NSX-T (VMware NSX) のトラブルシューティングに関するコマンド をご紹介します。今回はL3ルーティング周りのコマンド のご紹介です。
- 動作確認環境:NSX-T 4.1.1.0
ルーティング関連 トラブルシューティング用コマンド:NSX Manager(nsxcli)からの実行
- get logical-router
nsxmgr> get logical-router
LR-ID LR-Name Router-Type ClusterId UUID
0x40a SR-Tier0 SERVICE_ROUTER_TIER0 00002000-0000-0000-0000-000000000405 1eaf7014-ba67-43ff-b626-7190b46527c7
0x405 DR-Tier0 DISTRIBUTED_ROUTER_TIER0 a4d59c76-6a4a-40aa-b60a-6adfc56c8012
0x406 DR-Tier1-TenantA DISTRIBUTED_ROUTER_TIER1 ae875e75-603d-4c2d-bf62-832fede5b872
0x407 SR-Tier1-TenantA SERVICE_ROUTER_TIER1 00002000-0000-0000-0000-000000000406 71059167-e74c-4c7b-bd14-72825f3a3452
- get logical-router
nsxmgr> get logical-router 1eaf7014-ba67-43ff-b626-7190b46527c7
LR-ID LR-Name Router-Type ClusterId UUID
0x40a SR-Tier0 SERVICE_ROUTER_TIER0 00002000-0000-0000-0000-000000000405 1eaf7014-ba67-43ff-b626-7190b46527c7
- get logical-router interfaces
nsxmgr> get logical-router 1eaf7014-ba67-43ff-b626-7190b46527c7 interfaces
Interface IP Urpf-Mode Admin-State-Up UUID
bp-sr0-port 169.254.0.2/25 URPF_MODE_INVALID true 1a737d8a-0f40-4d9c-a828-3727f0c6df56
fe80::50:56ff:fe56:5300/64
sr0-internal-routing-port 169.254.0.130/25 URPF_MODE_PORT_CHECK true 52f5b5e2-04eb-462f-89e8-905fc504e127
fe80::50:56ff:fe56:5201/64
Tier0 Uplink 10.44.144.129/24 URPF_MODE_STRICT_MODE true f6528cbf-ed0c-421a-8216-4253bf487199
system-loopback-port 127.0.0.1/8 URPF_MODE_INVALID true 355832f2-5506-4df5-8007-418f3313ff10
::1/128
- get logical-router route
nsxmgr> get logical-router 1eaf7014-ba67-43ff-b626-7190b46527c7 route
Router/Cluster-UUID Destination Next-Hop LR-Port-Id Blackhole Blackhole-Action Route-Type Admin-Distance Admin-State-Up Route-UUID
00002000-0000-0000-0000-000000000405 10.44.144.129/32 N/A f6528cbf-ed0c-421a-8216-4253bf487199 false N/A ROUTE_TYPE_INTER_SR value: 3
N/A c531f969-7ec8-5616-93c1-0f6bf8332aa5
00002000-0000-0000-0000-000000000405 10.44.144.0/24 N/A f6528cbf-ed0c-421a-8216-4253bf487199 false N/A ROUTE_TYPE_INTER_SR value: 3
N/A 5af7261e-b971-5ed2-b5bf-452224bbf213
- get transport-nodes status : NSXに登録されたトランスポートノード(edgeやホスト)のリスト
nsxmgr> get transport-nodes status
TransportNode-ID Remote-Address Controller Manager SSL-Enabled Connection-State Supported-Versions Node-Type Name
5f6ee191-30fe-459e-8160-8e0a23cee59a 10.44.10.124:43767 797e626e-b12a-4daf-a397-132f6d7cb648 10.44.10.122 true OPENED [4.1, 4.0, 3.2] ESXi 10.44.10.124
3e320d07-10f7-475d-a1b4-cc41e8969a98 797e626e-b12a-4daf-a397-132f6d7cb648 10.44.10.122 true CLOSED [] Edge edge-1
