enabled : True DPD Probe Interval : 200 sec
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config ike-profile
    Display all configured IKE profiles.
    Example
    nsx-edge-1> get ipsecvpn config ike-profile UUID : 00000000-0000-0001-0000-000000000002 Authentication Algorithm : AUTH_HMAC_SHA1 Encryption Algorithm : ENCR_AES_128_CBC SA Expiry Time : 200 sec
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config ike-profile <uuid>
    Display configured IKE profile.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn config ike-profile 00000000-0000-0001-0000-000000000002 UUID : 00000000-0000-0001-0000-000000000002 Authentication Algorithm : AUTH_HMAC_SHA1 Encryption Algorithm : ENCR_AES_128_CBC SA Expiry Time : 200 sec
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config local-endpoint
    Display all configured IPSec local endpoint profiles.
    Example
    nsx-edge-1> get ipsecvpn config local-endpoint UUID : 00000000-0000-0001-0000-000000000004 Local Address : Ipv4 : 10.112.202.147 Local ID : local_edp_1 Local ID Type : IPSEC_IP_ADDR_TYPE Certificate Authority : UUID : 77d3d1fb-82f9-4805-b7db-848465304001 UUID : 77d3d1fb-82f9-4805-b7db-848465304002 UUID : 77d3d1fb-82f9-4805-b7db-848465304003 Certificate : UUID : 77d3d1fb-82f9-4805-b7db-848465304000 Certificate Revocation List ID : UUID : d812f9e9-f047-4eb7-876b-3e3b88332c10
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config local-endpoint <uuid>
    Display configured IPSec local endpoint profile.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn config local endpoint 78b17d39-22ad-47bb-a0da-792f7e89bc47 Local Address : Ipv4 : 10.112.202.147 Local ID : local_edp_1 Local ID Type : IPSEC_IP_ADDR_TYPE Certificate Authority : UUID : 77d3d1fb-82f9-4805-b7db-848465304001 UUID : 77d3d1fb-82f9-4805-b7db-848465304002 UUID : 77d3d1fb-82f9-4805-b7db-848465304003 Certificate : UUID : 77d3d1fb-82f9-4805-b7db-848465304000 Certificate Revocation List ID : UUID : d812f9e9-f047-4eb7-876b-3e3b88332c10
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config local-endpoint <uuid> ca-certificates
    Display all CA-Certificates for a specific IPsec Local Endpoint.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn config local-endpoint 78b17d39-22ad-47bb-a0da-7922f7e89bc47 ca-certificates UUID : 77d3d1fb-82f9-4805-b7db-848465304001 Certificate: UUID : 77d3d1fb-82f9-4805-b7db-848465304002 Certificate: UUID : 77d3d1fb-82f9-4805-b7db-848465304003 Certificate:
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config local-endpoint <uuid> certificate
    Display Certificate for a specific IPsec Local Endpoint.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn config local-endpoint 78b17d39-22ad-47bb-a0da-792f7e89bc47 certificate UUID : 77d3d1fb-82f9-4805-b7db-848465304000 Certificate:
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config local-endpoint <uuid> crls
    Display all CRLs for a specific IPsec Local Endpoint.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn config local-endpoint 78b17d39-22ad-47bb-a0da-7922f7e89bc47 crls UUID : d812f9e9-f047-4eb7-876b-3e3b88332c10 Certificate Revocation List (CRL):
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config peer-endpoint
    Display all configured IPSec peer endpoint profiles.
    Example
    nsx-edge-1> get ipsecvpn config peer-endpoint UUID : 00000000-0000-0001-0000-000000000005 Auth Mode : AUTH_MODE_PSK DPD Profile : UUID : 00000000-0000-0001-0000-000000000001 Enabled : True DPD Probe Interval : 200 sec IKE Profile : UUID : 00000000-0000-0001-0000-000000000002 Authentication Algorithm : AUTH_HMAC_SHA1 Encryption Algorithm : ENCR_AES_128_CBC SA Expiry Time : 200 sec IKE Role : INITIATOR Ipsec Tunnel Profile : UUID : 00000000-0000-0001-0000-000000000003 AH Transport Protocol Enabled : False Authentication Algorithm : AUTH_HMAC_SHA1 DF Policy : DF_COPY Disable Anti Replay : True Enable ESN : True Encryption Algorithm : ENCR_AES_128_CBC SA Expiry Time : 1200 sec Transport Mode : False Peer Address : 10.112.202.167 Peer ID : peer_edp_1 Peer ID Type : IPSEC_IP_ADDR_TYPE
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config peer-endpoint <uuid>
    Display configured IPSec peer endpoint profile.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn config peer-endpoint 78b17d39-22ad-47bc-a0da-792f7e89bc46 Auth Mode : AUTH_MODE_PSK DPD Profile : UUID : 00000000-0000-0001-0000-000000000001 Enabled : True DPD Probe Interval : 200 sec IKE Profile : UUID : 00000000-0000-0001-0000-000000000002 Authentication Algorithm : AUTH_HMAC_SHA1 Encryption Algorithm : ENCR_AES_128_CBC SA Expiry Time : 200 sec IKE Role : INITIATOR Ipsec Tunnel Profile : UUID : 00000000-0000-0001-0000-000000000003 AH Transport Protocol Enabled : False Authentication Algorithm : AUTH_HMAC_SHA1 DF Policy : DF_COPY Disable Anti Replay : True Enable ESN : True Encryption Algorithm : ENCR_AES_128_CBC SA Expiry Time : 1200 sec Transport Mode : False Peer Address : 10.112.202.167 Peer ID : peer_edp_1 Peer ID Type : IPSEC_IP_ADDR_TYPE
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config service
    Display IPSec Servicce configuration from NestDB.
    Example
    nsx-edge-1> get ipsecvpn config service UUID : acaba146-31f7-4b35-bc19-f3055ea93db0 Enable : True IKE LOG Level : LOG_LEVEL_INFO IKE Rule Section ID : 00003500-0000-0000-0000-000000000004 Ipsec HA Sync Enabled : True SR Cluster ID : 00002000-0000-0000-0000-000000000004 UUID : 3bfc5972-1cb7-43cf-a646-529473981971 Enable : True IKE LOG Level : LOG_LEVEL_INFO IKE Rule Section ID : 00003500-0000-0000-0000-000000000001 Ipsec HA Sync Enabled : True SR Cluster ID : 00002000-0000-0000-0000-000000000001
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config session
    Display all configured IPSec VPN sessions.
    Example
    nsx-edge-1> get ipsecvpn config session UUID : 00000000-0000-0000-0000-00000000000a Enabled : True IKE Session ID : 2 Local Endpoint Profile : UUID : 00000000-0000-0000-0000-000000000004 Local Address : Ipv4 : 10.109.24.20 Local ID : 174921748 Local ID Type : IPSEC_IP_ADDR_TYPE Peer Endpoint Profile : UUID : 00000000-0000-0000-0000-000000000005 Auth Mode : AUTH_MODE_PSK DPD Profile : UUID : 00000000-0000-0001-0000-000000000001 Enabled : True DPD Probe Interval : 600 sec IKE Profile : UUID : 00000000-0000-0001-0000-000000000002 Authentication Algorithm : AUTH_HMAC_SHA1 Encryption Algorithm : ENCR_AES_128_CBC IKE Version : 3 DH Group : DH_GROUP_5 SA Expiry Time : 1000 sec IKE Role : INITIATOR Ipsec Tunnel Profile : UUID : 00000000-0000-0001-0000-000000000003 AH Transport Protocol Enabled : False Authentication Algorithm : AUTH_HMAC_SHA1 DF Policy : DF_COPY Disable Anti Replay : True Enable ESN : False Encryption Algorithm : ENCR_AES_128_CBC SA Expiry Time : 1200 sec Transport Mode : False Peer Address : 10.109.24.22 Peer ID : 10.109.24.22 Peer ID Type : IPSEC_IP_ADDR_TYPE Policy : UUID : 00000000-0000-0000-0000-00000000000b Action : VPN_ACTION_PROTECT Applied TO : Logical Router Port : 00000000-0000-0000-0000-00000000000c IKE Rulefrom ID : 2 IKE Ruleto ID : 1 Local Subnet : 192.168.2.0/24 Peer Subnet : 172.16.2.0/24 Priority : 10 TCP MSS Direction : TCP_MSS_ADJUST_BOTH TCP MSS Value : 1350 Type : POLICY_BASED_SESSION VPN Service Profile : UUID : 00000000-0000-0001-0000-000000000007 Enable : True IKE State File Encryption PWD : XXXX Ipsec HA Sync Enabled : True SR Clustur ID : 00000000-0000-0001-0000-000000000006
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config session <uuid>
    Display a configured IPSec VPN session.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn config session 00000000-0000-0000-0000-00000000000a Enabled : True IKE Session ID : 2 Local Endpoint Profile : UUID : 00000000-0000-0000-0000-000000000004 Local Address : Ipv4 : 10.109.24.20 Local ID : 174921748 Local ID Type : IPSEC_IP_ADDR_TYPE Peer Endpoint Profile : UUID : 00000000-0000-0000-0000-000000000005 Auth Mode : AUTH_MODE_PSK DPD Profile : UUID : 00000000-0000-0001-0000-000000000001 Enabled : True DPD Probe Interval : 600 sec IKE Profile : UUID : 00000000-0000-0001-0000-000000000002 Authentication Algorithm : AUTH_HMAC_SHA1 Encryption Algorithm : ENCR_AES_128_CBC IKE Version : 3 DH Group : DH_GROUP_5 SA Expiry Time : 1000 sec IKE Role : INITIATOR Ipsec Tunnel Profile : UUID : 00000000-0000-0001-0000-000000000003 AH Transport Protocol Enabled : False Authentication Algorithm : AUTH_HMAC_SHA1 DF Policy : DF_COPY Disable Anti Replay : True Enable ESN : False Encryption Algorithm : ENCR_AES_128_CBC SA Expiry Time : 1200 sec Transport Mode : False Peer Address : 10.109.24.22 Peer ID : 10.109.24.22 Peer ID Type : IPSEC_IP_ADDR_TYPE Policy : UUID : 00000000-0000-0000-0000-00000000000b Action : VPN_ACTION_PROTECT Applied TO : Logical Router Port : 00000000-0000-0000-0000-00000000000c IKE Rulefrom ID : 2 IKE Ruleto ID : 1 Local Subnet : 192.168.2.0/24 Peer Subnet : 172.16.2.0/24 Priority : 10 TCP MSS Direction : TCP_MSS_ADJUST_BOTH TCP MSS Value : 1350 Type : POLICY_BASED_SESSION VPN Service Profile : UUID : 00000000-0000-0001-0000-000000000007 Enable : True IKE State File Encryption PWD : XXXX Ipsec HA Sync Enabled : True SR Clustur ID : 00000000-0000-0001-0000-000000000006
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config session local-ip <ip-address> remote-ip <ip-address>
    Display a configured IPSec VPN session with specific endpoints.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get ipsecvpn config session local-ip 10.109.24.20 remote-ip 10.109.24.20 UUID : 00000000-0000-0000-0000-00000000000a Enabled : True IKE Session ID : 2 Local Endpoint Profile : UUID : 00000000-0000-0000-0000-000000000004 Local Address : Ipv4 : 10.109.24.20 Local ID : 174921748 Local ID Type : IPSEC_IP_ADDR_TYPE Peer Endpoint Profile : UUID : 00000000-0000-0000-0000-000000000005 Auth Mode : AUTH_MODE_PSK DPD Profile : UUID : 00000000-0000-0001-0000-000000000001 Enabled : True DPD Probe Interval : 600 sec IKE Profile : UUID : 00000000-0000-0001-0000-000000000002 Authentication Algorithm : AUTH_HMAC_SHA1 Encryption Algorithm : ENCR_AES_128_CBC IKE Version : 3 DH Group : DH_GROUP_5 SA Expiry Time : 1000 sec IKE Role : INITIATOR Ipsec Tunnel Profile : UUID : 00000000-0000-0001-0000-000000000003 AH Transport Protocol Enabled : False Authentication Algorithm : AUTH_HMAC_SHA1 DF Policy : DF_COPY Disable Anti Replay : True Enable ESN : False Encryption Algorithm : ENCR_AES_128_CBC SA Expiry Time : 1200 sec Transport Mode : False Peer Address : 10.109.24.22 Peer ID : 10.109.24.22 Peer ID Type : IPSEC_IP_ADDR_TYPE Policy : UUID : 00000000-0000-0000-0000-00000000000b Action : VPN_ACTION_PROTECT Applied TO : Logical Router Port : 00000000-0000-0000-0000-00000000000c IKE Rulefrom ID : 2 IKE Ruleto ID : 1 Local Subnet : 192.168.2.0/24 Peer Subnet : 172.16.2.0/24 Priority : 10 TCP MSS Direction : TCP_MSS_ADJUST_BOTH TCP MSS Value : 1350 Type : POLICY_BASED_SESSION VPN Service Profile : UUID : 00000000-0000-0001-0000-000000000007 Enable : True IKE State File Encryption PWD : XXXX Ipsec HA Sync Enabled : True SR Clustur ID : 00000000-0000-0001-0000-000000000006
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config tunnel-profile
    Display all configured IPsec tunnel profiles.
    Example
    nsx-edge-1> get ipsecvpn config tunnel-profile UUID : 00000000-0000-0001-0000-000000000003 AH Transport Protocol Enabled : False Authentication Algorithm : AUTH_HMAC_SHA1 DF Policy : DF_COPY Disable Anti Replay : True Enable ESN : True Encryption Algorithm : ENCR_AES_128_CBC SA Expiry Time : 1200 sec Transport Mode : False
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn config tunnel-profile <uuid>
    Display configured IPSec tunnel profile.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn config tunnel-profile 78b17d39-22ad-47bb-a0da-792f7e89bc58 AH Transport Protocol Enabled : False Authentication Algorithm : AUTH_HMAC_SHA1 DF Policy : DF_COPY Disable Anti Replay : True Enable ESN : True Encryption Algorithm : ENCR_AES_128_CBC SA Expiry Time : 1200 sec Transport Mode : False
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn crl <uuid>
    Display complete information from a specific CRL certificate.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn crl d812f9e9-f047-4eb7-876b-3e3b88332c10 UUID : d812f9e9-f047-4eb7-876b-3e3b88332c10 Certificate Revocation List (CRL):
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn crls
    Display Issuer Name from all CRL certificates.
    Example
    nsx-edge-1> get ipsecvpn crls UUID : d812f9e9-f047-4eb7-876b-3e3b88332c10 Issuer :
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn crls verbose
    Display complete information from all CRL certificates.
    Example
    nsx-edge-1> get ipsecvpn crls verbose UUID : d812f9e9-f047-4eb7-876b-3e3b88332c10 Certificate Revocation List (CRL):
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ikesa
    Display all IKE SAs.
    Example
    nsx-edge-1> get ipsecvpn ikesa Total Number of IKE SAs: 1 IKE Version : IKEv2 IKE Status : Up IKE Session ID : 8 Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6 Session Type : Policy Based IKE SPI Initiator : 0x0c6a7a809f4a6e2f IKE SPI Responder : 0x33bbea1267703b12 Role : Initiator Number of Child SA Pairs : 1 Created Timestamp : 2017-12-21 07:34:58 IKE SA Uptime : 163 sec IKE SA Lifetime : 1000 sec DPD Probe Interval : 600 sec IP Address: Local : 10.109.24.20 Remote : 10.109.24.22 Identity: Local : 10.109.24.20 (ipv4) Remote : 10.109.24.22 (ipv4) Algorithm: Encryption : aes128-cbc Authentication : hmac-sha1-96 PRF : hmac-sha1 DH Group : 14 Authentication Method : Pre-shared key --------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ikesa <session-id>
    Display an IKE SA.
    Option Description
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn ikesa 2 Total Number of IKE SAs: 1 IKE Version : IKEv2 IKE Status : Up IKE Session ID : 2 Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6 Session Type : Policy Based IKE SPI Initiator : 0x0c6a7a809f4a6e2f IKE SPI Responder : 0x33bbea1267703b12 Role : Responder Number of Child SA Pairs : 1 Created Timestamp : 2017-12-27 20:49:52 IKE SA Uptime : 163 sec IKE SA Lifetime : 1000 sec DPD Probe Interval : 600 sec IP Address: Local : 10.109.24.20 Remote : 10.109.24.22 Identity: Local : 10.109.24.20 (ipv4) Remote : 10.109.24.22 (ipv4) Algorithm: Encryption : aes128-cbc Authentication : hmac-sha1-96 PRF : hmac-sha1 DH Group : 14 Authentication Method : Pre-shared key ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ikesa active
    Display all IKE security associations in active state.
    Example
    nsx-edge-1> get ipsecvpn ikesa active Total Number of Active IKE SAs: 1 IKE Version : IKEv2 IKE Status : Up IKE Session ID : 2 Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6 Session Type : Policy Based IKE SPI Initiator : 0x0c6a7a809f4a6e2f IKE SPI Responder : 0x33bbea1267703b12 Role : Initiator Number of Child SA Pairs : 2 Created Timestamp : 2017-09-25 03:02:45 IKE SA Uptime : 163 sec IKE SA Lifetime : 1000 sec DPD Probe Interval : 600 sec IP Address: Local : 10.112.202.147 Remote : 10.112.200.243 Identity: Local : a@ipsecvpn.com (email) Remote : b@ipsecvpn.com (email) Algorithm: Encryption : aes128-cbc Authentication : hmac-sha1-96 PRF : hmac-sha1 DH Group : 14 Authentication Method : Pre-shared key ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ikesa active <session-id>
    Display IKE security association in active state.
    Option Description
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn ikesa active 3 Total Number of Active IKE SAs: 1 IKE Version : IKEv2 IKE Status : Up IKE Session ID : 3 Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6 Session Type : Policy Based IKE SPI Initiator : 0x0c6a7a809f4a6e2f IKE SPI Responder : 0x33bbea1267703b12 Role : Initiator Number of Child SA Pairs : 2 Created Timestamp : 2017-09-25 03:02:45 IKE SA Uptime : 163 sec IKE SA Lifetime : 1000 sec DPD Probe Interval : 600 sec IP Address: Local : 10.112.202.147 Remote : 10.112.200.243 Identity: Local : a@ipsecvpn.com (email) Remote : b@ipsecvpn.com (email) Algorithm: Encryption : aes128-cbc Authentication : hmac-sha1-96 PRF : hmac-sha1 DH Group : 14 Authentication Method : Pre-shared key ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ikesa active logical-router <uuid>
    Display all IKE security associations in active state.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn ikesa active logical-router d88806dc-0a12-41a5-ab18-fce703027b35 Total Number of Active IKE SAs: 1 IKE Version : IKEv2 IKE Status : Up IKE Session ID : 2 Session Name : Tunnel-7acc1289-abd44ebf-84fcdf8a-1e541514 Session Type : Policy Based IKE SPI Initiator : 0x91fb9d4b6d5572e9 IKE SPI Responder : 0x343ca26af10c7513 Role : Initiator Number of Child SA Pairs : 1 Created Timestamp : 2019-03-19 10:56:05 IKE SA Uptime : 22852 sec IKE SA Lifetime : 86400 sec DPD Probe Interval : 60 sec IP Address: Local : 192.168.128.1 Remote : 1.1.5.100 Identity: Local : 192.168.128.1 (ipv4) Remote : 1.1.5.100 (ipv4) Algorithm: Encryption : aes128-cbc Authentication : hmac-sha1-96 PRF : hmac-sha1 DH Group : 14 Authentication Method : Pre-shared key ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ikesa active logical-router <uuid> <session-id>
    Display IKE security association in active state on given Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn ikesa active logical-router 3 Total Number of Active IKE SAs: 1 IKE Version : IKEv2 IKE Status : Up IKE Session ID : 3 Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6 Session Type : Policy Based IKE SPI Initiator : 0x0c6a7a809f4a6e2f IKE SPI Responder : 0x33bbea1267703b12 Role : Initiator Number of Child SA Pairs : 2 Created Timestamp : 2017-09-25 03:02:45 IKE SA Uptime : 163 sec IKE SA Lifetime : 1000 sec DPD Probe Interval : 600 sec IP Address: Local : 10.112.202.147 Remote : 10.112.200.243 Identity: Local : a@ipsecvpn.com (email) Remote : b@ipsecvpn.com (email) Algorithm: Encryption : aes128-cbc Authentication : hmac-sha1-96 PRF : hmac-sha1 DH Group : 14 Authentication Method : Pre-shared key ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ikesa logical-router <uuid>
    Display all IKE SAs on given Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn ikesa logical-router Total Number of IKE SAs: 1 IKE Version : IKEv2 IKE Status : Up IKE Session ID : 8 Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6 Session Type : Policy Based IKE SPI Initiator : 0x0c6a7a809f4a6e2f IKE SPI Responder : 0x33bbea1267703b12 Role : Initiator Number of Child SA Pairs : 1 Created Timestamp : 2017-12-21 07:34:58 IKE SA Uptime : 163 sec IKE SA Lifetime : 1000 sec DPD Probe Interval : 600 sec IP Address: Local : 10.109.24.20 Remote : 10.109.24.22 Identity: Local : 10.109.24.20 (ipv4) Remote : 10.109.24.22 (ipv4) Algorithm: Encryption : aes128-cbc Authentication : hmac-sha1-96 PRF : hmac-sha1 DH Group : 14 Authentication Method : Pre-shared key --------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ikesa logical-router <uuid> <session-id>
    Display an IKE SA on given Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn ikesa 2 Total Number of IKE SAs: 1 IKE Version : IKEv2 IKE Status : Up IKE Session ID : 2 Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6 Session Type : Policy Based IKE SPI Initiator : 0x0c6a7a809f4a6e2f IKE SPI Responder : 0x33bbea1267703b12 Role : Responder Number of Child SA Pairs : 1 Created Timestamp : 2017-12-27 20:49:52 IKE SA Uptime : 163 sec IKE SA Lifetime : 1000 sec DPD Probe Interval : 600 sec IP Address: Local : 10.109.24.20 Remote : 10.109.24.22 Identity: Local : 10.109.24.20 (ipv4) Remote : 10.109.24.22 (ipv4) Algorithm: Encryption : aes128-cbc Authentication : hmac-sha1-96 PRF : hmac-sha1 DH Group : 14 Authentication Method : Pre-shared key ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ikesa negotiating
    Display all IKE security associations in negotiating state.
    Example
    nsx-edge-1> get ipsecvpn ikesa negotiating Total Number of Negotiating IKE SAs: 1 IKE Version : IKEv2 IKE Status : Negotiating (SSH_IKEV2_STATE_IKE_INIT_SA) IKE Session ID : 2 Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6 Session Type : Policy Based IKE SPI Initiator : 0x0c6a7a809f4a6e2f IKE SPI Responder : 0x0 Role : Initiator Number of Child SA Pairs : 2 IKE SA Lifetime : 0 sec DPD Probe Interval : 600 sec IP Address: Local : 10.112.202.147 Remote : 10.112.200.243 Identity: Local : Negotiating Remote : Negotiating Algorithm: Encryption : Negotiating Authentication : Negotiating PRF : Negotiating DH Group : Negotiating Authentication Method : Negotiating ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ikesa negotiating <session-id>
    Display IKE security association in negotiating state.
    Option Description
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn ikesa negotiating 2 Total Number of Negotiating IKE SAs: 1 IKE Version : IKEv2 IKE Status : Negotiating (SSH_IKEV2_STATE_IKE_INIT_SA) IKE Session ID : 2 Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6 Session Type : Policy Based IKE SPI Initiator : 0x0c6a7a809f4a6e2f IKE SPI Responder : 0x0 Role : Initiator Number of Child SA Pairs : 2 IKE SA Lifetime : 0 sec DPD Probe Interval : 600 sec IP Address: Local : 10.112.202.147 Remote : 10.112.200.243 Identity: Local : Negotiating Remote : Negotiating Algorithm: Encryption : Negotiating Authentication : Negotiating PRF : Negotiating DH Group : Negotiating Authentication Method : Negotiating ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ikesa negotiating logical-router <uuid>
    Display all IKE security associations in negotiating state.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn ikesa negotiating logical-router 2ea7f52f-11db-4bca-9a8a-4775467806b7 Total Number of Negotiating IKE SAs: 1 IKE Version : IKEv2 IKE Status : Negotiating (IKEV2_STATE_IKE_INIT_SA) IKE Session ID : 3 Session Name : Tunnel-61fbc9f7-f3134f29-82a0d8a3-58118369 Session Type : Policy Based IKE SPI Initiator : 0x81c8fe04f0e7040b IKE SPI Responder : 0x0000000000000000 Role : Initiator Number of Child SA Pairs : 0 IKE SA Lifetime : 0 sec DPD Probe Interval : 60 sec IP Address: Local : 5.5.5.5 Remote : 1.1.5.1 Identity: Local : Negotiating Remote : Negotiating Algorithm: Encryption : Negotiating Authentication : Negotiating PRF : Negotiating DH Group : Negotiating Authentication Method : Negotiating ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ikesa negotiating logical-router <uuid> <session-id>
    Display IKE security association in negotiating state.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn ikesa negotiating logical-router 2 Total Number of Negotiating IKE SAs: 1 IKE Version : IKEv2 IKE Status : Negotiating (SSH_IKEV2_STATE_IKE_INIT_SA) IKE Session ID : 2 Session Name : Tunnel-62791cf0-7a541cb-915a6e5d-b6ed32f6 Session Type : Policy Based IKE SPI Initiator : 0x0c6a7a809f4a6e2f IKE SPI Responder : 0x0 Role : Initiator Number of Child SA Pairs : 2 IKE SA Lifetime : 0 sec DPD Probe Interval : 600 sec IP Address: Local : 10.112.202.147 Remote : 10.112.200.243 Identity: Local : Negotiating Remote : Negotiating Algorithm: Encryption : Negotiating Authentication : Negotiating PRF : Negotiating DH Group : Negotiating Authentication Method : Negotiating ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ipsecsa
    Display all IPSec SAs from control plane.
    Example
    nsx-edge-1> get ipsecvpn ipsecsa Total Number of IPSec SA Pairs: 1 Session ID : 2 Created Timestamp : 2018-04-10 03:58:33 Local TS : ipv4(192.168.2.0-192.168.2.255) Remote TS : ipv4(172.16.2.0-172.16.2.255) SPI In : 0xd03e65b0 SPI Out : 0xcbebe1e9 Rule ID In : 22 Rule ID Out : 2147483670 SA Uptime : 184 sec SA Lifetime : 1200 sec Local Endpoint : 10.0.0.1 Remote Endpoint: 10.1.0.1 Algorithm: aes128-cbc/hmac-sha1-96/14 NAT-T: False, ESN: False, DF-Policy: Copy Anti-Replay Window Size: 960, Role: Initiator ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ipsecsa logical-router <uuid>
    Display all IPSec SAs from control plane.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn ipsecsa logical-router d88806dc-0a12-41a5-ab18-fce703027b35 Total Number of IPSec SA Pairs: 1 Session ID : 2 Created Timestamp : 2018-04-10 03:58:33 Local TS : ipv4(192.168.2.0-192.168.2.255) Remote TS : ipv4(172.16.2.0-172.16.2.255) SPI In : 0xd03e65b0 SPI Out : 0xcbebe1e9 Rule ID In : 22 Rule ID Out : 2147483670 SA Uptime : 184 sec SA Lifetime : 1200 sec Local Endpoint : 10.0.0.1 Remote Endpoint: 10.1.0.1 Algorithm: aes128-cbc/hmac-sha1-96/14 NAT-T: False, ESN: False, DF-Policy: Copy Anti-Replay Window Size: 960, Role: Initiator ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ipsecsa logical-router <uuid> ruleid <rule-id>
    Display IPSec SA with specific rule id from control plane.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <rule-id> Rule ID
    Example
    nsx-edge-1> get ipsecvpn ipsecsa ruleid 22 Total Number of IPSec SA Pairs: 1 Session ID : 2 Created Timestamp : 2018-04-10 03:58:33 Local TS : ipv4(192.168.2.0-192.168.2.255) Remote TS : ipv4(172.16.2.0-172.16.2.255) SPI In : 0xd03e65b0 SPI Out : 0xcbebe1e9 Rule ID In : 22 Rule ID Out : 2147483670 SA Uptime : 184 sec SA Lifetime : 1200 sec Local Endpoint : 10.0.0.1 Remote Endpoint: 10.1.0.1 Algorithm: aes128-cbc/hmac-sha1-96/14 NAT-T: False, ESN: False, DF-Policy: Copy Anti-Replay Window Size: 960, Role: Initiator ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ipsecsa logical-router <uuid> sessionid <session-id>
    Display an IPSec SA with specific session id from control plane.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn ipsecsa logical-router sessionid 2 Total Number of IPSec SA Pairs: 1 Session ID : 2 Created Timestamp : 2018-04-10 03:58:33 Local TS : ipv4(192.168.2.0-192.168.2.255) Remote TS : ipv4(172.16.2.0-172.16.2.255) SPI In : 0xd03e65b0 SPI Out : 0xcbebe1e9 Rule ID In : 22 Rule ID Out : 2147483670 SA Uptime : 184 sec SA Lifetime : 1200 sec Local Endpoint : 10.0.0.1 Remote Endpoint: 10.1.0.1 Algorithm: aes128-cbc/hmac-sha1-96/14 NAT-T: False, ESN: False, DF-Policy: Copy Anti-Replay Window Size: 960, Role: Initiator ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ipsecsa ruleid <rule-id>
