The best practice is to configure all components of NSX to send their logs to a centralized collector, where they can be examined in one place.

If necessary, you can change the log level of NSX components. For more information, see "Setting the Logging Level of NSX Components" topic in NSX Logging and System Events.

NSX Manager Logs

  • show log in the NSX Manager CLI

  • Tech Support Log bundle, collected via the NSX Manager UI

The NSX Manager log contains information related to the management plane, which covers create, read, update, and delete (CRUD) operations.

Controller Logs

Controllers contain multiple modules, many with their own log files. Controller logs can be accessed using the show log <log file> [ filtered-by <string> ] command. The log files relevant to routing are as follows:

  • cloudnet/cloudnet_java-vnet-controller.<start-time-stamp>.log: This log manages configuration and internal API server.

  • cloudnet/cloudnet.nsx-controller.log: This is controller main process log.

  • cloudnet/cloudnet_cpp.log.nsx-controller.log: This log manages clustering and bootstrap.

  • cloudnet/cloudnet_cpp.log.ERROR: This file is present if any error occurs.

Controller logs are verbose and in most cases are only required when the VMware engineering team is brought in to assist with troubleshooting in more difficult cases.

In addition to the show log CLI, individual log files can be observed in real time as they are being updated, using the watch log <logfile> [ filtered-by <string> ] command.

The logs are included in the Controller support bundle that can be generated and downloaded by selecting a Controller node in the NSX UI and clicking the Download tech support logs icon.

ESXi Host Logs

NSX components running on ESXi hosts write several log files:

  • VMkernel logs: /var/log/vmkernel.log

  • Control Plane Agent logs: /var/log/netcpa.log

  • Message Bus Client logs: /var/log/vsfwd.log

The logs can also be collected as part of the VM support bundle generated from vCenter Server. The log files are accessible only to the users or user groups having the root privilege.

ESG/DLR Control VM Logs

There are two ways to access log files on the ESG and DLR Control VMs—to display them using a CLI or to download the tech support bundle, using the CLI or UI.

The CLI command to display logs is show log [ follow | reverse ].

To download tech-support bundle:

  • From the CLI, enter enable mode, then run the export tech-support <[ scp | ftp ]> <URI> command.

  • From the vSphere Web Client, select the Download Tech Support Logs option in the Actions menu.

Other Useful Files and Their Locations

While not strictly logs, there are a number of files that can be helpful in understanding and troubleshooting NSX routing.

  • The control plane agent configuration, /etc/vmware/netcpa/config-by-vsm.xml contains the information about the following components:

    • Controllers, IP addresses, TCP ports, certificate thumbprints, SSL enable/disable

    • dvUplinks on the DVS enabled with VXLAN (teaming policy, names, UUID)

    • DLR instances the host knows about (DLR ID, name)

  • The control plane agent configuration, /etc/vmware/netcpa/netcpa.xml contains various configuration options for netcpa, including logging level (which by default is info).

  • Control plane certificate files: /etc/vmware/ssl/rui-for-netcpa.*

    • Two files: host certificate and host private key

    • Used for authenticating host connections to Controllers

All of these files are created by control plane agent using information it receives from NSX Manager via the message bus connection provided by vsfwd.