4 vPath and vServices Commands C H A P T E R

4 vPath and vServices Commands  C H A P T E R
CH A P T E R
4
vPath and vServices Commands
This chapter provides information about the vPath and vServices related commands on the Cisco Nexus
1000V Series switch and the Cisco Cloud Services Platform networking appliance.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-1
Chapter 4
vPath and vServices Commands
bypass asa-traffic
bypass asa-traffic
To configure the traffic to bypass the Cisco VSG in a service chain, use the bypass asa-traffic command.
To return to the default setting, use the no form of this command.
bypass asa-traffic
no bypass asa-traffic
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
vservice global configuration (config-vservice-global)
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)SV2(1.1)
This command was introduced.
Usage Guidelines
In a service chain, you can configure the switch traffic to bypass the Cisco VSG nodes, so that only the
Cisco ASA policies are lookedup for traffic traversing between the outside and inside networks. When
enabled, this functionality is implemented globally, and not per interface.
Examples
This example shows how to configure the switch traffic to bypass the Cisco VSG nodes:
n1000v# config t
n1000v(config)# vservice global type vsg
n1000v(config-vservice-global)# bypass asa-traffic
Related Commands
Command
Description
vservice path
Configures a path for service chaining.
vservice global type vsg
Enter the vservice global configuration mode.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-2
OL-27702-02
Chapter 4
vPath and vServices Commands
capability l3-vn-service
capability l3-vn-service
To configure a port profile to be used with l3-vn-service, use the capability l3-vn-service command. To
remove the capability from a port profile, use the no form of this command.
capability l3-vn-service
no capability l3-vn service
Syntax Description
l3-vn-service
Defaults
None
Command Modes
Port-profile configuration (config-port-prof)
Configure vmknic to carry l3-vn-service traffic.
network-admin
Command History
Usage Guidelines
Release
Modification
4.2.1SV1(5.1)
This command was introduced.
If you are configuring a port profile for l3-vn-service, you must first configure the port profile in
switchport mode.
The capability iscsi-multipath feature cannot be configured with the capability l3-vn-service feature.
Examples
This example shows how to configure a port profile to be used with l3-vn-service:
n1000v# config t
n1000v(config)# port-profile testprofile
n1000v(config-port-prof)# switchport mode access
n1000v(config-port-prof)# capability l3-vn-service
n1000v(config-port-prof)#
This example shows how to remove the l3-vn-service configuration from the port profile:
n1000v# config t
n1000v(config)# port-profile testprofile
n1000v(config-port-prof)# no capability l3-vn-service
n1000v(config-port-prof)#
Related Commands
Command
Description
show port-profile
Displays information about the port profiles.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-3
Chapter 4
vPath and vServices Commands
clear vservice connection
clear vservice connection
To clear the Cisco vservice connections, use the clear vservice connection command.
clear vservice connection [module module-num]
Syntax Description
module
(Optional) Clears a specific module.
module-num
Module number. The range is from 3 to 258.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.1(2)SV1(5.2)
The name of the command was modified
4.0(4)SV1(1)
This command was introduced.
This example shows how to clear Cisco VSG connections:
vsm# clear vservice connection
Related Commands
Command
Description
show vservice
Displays Cisco VSG information.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-4
OL-27702-02
Chapter 4
vPath and vServices Commands
clear vservice statistics
clear vservice statistics
To clear the Cisco vservice statistics, use the clear vservice statistics command.
clear vservice statistics [module module-number | vlan vlan-number]
Syntax Description
module
(Optional) Clears a module.
module-number
Module number. The range of values is from 3 to 258.
vlan
(Optional) Clears a VLAN.
vlan-number
VLAN number.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.1(2)SV1(5.2)
The name of the command was modified.
4.0(4)SV1(1)
This command was introduced.
This example shows how to clear Cisco vservice statistics for existing modules:
vsm# clear vservice statistics
Cleared statistics successfully in module 4
Cleared statistics successfully in module 6
Related Commands
Command
Description
show vservice
Displays Cisco VSG information.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-5
Chapter 4
vPath and vServices Commands
copy running-config startup-config
copy running-config startup-config
To copy the running configuration to the startup configuration, use the copy running-config
startup-config command.
copy running-config startup-config
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
Any command mode
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.0(4)SV1(1)
This command was introduced.
Usage Guidelines
Use this command to save configuration changes in the running configuration to the startup
configuration in persistent memory. When a device reload or switchover occurs, the saved configuration
is applied.
Examples
This example shows how to save the running configuration to the startup configuration:
vsm# copy running-config startup-config
[########################################] 100%
Related Commands
Command
Description
show running-config
Displays the running configuration.
show running-config diff Displays the differences between the running configuration and the startup
configuration.
show startup-config
Displays the startup configuration.
write erase
Erases the startup configuration in the persistent memory.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-6
OL-27702-02
Chapter 4
vPath and vServices Commands
log-level
log-level
To set logging severity levels for the Cisco Prime Network Services Controller (PNSC) policy agent, use
the log-level command. To reset logging levels, use the no form of this command.
log-level {critical | debug0 | debug1 | debug2 | debug3 | debug4 | info | major | minor | warn}
no {critical | debug0 | debug1 | debug2 | debug3 | debug4 | info | major | minor | warn}
Syntax Description
critical
Sets the logging level to critical.
debug0
Sets the logging level to debug 0.
debug1
Sets the logging level to debug 1.
debug2
Sets the logging level to debug 2.
debug3
Sets the logging level to debug 3.
debug4
Sets the logging level to debug 4.
info
Sets the logging level to information.
major
Sets the logging level to major.
minor
Sets the logging level to minor.
warn
Sets the logging level to warning.
Command Default
None
Command Modes
Cisco PNSC policy agent configuration (config-nsc-policy-agent)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.0(4)SV1(1)
This command was introduced.
Examples
This example shows how to set the logging level to critical:
vsm# configure
vsm(config)# nsc-policy-agent
vsm(config-nsc-policy-agent)# log-level critical
Related Commands
Command
Description
nsc-policy-agent
Enables the Cisco PNSC policy agent configuration mode.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-7
Chapter 4
vPath and vServices Commands
org
org
To create a Cisco PNSC organization (domain), use the org command. To delete a Cisco PNSC
organization, use the no form of the command.
org organization-name
no org [organization-name]
Syntax Description
organization-name
Command Default
None
Command Modes
Port profile configuration (config-port-prof)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.0(4)SV1(1)
This command was introduced.
Usage Guidelines
Organization name. The range of values is from 1 to 251.
Cisco PNSC organizations are Cisco PNSC domains.
You can hierarchically manage Cisco PNSC organizations. A user that is assigned at a top level
organization has automatic access to all organizations under it. For example, an engineering organization
can contain a software engineering organization and a hardware engineering organization. A locale
containing only the software engineering organization has access to system resources only within that
organization. However, a locale that contains the engineering organization has access to the resources
for both the software engineering and hardware engineering organizations.
