In assisting customers with a wide variety of NSX related issues, I’m constantly pulling up cheat sheets for frequently used commands. This page organizes my favorite NSX Edge commands into troubleshooting reference.
root@nsxtedge01:~# top -o %MEM
top - 15:32:18 up 3 days, 6:32, 1 user, load average: 1.21, 1.07, 1.03 Tasks: 205 total, 2 running, 131 sleeping, 0 stopped, 1 zombie %Cpu(s): 4.2 us, 12.1 sy, 0.0 ni, 83.2 id, 0.5 wa, 0.0 hi, 0.0 si, 0.0 st KiB Mem : 8160268 total, 270080 free, 4520764 used, 3369424 buff/cache KiB Swap: 0 total, 0 free, 0 used. 3141412 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 281 root 20 0 170852 105860 101376 S 0.3 1.3 15:22.26 systemd-journal 8296 root 20 0 16.520g 73796 38812 S 43.5 0.9 2145:28 dp-fp:0 1535 www-data 20 0 244416 64668 12040 S 0.0 0.8 1:52.51 nvpapi.py 16713 lb 20 0 236816 60448 57808 S 0.0 0.7 0:00.15 nginx 1454 root 20 0 907436 52200 29448 S 0.0 0.6 21:34.42 dockerd 16730 lb 20 0 296080 51940 3360 S 0.0 0.6 0:41.67 nginx
nsxtedge01> get node-uuid uuid: 7af45036-6d42-11ea-a22d-00505696b642
nsxtedge01> get uptime 14:44:15 up 3 days, 5:44, 1 user, load average: 0.84, 0.85, 0.95
nsxtedge01> get managers - 192.168.110.17 Connected (NSX-RPC) *
nsxtedge01> get controllers Controller IP Port SSL Status Is Physical Master Session State Controller FQDN 192.168.110.17 1235 enabled connected true up NA
nsxtedge01> get network-stats Ip: Total packets received: 2920244 Forwarded: 0 Incoming packets discarded: 0 Incoming packets delivered: 2918860 Requests sent out: 2894088 Icmp: ICMP messages received: 172246 ICMP messages failed: 0 ICMP input historgram: Destination unreachable: 172246 ICMP messages sent: 172246 ICMP messages failed: 0 ICMP output historgram: Destination unreachable: 172246 IcmpMsg: InType3: 172246 OutType3: 172246 Tcp: Active connections openings: 2906 Passive connection openings: 2871 Failed connection attempts: 34 Connection resets attempts: 0 Connections established: 15 Segments received: 848137 Segments sent out: 838319 Segments retransmitted: 11 Bad segments received: 0 Resets sent: 34 Udp: Packets received: 1726103 Packets to unknown port received: 172372 Packet receive errors: 0 Packets sent: 1894202 RcvbufErrors: 0 SndbufErrors: 0 UdpLite: InDatagrams: 0 NoPorts: 0 InErrors: 0 OutDatagrams: 0 RcvbufErrors: 0 SndbufErrors: 0
nsxtedge01> get int | find Name|IP|MAC|VNI|Interface Interface: bond0 MAC address: ea:e5:54:74:71:0c Interface: eth0 MAC address: 00:50:56:96:b6:42 Interface: veth0f8b05b MAC address: 32:d1:a1:3a:c9:c8 Interface: fp-eth0 MAC address: 00:50:56:96:49:48 Offload Capabilities: TX_VLAN_INSERT TX_UDP_CKSUM TX_TCP_CKSUM TX_TCP_TSO RX_VLAN_STRIP RX_IPV4_CKSUM RX_UDP_CKSUM RX_TCP_CKSUM RX_TCP_LRO Interface: fp-eth1 MAC address: 00:50:56:96:6e:f9 Offload Capabilities: TX_VLAN_INSERT TX_UDP_CKSUM TX_TCP_CKSUM TX_TCP_TSO RX_VLAN_STRIP RX_IPV4_CKSUM RX_UDP_CKSUM RX_TCP_CKSUM RX_TCP_LRO Interface: fp-eth2 MAC address: 00:50:56:96:94:fe Offload Capabilities: TX_VLAN_INSERT TX_UDP_CKSUM TX_TCP_CKSUM TX_TCP_TSO RX_VLAN_STRIP RX_IPV4_CKSUM RX_UDP_CKSUM RX_TCP_CKSUM RX_TCP_LRO
