Mastering NSX: Navigating Logical Switching Commands in NSX Manager and ESXi

Understanding the command-line interface (CLI) commands for logical switching is crucial for VCAP-NV Deploy Exam. This guide provides an overview of essential CLI commands for managing logical switches, segments, and related components from both the NSX Manager and ESXi hosts.

Commands Run from NSX Manager (nsxcli)

1. Managing Segments

Segments in NSX-T are logical constructs that define Layer 2 broadcast domains, similar to VLANs in traditional networking.

  • List All Segments: To view all configured segments, use
    get segments
  • List All Switch Ports Connected to a Segment: View ports with
    get segment <uuid> ports
  • Segment Information: For details on a specific segment, use
    get segment <vni-or-uuid>
  • ARP Table: View the ARP table of a segment with
    get segment <vni-or-uuid> arp-table
  • MAC Table: To see the MAC address table, use
    get segment <vni-or-uuid> mac-table
  • Segment Statistics: For segment traffic statistics, use
    get segment <vni-or-uuid> stats
  • Transport Node Table: List transport nodes part of a segment with
    get segment <vni-or-uuid> transport-node-table
  • VTEP Table: View VTEP information with
    get segment <vni-or-uuid> vtep
  • Segment Port Information: To inspect a segment port, use
    get segment-port <uuid>
  • Segments Statistics: For aggregated statistics of all segments,
    get segments stats.

Commands Run from ESXi (nsxcli)

Viewing Segment Information and Tables on ESXi

  • All Segments: get segments lists all segments accessible from the ESXi host.
  • Segment Information: Use
    get segment <logical-switch-id> for segment details.
  • ARP Table: Access a segment’s ARP table with
    get segment <vni-or-uuid> arp-table
  • MAC Table: View the MAC table via
    get segment <vni-or-uuid> mac-table
  • ND Table: To see the ND table,
    get segment <vni-or-uuid> nd-table
  • VTEP Table: For VTEP details,
    get segment <vni-or-uuid> vtep-table
  • Segment Port Status: Check the status of segment ports with
    get segment-port status
  • Tables Using VNI: To access MAC, ARP, VTEP tables using VNI,
    get segment {local | remote} {mac-cache | arpcache | vtep-cache} <vni>
  • Tunnel Status: Verify transport node tunnel status with
    get host-switch <host-switch-name> tunnels

ESXi Commands for Network Insights

Insights and Performance Monitoring

  • Switch Port ID: View switch port IDs using net-stats -l
  • Configured Switches: List switches with esxcfg-vswitch -l
  • VTEP and VNI Configuration: net-vdl2 -l shows VTEP and VNI config
  • VDS Uplinks Configuration: For uplink configuration, net-vdr -C -l
  • View Gateways: List gateways with net-vdr -I -l
  • Verify VXLAN Module: Check VXLAN kernel module with
    esxcli system module get -m vdl2
  • Performance Monitoring: Utilize esxtop for monitoring performance.

Log Files on ESXi

Troubleshooting and Logs

  • ESXi Host hostd Log File: Accessible at /var/log/hostd.log
  • ESXi Host VMkernel Log File: /var/log/vmkernel.log contains kernel logs
  • NSX Syslog Log File: Located at /var/log/nsx-syslog.log

Understanding and utilizing these commands efficiently can significantly enhance the management and troubleshooting of your NSX-T environment. Whether you’re a seasoned network professional or new to VMware NSX, mastering these commands is a step towards ensuring a robust, efficient virtual networking infrastructure.

Author: Daniel Micanek

Senior Service Architect, SAP Platform Services Team at Tietoevry | SUSE SCA | vExpert ⭐⭐⭐⭐⭐ | vExpert NSX | VCIX-DCV/NV | VCAP-DCV/NV Design+Deploy | VCP-DCV/NV/CMA/TKO/DTM | NCIE-DP | OCP | Azure Solutions Architect | Certified Kubernetes Administrator (CKA)