Examples
This example shows how to create an organization:
vsm# configure
Enter configuration commands, one per line. End with CNTL/Z.
vsm(config)# port-profile pP1
vsm(config-port-prof)# org root/tenant1
vsm(config-port-prof)#
Related Commands
Command
Description
vservice
Sets the IP address for a virtual firewall.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-8
OL-27702-02
Chapter 4
vPath and vServices Commands
ping vservice
ping vservice
To ping the vservice from the vPath, use the ping vservice command. There is no no form of this
command.
ping vservice [ip vservice-ip-addr {[vlan vservice-vlan-num] | [vxlan bridge-domain
bridge-domain-name] | all} {src-module {module-num | all | vpath-all}] [timeout secs] [count
count]
Syntax Description
ip
Designates that a specific IP address is to be pinged.
vservice-ip-addr
IP address of the specific vservice.
vlan
(Optional) Designates a specific VLAN is to be pinged.
vservice-vlan-num
Specific VLAN number.
vxlan bridge-domain
(Optional) Designates a Designates VXLAN bridge-domain.
bridge-domain-name
.VXLAN bridge-domain name
all
Indicates that all vservices must be pinged.
src-module
Designates the source module for the ping.
module-num
Module number for the source path.
vpath all
Designates that all source vPaths will be used.
timeout
(Optional) Designates a timeout.
secs
Duration of the pinging operation in seconds.
count
(Optional) Designates a count of pings.
count
Number of pings to be counted.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(4.1)
The output of the ping-vservice command was changed to support the
VXLAN.
4.2(1)VSG1(3.1)
The output of the ping-vservice command was changed to include the
examples that show all of the source module traffic.
4.2(1)VSG1(2)
This command was introduced.
Usage Guidelines
There is no no form of this command.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-9
Chapter 4
vPath and vServices Commands
ping vservice
Examples
This example shows how to ping a Cisco VSG:
vsm# ping ?
<CR>
A.B.C.D or Hostname IP address of remote system
WORD
Enter Hostname
mpls
Ping an MPLS network
multicast
Multicast ping
vservice
vservices to be pinged
vsm# ping vservice
Input parameters:
•
vservice : vservices to be pinged.
o
all : All vservices that are currently associated to at least one VM. In other words,
all vservices specified in port-profiles that are bound to at least one VM.
o
ip-addr <ip-addr> : All vservices configured with this IP address.
o
vlan <vlan-num> : All vservices configured on this VLAN.
•
src-module : Source modules to orginate ping request from.
o
all : All online modules.
o
vpath-all : All modules having VMs associated to port-profiles that has vn-service
defined.
o
<module-num> : A online module number.
•
timeout <secs> : Time to wait for response from vservices, in seconds. Default is 1
sec.
•
count : Number of ping packets to be sent.
o
<count> : Sepcifies number of ping packets to be sent. Default is 5. Min 1, Max
2147483647.
o
unlimited : Send ping packets until command is stopped.
Specify both the IP address and VLAN if the vservice to be pinged is not associated to any VMs yet.
In the output, the status of the ping request for each vservice for each module is shown. On a successful
ping, the round-trip-time of ping request/response for a vservice is shown in microseconds next to the
module number. On a failure, the failure message is shown next to the module number.
Various forms:
ping vservice all src-module all
ping vservice all src-module vpath-all
having
ping vservice
module)
ping vservice
modules)
ping vservice
modules)
ping vservice
modules
VMs associated to vservices)
(Ping all vservices from the specified
all src-module 3
ip 106.1.1.1 src-module all
ip 106.1.1.1 vlan 54
(Ping all vservices from all modules)
(Ping all vservices from all modules
(Ping specified vservice from all
src-module all (Ping specified vservice from all
ip 106.1.1.1 src-module vpath-all
ping vservice ip 106.1.1.1 vlan 54 src-module 3
specified
(Ping specified vservice from all
having VMs associated to vservices)
(Ping specified vservice from
module)
The options timeout and count apply to all of the above commands:
ping vservice all src-vpath all timeout 2 count 10
ping vservice all ip 106.1.1.1 count unlimited
ping vservice ip 106.1.1.1 vlan 54 src-vpath 3 count 10
Errors:
vservice response timeout – vservice is down, not reachable or not responding.
vservice ARP not resolved – VEM couldn’t resolve MAC address of vservice.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-10
OL-27702-02
Chapter 4
vPath and vServices Commands
ping vservice
no response from VEM – VEM is not sending ping response to VSM. Can happen when VEM
is down and VSM not detected it yet.
These examples show how to display all of the source module traffic:
vsm# ping vservice all src-module all
ping vservice 10.1.1.44 vlan 501 from module 9 10 11 12, seq=0 timeout=1-sec
module(usec)
: 9(508)
module(failed) : 10(vservice ARP not resolved) 11(vservice ARP not resolved)
12(vservice ARP not resolved)
ping vservice 10.1.1.40 vlan 0 from module 9 10 11 12, seq=0 timeout=1-sec
module(usec)
: 9(974) 11(987) 12(1007)
module(failed) : 10(vservice ARP not resolved)
ping vservice 10.1.1.44 vlan 501 from module 9 10 11 12, seq=1 timeout=1-sec
module(usec)
: 9(277) 10(436) 11(270) 12(399)
ping vservice 10.1.1.40 vlan 0 from module 9 10 11 12, seq=1 timeout=1-sec
module(usec)
: 9(376) 10(606) 11(468) 12(622)
ping vservice 10.1.1.44 vlan 501 from module 9 10 11 12, seq=2 timeout=1-sec
module(usec)
: 9(272) 10(389) 11(318) 12(357)
ping vservice 10.1.1.40 vlan 0 from module 9 10 11 12, seq=2 timeout=1-sec
module(usec)
: 9(428) 10(632) 11(586) 12(594)
ping vservice 10.1.1.44 vlan 501 from module 9 10 11 12, seq=3 timeout=1-sec
module(usec)
: 9(284) 10(426) 11(331) 12(387)
ping vservice 10.1.1.40 vlan 0 from module 9 10 11 12, seq=3 timeout=1-sec
module(usec)
: 9(414) 10(663) 11(644) 12(698)
ping vservice 10.1.1.44 vlan 501 from module 9 10 11 12, seq=4 timeout=1-sec
module(usec)
: 9(278) 10(479) 11(334) 12(469)
ping vservice 10.1.1.40 vlan 0 from module 9 10 11 12, seq=4 timeout=1-sec
module(usec)
: 9(397) 10(613) 11(560) 12(593)
vsm# ping vservice ip 10.1.1.40 src-module vpath-all
ping vservice 10.1.1.40 vlan 0 from module 9 11 12, seq=0 timeout=1-sec
module(usec)
:
9(698) 11(701) 12(826)
ping vservice 10.1.1.40 vlan 0 from module 9 11 12, seq=1 timeout=1-sec
module(usec)
:
9(461) 11(573) 12(714)
ping vservice 10.1.1.40 vlan 0 from module 9 11 12, seq=2 timeout=1-sec
module(usec)
:
9(447) 11(569) 12(598)
ping vservice 10.1.1.40 vlan 0 from module 9 11 12, seq=3 timeout=1-sec
module(usec)
:
9(334) 11(702) 12(559)
ping vservice 10.1.1.40 vlan 0 from module 9 11 12, seq=4 timeout=1-sec
module(usec)
:
9(387) 11(558) 12(597)
vsm#
Related Commands
Command
Description
ping
Activates a signal to verify connections with other devices on a path.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-11
Chapter 4
vPath and vServices Commands
policy-agent-image
policy-agent-image
To designate the policy agent image local URL as bootflash, use the policy-agent-image command. To
remove the designation, use the no form of the command.
policy-agent-image bootflash:
no policy-agent-image bootflash:
Syntax Description
bootflash:
Command Default
None
Command Modes
PNSC policy agent configuration (config-nsc-policy-agent)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.0(4)SV1(1)
This command was introduced.