nsxtedge01> get host-switch Host Switch : 7bfe275f-6268-4761-a9a7-765d0be970d5 Switch Name : NSXTvlan Transport Zone : 84e500ff-3e5f-47a4-8158-3c2c1e96269e Physical Port : fp-eth1 Uplink Name : uplink2
Host Switch : ed4276d6-e746-4db3-b5be-d5bad5b356db Switch Name : NSXToverlay Transport Zone : cc600788-6fcc-4f67-81f3-bb00df486b08 Physical Port : fp-eth0 Uplink Name : uplink1 Transport VLAN : 0 Default Gateway : 192.168.110.2 Subnet Mask : 255.255.255.0 Local VTEP Device : fp-eth0 Local VTEP IP : 192.168.110.180
nsxtedge01> get tunnel-port Tunnel : 9adf8c8e-28c9-57e8-b21c-4117e394bd53 IFUID : 322 LOCAL : 192.168.110.180 REMOTE : 192.168.110.182 ENCAP : GENEVE
Tunnel : 7a4e40ac-cce8-58fc-b53e-b75bf246f5f8 IFUID : 325 LOCAL : 192.168.110.180 REMOTE : 192.168.110.181 ENCAP : GENEVE
Tunnel : 80109731-3099-55df-9cdf-155664b1fe88 IFUID : 323 LOCAL : 192.168.110.180 REMOTE : 192.168.110.183 ENCAP : GENEVE
Tunnel : 45b1b3ae-8e7e-5f54-8c7b-6ab38b0bcac7
IFUID : 324
LOCAL : 192.168.110.180
REMOTE : 192.168.110.184
ENCAP : GENEVE
nsxtedge01> get vteps Remote VTEP IP : 192.168.110.184 Remote VTEP Label : 28677
Local VTEP IP : 192.168.110.180
Local VTEP Label : 28681
Remote VTEP IP : 192.168.110.181
Remote VTEP Label : 28674
Remote VTEP IP : 192.168.110.182
Remote VTEP Label : 28675
Remote VTEP IP : 192.168.110.183
Remote VTEP Label : 28676
[/fusion_tab][fusion_tab title=”Routing” icon=””]
nsxtedge01> get logical-routers Logical Router UUID VRF LR-ID Name Type Ports 736a80e3-23f6-5a2d-81d6-bbefb2786666 0 0 TUNNEL 3 fd1a2393-3160-41f0-b603-faa47f401c70 1 6 SR-lab-tier-1 SERVICE_ROUTER_TIER1 5 0bad6f1e-c584-49c6-a251-82a7e0bf29a3 2 1 DR-lab-tier-0 DISTRIBUTED_ROUTER_TIER0 4 e453f177-d98a-4925-89f0-d187f4359c80 3 2 SR-lab-tier-0 SERVICE_ROUTER_TIER0 6 dcd02212-6eee-4943-b224-a33935b74159 4 5 DR-lab-tier-1 DISTRIBUTED_ROUTER_TIER1 5
nsxtedge01> vrf 3 nsxtedge01(tier0_sr)> get route
Flags: t0c - Tier0-Connected, t0s - Tier0-Static, B - BGP, t0n - Tier0-NAT, t1s - Tier1-Static, t1c - Tier1-Connected, t1n: Tier1-NAT, t1l: Tier1-LB VIP, t1ls: Tier1-LB SNAT, t1d: Tier1-DNS FORWARDER, t1ipsec: Tier1-IPSec, > - selected route, * - FIB route
Total number of routes: 11