    Display IPSec SA with specific rule id from control plane.
    Option Description
    <rule-id> Rule ID
    Example
    nsx-edge-1> get ipsecvpn ipsecsa ruleid 22 Total Number of IPSec SA Pairs: 1 Session ID : 2 Created Timestamp : 2018-04-10 03:58:33 Local TS : ipv4(192.168.2.0-192.168.2.255) Remote TS : ipv4(172.16.2.0-172.16.2.255) SPI In : 0xd03e65b0 SPI Out : 0xcbebe1e9 Rule ID In : 22 Rule ID Out : 2147483670 SA Uptime : 184 sec SA Lifetime : 1200 sec Local Endpoint : 10.0.0.1 Remote Endpoint: 10.1.0.1 Algorithm: aes128-cbc/hmac-sha1-96/14 NAT-T: False, ESN: False, DF-Policy: Copy Anti-Replay Window Size: 960, Role: Initiator ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn ipsecsa sessionid <session-id>
    Display an IPSec SA with specific session id from control plane.
    Option Description
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn ipsecsa sessionid 2 Total Number of IPSec SA Pairs: 1 Session ID : 2 Created Timestamp : 2018-04-10 03:58:33 Local TS : ipv4(192.168.2.0-192.168.2.255) Remote TS : ipv4(172.16.2.0-172.16.2.255) SPI In : 0xd03e65b0 SPI Out : 0xcbebe1e9 Rule ID In : 22 Rule ID Out : 2147483670 SA Uptime : 184 sec SA Lifetime : 1200 sec Local Endpoint : 10.0.0.1 Remote Endpoint: 10.1.0.1 Algorithm: aes128-cbc/hmac-sha1-96/14 NAT-T: False, ESN: False, DF-Policy: Copy Anti-Replay Window Size: 960, Role: Initiator ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn policy logical-router <uuid> rules <uuid>
    Display an IPSec policy rule for a LogicalRouter.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    UUID : 00003400-0000-0402-8000-040300000000 LOG Router ID : d88806dc-0a12-41a5-ab18-fce703027b35 Rule : ID : 2147484675 Action : RA_ENCRYPT Applied TO : Container : 00001000-0000-0000-0000-000000000001 Component Name : CN_IKE Direction : RD_IN From Address : IP Address : Ipv4 : 2.2.5.0 Prefix Length : 24 IS Stateful : True Keypolicy ID : 00003400-0000-0402-0000-040300000000 Lbrule : False Priority : 100 Protocol : DST Ports : Range : SRC Ports : Range : Section ID : 00003500-0000-0000-0000-000000000001 TAG : ipsec TO Address : IP Address : Ipv4 : 192.168.100.0 Prefix Length : 24 Type : RT_LAYER3 Uuid : 00003400-0000-0402-8000-040300000000
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn policy rules
    Display all IPSec VPN policy rules.
    Example
    nsx-edge-1> get ipsecvpn policy rules UUID : 00000000-0000-0000-0000-00000000000c Rule : ID : 1 Action : RA_ENCRYPT Applied TO : Logical Router Port : 00000000-0000-0000-0000-00000000000c Component Name : CN_IKE Direction : RD_OUT From Address : IP Address : Ipv4 : 10.109.24.20 Prefix Length : 32 IS Stateful : True Keypolicy ID : 00000000-0000-0000-0000-00000000000b Lbrule : False Priority : 10 Protocol : DST Ports : Range : SRC Ports : Range : Section ID : 00000000-0000-0003-0000-000000000005 TAG : ipsec TO Address : IP Address : Ipv4 : 10.109.24.22 Prefix Length : 32 Type : RT_LAYER3 Uuid : 00000000-0000-0000-0000-00000000000c UUID : 00000000-0000-0000-0000-00000000000d Rule : ID : 1 Action : RA_ENCRYPT Applied TO : Logical Router Port : 00000000-0000-0000-0000-00000000000c Component Name : CN_IKE Direction : RD_IN From Address : IP Address : Ipv4 : 10.109.24.22 Prefix Length : 32 IS Stateful : True Keypolicy ID : 00000000-0000-0000-0000-00000000000b Lbrule : False Priority : 10 Protocol : DST Ports : Range : SRC Ports : Range : Section ID : 00000000-0000-0003-0000-000000000005 TAG : ipsec TO Address : IP Address : Ipv4 : 10.109.24.20 Prefix Length : 32 Type : RT_LAYER3 Uuid : 00000000-0000-0000-0000-00000000000d
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn policy rules <uuid>
    Display an IPSec policy rule.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn policy rules 00000000-0000-0000-0000-00000000000c Rule : ID : 1 Action : RA_ENCRYPT Applied TO : Logical Router Port : 00000000-0000-0000-0000-00000000000c Component Name : CN_IKE Direction : RD_OUT From Address : IP Address : Ipv4 : 10.109.24.20 Prefix Length : 32 IS Stateful : True Keypolicy ID : 00000000-0000-0000-0000-00000000000b Lbrule : False Priority : 10 Protocol : DST Ports : Range : SRC Ports : Range : Section ID : 00000000-0000-0003-0000-000000000005 TAG : ipsec TO Address : IP Address : Ipv4 : 10.109.24.22 Prefix Length : 32 Type : RT_LAYER3 Uuid : 00000000-0000-0000-0000-00000000000c
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn policy rules logical-router <uuid>
    Display all IPSec VPN policy rules for a LogicalRouter.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn policy rules logical-router UUID : 00003400-0000-0402-0000-040300000000 LOG Router ID : d88806dc-0a12-41a5-ab18-fce703027b35 Rule : ID : 1027 Action : RA_ENCRYPT Applied TO : Container : 00001000-0000-0000-0000-000000000001 Component Name : CN_IKE Direction : RD_OUT From Address : IP Address : Ipv4 : 192.168.100.0 Prefix Length : 24 IS Stateful : True Keypolicy ID : 00003400-0000-0402-0000-040300000000 Lbrule : False Priority : 100 Protocol : DST Ports : Range : SRC Ports : Range : Section ID : 00003500-0000-0000-0000-000000000001 TAG : ipsec TO Address : IP Address : Ipv4 : 2.2.5.0 Prefix Length : 24 Type : RT_LAYER3 Uuid : 00003400-0000-0402-0000-040300000000 UUID : 00003400-0000-0402-8000-040300000000 LOG Router ID : d88806dc-0a12-41a5-ab18-fce703027b35 Rule : ID : 2147484675 Action : RA_ENCRYPT Applied TO : Container : 00001000-0000-0000-0000-000000000001 Component Name : CN_IKE Direction : RD_IN From Address : IP Address : Ipv4 : 2.2.5.0 Prefix Length : 24 IS Stateful : True Keypolicy ID : 00003400-0000-0402-0000-040300000000 Lbrule : False Priority : 100 Protocol : DST Ports : Range : SRC Ports : Range : Section ID : 00003500-0000-0000-0000-000000000001 TAG : ipsec
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn policy summary
    Display summary of IPSec VPN policy rules.
    Example
    nsx-edge-1>get ipsecvpn policy summary IPSec Security Policy count: 4 RuleId Dir Local Subnet Peer Subnet Action UUID -------------------------------------------------------------------------------------------------------------- 1027 Out 192.168.100.0/24 2.2.5.0/24 Encrypt 00003400-0000-0402-0000-040300000000 2147484675 In 2.2.5.0/24 192.168.100.0/24 Encrypt 00003400-0000-0402-8000-040300000000 1032 Out 192.168.100.1/32 2.2.5.1/32 Bypass 00003400-0000-0407-0000-040800000000 2147484680 In 2.2.5.1/32 192.168.100.1/32 Bypass 00003400-0000-0407-8000-040800000000 --------------------------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn policy summary logical-router <uuid>
    Display summary of IPSec VPN policy rules.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1>get ipsecvpn policy summary IPSec Security Policy count: 4 RuleId Dir Local Subnet Peer Subnet Action UUID -------------------------------------------------------------------------------------------------------------- 1027 Out 192.168.100.0/24 2.2.5.0/24 Encrypt 00003400-0000-0402-0000-040300000000 2147484675 In 2.2.5.0/24 192.168.100.0/24 Encrypt 00003400-0000-0402-8000-040300000000 1032 Out 192.168.100.1/32 2.2.5.1/32 Bypass 00003400-0000-0407-0000-040800000000 2147484680 In 2.2.5.1/32 192.168.100.1/32 Bypass 00003400-0000-0407-8000-040800000000 --------------------------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn sad
    Display all IPSec SAs present in Security Association Database(datapath).
    Example
    nsx-edge-1> get ipsecvpn sad Total Number of IPSec SAs: 2 Inbound SAs: Rule ID : 2147484675 Policy UUID : 00003400-0000-0800-0000-080b00000000 VRF ID : 1 SPI : 0xf835f82a Created Timestamp : 2018-03-19 10:24:21 SA Uptime : 496 sec SA Lifetime : 3600 sec NAT-Traversal : False ESN : False DF Policy : clear SA Hit : 1 Sequence Number (Recv) : 1234 Anti-Replay Window Size : 960 TCP MSS Value : 1350 Traffic Mode : Tunnel Protocol : ESP IP Address: Source : 1.1.5.100 Destination : 192.168.128.1 Subnets: Source : 2.2.5.0/24 Destination : 192.168.100.0/24 Algorithm: Encryption : aes-128-cbc Authentication : sha1-hmac ---------------------------------------- Outbound SAs: Rule ID : 1027 Policy UUID : 00003400-0000-0800-0000-080b00000000 VRF ID : 1 SPI : 0xc3f194fa Created Timestamp : 2018-03-19 10:24:21 SA Uptime : 496 sec SA Lifetime : 3600 sec NAT-Traversal : False ESN : False DF Policy : clear SA Hit : 1 Sequence Number (Sent) : 1234 Anti-Replay Window Size : 960 TCP MSS Value : 1350 Traffic Mode : Tunnel Protocol : ESP IP Address: Source : 192.168.128.1 Destination : 1.1.5.100 Subnets: Source : 192.168.100.0/24 Destination : 2.2.5.0/24 Algorithm: Encryption : aes-128-cbc Authentication : sha1-hmac ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn sad <uuid>
    Display IPSec SA present in Security Association Database(datapath).
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn sad 00003400-0000-0402-0000-040300000000 Total Number of IPSec SAs: 2 Inbound SAs: Rule ID : 2147484675 Policy UUID : 00003400-0000-0800-0000-080b00000000 VRF ID : 1 SPI : 0xf835f82a Created Timestamp : 2018-03-19 10:24:21 SA Uptime : 496 sec SA Lifetime : 3600 sec NAT-Traversal : False ESN : False DF Policy : clear SA Hit : 1 Sequence Number (Recv) : 1234 Anti-Replay Window Size : 960 TCP MSS Value : 1350 Traffic Mode : Tunnel Protocol : ESP IP Address: Source : 1.1.5.100 Destination : 192.168.128.1 Subnets: Source : 2.2.5.0/24 Destination : 192.168.100.0/24 Algorithm: Encryption : aes-128-cbc Authentication : sha1-hmac ---------------------------------------- Outbound SAs: Rule ID : 1027 Policy UUID : 00003400-0000-0800-0000-080b00000000 VRF ID : 1 SPI : 0xc3f194fa Created Timestamp : 2018-03-19 10:24:21 SA Uptime : 496 sec SA Lifetime : 3600 sec NAT-Traversal : False ESN : False DF Policy : clear SA Hit : 1 Sequence Number (Sent) : 1234 Anti-Replay Window Size : 960 TCP MSS Value : 1350 Traffic Mode : Tunnel Protocol : ESP IP Address: Source : 192.168.128.1 Destination : 1.1.5.100 Subnets: Source : 192.168.100.0/24 Destination : 2.2.5.0/24 Algorithm: Encryption : aes-128-cbc Authentication : sha1-hmac ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn sad logical-router <uuid>
    Display IPSec SA present in Security Association Database(datapath).
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn sad logical-router d88806dc-0a12-41a5-ab18-fce703027b35 Total Number of IPSec SAs: 2 Inbound SAs: Rule ID : 2147484675 Policy UUID : 00003400-0000-0800-0000-080b00000000 VRF ID : 2 SPI : 0x7bbde976 Created Timestamp : 2019-03-19 16:16:12 SA Uptime : 37 sec SA Lifetime : 3600 sec NAT-Traversal : False ESN : False DF Policy : clear SA Hit : 0 Sequence Number (Recv) : 0 Anti-Replay Window Size : 960 TCP MSS Value : 0 Traffic Mode : Tunnel Protocol : ESP IP Address: Source : 1.1.5.100 Destination : 192.168.128.1 Subnets: Source : 2.2.5.0/24 Destination : 192.168.100.0/24 Algorithm: Encryption : aes-128-cbc Authentication : sha1-hmac ---------------------------------------- Outbound SAs: Rule ID : 1027 Policy UUID : 00003400-0000-0800-0000-080b00000000 VRF ID : 2 SPI : 0xc9813c88 Created Timestamp : 2019-03-19 16:16:12 SA Uptime : 37 sec SA Lifetime : 3600 sec NAT-Traversal : False ESN : False DF Policy : clear SA Hit : 0 Sequence Number (Sent) : 0 Anti-Replay Window Size : 960 TCP MSS Value : 0 Traffic Mode : Tunnel Protocol : ESP IP Address: Source : 192.168.128.1 Destination : 1.1.5.100 Subnets: Source : 192.168.100.0/24 Destination : 2.2.5.0/24 Algorithm: Encryption : aes-128-cbc Authentication : sha1-hmac ----------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn service
    Display all IPSec Services Information.
    Example
    nsx-edge-1> get ipsecvpn service Service ID: 3bfc5972-1cb7-43cf-a646-529473981971 Service State: Not Active Enabled:No Down Reason: VPN service disabled SR ID : d88806dc-0a12-41a5-ab18-fce703027b35 SR State : Active HA Sync Enabled: Yes ---------------------------------------------------------------------- Service ID: acaba146-31f7-4b35-bc19-f3055ea93db0 Service State: Active Enabled: Yes SR ID : 2ea7f52f-11db-4bca-9a8a-4775467806b7 SR State : Active HA Sync Enabled: Yes ----------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn service <uuid>
    Display IPSec Service Information.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn service Service ID: acaba146-31f7-4b35-bc19-f3055ea93db0 Service State: Active Enabled: Yes SR ID : 2ea7f52f-11db-4bca-9a8a-4775467806b7 SR State : Active HA Sync Enabled: Yes ----------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn service <uuid> verbose
    Display all IPSec Service Information in detail.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn service verbose Service ID: acaba146-31f7-4b35-bc19-f3055ea93db0 Service State: Active Enabled: Yes SR ID : 2ea7f52f-11db-4bca-9a8a-4775467806b7 SR State : Active HA Sync Enabled: Yes Bypass Policies Policy UUID: 00003400-0000-0404-0000-040500000000 Local Subnet: 192.168.100.5/32 Peer Subnet: 2.2.5.5/32 ------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn service verbose
    Display IPSec Service Information in detail.
    Example
    nsx-edge-1> get ipsecvpn service verbose Service ID: acaba146-31f7-4b35-bc19-f3055ea93db0 Service State: Active Enabled: Yes SR ID : 2ea7f52f-11db-4bca-9a8a-4775467806b7 SR State : Active HA Sync Enabled: Yes Bypass Policies Policy UUID: 00003400-0000-0404-0000-040500000000 Local Subnet: 192.168.100.5/32 Peer Subnet: 2.2.5.5/32 ------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session
    Display all IPSec VPN sessions.
    Example
    nsx-edge-1>get ipsecvpn session Total Number of Sessions: 3 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Down Down Reason : Timed out Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1029 ToRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA down ------------------------------------------------------------------------------------------ IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------ IKE Session ID : 4 UUID : aa2bcd92-35e0-4c99-a591-19b74c040cfd SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : Cert Compliance Suite : PRIME Local IP : 192.168.128.1 Peer IP : 1.1.5.101 Local ID : 192.168.128.1 Peer ID : C=IN, ST=Maharashtra, L=Pune, O=VMware, OU=NSBU, CN=VMwareSite2 Session Status : Up Policy Rules Policy UUID : 00003400-0000-048e-0000-048f00000000 ToRule ID : 1167 FromRule ID : 2147484815 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.6.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session <uuid>
    Display specific IPSec VPN session.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1>get ipsecvpn session ffc00327-0d7b-4e4d-8676-3eb12c803ed6 Total Number of Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session <uuid> history
    Display IPsec VPN session history using session uuid as the filter
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn session 7ec41071-e48a-4d5f-9c52-a110b5245ef9 history Total Number of Sessions: 1 IKE Session ID : 2 UUID : 7ec41071-e48a-4d5f-9c52-a110b5245ef9 SR ID : 1457c3cf-286c-4b83-b8ff-15ad40c4e858 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.2 Peer IP : 1.1.6.100 Local ID : 192.168.128.2 Peer ID : 1.1.6.100 Session Status : Up Session Status History 13-Jun-2019 15:43:45 : IKE_STATUS_NEGO 13-Jun-2019 15:43:45 : IKE_STATUS_DOWN (Negotiation not started) Policy Rules Policy UUID : 00003400-0000-0413-0000-041400000000 ToRule ID : 1044 FromRule ID : 2147484692 Local Subnet : 192.168.101.0/24 Peer Subnet : 2.2.6.0/24 Tunnel Status : Up Tunnel Status History Last Known Status : IPSEC_STATUS_DOWN ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session active
    Display all IPSec VPN sessions in active state.
    Example
    nsx-edge-1> get ipsecvpn session active Total Number of Active Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session active <uuid>
    Display an IPSec VPN session in active state.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn session active ffc00327-0d7b-4e4d-8676-3eb12c803ed6 Total Number of Active Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session active local-ip <ip-address> remote-ip <ip-address>
    Display IPSec VPN session in active state for specific endpoints.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get ipsecvpn session active local-ip 192.168.128.1 remote-ip 1.1.5.100 Total Number of Active Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session active sessionid <session-id>
    Display an IPSec VPN session in active state.
    Option Description
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn session active sessionid 2 Total Number of Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session down
    Display all IPsec VPN sessions in down state.
    Example
    nsx-edge-1> get ipsecvpn session down Total Number of Down Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Down Down Reason : No proposal chosen Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1027 FromRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session down <uuid>
    Display an IPsec VPN session in down state.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn session down 254d755e-e133-4831-89ab-41ef49c2bdc1 Total Number of Down Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Down Down Reason : Timed out Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1027 FromRuleId : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session down local-ip <ip-address> remote-ip <ip-address>
    Display IPsec VPN session in down state for specific endpoints.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get ipsecvpn session down local-ip 192.168.128.1 remote-ip 1.1.5.102 Total Number of Down Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Down Down Reason : Timed out Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1027 Rule ID FromRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session down sessionid <session-id>
    Display an IPsec VPN session in down state.
    Option Description
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn session down sessionid 3 Total Number of Down Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Down Down Reason : Timed out Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1029 FromRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session history
    Display all IPsec VPN sessions history.
    Example
    nsx-edge-1> get ipsecvpn session history Total Number of Sessions: 2 IKE Session ID : 2 UUID : 50736bc9-161a-4c32-9f8f-26fc08596810 SR ID : 1457c3cf-286c-4b83-b8ff-15ad40c4e858 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Session Status History 12-Jun-2019 09:35:54 : IKE_STATUS_NEGO 12-Jun-2019 09:35:44 : IKE_STATUS_DOWN (Peer not responding) 12-Jun-2019 09:32:54 : IKE_STATUS_NEGO 12-Jun-2019 09:32:50 : IKE_STATUS_DOWN (Peer not responding) 12-Jun-2019 09:29:42 : IKE_STATUS_UP 12-Jun-2019 09:29:42 : IKE_STATUS_NEGO 12-Jun-2019 09:29:41 : IKE_STATUS_DOWN (Negotiation not started) Policy Rules Policy UUID : 00003400-0000-0413-0000-041400000000 ToRule ID : 1044 FromRule ID : 2147484692 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up Tunnel Status History Last Known Status : IPSEC_STATUS_DOWN ------------------------------------------------------------------------------------------ IKE Session ID : 3 UUID : 7ec41071-e48a-4d5f-9c52-a110b5245ef9 SR ID : 1457c3cf-286c-4b83-b8ff-15ad40c4e858 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.2 Peer IP : 1.1.6.100 Local ID : 192.168.128.2 Peer ID : 1.1.6.100 Session Status : Up Session Status History 13-Jun-2019 15:43:45 : IKE_STATUS_NEGO 13-Jun-2019 15:43:45 : IKE_STATUS_DOWN (Negotiation not started) Policy Rules Policy UUID : 00003400-0000-0413-0000-041400000000 ToRule ID : 1044 FromRule ID : 2147484692 Local Subnet : 192.168.101.0/24 Peer Subnet : 2.2.6.0/24 Tunnel Status : Up Tunnel Status History Last Known Status : IPSEC_STATUS_DOWN ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session local-ip <ip-address> remote-ip <ip-address>
    Display IPSec VPN session for specific endpoints.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1>get ipsecvpn session local-ip 192.168.128.1 remote-ip 1.1.5.101 Total Number of Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session local-ip <ip-address> remote-ip <ip-address> history
    Display IPSec VPN session history for specific endpoints.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get ipsecvpn session local-ip 192.168.128.1 remote-ip 1.1.5.100 history IKE Session ID : 2 UUID : 50736bc9-161a-4c32-9f8f-26fc08596810 SR ID : 1457c3cf-286c-4b83-b8ff-15ad40c4e858 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Session Status History 12-Jun-2019 09:35:54 : IKE_STATUS_NEGO 12-Jun-2019 09:35:44 : IKE_STATUS_DOWN (Peer not responding) 12-Jun-2019 09:32:54 : IKE_STATUS_NEGO 12-Jun-2019 09:32:50 : IKE_STATUS_DOWN (Peer not responding) 12-Jun-2019 09:29:42 : IKE_STATUS_UP 12-Jun-2019 09:29:42 : IKE_STATUS_NEGO 12-Jun-2019 09:29:42 : IKE_STATUS_DOWN (Negotiation not started) Policy Rules Policy UUID : 00003400-0000-0413-0000-041400000000 ToRule ID : 1044 FromRule ID : 2147484692 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up Tunnel Status History Last Known Status : IPSEC_STATUS_DOWN ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid>
    Display all IPSec VPN sessions of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1>get ipsecvpn session Total Number of Sessions: 3 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Down Down Reason : Timed out Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1029 ToRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA down ------------------------------------------------------------------------------------------ IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------ IKE Session ID : 4 UUID : aa2bcd92-35e0-4c99-a591-19b74c040cfd SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : Cert Compliance Suite : PRIME Local IP : 192.168.128.1 Peer IP : 1.1.5.101 Local ID : 192.168.128.1 Peer ID : C=IN, ST=Maharashtra, L=Pune, O=VMware, OU=NSBU, CN=VMwareSite2 Session Status : Up Policy Rules Policy UUID : 00003400-0000-048e-0000-048f00000000 ToRule ID : 1167 FromRule ID : 2147484815 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.6.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> <uuid>
    Display specific IPSec VPN session of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1>get ipsecvpn session logical-router ffc00327-0d7b-4e4d-8676-3eb12c803ed6 Total Number of Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> <uuid> negotiating
    Display an IPsec VPN session in negotiating state of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn session logical-router negotiating 254d755e-e133-4831-89ab-41ef49c2bdc1 Total Number of Negotiating Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Negotiating Last Known Failure: Peer not reachable Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1027 FromRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> active
    Display all IPSec VPN sessions in active state of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn session logical-router active Total Number of Active Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> active <uuid>
    Display an IPSec VPN session in active state of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn session logical-router active ffc00327-0d7b-4e4d-8676-3eb12c803ed6 Total Number of Active Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> active local-ip <ip-address> remote-ip <ip-address>
    Display IPSec VPN session in active state for specific endpoints of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get ipsecvpn session logical-router active local-ip 192.168.128.1 remote-ip 1.1.5.100 Total Number of Active Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> active sessionid <session-id>
    Display an IPSec VPN session in active state of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn session logical-router active sessionid 2 Total Number of Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> down
    Display all IPsec VPN sessions in down state of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn session logical-router down Total Number of Down Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Down Down Reason : No proposal chosen Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1027 FromRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> down <uuid>
    Display an IPsec VPN session in down state of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn session logical-router down 254d755e-e133-4831-89ab-41ef49c2bdc1 Total Number of Down Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Down Down Reason : Timed out Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1027 FromRuleId : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> down local-ip <ip-address> remote-ip <ip-address>
    Display IPsec VPN session in down state for specific endpoints of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get ipsecvpn session logical-router down local-ip 192.168.128.1 remote-ip 1.1.5.102 Total Number of Down Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Down Down Reason : Timed out Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1027 Rule ID FromRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> down sessionid <session-id>
    Display an IPsec VPN session in down state of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn session logical-router down sessionid 3 Total Number of Down Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Down Down Reason : Timed out Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1029 FromRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> history
