This section provides a summary of the CLI commands that are commonly used for troubleshooting NSX routing.
Starting in NSX 6.2, commands that were formerly run from the NSX Controller and other NSX components to troubleshoot NSX routing are now run directly from the NSX Manager.
List of DLR instances
List of LIFs for each DLR instance
List of Routes for each DLR instance
List of MAC addresses for each DLR bridging instance
Routing and forwarding tables
State of dynamic routing protocols (OSPF or BGP)
Configuration sent to the DLR Control VM or ESG by the NSX Manager
DLR Control VM and ESG
The DLR Control VM and ESG provide functionality to capture packets on their interfaces. Packet capture can assist with troubleshooting routing protocol problems.
Run show interfaces to list the interface names.
Run debug packet [ display | capture ] interface <interface name>.
If using capture, packets are saved into a .pcap file.
Run debug show files to list saved capture files.
Run debug copy [ scp | ftp ] ... to download captures for offline analysis.
dlr-01-0> debug packet capture interface vNic_2 tcpdump: listening on vNic_2, link-type EN10MB (Ethernet), capture size 65535 bytes 43 packets captured 48 packets received by filter 0 packets dropped by kernel
dlr-01-0> debug show files total 4.0K -rw------- 1 3.6K Mar 30 23:49 tcpdump_vNic_2.0
dlr-01-0> debug copy scp use scp to copy ftp use ftp to copy
dlr-01-0> debug copy scp URL user@<remote-host>:<path-to>
The debug packet command uses tcpdump in the background and can accept filtering modifiers formatted in like tcpdump filtering modifiers on UNIX. The only consideration is that any white spaces in the filter expression need to be replaced with underscores ("_").
For example, the following command displays all traffic through vNic_0 except SSH, to avoid looking at the traffic belonging to the interactive session itself.
plr-02-0> debug packet display interface vNic_0 port_not_22 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on vNic_0, link-type EN10MB (Ethernet), capture size 65535 bytes 04:10:48.197768 IP 192.168.101.3.179 > 192.168.101.2.25698: Flags [P.], seq 4191398894:4191398913, ack 2824012766, win 913, length 19: BGP, length: 19 04:10:48.199230 IP 192.168.101.2.25698 > 192.168.101.3.179: Flags [.], ack 19, win 2623, length 0 04:10:48.299804 IP 192.168.101.2.25698 > 192.168.101.3.179: Flags [P.], seq 1:20, ack 19, win 2623, length 19: BGP, length: 19 04:10:48.299849 IP 192.168.101.3.179 > 192.168.101.2.25698: Flags [.], ack 20, win 913, length 0 04:10:49.205347 IP 192.168.101.3.179 > 192.168.101.2.25698: Flags [P.], seq 19:38, ack 20, win 913, length 19: BGP, length: 19
Hosts are closely connected to NSX Routing. 1 shows visually the components participating in the routing subsystem and the NSX Manager CLI commands used to display information about them:
Packets captured in the datapath can assist with identifying problems at various stages of packet forwarding. 2 covers the major capture points and respective CLI command to use.