b > * 0.0.0.0/0 [20/0] via 192.168.100.2, uplink-282, 2d19h10m b > * 10.155.14.0/24 [20/0] via 192.168.100.2, uplink-282, 2d19h10m b > * 10.160.110.0/24 [20/0] via 192.168.100.2, uplink-282, 2d19h10m t0c> * 100.64.176.0/31 is directly connected, downlink-284, 3d05h59m t0c> * 169.254.0.128/25 is directly connected, inter-sr-276, 3d05h59m b > * 192.168.21.0/24 [20/0] via 192.168.100.2, uplink-282, 2d19h10m b > * 192.168.70.0/24 [200/0] via 169.254.0.131, inter-sr-276, 2d19h10m t0c> * 192.168.100.0/24 is directly connected, uplink-282, 3d05h59m b > * 192.168.150.0/24 [20/0] via 192.168.100.2, uplink-282, 2d19h10m t0c> * fc4b:9f16:eaae:8000::/64 is directly connected, downlink-284, 3d05h59m t0c> * fe80::/64 is directly connected, inter-sr-276, 3d05h59m
nsxtedge01(tier0_sr)> get bgp neighbor summary BFD States: NC - Not configured, AC - Activating,DC - Disconnected AD - Admin down, DW - Down, IN - Init,UP - Up BGP summary information for VRF default for address-family: ipv4Unicast Router ID: 192.168.100.102 Local AS: 65111
Neighbor AS State Up/DownTime BFD InMsgs OutMsgs InPfx OutPfx
169.254.0.131 65111 Estab 2d19h10m NC 241854 241851 8 7 192.168.100.2 65100 Estab 2d19h10m NC 4436 4038 6 6
BFD States: NC - Not configured, AC - Activating,DC - Disconnected AD - Admin down, DW - Down, IN - Init,UP - Up BGP summary information for VRF default for address-family: ipv6Unicast Router ID: 192.168.100.102 Local AS: 65111
Neighbor AS State Up/DownTime BFD InMsgs OutMsgs InPfx OutPfx
169.254.0.131 65111 Estab 2d19h10m NC 241854 241851 1 1
nsxtedge01(tier0_sr)> get bgp neighbor 192.168.100.2 advertised-routes
BGP table version is 8, local router ID is 192.168.100.102 Status flags: > - best, I - internal Origin flags: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path > 0.0.0.0/0 192.168.100.2 0 100 0 65100 i > 10.155.14.0/24 192.168.100.2 0 100 0 65100 ? > 10.160.110.0/24 192.168.100.2 0 100 0 65100 ? > 192.168.21.0/24 192.168.100.2 0 100 0 65100 ? > 192.168.100.0/24 0.0.0.0 0 100 32768 ? > 192.168.150.0/24 192.168.100.2 0 100 0 65100 ?
nsxtedge01(tier0_sr)> get forwarding Logical Router UUID VRF LR-ID Name Type e453f177-d98a-4925-89f0-d187f4359c80 3 2 SR-lab-tier-0 SERVICE_ROUTER_TIER0 IPv4 Forwarding Table IP Prefix Gateway IP Type UUID Gateway MAC 100.64.176.0/32 route c3a5711f-5202-591d-8649-b6d77a7310f6 100.64.176.0/31 route 89d442ad-4781-4148-94e2-f9b5ff09aa3f 127.0.0.1/32 route 2ee8cbc3-746f-4031-b3fa-6e596845425e 169.254.0.0/25 route b12715ae-d462-48fc-b57d-97660bac76cc 169.254.0.1/32 route c3a5711f-5202-591d-8649-b6d77a7310f6 169.254.0.2/32 route a687cce1-3bc2-53de-9aa8-8ba3fc93029f 169.254.0.128/25 route fee35fba-f089-4d4d-8042-e6fd386ad0d6 169.254.0.130/32 route a687cce1-3bc2-53de-9aa8-8ba3fc93029f 192.168.100.0/24 route db0a1653-d21f-4dc3-a399-7628711a79c3 192.168.100.102/32 route a687cce1-3bc2-53de-9aa8-8ba3fc93029f IPv6 Forwarding Table IP Prefix Gateway IP Type UUID Gateway MAC ::1/128 route 2ee8cbc3-746f-4031-b3fa-6e596845425e fc4b:9f16:eaae:8000::/64 route 89d442ad-4781-4148-94e2-f9b5ff09aa3f fc4b:9f16:eaae:8000::1/128 route c3a5711f-5202-591d-8649-b6d77a7310f6 fe80::/64
[/fusion_tab][fusion_tab title=”HA” icon=””]
