Troubleshooting an NSX-V Distributed Logical Router using Central CLI

VMware NSX Networking

This article provides information on understanding and troubleshooting an NSX-V Distributed Logical Router using Central CLI.

VMware NSX for vSphere 6.2.x

The central CLI is organized by function:

Command syntax structure:

Commands getting data from NSX Manager
- show logical-switch list [subcommand] [arguments]
- show logical-router list [subcommand] [arguments]
Commands getting data from Controller
- show logical-switch controller controller-id [subcommand] [arguments]
- show logical-switch controller master vni vni [subcommand] [arguments]
  - only valid for commands with vni is specified
- show logical-router controller controller-id [subcommand] [arguments]
- show logical-router controller master dlr edge-id [subcommand] [arguments]
  - only valid for commands with edge-id is specified
Commands getting data from ESX host
- show logical-switch host host-id [subcommand] [arguments]
- show logical-router host host-id [subcommand] [arguments]

> show logical-switch list all

> show controller list all

> show logical-switch list all

> show logical-switch list vni 5000 host

Use cases:

Advantages:

User need not remember and login to different controller and host endpoints to troubleshooting the distributed network.
Using centralized CLI, NSX Manager Admin can show information from any of NSX Manager database, controllers or ESX hosts.
User need not remember the master controllers for different logical switches/routers.
When retrieving logical switch information for a specified VNI, centralized CLI can compute the master controller IP according to the VNI without the need of controller IP input by the user
When retrieving logical router information for a specified logical router instance, centralize CLI can compute the master controller IP according to the edge id of the logical router without the need of controller IP input by the user
User can reuse command history across different hosts
To show the same information from different host, e.g. host-I and host-2, user only need change the host-id instead of inputting the same command in another terminal
>show logical-switch host host-I vni 5000 vtep
>show logical-switch host host-2 vni 5000 vtep

Troubleshooting Host and NSX manager command channel and DLR CLI

Validate whether VxLAN and DLR communication between host and NSX Manager is working.
>show logical-switch host host-id verbose
If communication channel is broken, all show logical-switch/logical-router commands will stop working.
If VxLAN and DLR channel is broken, check host name or host IP
>show host host-id

Show DLR all instances and connected hosts

Check DLR instance and LIF exists on the host

Check DLR instances exist
>show logical-router host host-id dlr all verbose
>show logical-router host host-id dlr all brief
Check LIF exists
>show logical-router hosts host-id dlr edge-id interface all verbose
>show logical-router hosts host-id dlr edge-id interface all brief

Troubleshooting DLR routing issue

Check DLR routes and interfaces on the host
>show logical-router host host-id dlr edge-id route
>show logical-router host host-id dlr edge-id interface all verbose
Check DLR arps and on the host
>show logical-router host host-id dlr edge-id arp
Check DLR instances configuration on the host
>show logical-router host host-id config-by-vsm
Check DLR runnable parameters on host
>show logical-router host host-id dlr edge-id tunable
Check routes and interfaces on the controller
>show logical-router controller master dlr edge-id route
>show logical-router controller master dlr edge-id interface
>show logical-router controller master dlr edge-id interface <interface-name>

Show DLR vMAC and pMAC

Fro more information and complete list of support commands, see NSX Command Line Interface Reference