Examples
Designates the policy agent image local URL as bootflash.
This example shows how to designate the local URL that contains the policy agent image:
vsm# configure
vsm(config)# nsc-policy-agent
vsm(config-nsc-policy-agent)# policy-agent-image bootflash:
Related Commands
Command
Description
nsc-policy-agent
Enables the nsc policy agent configuration mode.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-12
OL-27702-02
Chapter 4
vPath and vServices Commands
pop
pop
To pop a mode off the stack or to restore a mode, use the pop command.
pop file-name
Syntax Description
file-name
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
Command History
Release
Modification
4.0(4)SV1(1)
This command was introduced.
Examples
Name of the file.
This example shows how to restore from a file called file1:
vsm# pop file1
Related Commands
Command
Description
push
Pushes the current mode onto the stack.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-13
Chapter 4
vPath and vServices Commands
port-profile
port-profile
To create a port profile and enter port profile configuration mode, use the port-profile command. To
remove the port profile configuration, use the no form of this command.
port-profile profile-name
no port-profile profile-name
Syntax Description
profile-name
Defaults
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.0(4)SV1(1)
This command was introduced.
Port profile name. The range of valid values is from 1 to 80.
Usage Guidelines
The port profile name must be unique for each port profile.
Examples
This example shows how to create a port profile called AccessProf:
vsm# configure
vsm(config)# port-profile AccessProf
vsm(config-port-prof)#
This example shows how to remove the port profile called AccessProf:
vsm# configure
vsm(config)# no port-profile AccessProf
vsm(config)#
Related Commands
Command
Description
show port-profile
Displays information about the port profiles.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-14
OL-27702-02
Chapter 4
vPath and vServices Commands
push
push
To push the current mode onto stack or to save it, use the push command.
push file-name
Syntax Description
file-name
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
Command History
Release
Modification
4.0(4)SV1(1)
This command was introduced.
Examples
Name of the file.
This example shows how to push file1 onto the stack:
vsm# push file1
Related Commands
Command
Description
pop
Pops the current mode off the stack.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-15
Chapter 4
vPath and vServices Commands
registration-ip
registration-ip
To set the service registry IP address, use the registration-ip command. To discard the service registry
IP address, use the no form of this command.
registration-ip ip-address
no registration-ip
ip-address
Service registry IP address. The format is A.B.C.D.
Command Default
None
Command Modes
Cisco PNSC policy agent configuration mode (config-nsc-policy-agent)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.0(4)SV1(1)
This command was introduced.
Examples
This example shows how to set the service registry IP address:
vsm# configure
vsm(config)# nsc-policy-agent
vsm(config-nsc-policy-agent)# registration-ip 209.165.200.233
vsm(config-nsc-policy-agent)#
Related Commands
Command
Description
nsc-policy-agent
Enters the Cisco PNSC policy agent configuration mode.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-16
OL-27702-02
Chapter 4
vPath and vServices Commands
shared-secret
shared-secret
To set the shared secret password for communication between the Cisco Virtual Security Gateway
(VSG), the Virtual Supervisor Module (VSM), and the Cisco Prime Network Services Controller
(PNSC), use the shared-secret command. To discard the shared secret password, use the no form of this
command.
shared-secret shared-secret-password
no shared-secret
Syntax Description
shared-secret-password Shared secret password. The range of valid values is from 1 to 64. You must
use at least one uppercase character.
Command Default
None
Command Modes
Cisco PNSC policy agent configuration mode (config-nsc-policy-agent)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.0(4)SV1(1)
This command was introduced.
Examples
This example shows how to set the shared secret password:
vsm# configure
vsm(config)# nsc-policy-agent
vsm(config-nsc-policy-agent)# shared-secret Password123
vsm(config-nsc-policy-agent)#
Related Commands
Command
Description
nsc-policy-agent
Enters nsc policy agent configuration mode.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-17
Chapter 4
vPath and vServices Commands
show org port brief
show org port brief
To display the ports attached to the port profile where org is configured, use the show org port brief
command.
show org port brief [port-profile pp_name | vethernet veth_num] [module module_num]
Syntax Description
port-profile
Filters the port information for the specified port-profile name.
pp_name
Specifies the port-profile name.
vethernet
Filters the port information for the specified virtual ethernet number.
vethernet_num
Specifies the virtual ethernet number.
module
Filters the display by module number.
module_num
Specifies the module number to see the virtual ethernet connections on the
module.
Command Modes
EXEC
SupportedUserRoles
Network-admin
Network-operator
Command History
Usage Guidelines
Examples
Release
Modification
4.1(2)SV1(5.2)
This command was introduced.
You can use the following operators with the show vservice port brief command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
module—Filter the output per a specific module number.
•
|—Pipes the command output to a filter.
This example shows how to display the port profile information:
Veth
2
5
9
Mod VM-Name
vNIC
IP-Address
4 fc3-2610-4
5 fc3-2610-5
5 fc3-2610-6
2 100.1.1.1
3 100.1.1.2
1 100.1.1.3
Cisco vPath and vServices Reference Guide for VMware vSphere
4-18
OL-27702-02
Chapter 4
vPath and vServices Commands
show running-config
show running-config
To display the running configuration, use the show running-config command.
show running-config [aaa | aclmgr | all | am | arp | cdp | diff | exclude | expand-port-profile |
icmpv6 | igmp | interface | ip | ipqos | ipv6 | l3vm | license | monitor | ntp | port-profile |
port-security | radius | rpm | security | snmp | vdc-all | vlan | vshd | acllog | dhcp | vservices
[node node-name | path path-name]]
aaa
(Optional) Displays the Authentication, Authorization and Accounting
(AAA) configuration.
aclmgr
(Optional) Displays the running configuration for Access Control List
(ACL) manager.
all
(Optional) Displays the current operating configurations.
am
(Optional) Displays Application Management (AM) information.
arp
(Optional) Displays Address Resolution Protocol (ARP) information.
cdp
(Optional) Displays the Cisco Discovery Protocol (CDP) configuration.
diff
(Optional) Displays the difference between the running and startup
configurations.
exclude
(Optional) Excludes the running configuration of specified features.
expand-port-profile
(Optional) Displays port profile information.
icmpv6
(Optional) Displays Internet Control Message Protocol (ICMPv6)
information.
igmp
(Optional) Displays Internet Group Management Protocol (IGMP)
information.
interface
(Optional) Displays interface configurations.
ip
(Optional) Displays Internet Protocol (IP) information.
ipqos
(Optional) Displays the running configuration for the IP Quality of Service
(QoS) manager.
ipv6
(Optional) Displays IPv6 information.
l3vm
(Optional) Displays Layer 3 Virtual Machine (L3VM) information.
license
(Optional) Displays the licensing configuration.
monitor
(Optional) Displays Ethernet Switched Port Ananlyzer (SPAN) session
information.
ntp
(Optional) Displays Network Time Protocol (NTP) information.
port-profile
(Optional) Displays port-profile configurations.
port-security
(Optional) Displays port-security configurations.
radius
(Optional) Displays the Remote Authentication Dial In User Service
(RADIUS) configuration.
rpm
(Optional) Displays RPM information.
security
(Optional) Displays the security configurations.
snmp
(Optional) Displays the Simple Network Management Protocol (SNMP)
configuration.
vdc-all
(Optional) Displays all Virtual Device Context (VDC) configurations.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-19
Chapter 4
vPath and vServices Commands
show running-config
vlan
(Optional) Displays virtual large area network (VLAN) information.
vshd
(Optional) Displays the running configuration for virtual shared hardware
device (VSHD).
acllog
Displays acllog information.
dhep
Displays dhep information.
vservices
Displays virtual service node.
name
(Optional) Displays service node name.
node-name
Specifies the service node.