nsxtedge01> get logical-routers Logical Router UUID VRF LR-ID Name Type Ports 736a80e3-23f6-5a2d-81d6-bbefb2786666 0 0 TUNNEL 3 fd1a2393-3160-41f0-b603-faa47f401c70 1 6 SR-lab-tier-1 SERVICE_ROUTER_TIER1 5 0bad6f1e-c584-49c6-a251-82a7e0bf29a3 2 1 DR-lab-tier-0 DISTRIBUTED_ROUTER_TIER0 4 e453f177-d98a-4925-89f0-d187f4359c80 3 2 SR-lab-tier-0 SERVICE_ROUTER_TIER0 6 dcd02212-6eee-4943-b224-a33935b74159 4 5 DR-lab-tier-1 DISTRIBUTED_ROUTER_TIER1 5
nsxtedge01> vrf 3
nsxtedge01(tier0_sr)> get high-availability status
Service Router
UUID : e453f177-d98a-4925-89f0-d187f4359c80
state : Active
type : TIER0
mode : A/A
failover mode : Preemptive
rank : 0
service count : 0
service score : n/a
HA ports state
UUID : b12715ae-d462-48fc-b57d-97660bac76cc
op_state : Up
addresses : 169.254.0.2/25;fe80::50:56ff:fe56:5300/64
Peer Routers
Node UUID : d3937794-6d42-11ea-8ce8-0050569629d4
HA state : Active
nsxtedge01(tier0_sr)> get high-availability history state State : Down Event : Init Resources : Time : 2020-07-06 16:59:20.02
State : Active Event : Routing Up Resources : 0 Time : 2020-07-06 16:59:20.28
nsxtedge01> vrf 1
nsxtedge01(tier1_sr)> get high-availability status
Service Router
UUID : fd1a2393-3160-41f0-b603-faa47f401c70
state : Standby
type : TIER1
mode : A/S
failover mode : Non-preemptive
rank : 0
service count : 1
service score : 1
HA ports state
UUID : fd7484ae-224a-4fb6-9e1d-9b041bf585c8
op_state : Down
addresses : fc4b:9f16:eaae:8000::2/64;fe80::50:56ff:fe56:4455/64;100.64.176.1/31
UUID : 665c4b0b-2cca-402c-98b1-ebc27ff3528b
op_state : Down
addresses : 169.254.0.2/28;fe80::50:56ff:fe56:5300/64
Peer Routers
Node UUID : d3937794-6d42-11ea-8ce8-0050569629d4
HA state : Active
nsxtedge01> get edge-cluster status
High Availability State : Active
Since : 2020-07-07 20:35:20.69
Edge Node Id : 7af45036-6d42-11ea-a22d-00505696b642
Edge Node Status : Up
Admin State : Up
Vtep State : Up
Configuration : applied
Health Check Config :
Interval : 1000 msec
Deadtime : 3000 msec
Max Hops : 255
Service Status :
Datapath Config Channel : Up
Datapath Status Channel : Up
Routing Status Channel : Up
Routing Status : Up
Peer Status :
Node Id : d3937794-6d42-11ea-8ce8-0050569629d4
Node Thumbprint : C0:BB:C2:44:11:A1:CB:36:15:55:FF:5D:26:4B:AF:04:38:72:F7:BF:A6:D5:AD:E5:37:FE:6D:8B:99:06:51:2F
Node Status : Up
Healthcheck Sessions :
Interface : eth0
Session : 192.168.110.65:192.168.110.66
Status : Up
Interface : nsx-edge-vtep
Device : fp-eth0
Session : 192.168.110.180:192.168.110.181
Status : Up
[/fusion_tab][fusion_tab title=”Perf” icon=””]
In some cases, under the guidance of VMware Support, you may be asked to disable flow-cache: https://kb.vmware.com/s/article/60431
nsxtedge01> set dataplane flow-cache disable
Please restart dataplane service for the change to take effect.