    Display IPSec VPN session history for a Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn session logical-router df13f67b-f45d-464b-a12a-614e56d5c9be history Total Number of Sessions: 1 IKE Session ID : 3 UUID : c2d0c110-3763-4bd8-a616-1397a1c29db1 SR ID : df13f67b-f45d-464b-a12a-614e56d5c9be Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.5 Peer IP : 1.1.5.1 Local ID : 192.168.128.5 Peer ID : 1.1.5.1 Session Status : Down Down Reason : Peer not responding Session Status History 17-Jun-2019 12:26:51 : IKE_STATUS_NEGO 17-Jun-2019 12:25:30 : IKE_STATUS_DOWN (Peer not responding) 17-Jun-2019 12:22:40 : IKE_STATUS_NEGO 17-Jun-2019 12:21:18 : IKE_STATUS_DOWN (Peer not responding) 17-Jun-2019 12:18:29 : IKE_STATUS_NEGO 17-Jun-2019 12:17:07 : IKE_STATUS_DOWN (Peer not responding) 17-Jun-2019 12:14:17 : IKE_STATUS_NEGO 17-Jun-2019 12:12:56 : IKE_STATUS_DOWN (Peer not responding) 17-Jun-2019 12:10:07 : IKE_STATUS_NEGO 17-Jun-2019 12:10:07 : IKE_STATUS_DOWN (Negotiation not started) Policy Rules Policy UUID : 00003400-0000-0418-0000-041900000000 ToRule ID : 1049 FromRule ID : 2147484697 Local Subnet : 192.168.100.0/24 Peer Subnet : 5.5.5.0/24 Tunnel Status : Down Down Reason : IKE SA down Tunnel Status History Last Known Status : IPSEC_STATUS_DOWN -----------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> local-ip <ip-address> remote-ip <ip-address>
    Display IPSec VPN session for specific endpoints on Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <ip-address> Network IP address argument
    Example
    nsx-edge-1>get ipsecvpn session local-ip 192.168.128.1 remote-ip 1.1.5.101 Total Number of Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> local-ip <ip-address> remote-ip <ip-address> history
    Display IPSec VPN session history for specific endpoints on Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get ipsecvpn session logical-router a8f5f7e8-2081-405b-93de-6eeff3f449f2 local-ip 192.168.128.1 remote-ip 1.1.5.100 history Total Number of Sessions: 1 IKE Session ID : 8193 UUID : 0487ebd9-31c2-46ae-8e37-ac1407b8a49a SR ID : a8f5f7e8-2081-405b-93de-6eeff3f449f2 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Session Status History 18-Sep-2019 12:40:01 : IKE_STATUS_NEGO 18-Sep-2019 12:38:37 : IKE_STATUS_UP 18-Sep-2019 12:38:37 : IKE_STATUS_NEGO 18-Sep-2019 12:38:36 : IKE_STATUS_DOWN (Negotiation not started) Policy Rules Policy UUID : 00003400-2000-0004-2000-000500000000 ToRule ID : 536870917 FromRule ID : 2684354565 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up Tunnel Status History Last Known Status : IPSEC_STATUS_DOWN -----------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> negotiating
    Display all IPsec VPN sessions in negotiating state of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn session logical-router negotiating Total Number of Negotiating Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Negotiating Last Known Failure: Peer not reachable Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1027 FromRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> negotiating local-ip <ip-address> remote-ip <ip-address>
    Display IPsec VPN session in negotiating state for specific endpoints.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get ipsecvpn session logical-router negotiating local-ip 192.168.128.1 remote-ip 1.1.5.102 Total Number of Negotiating Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Negotiating Last Known Failure: Peer not reachable Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1027 FromRule ID :2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> sessionid <session-id>
    Display all IPSec VPN sessions of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <session-id> IKE Session ID
    Example
    nsx-edge-1>get ipsecvpn session sessionid 2 Total Number of Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> sessionid <session-id> history
    Display IPSec VPN session history of a specific session for a Logical Router
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn session logical-router a8f5f7e8-2081-405b-93de-6eeff3f449f2 sessionid 8193 history Total Number of Sessions: 1 IKE Session ID : 8193 UUID : 0487ebd9-31c2-46ae-8e37-ac1407b8a49a SR ID : a8f5f7e8-2081-405b-93de-6eeff3f449f2 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Session Status History 18-Sep-2019 12:40:01 : IKE_STATUS_NEGO 18-Sep-2019 12:38:37 : IKE_STATUS_UP 18-Sep-2019 12:38:37 : IKE_STATUS_NEGO 18-Sep-2019 12:38:36 : IKE_STATUS_DOWN (Negotiation not started) Policy Rules Policy UUID : 00003400-2000-0004-2000-000500000000 ToRule ID : 536870917 FromRule ID : 2684354565 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up Tunnel Status History Last Known Status : IPSEC_STATUS_DOWN -----------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> status
    Display IPSec VPN session status for a Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn session status VPN Session Status Total Configured Sessions : 2 Total UP Sessions : 1 Total Down Sessions : 1 Total Negotiating Sessions : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session logical-router <uuid> summary
    Display summary of all IPSec VPN sessions for a Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1>get ipsecvpn session summary Version SID Compliance Suite Type Auth Status Local IP Peer IP Down Reason ---------------------------------------------------------------------------------------------------------------------------- IKEv2 4 None Policy PSK Down 192.168.128.1 1.1.5.102 Peer not reachable IKEv1 6 FOUNDATION Policy Cert Up 192.168.128.1 1.1.5.104 ---------------------------------------------------------------------------------------------------------------------------- SID: Session ID *: Last Known Failure
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session negotiating
    Display all IPsec VPN sessions in negotiating state.
    Example
    nsx-edge-1> get ipsecvpn session negotiating Total Number of Negotiating Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Negotiating Last Known Failure: Peer not reachable Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1027 FromRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session negotiating <uuid>
    Display an IPsec VPN session in negotiating state.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn session negotiating 254d755e-e133-4831-89ab-41ef49c2bdc1 Total Number of Negotiating Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Negotiating Last Known Failure: Peer not reachable Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1027 FromRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session negotiating local-ip <ip-address> remote-ip <ip-address>
    Display IPsec VPN session in negotiating state for specific endpoints of Logical Router.
    Option Description
    <ip-address> Network IP address argument
    Example
    nsx-edge-1> get ipsecvpn session negotiating local-ip 192.168.128.1 remote-ip 1.1.5.102 Total Number of Negotiating Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Negotiating Last Known Failure: Peer not reachable Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1027 FromRule ID :2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session negotiating logical-router <uuid> sessionid <session-id>
    Display an IPsec VPN session in negotiating state of Logical Router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn session negotiating logical-router sessionid 3 Total Number of Negotiating Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Negotiating Last Known Failure: Peer not reachable Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1029 FromRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session negotiating sessionid <session-id>
    Display an IPsec VPN session in negotiating state.
    Option Description
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn session negotiating sessionid 3 Total Number of Negotiating Sessions: 1 IKE Session ID : 3 UUID : 254d755e-e133-4831-89ab-41ef49c2bdc1 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.102 Local ID : 192.168.128.1 Peer ID : 1.1.5.102 Session Status : Negotiating Last Known Failure: Peer not reachable Policy Rules Policy UUID : 00003400-0000-0404-0000-040500000000 ToRule ID : 1029 FromRule ID : 2147484677 Local Subnet : 192.170.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Down Down Reason : IKE SA Down ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session sessionid <session-id>
    Display all IPSec VPN sessions.
    Option Description
    <session-id> IKE Session ID
    Example
    nsx-edge-1>get ipsecvpn session sessionid 2 Total Number of Sessions: 1 IKE Session ID : 2 UUID : ffc00327-0d7b-4e4d-8676-3eb12c803ed6 SR ID : 34d18f5f-a2bf-4dc8-b9fa-dd0ef492aee8 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Policy Rules Policy UUID : 00003400-0000-0402-0000-040300000000 ToRule ID : 1027 FromRule ID : 2147484675 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session sessionid <session-id> history
    Display IPsec VPN session history with sessionid as the filter
    Option Description
    <session-id> IKE Session ID
    Example
    nsx-edge-1> get ipsecvpn session sessionid 2 history Total Number of Sessions: 1 IKE Session ID : 2 UUID : 50736bc9-161a-4c32-9f8f-26fc08596810 SR ID : 1457c3cf-286c-4b83-b8ff-15ad40c4e858 Type : Policy Auth Mode : PSK Compliance Suite : NONE Local IP : 192.168.128.1 Peer IP : 1.1.5.100 Local ID : 192.168.128.1 Peer ID : 1.1.5.100 Session Status : Up Session Status History 12-Jun-2019 09:35:54 : IKE_STATUS_NEGO 12-Jun-2019 09:35:44 : IKE_STATUS_DOWN (Peer not responding) 12-Jun-2019 09:32:54 : IKE_STATUS_NEGO 12-Jun-2019 09:32:50 : IKE_STATUS_DOWN (Peer not responding) 12-Jun-2019 09:29:42 : IKE_STATUS_UP 12-Jun-2019 09:29:42 : IKE_STATUS_NEGO 12-Jun-2019 09:29:42 : IKE_STATUS_DOWN (Negotiation not started) Policy Rules Policy UUID : 00003400-0000-0413-0000-041400000000 ToRule ID : 1044 FromRule ID : 2147484692 Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Tunnel Status : Up Tunnel Status History Last Known Status : IPSEC_STATUS_DOWN ------------------------------------------------------------------------------------------
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session status
    Display IPSec VPN session status.
    Example
    nsx-edge-1> get ipsecvpn session status VPN Session Status Total Configured Sessions : 2 Total UP Sessions : 1 Total Down Sessions : 1 Total Negotiating Sessions : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn session summary
    Display summary of all IPSec VPN sessions.
    Example
    nsx-edge-1>get ipsecvpn session summary Version SID Compliance Suite Type Auth Status Local IP Peer IP Down Reason ---------------------------------------------------------------------------------------------------------------------------- IKEv2 4 None Policy PSK Down 192.168.128.1 1.1.5.102 Peer not reachable IKEv2 3 None Policy PSK Down 192.168.128.1 1.1.5.101 No proposal chosen IKEv1 2 None Policy PSK Negotiating 192.168.128.1 1.1.5.100 Peer not reachable* IKEv2 5 SUITE_B_GMAC_256 Policy Cert Up 192.168.128.1 1.1.5.103 IKEv1 6 FOUNDATION Policy Cert Up 192.168.128.1 1.1.5.104 ---------------------------------------------------------------------------------------------------------------------------- SID: Session ID *: Last Known Failure
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn tunnel stats
    Display all IPSec SA tunnel statistics.
    Example
    nsx-edge-1> get ipsecvpn tunnel stats Interface UID : 294 Interface UUID : 00003400-0000-0402-0000-040300000000 Policy UUID : 00003400-0000-0402-0000-040300000000 Policy Rule Information Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Outbound Rule ID : 1027 Inbound Rule ID : 2147484675 Action : RA_ENCRYPT Stats Rx Pkts : 5 Tx Pkts : 5 Rx Bytes : 420 Tx Bytes : 420 Rx MSS Adjusted : 0 Tx MSS Adjusted : 0 Rx MSS Ignored : 0 Tx MSS Ignored : 0 Rx Drops : 0 Tx Drops : 0 Rx Drop Crypto Failure : 0 Tx Drop Crypto Failure : 0 Rx Drop State Mismatch : 0 Tx Drop State Mismatch : 0 Rx Drop Malformed : 0 Tx Drop Malformed : 0 Rx Drop Proto Not Supported : 0 Tx Drop Proto Not Supported : 0 Rx Drop Replay : 0 Tx Drop Seq Rollover : 0 Rx Drop Inner Malformed : 0 Tx Drop Fragmentation Needed : 0 Rx Drop Policy Nomatch : 0 Rekey Request Failure : 0 Rx Drop Auth Failure : 0 Interface UID : 295 Interface UUID : 00003400-0000-0404-0000-040500000000 Policy UUID : 00003400-0000-0404-0000-040500000000 Policy Rule Information Local Subnet : 192.168.200.0/24 Peer Subnet : 2.2.6.0/24 Outbound Rule ID : 1031 Inbound Rule ID : 2147484679 Action : RA_ENCRYPT Stats Rx Pkts : 0 Tx Pkts : 0 Rx Bytes : 0 Tx Bytes : 0 Rx MSS Adjusted : 0 Tx MSS Adjusted : 0 Rx MSS Ignored : 0 Tx MSS Ignored : 0 Rx Drops : 0 Tx Drops : 0 Rx Drop Crypto Failure : 0 Tx Drop Crypto Failure : 0 Rx Drop State Mismatch : 0 Tx Drop State Mismatch : 0 Rx Drop Malformed : 0 Tx Drop Malformed : 0 Rx Drop Proto Not Supported : 0 Tx Drop Proto Not Supported : 0 Rx Drop Replay : 0 Tx Drop Seq Rollover : 0 Rx Drop Inner Malformed : 0 Tx Drop Fragmentation Needed : 0 Rx Drop Policy Nomatch : 0 Rekey Request Failure : 0 Rx Drop Auth Failure : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn tunnel stats <keypolicy-id>
    Display IPSec SA tunnel statistics.
    Option Description
    <keypolicy-id> Keypolicy ID for the rule
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn tunnel stats 00003400-0000-0402-0000-040300000000 Interface UID : 294 Interface UUID : 00003400-0000-0402-0000-040300000000 Policy UUID : 00003400-0000-0402-0000-040300000000 Policy Rule Information Local Subnet : 192.168.100.0/24 Peer Subnet : 2.2.5.0/24 Outbound Rule ID : 1027 Inbound Rule ID : 2147484675 Action : RA_ENCRYPT Stats Rx Pkts : 5 Tx Pkts : 5 Rx Bytes : 420 Tx Bytes : 420 Rx MSS Adjusted : 0 Tx MSS Adjusted : 0 Rx MSS Ignored : 0 Tx MSS Ignored : 0 Rx Drops : 0 Tx Drops : 0 Rx Drop Crypto Failure : 0 Tx Drop Crypto Failure : 0 Rx Drop State Mismatch : 0 Tx Drop State Mismatch : 0 Rx Drop Malformed : 0 Tx Drop Malformed : 0 Rx Drop Proto Not Supported : 0 Tx Drop Proto Not Supported : 0 Rx Drop Replay : 0 Tx Drop Seq Rollover : 0 Rx Drop Inner Malformed : 0 Tx Drop Fragmentation Needed : 0 Rx Drop Policy Nomatch : 0 Rekey Request Failure : 0 Rx Drop Auth Failure : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn vti rules
    Displays all IPSec VPN Policy Rules.
    Example
    nsx-edge-1> get ipsecvpn vti rules 00000000-0000-0000-0000-00000000000c UUID : 00000000-0000-0000-0000-00000000000c KEY Policyid : 00000000-0000-0000-0000-00000000000b
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get ipsecvpn vti rules <uuid>
    Display an IPSec VPN VTI rule.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get ipsecvpn vti rules 00000000-0000-0000-0000-00000000000c KEY Policyid : 00000000-0000-0000-0000-00000000000b
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2bridge-port <uuid>
    Display information about specified L2 bridge port.
    Option Description
    <uuid> Datapath UUID argument
    Example
    nsx-edge-1> get l2bridge-port a70600a9-eda8-499f-96d0-1262dc36f4a1 Bridge Port UUID : a70600a9-eda8-499f-96d0-1262dc36f4a1 Logical Switch : f322ca3a-a218-5d65-85c1-20ef6adea670 VLAN ID : 10 State : 1
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2bridge-port <uuid> flush-stats
    Display information about specified L2 bridge port and mac flush stats.
    Option Description
    <uuid> Datapath UUID argument
    Example
    nsx-edge-1> get l2bridge-port a70600a9-eda8-499f-96d0-1262dc36f4a1 flush-stats Bridge Port UUID : a70600a9-eda8-499f-96d0-1262dc36f4a1 Last Flush : 2018-03-03 01:40:22.319 Flush Count : 2 Last Rarp : 2018-03-03 01:40:20.319 Rarp count : 3
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2bridge-port <uuid> mac-sync-table
    Display Mac Sync table on an L2 bridge port.
    Option Description
    <uuid> Datapath UUID argument
    Example
    nsx-edge-1> get l2bridge-port 63eaad17-7792-44e1-9c7d-2c5391dd7f47 mac-sync-table MAC-SYNC Table MAC : ae:ae:0b:12:41:17 VNI : 69632 VLAN : 4096 bridge-port-uuid: 63eaad17-7792-44e1-9c7d-2c5391dd7f47
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2bridge-port-config <uuid>
    Display configuration and states of a specific L2 bridge
    Option Description
    <uuid> UUID argument
    Example
    nsx-edge-1> get l2bridge-port-config fc50a424-3e55-4e86-bfc8-fa7b69168f20 Bridge UUID : 60c8ee36-20f2-52c4-a844-964250480339 Rank : 0 High Availability State : Active Failover Mode : Non-Preemptive Bridge Port UUID : fc50a424-3e55-4e86-bfc8-fa7b69168f20 Bridge Port State : Forwarding Transport Zone : a0fd6f24-73a0-47fe-a495-53c52b658c34 VLAN ID : 152 Device Info Device : fp-eth0 State : Up Peer High Availability State : Standby Peer Node UUID : afd77f5c-557f-11e9-8d41-005056b6f0c8
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2bridge-port-config <uuid> high-availability history state
    Display high-availability history of a specific L2 bridge
    Option Description
    <uuid> UUID argument
    Example
    nsx-edge-1> get l2bridge-port-config 6e21f326-b6ef-4e7b-bbf9-d986807bab2b high-availability history state State : Init Event : Init Time : 2019-04-15T18:33:09.954336 State : Down Event : Init Time : 2019-04-15T18:33:09.954378 State : Standby Event : Device Up Time : 2019-04-15T18:33:09.954534 State : Active Event : Remote State Updated Time : 2019-04-15T18:34:57.472649
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2bridge-ports
    Display information about all L2 bridge ports.
    Example
    nsx-edge-1> get l2bridge-ports Bridge Port UUID : a70600a9-eda8-499f-96d0-1262dc36f4a1 Logical Switch : f322ca3a-a218-5d65-85c1-20ef6adea670 VLAN ID : 10 State : 1
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2bridge-ports mac-sync-table
    Display Mac Sync table on all L2 bridge ports.
    Example
    nsx-edge-1> get l2bridge-ports mac-sync-table MAC-SYNC Table MAC : ae:ae:0b:12:41:17 VNI : 69632 VLAN : 4096 bridge-port-uuid: 63eaad17-7792-44e1-9c7d-2c5391dd7f47 MAC : ea:aa:48:0c:63:eb VNI : 69632 VLAN : 4096 bridge-port-uuid: dfe25d75-5e31-4c91-9a68-688b5ca50909
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2bridge-ports-config
    Display configuration and states of all L2 bridges
    Example
    nsx-edge-1> get l2bridge-ports-config Bridge UUID : 60c8ee36-20f2-52c4-a844-964250480339 Rank : 0 High Availability State : Active Failover Mode : Non-Preemptive Bridge Port UUID : fc50a424-3e55-4e86-bfc8-fa7b69168f20 Bridge Port State : Forwarding Transport Zone : a0fd6f24-73a0-47fe-a495-53c52b658c34 VLAN ID : 152 Device Info Device : fp-eth0 State : Up Peer High Availability State : Standby Peer Node UUID : afd77f5c-557f-11e9-8d41-005056b6f0c8
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2vpn service <uuid> sessions config
    Display L2VPN sessions configuration for a given L2VPN service.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsxedge-ob-7490391-1-new> get l2vpn service 1d5bb34a-0480-45e4-1d5b-b34a048046b6 sessions config DISPLAY_NAME: l2vpn_session1 ENABLED: True ID: 1d5bb34a-0480-45e2-a261-bd5f98c24d36 L2VPN_SERVICE_ID: 1d5bb34a-0480-45e4-1d5b-b34a048046b6 MTU: 1500 TUNNEL_ENCAPSULATION: LOCAL_ENDPOINT_IP: IPV4: 1.1.1.2 PEER_ENDPOINT_IP: IPV4: 1.1.1.3 PROTOCOL: GRE VTI: 1d5bb34a-0480-45e3-a261-bd5f98c24d37
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2vpn services config
    Display all L2VPN services configuration.
    Example
    nsxedge-ob-7490391-1-new> get l2vpn services config ENABLE_FULL_MESH: True ID: 1d5bb34a-0480-46aa-a261-bd5f98c24b9c SR_CLUSTER_ID: a261bd5f-98c2-4d37-1d5b-b34a048045e3
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2vpn session <uuid> logical-switch <uuid>
    Display stretched logical switch behind L2VPN session.
    Option Description
    <uuid> Datapath UUID argument
    Example
    nsx-edge-1> get l2vpn session 2ds29c11-8920-29q1-1029-2lk20129d910 logical-switch ea8c4460-6d15-49c5-a82e-6812a26b4200 Tunnel-Port : fe34062b-7ad3-5bca-beb8-1adde6c0d46e Logical-Switch : ea8c4460-6d15-49c5-a82e-6812a26b4200 Switch-Port : 6289cca5-4ee7-40ad-8064-70c74c86122c Bridge-Port : e249e1b6-9248-5975-b8aa-bbc4b33e2630 VNI : 1 Tunnel ID : 10 Local Egress GW: 192.168.100.14, 192.168.100.13
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2vpn session <uuid> logical-switch <uuid> remote-macs
    Display remote macs learnt on L2VPN stretched logical-switch.
    Option Description
    <uuid> Datapath UUID argument
    Example
    nsx-edge-1> get l2vpn session 2ds29c11-8920-29q1-1029-2lk20129d910 logical-switch ea8c4460-6d15-49c5-a82e-6812a26b4200 remote-macs MACs: 04:00:c0:a8:fa:a2 02:50:56:56:44:52 00:50:56:8e:1b:21 00:50:56:8e:9a:a5
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2vpn session <uuid> logical-switch <uuid> stats
    Display stats for stretched logical-switch behind L2VPN session.
    Option Description
    <uuid> Datapath UUID argument
    Example
    nsx-edge-1> get l2vpn session 2ds29c11-8920-29q1-1029-2lk20129d910 logical-switch ea8c4460-6d15-49c5-a82e-6812a26b4200 stats RX-Packets : 4474 RX-Bytes : 302966 RX-Drops : 0 Malformed : 0 No-Match : 0 L2-Loop : 0 TX-Packets : 5527 TX-Bytes : 371568 TX-Drops : 0 TX-Drops : 0 No-Memory : 0 No-Linked-Port : 0 Arp-Request-Filter(Local-Egress): 3
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2vpn session <uuid> logical-switches
    Display stretched logical switches behind given L2VPN session.
    Option Description
    <uuid> Datapath UUID argument
    Example
    nsx-edge-1> get l2vpn session 2ds29c11-8920-29q1-1029-2lk20129d910 logical-switches Tunnel-Port : fe34062b-7ad3-5bca-beb8-1adde6c0d46e Logical-Switch : 6aeaf0a7-110d-4d9d-bd76-b17032b36746 Switch-Port : c9fdf6aa-520a-4b08-8d0a-fa9e8e683ccf Bridge-Port : f606ca0f-873d-55b9-b303-350aa2a3a5c1 VNI : 60297 Tunnel ID : 1000 Local Egress GW: 192.168.100.14, 192.168.100.13 Logical-Switch : 9cac13e9-eb71-4ce4-870e-ccc1dc8d6c3f Switch-Port : 6289cca5-4ee7-40ad-8064-70c74c86122c Bridge-Port : e249e1b6-9248-5975-b8aa-bbc4b33e2630 VNI : 60296 Tunnel ID : 2000
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2vpn session <uuid> stats
    Display stats for L2VPN session
    Option Description
    <uuid> Datapath UUID argument
    Example
    nsx-edge-1> get l2vpn session 1d5bb34a-0480-45e2-a261-bd5f98c24d36 stats Session : 1d5bb34a-0480-45e2-a261-bd5f98c24d36 Tunnel : d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa Local IP : 192.168.10.2 Remote IP : 192.168.10.20 Status : UP RX-Packets : 0 RX-Bytes : 0 RX-Drops : 0 Malformed : 0 No-Match : 0 L2-Loop : 0 TX-Packets : 3325 TX-Bytes : 412300 TX-Drops : 0 No-Memory : 0 No-Route : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2vpn session <uuid> status
    Display status of specific L2VPN session.
    Option Description
    <uuid> Datapath UUID argument
    Example
    nsx-edge-1> get l2vpn session 2ds29c11-8920-29q1-1029-2lk20129d910 status Session : 2ds29c11-8920-29q1-1029-2lk20129d910 Tunnel : 6598ab27-95c6-50ef-85b3-89b7811ab672 IPSec Session : d20c3216-3f25-4791-aecf-c26a01d0e8f9 Status : UP
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2vpn sessions
    Display all L2VPN sessions information.
    Example
    nsx-edge-1> get l2vpn sessions Session : 1d5bb34a-0480-45e2-a261-bd5f98c24d36 Tunnel : d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa IPSec Session : d20c3216-3f25-4791-aecf-c26a01d0e8f9 Status : UP Session : 2ds29c11-8920-29q1-1029-2lk20129d910 Tunnel : 6598ab27-95c6-50ef-85b3-89b7811ab672 IPSec Session : c7d6a5a9-804a-42c6-b91a-2a887798d98d Status : UP
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2vpn sessions config
    Display all L2VPN sessions configuration.
    Example
    nsxedge-ob-7490391-1-new> get l2vpn sessions config DISPLAY_NAME: l2vpn_session1 ENABLED: True ID: 1d5bb34a-0480-45e2-a261-bd5f98c24d36 L2VPN_SERVICE_ID: 1d5bb34a-0480-45e4-1d5b-b34a048046b6 MTU: 1500 TUNNEL_ENCAPSULATION: LOCAL_ENDPOINT_IP: IPV4: 1.1.1.2 PEER_ENDPOINT_IP: IPV4: 1.1.1.3 PROTOCOL: GRE VTI: 1d5bb34a-0480-45e3-a261-bd5f98c24d37
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2vpn sessions logical-router <uuid>
    Display all L2VPN sessions information on a logical-router.
    Option Description
    <uuid> Generic UUID string argument
    Allowed pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$
    Example
    nsx-edge-1> get l2vpn sessions logical-router 1c4c0277-3c0f-4d6c-ab42-727c0072dd7d Session : 1d5bb34a-0480-45e2-a261-bd5f98c24d36 Tunnel : d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa IPSec Session : d20c3216-3f25-4791-aecf-c26a01d0e8f9 Status : UP
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get l2vpn sessions stats
    Display L2VPN sessions stats
    Example
    nsx-edge-1> get l2vpn sessions stats Session : 1d5bb34a-0480-45e2-a261-bd5f98c24d36 Tunnel : d87cd7e0-eb91-5dd5-bae4-ceb0a2760bfa Local IP : 192.168.10.2 Remote IP : 192.168.10.20 Status : UP RX-Packets : 0 RX-Bytes : 0 RX-Drops : 0 Malformed : 0 No-Match : 0 L2-Loop : 0 TX-Packets : 3325 TX-Bytes : 412300 TX-Drops : 0 No-Memory : 0 No-Route : 0 Session : 2ds29c11-8920-29q1-1029-2lk20129d910 Tunnel : 6598ab27-95c6-50ef-85b3-89b7811ab672 Local IP : 192.168.9.2 Remote IP : 192.168.9.20 Status : UP RX-Packets : 0 RX-Bytes : 0 RX-Drops : 0 Malformed : 0 No-Match : 0 L2-Loop : 0 TX-Packets : 3331 TX-Bytes : 413044 TX-Drops : 0 No-Memory : 0 No-Route : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get last processed barrier <uuid>
    Get the last barrier processed by NestDb Pigeon for the specified transport node.
    Option Description
    <uuid> UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-controller-1> get last processed barrier 7c72c4ae-8fe8-4449-a4e2-c5e53ab0bb4f 1191
    Mode
    Basic
    Availability
    Controller