0d172681-063e-419f-8a62-0a3d92b6f6d8 10.44.10.162:51161 797e626e-b12a-4daf-a397-132f6d7cb648 10.44.10.122 true OPENED [4.1, 4.0, 3.2] ESXi 10.44.10.162
ルーティング関連 トラブルシューティング用コマンド:NSX Edge(nsxcli)からの実行
- get logical-routers
edge-1> get logical-routers
Logical Router
UUID VRF LR-ID Name Type Ports Neighbors
736a80e3-23f6-5a2d-81d6-bbefb2786666 0 0 TUNNEL 3 2/5000
a4d59c76-6a4a-40aa-b60a-6adfc56c8012 1 1029 DR-Tier0 DISTRIBUTED_ROUTER_TIER0 6 4/50000
71059167-e74c-4c7b-bd14-72825f3a3452 3 1031 SR-Tier1-TenantA SERVICE_ROUTER_TIER1 7 2/50000
ae875e75-603d-4c2d-bf62-832fede5b872 4 1030 DR-Tier1-TenantA DISTRIBUTED_ROUTER_TIER1 4 0/50000
1eaf7014-ba67-43ff-b626-7190b46527c7 6 1034 SR-Tier0 SERVICE_ROUTER_TIER0 6 0/50000
- get logical-router
edge-1> get logical-router 1eaf7014-ba67-43ff-b626-7190b46527c7
Logical Router
UUID VRF LR-ID Name Type Ports Neighbors
1eaf7014-ba67-43ff-b626-7190b46527c7 6 1034 SR-Tier0 SERVICE_ROUTER_TIER0 6 0/50000
- get logical-router interfaces
edge-1> get logical-router 1eaf7014-ba67-43ff-b626-7190b46527c7 interfaces
Logical Router
UUID VRF LR-ID Name Type
1eaf7014-ba67-43ff-b626-7190b46527c7 6 1034 SR-Tier0 SERVICE_ROUTER_TIER0
Interfaces (IPv6 DAD Status A-DAD_Success, F-DAD_Duplicate, T-DAD_Tentative, U-DAD_Unavailable)
Interface : 1a737d8a-0f40-4d9c-a828-3727f0c6df56
Ifuid : 291
Name : bp-sr0-port
Fwd-mode : IPV4_ONLY
Internal name : backplane-291
Mode : lif
Port-type : backplane
IP/Mask : 169.254.0.2/25;fe80::50:56ff:fe56:5300/64(NA)
MAC : 02:50:56:56:53:00
VNI : 69633
Access-VLAN : untagged
LS port : d38d0a07-ec33-4055-8107-4100d3aa0067
Urpf-mode : NONE
DAD-mode : LOOSE
RA-mode : RA_INVALID
Admin : up
Op_state : up
Enable-mcast : True
MTU : 1500
arp_proxy :
- get logical-router interfaces stats
edge-1> get logical-router 1eaf7014-ba67-43ff-b626-7190b46527c7 interfaces stats
Logical Router
UUID : 1eaf7014-ba67-43ff-b626-7190b46527c7
VRF : 6
LR-ID : 1034
Name : SR-Tier0
Type : SERVICE_ROUTER_TIER0
Statistics
Interface Type RX PKTS TX PKTS RX BYTES TX BYTES RX Drops TX Drops
c00a95ed-f6ae-5ce6-a264-af88f2892eda cpu 0 0 0 0 0 0
5698b72a-84c3-5be2-907f-a4d6da58ad00 blackhole 0 0 0 0 0 0
1a737d8a-0f40-4d9c-a828-3727f0c6df56 lif 10 16 420 882 1 0
52f5b5e2-04eb-462f-89e8-905fc504e127 lif 0 16 0 922 0 0
f6528cbf-ed0c-421a-8216-4253bf487199 lif 24 723 1800 43282 24 0
355832f2-5506-4df5-8007-418f3313ff10 loopback 2 0 220 0 2 1
Total 36 755 2440 45086 27 1
- 各Tier0及びTier0のルーティング情報、インターフェース情報の取得
- get logical-routers
- vrf X
- get route