nsxtedge01> restart service dataplane
(Note this will cause a brief interruption to the dataplane)
Verify that the ESXi host NIC drivers and firmware are matching and updated, reference: https://spillthensxt.com/are-my-esxi-host-nic-drivers-and-firmware-nsx-t-ready/
Verify that RSS is enabled on the ESXi host physical NIC:
[root@esx01:~] vsish -e get /net/pNics/vmnic0/rxqueues/info
rx queues info {
# queues supported:13
# filters supported:96
# active filters:3
# filters moved by load balancer:337
# of Geneve OAM filters:3
RX filter classes:Rx filter class: 0x1d -> MAC VLAN_MAC VXLAN Geneve GenericEncap
Rx Queue features:features: 0x600001a3 -> LRO Pair
DynamicRSS <----------------------------- Enabled
Dynamic Preemptible IPv4LRO IPv6LRO
Verify that Geneve Offload is Activated:
[root@esx01:~] vsish -e get /net/pNics/vmnic0/properties
properties {
Driver Name:bnxtnet
Driver Version:20.6.101.7
Driver Firmware Version:20.8.187.0
System Device Name:vmnic0
Module Interface Used By The Driver:native
Device Hardware Cap Supported:: 0xc9bc032b -> VMNET_CAP_SG VMNET_CAP_IP4_CSUM VMNET_CAP_HIGH_DMA VMNET_CAP_TSO VMNET_CAP_HW_TX_VLAN VMNET_CAP_HW_RX_VLAN VMNET_CAP_SG_SPAN_PAGES VMNET_CAP_IP6_CSUM VMNET_CAP_TSO6 VMNET_CAP_TSO256k VMNET_CAP_RDONLY_INETHDRS VMNET_CAP_ENCAP
VMNET_CAP_GENEVE_OFFLOAD <---------------------- flag is enabled
VMNET_CAP_SCHED
Device Hardware Cap Activated:: 0xc0bc032b -> VMNET_CAP_SG VMNET_CAP_IP4_CSUM VMNET_CAP_HIGH_DMA VMNET_CAP_TSO VMNET_CAP_HW_TX_VLAN VMNET_CAP_HW_RX_VLAN VMNET_CAP_SG_SPAN_PAGES VMNET_CAP_IP6_CSUM VMNET_CAP_TSO6 VMNET_CAP_TSO256k VMNET_CAP_RDONLY_INETHDRS VMNET_CAP_SCHED
Device Software Cap Activated:: 0x30000000 -> VMNET_CAP_IP6_CSUM_EXT_HDRS VMNET_CAP_TSO6_EXT_HDRS
Device Software Assistance Activated:: 0 -> No matching defined enum value found.
PCI Segment:0
PCI Bus:70
PCI Slot:0
PCI Fn:0
Device NUMA Node:0
PCI Vendor:0x14e4
PCI Device ID:0x16d7
Link Up:1
Operational Status:1
Administrative Status:1
Full Duplex:1
Auto Negotiation:0
Speed (Mb/s):25000
Uplink Port ID:0x02000002
To determine traffic load:
nsxtedge01> get dataplane perfstats 10
[
{
"CpuStats": [
{
"core": "0",
"tx": "52270 pps",
"kni": "0 pps",
"rx": "52270 pps",
"intercore": "0 pps",
"usage": "7%",
"slowpath": "0 pps"
},
{
"core": "1",
"tx": "622700 pps",
"kni": "0 pps",
"rx": "622700 pps",
"intercore": "0 pps",
"usage": "47%",
"slowpath": "0 pps"
}
] }
...
nsxtedge01> get dataplane throughput 2 | json
{
"fp-eth0": {
"rx Gbps": 0.0,
"rx K err/s": 0.0,
"rx MB/s": 0.0,
"rx k_err/s": 0.0,
"rx k_miss/s": 0.0,
"rx k_no_mbufs/s": 0.0,
"rx kpps": 0.0,
"tx Gbps": 0.0,
"tx K drops/s": 0.0,
"tx MB/s": 0.0,
"tx kpps": 0.0
},
"fp-eth1": {
"rx Gbps": 0.0,
"rx K err/s": 0.0,
"rx MB/s": 0.0,
"rx k_err/s": 0.0,
"rx k_miss/s": 0.0,
"rx k_no_mbufs/s": 0.0,
"rx kpps": 0.0,
"tx Gbps": 4.0, =========================> transmitting 4 Gbps
"tx K drops/s": 344.0,
"tx MB/s": 596.0,
"tx kpps": 587.0
},
"fp-eth2": {
"rx Gbps": 7.0, ======================> receiving 7 Gbps
"rx K err/s": 0.0,
"rx MB/s": 946.0,
"rx k_err/s": 0.0,
"rx k_miss/s": 2.0,
"rx k_no_mbufs/s": 0.0,
"rx kpps": 931.0,
"tx Gbps": 0.0,
"tx K drops/s": 0.0,
"tx MB/s": 0.0,
"tx kpps": 0.0