    get lldp config
    Display LLDP configuration on all devices.
    Example
    KVM-TN-02> get lldp config Device Name : eth0 Tx : disabled Rx : enabled Tx Interval : NA Device Name : eth1 Tx : disabled Rx : enabled Tx Interval : NA Device Name : eth2 Tx : disabled Rx : enabled Tx Interval : NA Device Name : hyperbus Tx : disabled Rx : enabled Tx Interval : NA
    Mode
    Basic
    Availability
    KVM

    get lldp config
    Display LLDP configuration on all devices.
    Example
    prme-vmkqa-net3002-dhcp133.eng.vmware.com> get lldp config Device Name : vmnic1 Tx : disabled Rx : enabled Tx Interval : NA
    Mode
    Basic
    Availability
    ESXi

    get lldp config
    Displays LLDP configuration on all devices.
    Example
    nsx-edge-1> get lldp config Device Name : eth0 Tx : enabled Rx : enabled Tx Interval : 30 Device Name : eth1 Tx : disabled Rx : enabled Tx Interval : 30
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get lldp config <interface-name>
    Display LLDP configuration on given device.
    Option Description
    <interface-name> LLDP interface argument
    Example
    KVM-TN-02> get lldp config eth0 Device Name : eth0 Tx : enabled Rx : enabled Tx Interval : 30
    Mode
    Basic
    Availability
    KVM