Path
Filters the vservice path name
path-name
Specifies the service path name.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Usage Guidelines
Examples
Release
Modification
4.0(4)SV1(1)
This command was introduced.
You can use the following operators with the show running-config command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
|—Pipes the command output to a filter.
This example shows how to display the running configuration:
vsm# show running-config
!Command: show running-config
!Time: Tue Jan 4 17:20:05 2011
version 4.2(1)SV1(4)
no feature telnet
username admin password 5 $1$z3M0/3no$j77mpF9f/mqmd7/mEZ6RR1 role network-admin
username adminbackup password 5 $1$Oip/C5Ci$oOdx7oJSlBCFpNRmQK4na. role network-operator
banner motd #Nexus 1000v Switch#
ip domain-lookup
Cisco vPath and vServices Reference Guide for VMware vSphere
4-20
OL-27702-02
Chapter 4
vPath and vServices Commands
show running-config
ip domain-lookup
switchname vsm
vem 3
host vmware id 765186a7-eb7c-11de-b059-8843e1389748
vem 4
host vmware id 90a97ac6-31d7-11df-ad65-68efbdf622ca
vem 5
host vmware id 833fe152-3f8b-11df-bd70-68efbdf64970
snmp-server user admin network-admin auth md5 0x5ed3cfea7c44550ac3d18475f28b118b
priv 0x5ed3cfea7c44550ac3d18475f28b118b localizedkey
vrf context management
ip route 0.0.0.0/0 10.193.72.1
vlan 1,61-65
port-channel load-balance ethernet source-mac
port-profile default max-ports 32
port-profile default port-binding static
port-profile type vethernet vm-clear
vmware port-group
switchport mode access
switchport access vlan 63
no shutdown
state enabled
port-profile type vethernet vservice-service
vmware port-group
switchport mode access
switchport access vlan 64
no shutdown
max-ports 1024
state enabled
port-profile type ethernet system-uplink
vmware port-group
switchport trunk allowed vlan 61-70
switchport mode trunk
no shutdown
system vlan 61-62
state enabled
port-profile type vethernet vsg129-2
vmware port-group
switchport mode access
switchport access vlan 63
org root/Canon
vn-service ip-address 10.10.129.2 vlan 64 security-profile sp-vsg2-1
no shutdown
state enabled
port-profile type vethernet vsg134-1
vmware port-group
switchport mode access
switchport access vlan 63
vn-service ip-address 10.10.134.1 vlan 64 mgmt-ip-address 10.10.73.132 security-profile
sp1
no shutdown
state enabled
port-profile type vethernet vsg136-1
vmware port-group
switchport mode access
switchport access vlan 63
vn-service ip-address 10.10.136.1 vlan 64 mgmt-ip-address 10.10.73.137 security-profile
sp1
no shutdown
state enabled
port-profile type vethernet vsg129_2-svc-vlan65
vmware port-group
switchport mode access
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-21
Chapter 4
vPath and vServices Commands
show running-config
switchport access vlan 65
vn-service ip-address 10.10.129.2 vlan 64 mgmt-ip-address 10.10.73.131 security-profile
sp1
no shutdown
state enabled
port-profile type vethernet vm-clear-vlan65
vmware port-group
switchport mode access
switchport access vlan 65
no shutdown
state enabled
port-profile type ethernet Unused_Or_Quarantine_Uplink
vmware port-group
shutdown
description Port-group created for Nexus1000V internal usage. Do not use.
state enabled
port-profile type vethernet Unused_Or_Quarantine_Veth
vmware port-group
shutdown
description Port-group created for Nexus1000V internal usage. Do not use.
state enabled
port-profile type vethernet vm-clear-vlan63
vmware port-group
switchport mode access
switchport access vlan 63
no shutdown
state enabled
vdc vsm id 1
limit-resource
limit-resource
limit-resource
limit-resource
limit-resource
limit-resource
limit-resource
limit-resource
vlan minimum 16 maximum 2049
monitor-session minimum 0 maximum 2
vrf minimum 16 maximum 8192
port-channel minimum 0 maximum 768
u4route-mem minimum 32 maximum 32
u6route-mem minimum 16 maximum 16
m4route-mem minimum 58 maximum 58
m6route-mem minimum 8 maximum 8
interface mgmt0
ip address 10.10.73.130/21
interface Vethernet1
inherit port-profile vm-clear-vlan63
description UD134-1,Network Adapter 2
vmware dvport 7489 dvswitch uuid "90 33 3b 50 c2 11 2a 50-ae c5 0f 07 b2 b3 23 2c"
vmware vm mac 0050.56BB.0029
interface Vethernet2
inherit port-profile vsg136-1
description UD136-1,Network Adapter 2
vmware dvport 7458 dvswitch uuid "90 33 3b 50 c2 11 2a 50-ae c5 0f 07 b2 b3 23 2c"
vmware vm mac 0050.56BB.0032
interface Vethernet3
inherit port-profile vm-clear-vlan63
description US136-1,Network Adapter 2
vmware dvport 7492 dvswitch uuid "90 33 3b 50 c2 11 2a 50-ae c5 0f 07 b2 b3 23 2c"
vmware vm mac 0050.56BB.0030
interface Vethernet4
inherit port-profile vsg129-2
description US129-1,Network Adapter 2
vmware dvport 6563 dvswitch uuid "90 33 3b 50 c2 11 2a 50-ae c5 0f 07 b2 b3 23 2c"
vmware vm mac 0050.56BB.003E
Cisco vPath and vServices Reference Guide for VMware vSphere
4-22
OL-27702-02
Chapter 4
vPath and vServices Commands
show running-config
interface Vethernet5
inherit port-profile vm-clear-vlan63
description US129-2,Network Adapter 2
vmware dvport 7491 dvswitch uuid "90 33 3b 50 c2 11 2a 50-ae c5 0f 07 b2 b3 23 2c"
vmware vm mac 0050.56BB.0040
interface Vethernet6
inherit port-profile vservice-service
description VSG134-1,Network Adapter 1
vmware dvport 3683 dvswitch uuid "90 33 3b 50 c2 11 2a 50-ae c5 0f 07 b2 b3 23 2c"
vmware vm mac 0050.56BB.002C
interface Vethernet7
inherit port-profile vservice-service
description VSG129-2,Network Adapter 1
vmware dvport 3686 dvswitch uuid "90 33 3b 50 c2 11 2a 50-ae c5 0f 07 b2 b3 23 2c"
vmware vm mac 0050.56BB.0037
interface Vethernet8
inherit port-profile vservice-service
description VSG136-1,Network Adapter 1
vmware dvport 3684 dvswitch uuid "90 33 3b 50 c2 11 2a 50-ae c5 0f 07 b2 b3 23 2c"
vmware vm mac 0050.56BB.0034
interface Ethernet3/2
inherit port-profile system-uplink
interface Ethernet4/6
inherit port-profile system-uplink
interface Ethernet5/6
inherit port-profile system-uplink
interface control0
line console
boot kickstart bootflash:/ks.bin sup-1
boot system bootflash:/sys.bin sup-1
boot kickstart bootflash:/ks.bin sup-2
boot system bootflash:/sys.bin sup-2
svs-domain
domain id 61
control vlan 61
packet vlan 62
svs mode L2
svs connection vcenter
protocol vmware-vim
remote ip address 10.10.79.32 port 80
vmware dvs uuid "90 33 3b 50 c2 11 2a 50-ae c5 0f 07 b2 b3 23 2c" datacenter-name NAME/S
connect
nsc-policy-agent
registration-ip 10.193.72.236
shared-secret **********
policy-agent-image bootflash:/vsmcpa.3.0.2.172.bin
log-level info
vsm#
Related Commands
Command
Description
show aaa
Displays AAA information.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-23
Chapter 4
vPath and vServices Commands
show running-config vservice node
show running-config vservice node
To display the configuration details of the virtual service nodes in the network, use the show
running-config vservice node command.