nsxtedge01> get physical-port fp-eth1 stats Physical Port Stats NAME : fp-eth1 RX_BYTES : 2460 RX_DROP_NO_MATCH : 94 RX_ERRORS : 0 RX_MISSES : 0 RX_NOMBUFS : 0 RX_PACKETS : 41 TX_BYTES : 2889254120958 TX_DROPS : 1144325480 ======> TX drop is increasing TX_ERRORS : 0 TX_PACKETS : 2138714193
nsx-manager> get physical-port fp-eth1 stats
Physical Port Stats
NAME : fp-eth1
RX_BYTES : 2460
RX_DROP_NO_MATCH : 94
RX_ERRORS : 0
RX_MISSES : 0
RX_NOMBUFS : 0
RX_PACKETS : 41
TX_BYTES : 2890144705918
TX_DROPS : 1144840063 ======> TX drop is increasing
TX_ERRORS : 0
TX_PACKETS : 2139590753
[/fusion_tab][fusion_tab title=”Logs” icon=””]
nsxtedge01> get log-file ? auth.log Authorization log kern.log Kernel log routing Routing log syslog System log
nsxtedge01> get log-file syslog follow <14>1 2020-07-13T15:47:47.746210+00:00 nsxtedge01 audispd - - - node=nsxtedge01 type=EOE msg=audit(1594655267.725:811190): <14>1 2020-07-13T15:47:47.746790+00:00 nsxtedge01 audispd - - - node=nsxtedge01 type=SYSCALL msg=audit(1594655267.725:811191): arch=c000003e syscall=2 success=yes exit=3 a0=4071a6 a1=1 a2=38bc7d16450 Edge logging location: nsxtedge01:/var/log
[/fusion_tab][fusion_tab title=”Captures” icon=””]
In this example we will perform a traffic capture on the Edge outside interface, which is part of SERVICE_ROUTER_TIER0. First we need to determine the interface UUID.
nsxtedge01> get logical-routers Logical Router UUID VRF LR-ID Name Type Ports 736a80e3-23f6-5a2d-81d6-bbefb2786666 0 0 TUNNEL 3 fd1a2393-3160-41f0-b603-faa47f401c70 1 6 SR-lab-tier-1 SERVICE_ROUTER_TIER1 5 0bad6f1e-c584-49c6-a251-82a7e0bf29a3 2 1 DR-lab-tier-0 DISTRIBUTED_ROUTER_TIER0 4 e453f177-d98a-4925-89f0-d187f4359c80 3 2 SR-lab-tier-0 SERVICE_ROUTER_TIER0 6 dcd02212-6eee-4943-b224-a33935b74159 4 5 DR-lab-tier-1 DISTRIBUTED_ROUTER_TIER1 5
nsxtedge01> vrf 3
nsxtedge01(tier0_sr)> get int | find Name|IP|MAC|VNI|Interface
UUID VRF LR-ID Name Type
Interfaces (IPv6 DAD Status A-Assigned, D-Duplicate, T-Tentative)
Interface : 2ee8cbc3-746f-4031-b3fa-6e596845425e
IP/Mask : 127.0.0.1/8;::1/128(NA)
Interface : db0a1653-d21f-4dc3-a399-7628711a79c3
Name : uplink1
IP/Mask : 192.168.100.102/24
MAC : 00:50:56:96:6e:f9
Interface : fee35fba-f089-4d4d-8042-e6fd386ad0d6 <--- this is the Interface UUID that we are after
Name : sr0-internal-routing-port
IP/Mask : 169.254.0.130/25;fe80::50:56ff:fe56:5200/64(NA)
MAC : 02:50:56:56:52:00
VNI : 67584
Interface : b12715ae-d462-48fc-b57d-97660bac76cc
Name : bp-sr0-port
IP/Mask : 169.254.0.2/25;fe80::50:56ff:fe56:5300/64(NA)
MAC : 02:50:56:56:53:00
VNI : 67586
Interface : a687cce1-3bc2-53de-9aa8-8ba3fc93029f
Interface : 14b977ec-65e1-571d-97e0-5641e1e8bfc4
nsxtedge01> start capture interface fee35fba-f089-4d4d-8042-e6fd386ad0d6 expression tcp port bgp
Other examples: nsxtedge01> start capture interface xxxxxxxx expression udp nsxtedge01> start capture interface xxxxxxxx count 50 expression ip 1.1.1.1 port 443 nsxtedge01> get capture sessions
[/fusion_tab][fusion_tab title=”Patching” icon=””]
Transfer the patched image to be instaled, for example, VMware-nsx-edge-lb-2.5.1.5.0.16466672.pub to Edge file location /var/vmware/nsx/file-store