    get lldp config <interface-name>
    Display LLDP configuration on given device.
    Option Description
    <interface-name> LLDP interface argument
    Example
    prme-vmkqa-net3002-dhcp133.eng.vmware.com> get lldp config vmnic1 Device Name : vmnic1 Tx : disabled Rx : enabled Tx Interval : NA
    Mode
    Basic
    Availability
    ESXi

    get lldp config <interface-name>
    Displays LLDP configuration given device.
    Option Description
    <interface-name> LLDP interface argument
    Example
    nsx-edge-1> get lldp config eth0 Device Name : eth0 Tx : enabled Rx : enabled Tx Interval : 30
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get lldp neighbors
    Display LLDP Neighbor information on all devices.
    Example
    prme-vmkqa-net3002-dhcp133.eng.vmware.com> get lldp neighbors ============================================================ Device : vmnic1 Neighbor Count : 1 Neighbors Chassis Id : 00:1a:a1:84:fb:ff Port Id : Gi1/3 TTL : 93 Port Description : GigabitEthernet1/3 System Name : prme-vmkqa-4948c.eng.vmware.com System Description : unknown Enabled Capabilities : Router, TransparentBridge Management Address : 10.115.160.146 Organizationally Specific TLVs: Vlan ID : 16
    Mode
    Basic
    Availability
    ESXi