show running-config vservice node (optional) [node-name]
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
Network-admin
Network-operator
Command History
Usage Guidelines
Examples
Release
Modification
4.1(2)SV1(5.2)
This command was introduced.
You can use the following operators with the show running-config vservice node command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
node-name—Displays the configuration of the specified vservice node name.
•
|—Pipes the command output to a filter.
This example shows how to display the information of the configured vservice nodes:
vsm# show running-config vservice node
!Command: show running-config vservice node
!Time: Mon Jul 9 16:10:19 2012
version 4.2(1)SV1(5.2)
vservice node vasatDbd5 type asa
ip address 172.8.8.201
adjacency l2 vxlan bridge-domain bd5555
fail-mode open
vservice node vasatCbd5 type asa
ip address 172.8.8.101
adjacency l2 vxlan bridge-domain bd5555
fail-mode open
vservice node vservicetest type vsg
fail-mode close
Cisco vPath and vServices Reference Guide for VMware vSphere
4-24
OL-27702-02
Chapter 4
vPath and vServices Commands
show running-config vservice node
vservice node testvwaas type vwaas
fail-mode close
vservice node test type vsg
adjacency l3
fail-mode open
vservice node testip type vsg
fail-mode close
vservice node vsgl2tC type vsg
ip address 10.10.10.103
adjacency l2 vlan 504
fail-mode close
vservice node vsgl2tA101 type vsg
ip address 10.10.10.101
adjacency l2 vlan 504
fail-mode close
vservice node vsgl2tB102 type vsg
ip address 10.10.10.102
adjacency l2 vlan 504
fail-mode close
vservice node vsgtCbd6 type vsg
ip address 10.10.10.103
adjacency l2 vxlan bridge-domain bd6666
fail-mode close
vservice node vsgl2tD104 type vsg
ip address 10.10.10.104
adjacency l2 vlan 504
fail-mode open
vservice node vsgl2tE105 type vsg
ip address 10.10.10.105
adjacency l2 vlan 504
fail-mode close
vservice node vsgl3tA101 type vsg
ip address 10.10.10.201
adjacency l3
fail-mode close
vservice node vsgl3tB102 type vsg
ip address 10.10.10.202
adjacency l3
fail-mode close
vservice node vsgl3tC103 type vsg
ip address 10.10.10.203
adjacency l3
fail-mode close
vservice node vsgl3tD104 type vsg
ip address 10.10.10.204
Related Commands
Command
Description
vservice node
Configures a virtual service node.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-25
Chapter 4
vPath and vServices Commands
show running-config vservice path
show running-config vservice path
To display the configuration details of the vservice paths, use the show running-config vservice path
command.
show running-config vservice path (optional) [node-name]
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
Network-admin
Network-operator
Command History
Usage Guidelines
Examples
Release
Modification
4.1(2)SV1(5.2)
This command was introduced.
You can use the following operators with the show running-config vservice path command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
node-name—Displays the configuration of the specified vservice node name.
•
|—Pipes the command output to a filter.
This example shows how to display the information of the configured vservice nodes:
vsm# show running-config vservice path
!Command: show running-config vservice path
!Time: Mon Jul 9 16:52:55 2012
version 4.2(1)SV1(5.2)
vservice path sp-tDvsg504vasabd5
node vsgl2tD104 profile sp-tD order 1
node vasatDbd5 profile ep-tD order 100
vservice path sp-tDvsgl3vasabd5
node vsgl3tD104 profile sp-tD order 1
node vasatDbd5 profile ep-tD order 1000000000
vservice path sp-vsgl3tD
node vsgl3tD104 profile sp-tDl3
vservice path sp-vsgl2tD
node vsgl2tD104 profile sp-tD
Cisco vPath and vServices Reference Guide for VMware vSphere
4-26
OL-27702-02
Chapter 4
vPath and vServices Commands
show running-config vservice path
vservice path sp-vsgbd6tC
node vsgtCbd6 profile sp-tC
vservice path sp-vasal2tC
node vasal2tC profile ep-tC order 10
vservice path sp-tCvsg504vasa503
node vsgl2tC profile sp-tC order 10
node vasal2tC profile ep-tC order 20
vservice path sp-tCvsgbd6vasa503
node vsgtCbd6 profile sp-tC order 10
node vasal2tC profile ep-tC order 20
vservice path sp-tCvsgbd6vasabd5
node vsgtCbd6 profile sp-tC order 1410065406
node vasatCbd5 profile ep-tC order 1410065407
vservice path sp-tDedittest
node vsgl3tD104 profile sp-tD order 1
node vasatDbd5 profile ep-tD order 22
vservice path sptest
vservice path sp-tEvsgl3
node vsgl3tE105 profile sp-tE order 10
vservice path sp-tDvasabd5
node vasatDbd5 profile ep-tD order 100
Related Commands
Command
Description
vservice path
Configures a service path.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-27
Chapter 4
vPath and vServices Commands
show nsc-pa status
show nsc-pa status
To display the installation status of a policy agent, use the show nsc-pa status command.
show nsc-pa status
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Usage Guidelines
Examples
Release
Modification
4.0(4)SV1(1)
This command was introduced.
You can use the following operators with the show nsc-pa status command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
|—Pipes the command output to a filter.