nsxtedge01> get images Image Name Version Tag Created nsx-edge-dispatcher ob-15314312 current 2019-12-15 (6 months ago) nsx-edge-datapath ob-15314312 current 2019-12-15 (6 months ago) nsx-edge-frr ob-15314312 current 2019-12-15 (6 months ago) nsx-edge-lb ob-15314312 current 2019-12-15 (6 months ago) nsx-edge-iked ob-15314312 current 2019-12-15 (6 months ago) nsx-edge-nsxa ob-15314312 current 2019-12-15 (6 months ago) nsx-edge-mdproxy ob-15314312 current 2019-12-15 (6 months ago) nsx-edge-dhcp ob-15314312 current 2019-12-15 (6 months ago) nsx-edge-dns ob-15314312 current 2019-12-15 (6 months ago)
nsxtedge01> get image nsx-edge-lb Image Name Version Tag Created nsx-edge-lb ob-15314312 current 2019-12-15 (6 months ago)
Edge file location needs to be /var/vmware/nsx/file-store
nsxtedge01> verify image VMware-nsx-edge-lb-2.5.1.5.0.16466672.pub
Image verified successfully
nsxtedge01> get image nsx-edge-lb Image Name Version Tag Created nsx-edge-lb ob-16466672 2020-06-26 (12 days ago) nsx-edge-lb ob-15314312 current 2019-12-15 (6 months ago)
nsxtedge01> install image nsx-edge-lb version ob-16466672 Image installed successfully
nsxtedge01> get image nsx-edge-lb Image Name Version Tag Created nsx-edge-lb ob-16466672 current 2020-06-26 (12 days ago) nsx-edge-lb ob-15314312 previous 2019-12-15 (6 months ago)
nsxtedge01> exit root@ablooedg10:~# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f470a2e4cf20 nsx-edge-lb:current "/opt/vmware/edge/..." About a minute ago Up About a minute service_lb_dbdd3e97-cd52-42a2-9470-f7c190 3e264e 3b5967c608f2 nsx-edge-base:current "/bin/sleep infinity" 13 days ago Up 43 hours 22/tcp f5a827d0-d79d-4490-be37-c021abc4df03 9e6c3ef28ece nsx-edge-mdproxy:current "/opt/vmware/edge/..." 13 days ago Up 43 hours service_md_proxy 9d09469fab3a nsx-edge-dhcp:current "/opt/vmware/edge/..." 13 days ago Up 43 hours service_dhcp 65c2eb0afb8d nsx-edge-base:current "/bin/sleep infinity" 13 days ago Up 43 hours 22/tcp mdproxy 0204533ab964 nsx-edge-mdproxy:current "/opt/vmware/edge/..." 13 days ago Up 43 hours service_md_agent d211791e9de6 nsx-edge-dispatcher:current "/opt/vmware/edge/..." 13 days ago Up 43 hours service_dispatcher d1ec01c0e956 nsx-edge-datapath:current "/opt/vmware/edge/..." 13 days ago Up 43 hours service_datapath 8dd50a88871c nsx-edge-nsxa:current "/opt/vmware/edge/..." 13 days ago Up 43 hours service_nsxa
root@nsxtedge01:~# docker exec -it f470a2e4cf20 bash lb@nsxtedge01:/$ ls -la /opt/vmware/nsx-edge/bin/nginx -rwxr-x--- 1 lb nsx 19710864 Jun 26 09:12 /opt/vmware/nsx-edge/bin/nginx
lb@nsxtedge01:/$ exit
[/fusion_tab][fusion_tab title=”Tips” icon=””]
File treansfers: Using SCP to transfer the file, say VMware-nsx-edge-lb-2.5.1.5.0.16466672.pub from an ESXi host to an Edge: nsxtedge01> scp root@ESXi01:/tmp/VMware-nsx-edge-lb-2.5.1.5.0.16466672.pub /var/vmware/nsx/file-store Alternatively you can use WinSCP to connect to an NSX-T Edge, over SCP, using the root account.
To enable SSH on an NSX-T Edge
- Open the console of the Edge VM by logging into vSphere and select the VM named NSX-Edge-01
- Right click and select Open Console
- Log in through the console with 'admin' user and enter the following commands:
nsxtedge01> start service ssh
nsxtedge01> set service ssh start-on-boot
- Double-check the status by entering the following command
nsxtedge01> get service ssh
NSX-T Edge Maintenace opertions:
nsxtedge01> set maintenance-mode
enabled Specify if a feature should be enabled or disabled
disabled Specify if a feature should be enabled or disabled
nsxtedge01> get maintenance-mode Maintenance Mode: enabled