    get lldp neighbors
    Displays LLDP Neighbor information on all devices.
    Example
    nsx-edge-1> get lldp neighbors Device : eth0 Neighbor Count : 1 Neighbors Neighbor : eth0/0:50:56:b7:7f:47 Life Time : 111 System Name : NSX ESG System Desc : NSX Edge Services Gateway System Cap : ['Router'] Enabled Cap : ['Router'] Chassis Id : eth0 Port Id : 0:50:56:b7:7f:47 Port Desc : management iface Mgmt Address Address : 10.172.139.51 Addr Family : IPv4 Iface Number : 2 Iface Type : 2 MAC PHY Status AutoNeg : supported AutoNeg Status: enabled PMDAutoNeg : supported PMDAutoNeg Status: not-enabled MAU Type : 16 Power via MDI Port Class : PSE Power Source : supported PSE MDI State : enabled PSE Pair Ctrl : yes PSE Pair : 1 PSE Class : 2 Link Aggregation Aggr Capability: yes Aggr Status : enabled Aggr Port Id : 1
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get lldp neighbors
    Display LLDP Neighbor information on all devices.
    Example
    KVM-TN-02> get lldp neighbors ============================================================ Device : eth0 Neighbor Count : 0 ============================================================ Device : eth1 Neighbor Count : 1 Neighbors Chassis Id : eth1 Port Id : 00:50:56:ab:6c:6e Port Description : driver_name: e1000e, driver_version: 3.2.6-k, firmware_version: 1.8-0 System Description : x86_64 #1 SMP Sun Jan 14 10:36:03 EST 2018 Enabled Capabilities : Bridge Management Address: Management Address : ::80fe:0:2a7:9ad6:300:0 ifIndex : 3 Organizationally Specific TLVs: Maximum Frame Size : 161 ============================================================ Device : eth2 Neighbor Count : 1 Neighbors Chassis Id : eth2 Port Id : 00:50:56:ab:f6:3c Port Description : driver_name: e1000e, driver_version: 3.2.6-k, firmware_version: 1.8-0 System Description : x86_64 #1 SMP Sun Jan 14 10:36:03 EST 2018 Enabled Capabilities : Bridge Management Address: Management Address : ::80fe:0:2a7:9ad6:400:0 ifIndex : 4 Organizationally Specific TLVs: Maximum Frame Size : 151 ============================================================ Device : hyperbus Neighbor Count : 0
    Mode
    Basic
    Availability
    KVM

    get lldp neighbors <interface-name>
    Display LLDP Neighbor information on given device.
    Option Description
    <interface-name> LLDP interface argument
    Example
    KVM-TN-02> get lldp neighbors eth1 ============================================================ Device : eth1 Neighbor Count : 1 Neighbors Chassis Id : eth1 Port Id : 00:50:56:ab:6c:6e Port Description : driver_name: e1000e, driver_version: 3.2.6-k, firmware_version: 1.8-0 System Description : x86_64 #1 SMP Sun Jan 14 10:36:03 EST 2018 Enabled Capabilities : Bridge Management Address: Management Address : ::80fe:0:2a7:9ad6:300:0 ifIndex : 3 Organizationally Specific TLVs: Maximum Frame Size : 161
    Mode
    Basic
    Availability
    KVM

    get lldp neighbors <interface-name>
    Display LLDP Neighbor information on given device.
    Option Description
    <interface-name> LLDP interface argument
    Example
    prme-vmkqa-net3002-dhcp133.eng.vmware.com> get lldp neighbors vmnic1 ============================================================ Device : vmnic1 Neighbor Count : 1 Neighbors Chassis Id : 00:1a:a1:84:fb:ff Port Id : Gi1/3 TTL : 103 Port Description : GigabitEthernet1/3 System Name : prme-vmkqa-4948c.eng.vmware.com System Description : unknown Enabled Capabilities : Router, TransparentBridge Management Address : 10.115.160.146 Organizationally Specific TLVs: Vlan ID : 16
    Mode
    Basic
    Availability
    ESXi

    get lldp neighbors <interface-name>
    Displays LLDP Neighbor information on given device.
    Option Description
    <interface-name> LLDP interface argument
    Example
    nsx-edge-1> get lldp neighbors eth0 Device : eth0 Neighbor Count : 1 Neighbors Neighbor : eth0/0:50:56:b7:7f:47 Life Time : 111 System Name : NSX ESG System Desc : NSX Edge Services Gateway System Cap : ['Router'] Enabled Cap : ['Router'] Chassis Id : eth0 Port Id : 0:50:56:b7:7f:47 Port Desc : management iface Mgmt Address Address : 10.172.139.51 Addr Family : IPv4 Iface Number : 2 Iface Type : 2 MAC PHY Status AutoNeg : supported AutoNeg Status: enabled PMDAutoNeg : supported PMDAutoNeg Status: not-enabled MAU Type : 16 Power via MDI Port Class : PSE Power Source : supported PSE MDI State : enabled PSE Pair Ctrl : yes PSE Pair : 1 PSE Class : 2 Link Aggregation Aggr Capability: yes Aggr Status : enabled Aggr Port Id : 1
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get lldp stats
    Displays LLDP Statistics on all devices.
    Example
    nsx-edge-1> get lldp stats TX Total : 36 TX Errors : 0 RX Total : 36 RX Errors : 0 RX Discards : 0 RX Deletes : 0 Device : eth0 Tx Total : 36 Tx Errors : 0 Device : eth0 Rx Total : 36 Rx Valid : 36 Rx Errors : 0 Rx Discards : 0 Rx Deletes : 0 Neighbor : eth0/0:50:56:b7:7f:47 Rx Total : 36 Rx Valid : 36 Rx Discards : 0 Rx TLV Errors : 0 Rx TLV Unrecognized: 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get lldp stats <interface-name>
    Displays LLDP Statistics on given device.
    Option Description
    <interface-name> LLDP interface argument
    Example
    nsx-edge-1> get lldp stats eth0 TX Total : 36 TX Errors : 0 RX Total : 36 RX Errors : 0 RX Discards : 0 RX Deletes : 0 Device : eth0 Tx Total : 36 Tx Errors : 0 Device : eth0 Rx Total : 36 Rx Valid : 36 Rx Errors : 0 Rx Discards : 0 Rx Deletes : 0 Neighbor : eth0/0:50:56:b7:7f:47 Rx Total : 36 Rx Valid : 36 Rx Discards : 0 Rx TLV Errors : 0 Rx TLV Unrecognized: 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid>
    Display a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 Load Balancer Access Log Enabled : False Applied To : Logical Router Id : c46b1482-0638-4ed0-959b-06ca203cf50b Service Router Id : 95327762-ddfc-4196-b92b-671fd1b99e25 Display Name : lbs-on-lr1 Enabled : True UUID : eba5f460-c660-4f82-8488-62231fb9aea3 Log Level : LB_LOG_LEVEL_INFO Size : SMALL Virtual Server Id : 37f1a8c9-ab8b-4ee9-9b41-5da317ac05d3 26168a79-48d6-44a7-86fe-0d5ee7c91e47 7e012072-0594-4063-97f0-82452e9a2813 11bb214f-bd06-4bff-b2a5-6f82e5ec62b6 110ac92c-1647-48a5-8d66-4cac06817716
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid>
    Display a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 Load Balancer Access Log Enabled : False Display Name : mydlb Enabled : True UUID : 3d62a405-c24c-442d-ba98-e0c1200b7fce Log Level : LB_LOG_LEVEL_INFO Relax Scale Validation : False Size : DLB Virtual Server Id : f1e1eadd-0928-4643-8ff8-77dbaa350ae1
    Mode
    Basic
    Availability
    ESXi

    get load-balancer <lb-uuid> error-log
    Display the error log file for a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer 4d3eafaa-5a16-422a-80d9-f799cb4bd40a error-log 2019-11-04T20:27:43.266Z cpu6:1000152537)[INFO] lb: received lb config update, full config sync 0, 1 lb messages. 2019-11-04T20:27:45.199Z cpu7:1000152537)[INFO] lb: received lb config update, full config sync 0, 1 lb messages.
    Mode
    Basic
    Availability
    ESXi

    get load-balancer <lb-uuid> error-log
    Display the error log file for a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer 4d3eafaa-5a16-422a-80d9-f799cb4bd40a error-log 2017/11/16 11:41:43 [info] 8290#0: Initialized l4lb zone (size: 3674112) 2017/11/16 11:41:43 [info] 8290#0: Initialized lb zone (size: 5550080) 2017/11/16 11:41:43 [debug] 8290#0: bind() 127.0.0.1:80 #16 2017/11/16 11:41:43 [info] 8290#0: lb stats module is disabled, configure lbstats_size to enable it. 2017/11/16 11:41:43 [notice] 8290#0: using the "epoll" event method 2017/11/16 11:41:43 [debug] 8290#0: counter: 00007B5D15B1A080, 1 2017/11/16 11:41:43 [info] 8290#0: lb allocated connection ctx (size: 56) . . .
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> error-log follow
    Display the last 10 lines of the error log file for a specific load balancer and all new messages that are written to the log file.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer 4d3eafaa-5a16-422a-80d9-f799cb4bd40a error-log follow 2017/11/16 22:32:13 [debug] 8326#0: worker cycle 2017/11/16 22:32:13 [debug] 8326#0: epoll timer: 346 2017/11/16 22:32:14 [debug] 8326#0: timer delta: 346 2017/11/16 22:32:14 [debug] 8326#0: event timer del: 0: 1510871534258 2017/11/16 22:32:14 [debug] 8326#0: event timer add: 0: 2500:1510871536758 2017/11/16 22:32:14 [debug] 8326#0: http check begin handler index: 1, owner: -1, ngx_pid: 8326, interval: 2479, check_interval: 5000 2017/11/16 22:32:14 [debug] 8326#0: shmtx lock . . .
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> error-log reg-filter <regex>
    Display error log messages containing strings that match the given regular expression pattern for a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <regex> Regular expression
    Example
    nsx-edge-1> get load-balancer 4d3eafaa-5a16-422a-80d9-f799cb4bd40a error-log reg-filter req.* 2017/11/16 11:41:48 [debug] 8326#0: ha: sent bulk pull request 2017/11/16 11:41:48 [notice] 8326#0: ha: sent full sync request, enter request state 2017/11/16 11:41:55 [debug] 8326#0: *3 http wait request handler 2017/11/16 11:41:55 [debug] 8326#0: *3 http process request line 2017/11/16 11:41:55 [debug] 8326#0: *3 http request line: "GET /show_status/all HTTP/1.1" 2017/11/16 11:41:55 [debug] 8326#0: *3 http process request header line . . .
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> health-check-table
    Display the health check table of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer 0f6510bb-ff15-4385-9c45-a1ce626fc276 health-check-table Health-Check-Table MONITOR POOLS TYPE NAME STATUS RISE FALL PORT CHECK_TIME CHANGE_TIME FAIL_REASON ERRNO STATUS_CODE 0c03 d6e23c- tcp 127.0.0.1:3971 down 0 193 0 Aug 25 01:13:48 Aug 25 01:23:51 Connect Fail Connection refused n/a 0c03 d6e23c- tcp 127.0.0.1:3972 down 0 190 0 Aug 25 01:13:48 Aug 25 01:23:50 Connect Fail Connection refused n/a 0c03 d6e23c- tcp 127.0.0.1:3970 up 192 0 0 Aug 25 01:13:52 Aug 25 01:23:52 n/a n/a n/a 0c03 26905e- tcp 127.0.0.1:3976 down 0 195 0 Aug 25 01:13:48 Aug 25 01:23:51 Connect Fail Connection refused n/a 62b7 408b54- http 127.0.0.1:1971 down 0 196 0 Aug 25 01:13:48 Aug 25 01:23:51 Connect Fail Connection refused n/a 62b7 408b54- http 127.0.0.1:1970 down 0 175 0 Aug 25 01:13:48 Aug 25 01:23:51 Rx HTTP Code 4XX n/a 403 62b7 d25f10- http 127.0.0.1:1972 down 0 195 0 Aug 25 01:13:48 Aug 25 01:23:52 Connect Fail Connection refused n/a 88bd d25f10- http 127.0.0.1:1973 down 0 195 0 Aug 25 01:13:48 Aug 25 01:23:51 Connect Fail Connection refused n/a 88fa d25f10- http 127.0.0.1:1974 down 0 192 0 Aug 25 01:13:48 Aug 25 01:23:51 Connect Fail Connection refused n/a a528 d25f10- http 127.0.0.1:1975 down 0 193 0 Aug 25 01:13:48 Aug 25 01:23:52 Connect Fail Connection refused n/a eb46 d25f10- http 127.0.0.1:1976 down 0 192 0 Aug 25 01:13:48 Aug 25 01:23:52 Connect Fail Connection refused n/a
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> high-availability-state
    Display the HA state of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer 0f6510bb-ff15-4385-9c45-a1ce626fc276 HA-State LB HA is disable
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> monitor <monitor-uuid>
    Display a specific load balancer monitor.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <monitor-uuid> Monitor UUID argument
    Example
    nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 monitor 72945dda-f4f1-532f-9bd0-a3f52c099d4b Monitor Display Name : nsx-default-https-monitor Fall Count : 3 Https Monitor : Authenticate Depth : 3 Cipher : TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDH_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA Protocol : TLS_V1_1 TLS_V1_2 Request Method : HTTP_METHOD_GET Request Version : HTTP_VERSION_1_1 Response Status : HTTP_STATUS_2XX Server Auth : SERVER_AUTH_IGNORE UUID : 72945dda-f4f1-532f-9bd0-a3f52c099d4b Interval : 5 Monitor Port : 443 Rise Count : 3 Timeout : 1970-01-01 00:00:00.015000 (timestamp: 15) Type : HTTPS
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> monitor <monitor-uuid> status
    Show the health check table of a load balancer monitor.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <monitor-uuid> Monitor UUID argument
    Example
    nsx-edge> get load-balancer ed785df6-2143-4944-b918-66470886be83 monitor 72945dda-f4f1-532f-9bd0-a3f52c099d4b status Health-Check-Table MONITOR POOLS TYPE NAME STATUS RISE FALL PORT CHECK_TIME CHANGE_TIME FAIL_REASON ERRNO STATUS_CODE 0c03 d6e23c- icmp 192.168.100.160:0 up 10755 0 0 Jun 1 11:28:43 May 28 08:30:00 n/a n/a n/a 62b7 d6e23c- icmp 192.168.100.161:0 up 20820 0 0 Jun 1 11:28:46 May 28 08:30:02 n/a n/a n/a
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> monitors
    Display the monitors for a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 monitors Monitor Display Name : nsx-default-http-monitor Fall Count : 3 Http Monitor : Request Method : HTTP_METHOD_GET Request Version : HTTP_VERSION_1_1 Response Status : HTTP_STATUS_2XX UUID : c2cb7f9e-72d7-55ed-914e-5209b67d02b2 Interval : 5 Monitor Port : 80 Rise Count : 3 Timeout : 1970-01-01 00:00:00.015000 (timestamp: 15) Type : HTTP Monitor Display Name : nsx-default-https-monitor Fall Count : 3 Https Monitor : Authenticate Depth : 3 Cipher : TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDH_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA Protocol : TLS_V1_1 TLS_V1_2 Request Method : HTTP_METHOD_GET Request Version : HTTP_VERSION_1_1 Response Status : HTTP_STATUS_2XX Server Auth : SERVER_AUTH_IGNORE UUID : 72945dda-f4f1-532f-9bd0-a3f52c099d4b Interval : 5 Monitor Port : 443 Rise Count : 3 Timeout : 1970-01-01 00:00:00.015000 (timestamp: 15) Type : HTTPS
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> persistence-tables
    Display the persistence tables of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer 0f6510bb-ff15-4385-9c45-a1ce626fc276 persistence-tables Persistence-Tables TABLE :ag32445y-bec7-4ee5-b03c-fc037b3cbfe2 VIP :bg32445y-bec7-4ee5-bb3j-fc037b3cgfe5 KEY DADDR DPORT LIFE_TIME(s) NUM_SESSIONS b3aa5...fwefd_b3aa5745-bec7-4ee5-b03c-fc037b3cbfeb3aa5745-bec7-4ee5-b03c-fwefd 192.168.100.30 80 109 0 mbbb5745-bec7-4ee5-b03c-fc037b3cbfe_192.168.100.10 192.168.100.0 80 108 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> persistence-tables
    Display the persistence tables of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 persistence-tables Persistence-Tables FILTER_NAME PROTO VADDR VPORT DADDR DPORT LIFE_TIME(s) NUM_SESSIONS nic-1000050137-eth1-vmware-sfw.2 TCP 123.123.123.123 80 192.168.100.162 80 30 1
    Mode
    Basic
    Availability
    ESXi