This example shows how to display the installation status of the policy agent:
vsm# configure
vsm(config)# show nsc-pa status
NSC Policy-Agent status is - Installed Successfully. Version 1.0(0.512)-vsm
vsm(config)#
Related Commands
Command
Description
nsc-policy-agent
Enters the Cisco PNSC policy agent configuration mode.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-28
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice brief
show vservice brief
To display only a brief summary about the Virtual Service (vservice), use the show vservice brief
command.
show vservice brief [node-l3 node-ipaddr ip-addr | node-l3 module module-num] [ node-vxlan
bridge-domain bridge-domain-name] | node-vlan vlan-id| node-name node name | module
module-num
Syntax Description
node-l3 node-ipaddr
Filters Layer 3 mode (Using the IP address) for the service node.
ip-addr
Specifies the IP address of the service node.
node-l3 module
(Optional) Displays module keyword.
module-num
Specifies the module number to see all the vservice connections on the
module.
node-vxlan
bridge-domain
Filters the display by domain bridge name associated with the VXLAN..
bridge-domain-name
Specifies the bridge domain name.
node_vlan
Filters the display by VLAN connected with the service node.
vlan_num
Specifies the VLAN number.
name
(Optional) Displays service node name.
node-name
Specifies the service node.
module
Filters the display by module number.
module-num
Specifies the module number.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.1(2)SV1(5.2)
The output of the show vservice brief was changed.
4.1(2)SV1(5.1)
The output of the show vservice brief was changed to show the information
about the Cisco VSG sin L2 and L3 mode.
4.0(4)SV1(1)
This command was introduced.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-29
Chapter 4
vPath and vServices Commands
show vservice brief
Usage Guidelines
Examples
You can use the following operators with the show vservice brief command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
|—Pipes the command output to a filter.
This example shows how to display brief information about the Cisco VSGs:
vsm# show vservice brief
#License Information
Type
In-Use
vsg
0
asa
2
#Node Information
ID Name
1 vasatDbd5
12 vsgtCbd6
13 vsgl2tD104
18 vsgl3tD104
19 vsgl3tE105
Type
asa
vsg
vsg
vsg
vsg
#Path Information
#Path ID:2
NumOfSvc:2
Node
vsgl3tD104
vasatDbd5
#Path ID:5
NumOfSvc:1
Node
vsgtCbd6
Related Commands
IP-Address
172.8.8.201
10.10.10.103
10.10.10.104
10.10.10.204
10.10.10.205
Name:sp-tDvsgl3vasabd5
Order Profile
1 sp-tD
1000000000 ep-tD
Name:sp-vsgbd6tC
Order Profile
-sp-tC
Command
Description
show vservice port
vethernet
Displays vEth port information.
Mode
vxlan
vxlan
v-504
l3
l3
State
Alive
Alive??
Alive
Alive
Unreach
Module
4,
4,6,
4,
4,6,
4,6,
Mod:4,
Mod:4,6,
Cisco vPath and vServices Reference Guide for VMware vSphere
4-30
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice connection
show vservice connection
To display vservice connections, use the show vservice connection command.
show vservice connection [node-name node-name] [node-vxlan bridge-domain bdname |
node-vlan vlan-num | node-l3 [node-ipaddr ip-addr | module module-num] | node-ipaddr
ip-addr] | path-name path-name | port-profile port-profile-name | service-profile
service-profile-name]
Syntax
Description
name
(Optional) Displays service node name.
node-name
Specifies the service node.
node-vxlan
bridge-domain
Filters the display by domain bridge name associated with the VXLAN.
bd-name
Specifies the bridge domain name.
node-vlan
Filters the VLAN node for the VSG service vlan
vlan-num
Filters the VLAN module number for the VSG service vlan.
node-l3 node-ipaddr
Filters Layer 3 mode (using the IP address) for the service node.
ip-addr
Specifies the IP address of the service node.
node-l3 module
(Optional) Displays module keyword.
module-num
Specifies the module number to see all the vservice connections on the
module.
node_ipaddr
Filters the display by IP address of the service node
ip-addr
Specifies the IP address of the service node.
path-name
Filters the vservice path name
path_name
Specifies the service path name.
port-profile
Filters the port information for the specified port-profile name.
port-profile
Specifies the port-profile name.
service-profile
Filters the port information for the specified service-profile name.
service_profile
Specifies the service-profile name.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-31
Chapter 4
vPath and vServices Commands
show vservice connection
Command History
Usage Guidelines
Examples
Release
Modification
4.2.1SV1(5.2)
The output of the show vservice connection command was modifie.
4.2.1SV1(5.1)
The output of the show vservice connection command was modified to
show that the VLAN column is now referred as V(X)LAN. InV(X)LAN
column the VLAN is represented with prefix ”v-” and V(X)LAN is shown
without any prefix.
4.0(4)SV1(1)
This command was introduced.
You can use the following operators with the show vservice connection command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
|—Pipes the command output to a filter.
This example shows how to display Cisco VSG connections:
vsm# show vservice connection
module
node_l3
node_vlan
node_ipaddr
node_name
node_vxlan
Actions(Act):
d - drop
p - permit
r - redirect
_ - not processed yet
Flags:
A - seen ack for syn/fin from src
E - tcp conn established (SasA done)
F - seen fin from src
R - seen rst from src
S - seen syn from src
T - tcp conn torn down (FafA done)
#Node vsgl2tD104
#Module 4
Proto SrcIP[:Port]
#Path sp-vsgbd6tC
#Module 4
Proto SrcIP[:Port]
#Module 6
Proto SrcIP[:Port]
#Path sp-tDvsgl3vasabd5
#Module 4
Proto SrcIP[:Port]
#Node vsgtCbd6
#Module 4
Proto SrcIP[:Port]
#Module 6
Proto SrcIP[:Port]
s - reset
t - passthrough
e - error
upper case - offloaded
a - seen ack for syn/fin from dst
f
r
s
x
-
seen fin from dst
seen rst from dst
seen syn from dst
IP-fragment connection
SAct
DstIP[:Port]
DAct
Flags
Bytes
SAct
DstIP[:Port]
DAct
Flags
Bytes
SAct
DstIP[:Port]
DAct
Flags
Bytes
SAct
DstIP[:Port]
DAct
Flags
Bytes
SAct
DstIP[:Port]
DAct
Flags
Bytes
SAct
DstIP[:Port]
DAct
Flags
Bytes
#Node vsgl3tE105
Cisco vPath and vServices Reference Guide for VMware vSphere
4-32
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice connection
#Module 4
Proto SrcIP[:Port]
#Module 6
Proto SrcIP[:Port]
#Node vsgl3tD104
#Module 4
Proto SrcIP[:Port]
#Module 6
Proto SrcIP[:Port]
Related Commands
SAct
DstIP[:Port]
DAct
Flags
Bytes
SAct
DstIP[:Port]
DAct
Flags
Bytes
SAct
DstIP[:Port]
DAct
Flags
Bytes
SAct
DstIP[:Port]
DAct
Flags
Bytes
Command
Description
show vservice port
vethernet
Displays port information.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-33
Chapter 4
vPath and vServices Commands
show vservice detail
show vservice detail
To display detailed information about the Virtual Service (vservice), use the show vservice detail
command.
show vservice detail {module module_num | node_ipaddr ip_addr | node_l3 node_l3 |
node_name node_name | node_vxlan vxlan_num | node_vlan vlane_num | path_name
path_name port-profile port_profile| service-profile sevice_profile}
Syntax Description
module
Filters the display by module number.
module_num
Specifies the module number to see the vservice connections on the module.
node_ipaddr
Filters the display by IP address of the service node
ip_addr
Specifies the IP address of the service node.
node_l3
Filters the display by node associated with the Layer 3 mode
node_l3
Specifies the Layer 3 mode for the vservice node.
node_name
Filters the display by node name
node_name
Specifies the service node name
node_vxlan
Filters the display by VXLAN node
vxlan_num
Specifies the VXLAN number for the VSG service vxlan.
node_vlan
Filters the display by VLAN node
vlane_num
Specifies the VLAN number for the VSG service vlan.
