NSX Controller Troubleshooting - Logical Routing and Bridging

3 minutes read
howto troubleshooting
nsx vmware

As you continue through your journey with NSX you will eventually want to or be forced to (by requirement) to utilize the logical routing and bridging functionality.  To aid you in your troubleshooting I will continue to throw some commands at you that will aid in your troubleshooting.  So before we start, let’s recap where we have gone before this.

Our first journey took us down the path of troubleshooting VXLAN, specifically, from the ESXi host.  We did this by utilizing esxcli to gather some information.  We were able to gather the following:

  • List VXLANS
  • Show the VXLAN Network List
  • Show the VXLAN MAC Address Table
  • Show the VXLAN ARP Table
  • Show the VXLAN Network Status

After that we dove into troubleshooting NSX Controller Logical Switching.  This post took us into the NSX Controller to gather information.  We were able to gather the following:

  • Controller connectivity
  • View the netcpa log to aid in determining connectivity issues
  • Get the Controller status
  • Get the active roles held by the Controller
  • View which Controller was responsible for a particular VNI
  • Take a look at VTEP, MAC, and ARP Table entries

Now that we have gone back in time, let’s jump back into the present and take a look at Logical Routing and Bridging troubleshooting commands…POOF!

So the following commands will aid you in logical routing operation verification:

  • List all logical router instances on a controller - show control-cluster logical-routers instance all
  • See the status of a logical router interface - show control-cluster logical-routers interface-summary
  • Look at the route list - show control-cluster logical-routers routes
  • List of bridges that exist - show control-cluster logical-routers bridges all
  • See the MAC Address Table for the bridge - show control-cluster logical-routers bridge-mac all

Now those are all things that would be helpful when looking from the Controller.  What if you wanted to see from a specific ESXi because the issue seems to be isolated?  Well, have no fear, net-vdr is here…I am not going to go into too much detail about net-vdr because you can just log into an ESXi host and run net-vdr --help to see the command syntax.  Although, I won’t leave you completely without some starting point.  So here you go:

  • Show the Logical Router Instances - net-vdr --list --instance
  • List Logical Interfaces - net-vdr -l --lif
  • List Routing Tables - net-vdr -l --route
  • Show Bridge MAC Table - net-vdr -b --mac

So there are a few to get you started.  Again, thanks for dropping by and I hope this information was at least somewhat useful for you.  As always, feel free to comment below or ask questions!  Thanks again and look forward to more posts coming soon!