    get load-balancer <lb-uuid> pool <pool-uuid>
    Display a specific load balancer pool.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <pool-uuid> Pool UUID argument
    Example
    nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 pool 29e66f11-d589-4208-a78d-f72e18aa8286 Pool Algorithm : ROUND_ROBIN Display Name : tcppool1 UUID : 29e66f11-d589-4208-a78d-f72e18aa8286 Member Group : Admin State : ENABLED Container Id : aded6b65-54ce-47b7-8da6-92fa0d96ccf4 Ip Revision Filter : IPV4 Max Ip List Size : 100 Min Active Members : 1 Snat Translation : Auto Map : True Port Overload : 1 Tcp Multiplexing Enabled : False Tcp Multiplexing Number : 6 Member Group UUID : aded6b65-54ce-47b7-8da6-92fa0d96ccf4 Ip Address : Ipv4 : 192.168.1.2 Prefix Length : 31 Ipv4 : 192.168.1.4 Prefix Length : 31 Ipv4 : 192.168.1.6 Prefix Length : 32 Ipv4 : 192.168.4.8 Prefix Length : 24 Ipv4 : 192.168.1.8 Prefix Length : 32 Ipv4 : 192.168.1.1 Prefix Length : 32
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> pool <pool-uuid> snat-pools
    Display information about an LB pool.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <pool-uuid> Pool UUID argument
    Example
    nsx-edge-1> get load-balancer 17b8637a-c816-41dd-b793-6d0acfa53569 pool 5b501a56-e56f-4a76-bba4-70f0de2dbc26 snat-pools SNAT : nat_336860180_4 Min Port : 4096 Max Port : 65535 Port Overload Factor : 32 Random Port : False Snat IP : 20.20.20.20 Allocated Port: 0 Snat IP : 20.20.20.21 Allocated Port: 1 Snat IP : 20.20.20.22 Allocated Port: 0 Snat IP : 20.20.20.23 Allocated Port: 1
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> pool <pool-uuid> stats
    Display the statistics for a specific load balancer and pool.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <pool-uuid> Pool UUID argument
    Example
    nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 pool 953e4da8-a571-4695-b54c-90505d8e59c2 stats Pool UUID : 953e4da8-a571-4695-b54c-90505d8e59c2 Display-Name : tcp pool Type : L4 Sessions : (Cur, Max, Total, Rate) : (0, 0, 0, 0) Bytes : (In, Out) : (0, 0) Packets : (In, Out) : (0, 0) Pool Member Display-Name : m1 IP : 192.168.1.1 Port : 80 Sessions : (Cur, Max, Total, Rate) : (0, 0, 0, 0) Bytes : (In, Out) : (0, 0) Packets : (In, Out) : (0, 0)
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> pool <pool-uuid> stats
    Display the statistics for a specific load balancer and pool.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    <pool-uuid> Pool UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 pool 953e4da8-a571-4695-b54c-90505d8e59c2 stats Pool UUID : 65002572-e03a-4d57-8f41-77a725385624 Type : L4 Bytes : (In, Out) : (0, 0) Packets : (In, Out) : (0, 0) Pool Member IP : 192.168.100.160 Ports : 80 Bytes : (In, Out) : (0, 0) Packets : (In, Out) : (0, 0) Pool Member IP : 192.168.100.161 Ports : 80 Bytes : (In, Out) : (0, 0) Packets : (In, Out) : (0, 0)
    Mode
    Basic
    Availability
    ESXi

    get load-balancer <lb-uuid> pool <pool-uuid> status
    Display the status of a specific load balancer and pool.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <pool-uuid> Pool UUID argument
    Example
    nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 pool 2197df80-77d3-44e6-89b3-1db930be374d status Pool UUID : 2197df80-77d3-44e6-89b3-1db930be374d Display-Name : tcppool1 Status : up Total-Members : 2 Primary Up : 0 Primary Down : 0 Primary Disabled : 0 Primary Graceful Disabled : 0 Backup Up : 0 Backup Down : 0 Backup Graceful Disabled : 0 Backup Disabled : 0 Member Display-Name : m1 IP : 192.168.2.201 Port : 8888 Status : up Last-State-Change-Time : 2019-10-08 02:32:56 L4-Passive-State : down L4-Passive-Last-Change-Time : 2019-07-31 04:38:13 Monitor Display-Name : TEST_MONITOR_HTTP Type : HTTP Status : up Url : /test.html Last-Check-Time : 2019-10-08 02:34:16 Last-State-Change-Time : 2019-10-08 02:32:56 Monitor Display-Name : LB_Http_Monitor Type : HTTP Status : up Url : / Last-Check-Time : 2019-10-08 02:34:16 Last-State-Change-Time : 2019-10-08 02:32:56 Member Display-Name : m2 IP : 192.168.2.202 Port : 8888 Status : up Last-State-Change-Time : 2019-10-08 02:32:56 L4-Passive-State : down L4-Passive-Last-Change-Time : 2019-07-31 04:38:13 Monitor Display-Name : TEST_MONITOR_HTTP Type : HTTP Status : up Url : /test.html Last-Check-Time : 2019-10-08 02:34:16 Last-State-Change-Time : 2019-10-08 02:32:56 Monitor Display-Name : LB_Http_Monitor Type : HTTP Status : up Url : / Last-Check-Time : 2019-10-08 02:34:16 Last-State-Change-Time : 2019-10-08 02:32:56
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> pools
    Display the pools of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 pools Load Balancer UUID : eba5f460-c660-4f82-8488-62231fb9aea3 Pool UUID : e85dcbea-aa64-486b-965e-c6f4250b237a
    Mode
    Basic
    Availability
    ESXi

    get load-balancer <lb-uuid> pools
    Display the pools of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 pools Pool Active Monitor Id : c2cb7f9e-72d7-55ed-914e-5209b67d02b2 Algorithm : ROUND_ROBIN Display Name : httppool1 UUID : d39f9ed7-444c-493d-8c99-327a30befe8e Member : Admin State : ENABLED Backup Member : False Display Name : m1 Ip Address : Ipv4 : 192.168.1.1 Port : 80 Weight : 1 Admin State : ENABLED Backup Member : False Display Name : m2 Ip Address : Ipv4 : 192.168.1.2 Port : 80 Weight : 1 Min Active Members : 1 Snat Translation : Auto Map : True Port Overload : 1 Tcp Multiplexing Enabled : False Tcp Multiplexing Number : 6 Pool Algorithm : ROUND_ROBIN Display Name : tcppool1 UUID : 29e66f11-d589-4208-a78d-f72e18aa8286 Member Group : Admin State : ENABLED Container Id : aded6b65-54ce-47b7-8da6-92fa0d96ccf4 Ip Revision Filter : IPV4 Max Ip List Size : 100 Min Active Members : 1 Snat Translation : Auto Map : True Port Overload : 1 Tcp Multiplexing Enabled : False Tcp Multiplexing Number : 6
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> pools stats
    Display the statistics for all the pools of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 pools stats Pool UUID : 953e4da8-a571-4695-b54c-90505d8e59c2 Display-Name : tcp pool Type : L4 Sessions : (Cur, Max, Total, Rate) : (0, 0, 0, 0) Bytes : (In, Out) : (0, 0) Packets : (In, Out) : (0, 0) Pool UUID : 0ba2817e-9ddb-411e-a397-ef2f3b099a46 Display-Name : http pool Type : L7 Sessions : (Cur, Max, Total, Rate) : (0, 0, 0, 0) Bytes : (In, In-Rate) : (0, 0) (Out, Out-Rate) : (0, 0) HTTP Requests : (Total, Rate) : (0, 0) Pool UUID : 0ba2817e-9ddb-411e-a397-ef2f3b099a83 Display-Name : shared pool Type : L4 and L7 Sessions : (Cur, Max, Total, Rate) : (0, 0, 0, 0) Bytes : (In, Out) : (0, 0)
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> pools stats
    Display the statistics for all the pools of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 pools stats Pool UUID : 65002572-e03a-4d57-8f41-77a725385624 Type : L4 Bytes : (In, Out) : (0, 0) Packets : (In, Out) : (0, 0) Pool UUID : fdcf967b-4fa3-497d-a450-e401f50aa9a6 Type : L4 Bytes : (In, Out) : (0, 0) Packets : (In, Out) : (0, 0)
    Mode
    Basic
    Availability
    ESXi

    get load-balancer <lb-uuid> pools status
    Display the status of all the pools of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 pools status Pool UUID : 2197df80-77d3-44e6-89b3-1db930be374d Display-Name : tcppool1 Members : 2 Status : up Primary-UP-No : 0 Backup-UP-No : 0 Pool UUID : 5cca6ba3-5732-4ea9-8197-c582e211a0aa Display-Name : httppool1 Members : 2 Status : up Primary-UP-No : 0 Backup-UP-No : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> session-tables
    Display the sessions of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 session-tables Session-Tables TABLE ID PROTO CADDR CPORT VADDR VPORT SADDR SPORT DADDR DPORT l4lb-0 0000000000000000 udp 10.10.10.10 2000 20.20.20.20 80 30.30.30.30 4096 40.40.40.40 8000 l4lb-0 0000000000000001 tcp 10.10.10.11 2000 20.20.20.21 80 30.30.30.31 4097 40.40.40.41 8000 l4lb-0 0000000000000002 tcp 10.10.10.12 2000 20.20.20.22 80 30.30.30.32 5000 40.40.40.42 8000 l4lb-0 0000000000000004 tcp 10.10.10.14 2000 20.20.20.24 80 30.30.30.34 6000 40.40.40.44 8000
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> session-tables l4
    Get the load balancer L4 session table with the expiration time.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer 4f518a4e-9a40-43d3-98ef-db654e8be7c5 session-tables l4 Session-Tables TABLE ID PROTO CADDR CPORT VADDR VPORT SADDR SPORT DADDR DPORT STATE EXP l4lb-0 00000001000159f2 tcp 10.114.218.199 35011 10.114.213.75 80 10.114.218.199 35011 10.37.1.11 80 TW 45
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> session-tables l7
    Get the load balancer L7 session table with the expiration time.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer 4f518a4e-9a40-43d3-98ef-db654e8be7c5 session-tables l7 Session-Tables TABLE ID PROTO CADDR CPORT VADDR VPORT SADDR SPORT DADDR DPORT STATE EXP l7lb-0 00000001000159f8 http 10.114.218.199 35012 10.114.213.75 80 10.114.218.199 35012 10.37.1.12 80 EST 3600
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> snat-pools
    Get load-balancer snat pools' information.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 snat-pools SNAT : nat_3232235998_1 Min Port : 4096 Max Port : 65535 Port Overload Factor : 1 Random Port : False Snat IP : 192.168.1.222 Allocated Port: 0 SNAT : nat_3232235998_3 Min Port : 4096 Max Port : 65535 Port Overload Factor : 1 Random Port : False Snat IP : 192.168.1.222 Allocated Port: 0 Snat IP : 192.168.1.223 Allocated Port: 0 Snat IP : 192.168.1.224 Allocated Port: 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> stats
    Display the statistics for a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 stats Load Balancer UUID : ed785df6-2143-4944-b918-66470886be83 Display-Name : lbs-dgo Enabled : True Type CUR_SESS MAX_SESS TOTAL_SESS SESS_RATE L4 1000 2000 34325 30 L7 100 100 54321 10
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> stats verbose
    Display verbose stats for load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer 60f50e2c-9fb8-4fe5-b444-a9ebfa160e11 stats verbose Load Balancer UUID : 60f50e2c-9fb8-4fe5-b444-a9ebfa160e11 Curr L4 Sessions : 0 New Flow - VS Matched : 0 New Flow - Server Selected : 0 New Flow Accepted : 0 Flow Validate LBS Replaced After Full Sync : 0 Src IP Persistence Entry Added : 0 Src IP Persistence Entry Deleted : 0 PM List Resize Count : 1 Config Update: LBS Update Error - No Memory : 0 LBS Update Error - Unexpected LSPs to Unlink : 0 Filter Not Found : 0 VS Update Error - Reached Maximum Limit : 0 VS Update Error - No Memory : 0 Pool Update Error - No Memory : 0 Pool Update Error (New Pool) - PM Exists : 0 Pool Update Error - Invalid PM Count : 0 Pool Update Error - PM Not Found At Detaching : 0 Pool Update Error - Dup PM Found At Attaching : 0 VS Delete Error - VS Not Found : 0 Pool Delete Error - Pool Not Found : 0 L4 Flow Rejected : 0 LBS Invalid : 0 Session Limit Reached : 0 Flow Validate Bypassed: Flow/Kif LBS Diff : 0 LBS Invalid : 0 Kif LBS Is Null : 0 Src IP Persistence: Purge Error - Failed to Add to RB Tree : 0 Entry Deleted - Failed to Create State : 0 Export/Import: State Import - LBS State Inserted : 0 State Import - VS Not Found : 0 State Import - PM Not Found : 0 State Import - SIP Not Found : 0 State Import - LBS State Insert Failed : 0 SIP Import - Entry Has No Flow : 0 SIP Import - Entry Has Flow but was in purge : 0 SIP Import - Entry Deleted : 0
    Mode
    Basic
    Availability
    ESXi

    get load-balancer <lb-uuid> status
    Display the status of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 status Load Balancer UUID : ed785df6-2143-4944-b918-66470886be83 Display-Name : lbs-dgo Enabled : True LB-State : not_ready LR-HA-State : active Virtual Servers : 2 Up Virtual Servers: 0 Pools : 2 Up Pools : 0
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> virtual-server <vs-uuid>
    Display a specific load balancer virtual server.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <vs-uuid> Virtual server UUID argument
    Example
    nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 virtual-server 11bb214f-bd06-4bff-b2a5-6f82e5ec62b6 Virtual Server Application Profile Id : 4b6d4d28-208e-4a0d-a9aa-a712934d5bef Display Name : udpvip1 Enabled : True UUID : 11bb214f-bd06-4bff-b2a5-6f82e5ec62b6 Ip Address : Ipv4 : 124.124.124.124 Ip Protocol : UDP Pool Id : 56722b45-c276-43fb-81d0-4b15760fdbce Port : 9999 Application Profile Application Type : FAST_UDP Display Name : fastUdpProfile1 Fast Udp Profile : Flow Mirroring Enabled : False Idle Timeout : 1970-01-01 00:00:00.300000 (timestamp: 300) UUID : 4b6d4d28-208e-4a0d-a9aa-a712934d5bef
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> virtual-server <vs-uuid> access-log
    Display the access log file for a specific load balancer and virtual server.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <vs-uuid> Virtual server UUID argument
    Example
    nsx-edge-1> get load-balancer 4d3eafaa-5a16-422a-80d9-f799cb4bd40a virtual-server 953e4da8-a571-4695-b54c-90505d8e59c2 access-log 1.1.5.10 - - [16/Nov/2017:11:47:49 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:11:47:49 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:11:48:15 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:11:48:16 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:11:48:17 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:11:54:50 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:16:42:15 +0000] "GET / HTTP/1.1" 200 22 "-" "-" . . .
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> virtual-server <vs-uuid> access-log follow
    Display the last 10 lines of the access log file for a specific virtual server of load balancer and all new messages that are written to the log file.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <vs-uuid> Virtual server UUID argument
    Example
    nsx-edge-1> get load-balancer 4d3eafaa-5a16-422a-80d9-f799cb4bd40a virtual-server 953e4da8-a571-4695-b54c-90505d8e59c2 access-log follow 1.1.5.10 - - [16/Nov/2017:11:47:49 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:11:47:49 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:11:48:15 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:11:48:16 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:11:48:17 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:11:54:50 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:16:42:15 +0000] "GET / HTTP/1.1" 200 22 "-" "-" . . .
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> virtual-server <vs-uuid> access-log reg-filter <regex>
    Display access log messages containing strings that match the given regular expression pattern for a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <vs-uuid> Virtual server UUID argument
    <regex> Regular expression
    Example
    nsx-edge-1> get load-balancer 4d3eafaa-5a16-422a-80d9-f799cb4bd40a virtual-server 953e4da8-a571-4695-b54c-90505d8e59c2 access-log reg-filter 16/Nov.*11:48 1.1.5.10 - - [16/Nov/2017:11:48:15 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:11:48:16 +0000] "GET / HTTP/1.1" 200 22 "-" "-" 1.1.5.10 - - [16/Nov/2017:11:48:17 +0000] "GET / HTTP/1.1" 200 22 "-" "-"
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> virtual-server <vs-uuid> lbrules
    Display the load balancer rules for a specific load balancer and virtual server.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <vs-uuid> Virtual server UUID argument
    Example
    nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 virtual-server 110ac92c-1647-48a5-8d66-4cac06817716 lbrules LbRule Action : Action Type : HTTP_REQUEST_URI_REWRITE Http Request Uri Rewrite : Uri : /product_detail.html Display Name : RewriteRequestUrl UUID : 4202cb56-c8b3-4d7a-9f61-686d55ed7d80 Match Condition : Http Request Url Config : Request Url : /product.html Match Type : HTTP_REQUEST_URL Match Strategy : MATCH_STRATEGY_ANY Phase : HTTP_REQUEST_REWRITE LbRule Action : Action Type : SELECT_POOL Select Pool Config : Pool Id : e7a438a1-69e9-4347-9f21-0f28d7aa44d9 Display Name : LoginRouteRule UUID : 58ba5a69-6a5a-4b6b-8899-d0fa8159fbcd Match Condition : Http Request Url Config : Request Url : /login.html Match Type : HTTP_REQUEST_URL Match Strategy : MATCH_STRATEGY_ALL Phase : HTTP_FORWARDING
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> virtual-server <vs-uuid> stats
    Display the statistics for a specific load balancer and virtual server.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <vs-uuid> Virtual server UUID argument
    Example
    nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-server 953e4da8-a571-4695-b54c-90505d8e59c2 stats Virtual Server UUID : 953e4da8-a571-4695-b54c-90505d8e59c2 Display-Name : tcpvip1 VIP : TCP 123.123.123.123:80 Type : L4 Sessions : (Cur, Max, Total, Rate) : (0, 0, 0, 0) (Drop_By_ACL) : (0) Bytes : (In, Out) : (0, 0) Packets : (In, Out) : (0, 0)
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> virtual-server <vs-uuid> stats
    Display the statistics for a specific load balancer and virtual server.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    <vs-uuid> Virtual server UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-server 953e4da8-a571-4695-b54c-90505d8e59c2 stats Virtual Server UUID : 0f8175bc-6c2f-4c65-85bf-724af5f3c401 Type : L4 VIP : TCP 123.123.123.123:80 Bytes : (In, Out) : (0, 0) Packets : (In, Out) : (0, 0)
    Mode
    Basic
    Availability
    ESXi