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2.1SV1(5.2)
The output of the show vservice detail command was changed.
4.2.1SV1(5.1)
The output of the show vservice detail command was changed to show the
detailed information about Cisco VSGs.
4.0(4)SV1(1)
This command was introduced.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-34
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice detail
Usage Guidelines
Examples
You can use the following operators with the show vservice detail command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
|—Pipes the command output to a filter.
This example shows how to display detailed information about Cisco VSGs:
vsm# show vservice detail
----------------#vservice VLAN: -, IP-ADDR: 10.1.1.40
MODULE
vservice-MAC-ADDR FAIL-MODE
9
Close
11
Close
12
Close
vservice-STATE
Up
Up
Up
#vservice VLAN: -, IP-ADDR: 10.1.1.68
MODULE
vservice-MAC-ADDR FAIL-MODE
12
Close
vservice-STATE
Up
#vservice VLAN: 502, IP-ADDR: 10.1.1.45
MODULE
vservice-MAC-ADDR
FAIL-MODE
11
00:50:56:8f:5a:bb
Close
12
00:50:56:8f:5a:bb
Close
vservice-STATE
Up
Up
#vservice VLAN: 501, IP-ADDR: 10.1.1.44
MODULE
vservice-MAC-ADDR
FAIL-MODE
9
00:50:56:8f:5a:85
Close
11 00:50:56:8f:5a:85
Close
vservice-STATE
Up
Up
#vservice VLAN: 501, IP-ADDR: 10.1.1.40
MODULE
vservice-MAC-ADDR
FAIL-MODE
9 00:50:56:8e:35:bd
Close
11 00:50:56:8e:35:bd
Close
vservice-STATE
Up
Up
#vservice VLAN: 501, IP-ADDR: 10.1.1.41
MODULE
vservice-MAC-ADDR
FAIL-MODE
11 00:50:56:8f:5a:7f
Close
vservice-STATE
Up
#vservice Ports, Port-Profile, Org & Security-Profile Association:
#vservice VLAN: -, IP-ADDR: 10.1.1.40
Port-Profile: segment-5000-routed, Security-Profile: tenant1-sp1, Org: root/tenant1
Module Vethernet
9
4
11 36, 25
12 69, 26, 67
Port-Profile: segment-5001, Security-Profile: tenant1-sp1, Org: root/tenant1
Module Vethernet
9 45
#vservice VLAN: -, IP-ADDR: 10.1.1.68
Port-Profile: N1010-L3, Security-Profile: n1010-sp, Org: root/tenant1
Module Vethernet
12 41, 46
#vservice VLAN: 502, IP-ADDR: 10.1.1.45
Port-Profile: segment-5002, Security-Profile: tenant3-sp2, Org: root/tenant3
Module Vethernet
3 84, 85
4 86
Port-Profile: tenant3-sp2, Security-Profile: tenant3-sp2, Org: root/tenant3
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-35
Chapter 4
vPath and vServices Commands
show vservice detail
Module Vethernet
11 37, 40, 39, 38
12 74
#vservice VLAN: 501, IP-ADDR: 10.1.1.44
Port-Profile: tenant1-vsg2, Security-Profile: tenant1-sp2, Org: root/tenant1
Module Vethernet
9 49, 55, 54, 53, 52, 51, 50, 56, 63, 62,
61, 60, 59, 58, 57, 6, 7, 13, 14, 15,
2, 1
11 16, 17, 22, 21, 20, 19, 18
#vservice VLAN: 501, IP-ADDR: 10.1.1.40
Port-Profile: data-53, Security-Profile: tenant1-sp1, Org: root/tenant1
Module Vethernet
9 24
11 23
#vservice VLAN: 501, IP-ADDR: 10.1.1.41
Port-Profile: tenant2, Security-Profile: tenant2-sp1, Org: root/tenant2
Module Vethernet
11 68, 12, 72
vsm#
-------------------
Related Commands8
Command
Description
show vservice port
vethernet
Displays information about virtual Ethernet (vEth) ports.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-36
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice license brief
show vservice license brief
To display only a brief summary about the virtual service node license information, use the show
vservice license brief command.
show vservice license brief
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Usage Guidelines
Examples
Release
Modification
4.0(4)SV1(1)
This command was introduced.
You can use the following operators with the show nsc-pa status command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
|—Pipes the command output to a filter.
This example shows how to display the brief information about the license:
n1000v# show vservice license brief
-------------------------------------------------------------------------------License Information
-------------------------------------------------------------------------------Type
In-Use-Lic-Count UnLicensed-Mod
vsg
6
asa
2
Related Commands
Command
Description
show license usage
Displays the licenses in use on each VEM.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-37
Chapter 4
vPath and vServices Commands
show vservice license detail
show vservice license detail
To display the detail about the virtual service node license information, use the show vservice license
detail command.
show vservice license detail {module module_num}
Syntax Description
module
Filters the module number.
module_num
Specifies the module number to see all the vservice connections on the
module. The range is from 3 to 258.
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Usage Guidelines
Examples
Release
Modification
4.2.1SV1(5.2)
This command was introduced.
You can use the following operators with the show nsc-pa status command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
|—Pipes the command output to a filter.
This example shows how to display the brief information about the license:
n1000v# show vservice license detail module 4
-------------------------------------------------------------------------------License Information
-------------------------------------------------------------------------------Mod ASA-Lic-Count
4 2
Cisco vPath and vServices Reference Guide for VMware vSphere
4-38
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice license detail
Related Commands
Command
Description
show license usage
Displays the licenses in use on each VEM.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-39
Chapter 4
vPath and vServices Commands
show vservice node mac brief
show vservice node mac brief
To display only summary about the MAC address of the virtual service node, use the show vservice node
mac brief command.
show vservice node mac brief
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Usage Guidelines
Examples
Release
Modification
4.2.1SV1(5.2)
This command was introduced.
You can use the following operators with the show vservice node brief command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
|—Pipes the command output to a filter.