- get forwarding
- get interfaces
edge-1> get logical-routers
Logical Router
UUID VRF LR-ID Name Type Ports Neighbors
736a80e3-23f6-5a2d-81d6-bbefb2786666 0 0 TUNNEL 3 2/5000
a4d59c76-6a4a-40aa-b60a-6adfc56c8012 1 1029 DR-Tier0 DISTRIBUTED_ROUTER_TIER0 6 4/50000
fbccf84a-41ee-4460-940e-5c542c971f4e 2 1032 DR-Tier1-TenantB DISTRIBUTED_ROUTER_TIER1 4 1/50000
71059167-e74c-4c7b-bd14-72825f3a3452 3 1031 SR-Tier1-TenantA SERVICE_ROUTER_TIER1 7 2/50000
ae875e75-603d-4c2d-bf62-832fede5b872 4 1030 DR-Tier1-TenantA DISTRIBUTED_ROUTER_TIER1 4 0/50000
f4980daf-1c56-4543-b2c5-70b0b16dd6c3 5 1033 SR-Tier1-TenantB SERVICE_ROUTER_TIER1 5 2/50000
1eaf7014-ba67-43ff-b626-7190b46527c7 6 1034 SR-Tier0 SERVICE_ROUTER_TIER0 6 0/50000
edge-1> vrf 6
edge-1(tier0_sr[6])> get route
Flags: t0c - Tier0-Connected, t0s - Tier0-Static, b - BGP, o - OSPF
t0n - Tier0-NAT, t1s - Tier1-Static, t1c - Tier1-Connected,
t1n: Tier1-NAT, t1l: Tier1-LB VIP, t1ls: Tier1-LB SNAT,
t1d: Tier1-DNS FORWARDER, t1ipsec: Tier1-IPSec, isr: Inter-SR,
ivs: Inter-VRF-Static, > - selected route, * - FIB route
Total number of routes: 11
t0c> * 10.44.144.0/24 is directly connected, uplink-295, 00:28:06
t0c> * 100.64.0.0/31 is directly connected, downlink-297, 00:28:06
t0c> * 100.64.0.2/31 is directly connected, downlink-288, 00:28:06
t0c> * 169.254.0.0/25 is directly connected, backplane-291, 00:28:06
isr> * 169.254.0.128/25 is directly connected, inter-sr-305, 00:28:06
t1ipsec> * 172.10.20.1/32 [3/0] via 100.64.0.1, downlink-297, 00:28:04
t1c> * 192.168.120.0/24 [3/0] via 100.64.0.1, downlink-297, 00:28:04
t1c> * 192.168.230.0/24 [3/0] via 100.64.0.3, downlink-288, 00:28:04
edge-1(tier0_sr[6])> get forwarding
Logical Router
UUID VRF LR-ID Name Type
1eaf7014-ba67-43ff-b626-7190b46527c7 6 1034 SR-Tier0 SERVICE_ROUTER_TIER0
IPv4 Forwarding Table
IP Prefix Gateway IP Type UUID Gateway MAC
10.44.144.0/24 route f6528cbf-ed0c-421a-8216-4253bf487199
10.44.144.129/32 route c00a95ed-f6ae-5ce6-a264-af88f2892eda
100.64.0.0/32 route 2c58ae1f-250f-5b76-8bc5-e163109f3329
100.64.0.0/31 route 1dc52f5b-876a-5512-adad-4bbe76fa3476
100.64.0.2/32 route 2c58ae1f-250f-5b76-8bc5-e163109f3329
edge-1(tier0_sr[6])> get interfaces
Logical Router
UUID VRF LR-ID Name Type
1eaf7014-ba67-43ff-b626-7190b46527c7 6 1034 SR-Tier0 SERVICE_ROUTER_TIER0
Interfaces (IPv6 DAD Status A-DAD_Success, F-DAD_Duplicate, T-DAD_Tentative, U-DAD_Unavailable)
Interface : c00a95ed-f6ae-5ce6-a264-af88f2892eda
Ifuid : 271
Mode : cpu
Port-type : cpu
Enable-mcast : false