    get load-balancer <lb-uuid> virtual-server <vs-uuid> stats verbose
    Display verbose statistics for a specific load balancer and virtual server.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    <vs-uuid> Virtual server UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-server 953e4da8-a571-4695-b54c-90505d8e59c2 stats verbose Virtual Server UUID : 953e4da8-a571-4695-b54c-90505d8e59c2 Current L4 session : 0 Total L4 session : 0 New flow - VS matched : 0 New flow - server selected : 0 New flow accepted : 0 L4 flow rejected - lbs invalid : 0 L4 flow rejected - vs has no pool : 0 L4 flow rejected - vs has empty pool : 0 L4 flow rejected - pm select error : 0 L4 flow rejected - syn expected : 0 L4 flow rejected - no session alloc : 0 Src IP persistence entry added : 0 Src IP persistence - removed (no pm found) : 0 Src IP persistence - add error (no memory) : 0 Src IP persistence - purge error (failed to add to RB tree): 0
    Mode
    Basic
    Availability
    ESXi

    get load-balancer <lb-uuid> virtual-server <vs-uuid> status
    Display the status of a specific load balancer virtual server.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    <vs-uuid> Virtual server UUID argument
    Example
    nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-server 0ba2817e-9ddb-411e-a397-ef2f3b099a46 status Virtual Server UUID : 0ba2817e-9ddb-411e-a397-ef2f3b099a46 Display-Name: http-vip-1 IP : 123.123.123.123 Port : 80 Status : up
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> virtual-servers
    Display the virtual servers of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 virtual-servers Virtual Server Application Profile Id : 9c4d7f35-13f9-46fc-8d57-d60f0a12544d Display Name : http-vip-1 Enabled : True UUID : 37f1a8c9-ab8b-4ee9-9b41-5da317ac05d3 Ip Address : Ipv4 : 123.123.123.123 Ip Protocol : TCP Persistence Profile Id : e57ef9b9-fe06-4269-9c2c-9fc2609e3941 Pool Id : d39f9ed7-444c-493d-8c99-327a30befe8e Port : 80 Virtual Server Application Profile Id : f5586889-a812-4e64-b735-610851a6fad6 Display Name : tcpvip1 Enabled : True UUID : 26168a79-48d6-44a7-86fe-0d5ee7c91e47 Ip Address : Ipv4 : 123.123.123.123 Ip Protocol : TCP Persistence Profile Id : 17d24b73-c090-495a-b60f-ed772b613bdf Pool Id : 29e66f11-d589-4208-a78d-f72e18aa8286 Port : 8888
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> virtual-servers
    Display the virtual servers of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 virtual-servers Load Balancer UUID : 1ec99bec-cd8d-4231-ad52-517a2c0833b7 Virtual Server UUID : 1117b0d3-5e9f-41dd-b294-85fb8a9c0d6c IP : 123.123.123.124:80
    Mode
    Basic
    Availability
    ESXi

    get load-balancer <lb-uuid> virtual-servers stats
    Display the statistics for all virtual servers of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-servers stats Virtual Server UUID : 0f8175bc-6c2f-4c65-85bf-724af5f3c401 Type : L4 VIP : TCP 123.123.123.123:80 Bytes : (In, Out) : (0, 0) Packets : (In, Out) : (0, 0) Virtual Server UUID : 3d13bd90-26e7-4753-9d18-04b83d97e705 Type : L4 VIP : TCP 123.123.123.124:80 Bytes : (In, Out) : (0, 0) Packets : (In, Out) : (0, 0)
    Mode
    Basic
    Availability
    ESXi

    get load-balancer <lb-uuid> virtual-servers stats
    Display the statistics for all virtual servers of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-servers stats Virtual Server UUID : 953e4da8-a571-4695-b54c-90505d8e59c2 Display-Name : tcpvip1 VIP : TCP 123.123.123.123:80 Type : L4 Sessions : (Cur, Max, Total, Rate) : (0, 0, 0, 0) (Drop_By_ACL) : (0) Bytes : (In, Out) : (0, 0) Packets : (In, Out) : (0, 0) Virtual Server UUID : 0ba2817e-9ddb-411e-a397-ef2f3b099a46 Display-Name : http-vip-1 VIP : TCP 123.123.123.123:8080 Type : L7 Sessions : (Cur, Max, Total, Rate) : (0, 0, 0, 0) (Drop_By_LBRule) : (0) Bytes : (In, In-Rate) : (0, 0) (Out, Out-Rate) : (0, 0) HTTP Requests : (Total, Rate) : (0, 0)
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer <lb-uuid> virtual-servers status
    Display the status of all virtual servers of a specific load balancer.
    Option Description
    <lb-uuid> LoadBalancer UUID argument
    Example
    nsx-edge-1> get load-balancer ed785df6-2143-4944-b918-66470886be83 virtual-servers status Virtual Server UUID : 953e4da8-a571-4695-b54c-90505d8e59c2 Display-Name: tcpvip1 IP : 123.123.123.123 Port : 8888 Status : up Virtual Server UUID : 0ba2817e-9ddb-411e-a397-ef2f3b099a46 Display-Name: http-vip-1 IP : 123.123.123.123 Port : 80 Status : up
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer global stats
    Display global verbose stats for load balancer.
    Example
    nsx-1> get load-balancer global stats Global Info Config Update: Config Update Rcvd : 4 Full Sync Rcvd : 1 LBS Update Rcvd : 4 VS Update Rcvd : 1 Pool Update Rcvd : 1 LBS Delete Rcvd : 0 VS Delete Rcvd : 0 Pool Delete Rcvd : 0 RCU Queue: RCU Queue Add - LBS : 0 RCU Queue Add - VS : 0 RCU Queue Add - Pool : 0 RCU Queue Add - Pool UUID : 0 RCU Queue Del - LBS : 0 RCU Queue Del - VS : 0 RCU Queue Del - Pool : 0 RCU Queue Del - Pool UUID : 0 Data Path: LB Flow Purged - LBS Invalid : 0 LB Flow Purged - Flow/Kif LBS Diff : 0 LB Flow Purged - Kif Not Linked With LBS After Full Sync : 0 LB Flow Purged - Flow/Kif LBS Diff After Full Sync : 0 LB Flow Purged - Session Validate Fail : 0 Export/Import: Global Config Save Received : 0 Global Config Restore - Unknown Type : 0 Global Config Restore - Unknown TLV Tag : 0 Global Error: Config Update: Full Sync Error - No Msg : 0 Full Sync Error - No Memory : 0 LBS Update Error - No Memory : 0 VS Update Error - LBS Not Found : 0 Pool Update Error - LBS Not Found : 0 LBS Delete Error - LBS Not Found : 0 VS Delete Error - LBS Not Found : 0 VS Delete Error - VS Not Found : 0 Pool Delete Error - LBS Not Found : 0 Pool Delete Error - Pool Not Found : 0 RCU Queue: RCU Lock Init Error : 0 RCU Queue Add - Invalid Type : 0 RCU Queue Add - No Memory : 0 RCU Queue Del - Invalid Type : 0 RCU Queue Del - PM Hmap Not Empty After Pool Purge : 0 Export/Import: Global Config Save Failed - Global LBS : 0 Global Config Save Failed - LBS Entry : 0 Global Config Save Failed - LSP Listn : 0 Global Config Save Failed - Pool : 0 Global Config Save Failed - PM List : 0 Global Config Save Failed - VS : 0 Global Config Save Failed - Buffer Error : 0 Global Config Save Failed - TLV Error : 0 Global Config Restore Failed - Buffer Error : 0 Global Config Restore Failed - TLV Error : 0 LBS Not Found at State Import : 0
    Mode
    Basic
    Availability
    ESXi

    get load-balancer perf-profile config
    Get edge parameters configured by load balancer for performance.
    Example
    nsx-edge-1> get load-balancer perf-profile config Load Balancer Performance Config Profile :large vm http profile Dataplane Kni Busy Loop :enabled Kni Fifo Size :8192 Tx Ring Size :512 Rx Ring Size :512 Cores :0 Intr Mode :disabled Kni Mbuf Burst Num :2048 Dispatcher Cores :4,5,6,7 Kni Cores :1 Rps Cpus :2,3 Engine Cores :4,5,6,7
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancer pool <pool-uuid>
    Display the information for pool.
    Option Description
    <pool-uuid> Pool UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer pool 6be8651e-dac3-44cd-a175-72965fe4dc92 Pool UUID : 6be8651e-dac3-44cd-a175-72965fe4dc92 Display Aame : mylbpool Algorithm : ROUND_ROBIN Min Active Members : 1 Tcp Multiplexing Enabled : False Tcp Multiplexing Number : 6 Members Admin State : ENABLED Backup Member : False Display Name : Member_VM30 Ip Address : 192.168.100.160 Port : 8888 Weight : 1 Admin State : ENABLED Backup Member : False Display Name : Member_VM31 Ip Address : 192.168.100.161 Port : 8888 Weight : 1 Admin State : ENABLED Backup Member : False Display Name : Member_VM32 Ip Address : 192.168.100.162 Port : 8888 Weight : 1
    Mode
    Basic
    Availability
    ESXi

    get load-balancer virtual-server <vs-uuid>
    Display a specific load balancer virtual server.
    Option Description
    <vs-uuid> Virtual server UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer eba5f460-c660-4f82-8488-62231fb9aea3 virtual-server 34683d78-7e13-48c9-8064-f0ccbca6ecb1 Virtual Server Access Log Enabled : True Log Significant Event Only : False Display Name : mytcpvip Enabled : True IP Protocol : TCP IP : 123.123.123.125 Port : 8888 UUID : 34683d78-7e13-48c9-8064-f0ccbca6ecb1 Pool Id : 6be8651e-dac3-44cd-a175-72965fe4dc92 Application Profile Id : a15907b6-df80-43ac-bbd3-68487544170f
    Mode
    Basic
    Availability
    ESXi

    get load-balancer virtual-server <vs-uuid> access-log
    Display the access log for the virtual server.
    Option Description
    <vs-uuid> Virtual server UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-1> get load-balancer 229f3a19-f045-418a-9f5c-750d321e674a access-log Operation.Category: 'LbAccessLog': Operation.Type: 'N/A', Lb.UUID: '1ee776f7-7b30-4a64-a091-48f50dcb8eb0' Vs.UUID: '229f3a19-f045-418a-9f5c-750d321e674a' Vs.IP: '123.123.123.125' Vs.Port: '47138' Pool.UUID: 'e38717cc-20e2-4c79-a760-53e835bf09b5' PoolMember.IP: '192.168.100.160' PoolMemeber.Port: '47138' Client.Ip: '' Client.Port: '0' Session.state: 'Create' Error.Reason: '-'
    Mode
    Basic
    Availability
    ESXi

    get load-balancers
    Display all load balancers.
    Example
    nsx-edge-1> get load-balancers Load Balancer Access Log Enabled : False Applied To : Logical Router Id : c46b1482-0638-4ed0-959b-06ca203cf50b Service Router Id : 95327762-ddfc-4196-b92b-671fd1b99e25 Display Name : lbs-on-lr1 Enabled : True UUID : eba5f460-c660-4f82-8488-62231fb9aea3 Log Level : LB_LOG_LEVEL_INFO Size : SMALL Virtual Server Id : 37f1a8c9-ab8b-4ee9-9b41-5da317ac05d3 26168a79-48d6-44a7-86fe-0d5ee7c91e47 7e012072-0594-4063-97f0-82452e9a2813 11bb214f-bd06-4bff-b2a5-6f82e5ec62b6 110ac92c-1647-48a5-8d66-4cac06817716
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get load-balancers
    Display all load balancers.
    Example
    nsx-1> get load-balancers Load Balancer Access Log Enabled : False Display Name : mydlb Enabled : True UUID : 3d62a405-c24c-442d-ba98-e0c1200b7fce Log Level : LB_LOG_LEVEL_INFO Relax Scale Validation : False Size : DLB Virtual Server Id : f1e1eadd-0928-4643-8ff8-77dbaa350ae1 Load Balancer Access Log Enabled : False Display Name : mydlb2 Enabled : True UUID : 4dcd2946-5ab9-40d2-9aaa-8d9cf93f5810 Log Level : LB_LOG_LEVEL_INFO Relax Scale Validation : False Size : DLB Virtual Server Id : 8d4f29c0-c194-46ba-aa16-1a0fe9f70fd1
    Mode
    Basic
    Availability
    ESXi

    get load-balancers status
    Display the status of all load balancers.
    Example
    nsx-edge-1> get load-balancers status Load Balancer UUID : ed785df6-2143-4944-b918-66470886be83 Display-Name : lbs-dgo Enabled : True LB-State : not_ready LR-HA-State : active
    Mode
    Basic
    Availability
    Edge, Public Cloud Gateway

    get log-file <filename>
    Display the contents of the specified log file.
    Option Description
    <filename> Log file name
    Example
    nsx-manager-1> get log-file manager.log 2016-10-24 05:11:50.292 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/connections?columns=name,user Entity Body : <{Accept=[application/json]}> method: GET 2016-10-24 05:11:50.312 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/connections?columns=name,user Response Body : [Lcom.vmware.nsx.management.messaging.rabbitmq.Connection;@59e806a2 method : GET 2016-10-24 05:11:50.312 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/users Entity Body : <{Accept=[application/json]}> method: GET 2016-10-24 05:11:50.354 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/users Response Body : [Lcom.vmware.nsx.management.messaging.rabbitmq.Account;@5307ed29 method : GET 2016-10-24 05:11:55.298 UTC INFO increment-barrier-timer RealizationStateBarrierServiceImpl - SYSTEM [nsx comp="nsx-manager" subcomp="manager"] Incremented realization state barrier number to 122598 2016-10-24 05:11:55.674 UTC INFO Event Processor for GatewaySender_AsyncEventQueue_txLogEventQueue TxLogAsyncEventListener - - [nsx comp="nsx-manager" subcomp="manager"] Gets 1 events to process. . . .
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get log-file <filename> follow
    Display the last 10 lines of the specified log file and all new messages that are written to the log file.
    Option Description
    <filename> Log file name
    Example
    nsx-manager-1> get log-file manager.log follow 2016-10-24 05:11:50.292 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/connections?columns=name,user Entity Body : <{Accept=[application/json]}> method: GET 2016-10-24 05:11:50.312 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/connections?columns=name,user Response Body : [Lcom.vmware.nsx.management.messaging.rabbitmq.Connection;@59e806a2 method : GET 2016-10-24 05:11:50.312 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/users Entity Body : <{Accept=[application/json]}> method: GET 2016-10-24 05:11:50.354 UTC INFO MaintenanceSyncTimer RestRequestImpl - - [nsx comp="nsx-manager" subcomp="manager"] URL : https://localhost:15671/api/users Response Body : [Lcom.vmware.nsx.management.messaging.rabbitmq.Account;@5307ed29 method : GET 2016-10-24 05:11:55.298 UTC INFO increment-barrier-timer RealizationStateBarrierServiceImpl - SYSTEM [nsx comp="nsx-manager" subcomp="manager"] Incremented realization state barrier number to 122598 2016-10-24 05:11:55.674 UTC INFO Event Processor for GatewaySender_AsyncEventQueue_txLogEventQueue TxLogAsyncEventListener - - [nsx comp="nsx-manager" subcomp="manager"] Gets 1 events to process. . . .
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get logging-servers
    Display logging server configuration.
    Example
    nsx> get logging-servers 192.168.110.60 proto udp level info facility syslog messageid SYSTEM,FABRIC 192.168.110.60 proto udp level info facility auth,user
    Mode
    Basic
    Availability
    Controller, Edge, Key Manager, Manager, Policy Manager, Public Cloud Gateway

    get logical-router <uuid>
    Display information about the specified logical router.
    Option Description
    <uuid> Logical Router identifier
    Allowed pattern: ^[0-9]+$|^0x[0-9a-fA-F]+$|^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    nsx-controller-1> get logical-router db6760b3-d9e2-44ef-b1c4-f56138665d71 LR-Id LR-Name Hosts[] Service-Controller Router-Type ClusterId UUID 0x5 SR-46740ffe-9bf1-406e-816d-e200a45f0707 192.168.110.111 192.168.110.108 SERVICE_ROUTER_TIER1 00002000-0000-0000-0000-000000000001 db6760b3-d9e2-44ef-b1c4-f56138665d71 192.168.110.112
    Mode
    Basic
    Availability
    Controller

    get logical-router <uuid>
    Display information about the specified logical router.
    Option Description
    <uuid> UUID argument
    Allowed pattern: ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
    Example
    kvm-1> get logical-router 091a05dc-8080-41a2-a56f-b