This example shows how to display the MAC address of the Cisco virtual service node
n1000v# show vservice node mac brief
-------------------------------------------------------------------------------Node Information
-------------------------------------------------------------------------------ID Type
IP-Address
MAC-Addr
Mode
Fail State
Module
1 asa
172.8.8.201
00:50:56:b5:37:8f vxlan open Alive
4,
12 vsg
10.10.10.103
00:50:56:b5:25:f7 vxlan close Alive
4,6,7,
13 vsg
10.10.10.104
00:50:56:b5:6d:36 v-504 close Alive
4,
18 vsg
10.10.10.204
00:00:00:00:00:00 l3
open Alive
4,6,
Related Commands
Command
Description
show vservice node
brief
Displays summary of virtual service node.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-40
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice node mac brief
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-41
Chapter 4
vPath and vServices Commands
show vservice node brief
show vservice node brief
To display only the summary about the Cisco virtual service node, use the show vservice node brief
command.
show vservice node brief [name node-name| vxlan bridge-domain bdname | vlan vlan_num | l3
ip-addr ip-addr | l3 module module-num] | ipaddr ip-addr | module module-num]
Syntax
Description
name
(Optional) Displays service node name.
node-name
Specifies the service node.
vxlan bridge-domain
Filters the VXLAN number associated with the service node
bd_name
Specifies the bridge domain name.
vlan
Specifies the VLAN node for the VSG service vlan
vlan_num
Specifies the VLAN number for the VSG service vlan.
l3
Specifies Layer 3 mode (using IP address) for the service node.
ipaddr
Filters the display by IP address of the service node
ip-addr
Specifies the IP address of the service node.
module
(Optional) Displays module keyword.
module-num
Specifies the module number to see all the vservice connections on the
module.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Usage Guidelines
Release
Modification
4.2.1SV1(5.2)
The output of the show vservice node brief command was modified.
4.2.1SV1(5.1)
The output of the show vservice brief was modified to show the information
about the Cisco VSG in Layer 2 and Layer 3 mode.
4.0(4)SV1(1)
This command was introduced.
You can use the following operators with the show vservice node brief command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-42
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice node brief
•
Examples
|—Pipes the command output to a filter.
This example shows how to display summary information about Cisco vservice.
n1000v# show vservice node brief
-------------------------------------------------------------------------------Node Information
-------------------------------------------------------------------------------ID Name
Type
IP-Address
Mode
State
Module
1 vasatDbd5
asa
172.8.8.201
vxlan Alive
4,
12 vsgtCbd6
vsg
10.10.10.103
vxlan Alive
4,6,7,
13 vsgl2tD104
vsg
10.10.10.104
v-504 Alive
4,
18 vsgl3tD104
vsg
10.10.10.204
l3
Alive
4,6,
Related Commands
Command
Description
show vservice node
detail
Displays detailed information about virtual service node.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-43
Chapter 4
vPath and vServices Commands
show vservice node detail
show vservice node detail
To display the detail about the Cisco virtual service node, use the show vservice node detail command.
show vservice node detail [name node-name| vxlan bridge-domain bdname | vlan vlan_num | l3
ip-addr ip-addr | l3 module module-num] | ipaddr ip-addr | module module-num]
Syntax
Description
name
(Optional) Displays service node name.
node-name
Specifies the service node.
vxlan bridge-domain
Filters the VXLAN number associated with the service node.
bd_name
Specifies the bridge domain name.
vlan
Filters the VLAN node for the VSG service vlan
vlan_num
Specifies the VLAN number for the VSG service vlan.
l3 ipaddr
Filters the display by the Layer 3 IP address of the node.
l3 module
Filters the display by the Layer 3 mode (using the IP address) for the service
node.
ipaddr
Filters the display by the IP address of the node.
ip-addr
Specifies the IP address of the node.
module
(Optional) Displays module keyword.
module-num
Specifies the module number to see all the vservice connections on the
module.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2.1SV1(5.2)
The output of the show vservice node detail command was modified to
display the details about the Cisco vservice.
4.2.1SV1(5.1)
The output of the show vservice connection command was modified to
show that the VLAN column is now referred as V(X)LAN. InV(X)LAN
column the VLAN is represented with prefix ”v-” and V(X)LAN is shown
without any prefix.
4.0(4)SV1(1)
This command was introduced.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-44
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice node detail
Usage Guidelines
Examples
You can use the following operators with the show vservice connection command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
|—Pipes the command output to a filter.
This example shows how to display Cisco VSG service node?
n1000v# show vservice node detail
-------------------------------------------------------------------------------Node Information
-------------------------------------------------------------------------------Node ID:1
Name:vasatDbd5
Type:asa
IPAddr:172.8.8.201
Fail:open
Vxlan:bd5555
Mod State
MAC-Addr
VVer
4 Alive
00:50:56:b5:37:8f
2
Related Commands
Node ID:12
Type:vsg
Mod State
4 Alive
6 Alive
7 Alive
Name:vsgtCbd6
IPAddr:10.10.10.103
MAC-Addr
00:50:56:b5:25:f7
00:50:56:b5:25:f7
00:50:56:b5:25:f7
Fail:close
VVer
2
2
2
Vxlan:bd6666
Node ID:13
Type:vsg
Mod State
4 Alive
Name:vsgl2tD104
IPAddr:10.10.10.104
MAC-Addr
00:50:56:b5:6d:36
Fail:close
VVer
2
Vlan:504
Node ID:18
Type:vsg
Mod State
4 Alive
6 Alive
Name:vsgl3tD104
IPAddr:10.10.10.204
MAC-Addr
---
Fail:open
VVer
2
2
L3
Command
Description
show vservice node
brief
Displays brief information about virtual service node.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-45
Chapter 4
vPath and vServices Commands
show vservice path brief
show vservice path brief
To only display the summary of the vservice path, use the show vservice path brief command.
show vservice path brief [module module-number | name name]
Syntax Description
module
(Optional).
module-number
name
Filters the path name to the service node.
name
Specifies the path name to the service node
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.1(2)SV1(5.2)
This command was introduced.
This example shows how to show the vservice path:
vsm# show vservice path brief
module
name
#Path Information
#Path ID:2
NumOfSvc:2 Name:sp-tDvsgl3vasabd5
Node
Order Profile
vsgl3tD104
1 sp-tD
vasatDbd5
1000000000 ep-tD
#Path ID:5
NumOfSvc:1 Name:sp-vsgbd6tC
Node
Order Profile
vsgtCbd6
-sp-tC
Related Commands
Mod:4,
Mod:4,6,
Command
Description
show vservice path
detail
Displays the details of the vservice path.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-46
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice path detail
show vservice path detail
To only display the details of the vservice path, use the show vservice path detail command.
show vservice path detail [module module-number | name name]
Syntax Description
module
(Optional) Displays module keyword.
module-number
Specifies the module number to see all the vservice connections on the
module.
name
Filters the path name to the service node.
name
Specifies the path name to the service node
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.1(2)SV1(5.2)
This command was introduced.
This example shows how to show the vservice path:
vsm# show vservice path detail
module
name
#Path Information
#Path ID:2
NumOfSvc:2 Name:sp-tDvsgl3vasabd5
Node
Order Profile
vsgl3tD104
1 sp-tD
vasatDbd5
1000000000 ep-tD
#Path ID:5
NumOfSvc:1 Name:sp-vsgbd6tC
Node
Order Profile
vsgtCbd6
-sp-tC
Related Commands
Mod:4,
Mod:4,6,
Command
Description
show vservice path
brief
Displays a summary of the vservice path.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-47
Chapter 4
vPath and vServices Commands
show vservice port brief
show vservice port brief
To display a brief summary of the configured ports in the network, use the show vservice port brief
command.
show vservice port brief {module module_num | node-ipaddr ip_addr | node-l3[node-ipaddr
ip-addr | module module-num] | node-name node_name | node-vlan vlan-num | node-vxlan
bridge-domain bdname| path-name path_name | port-profile port_profile | service-profile
service_profile | vethernet vethernet_num}
Syntax Description
module
Filters the port information for the specified module.
module_num
Specifies a module number.
node-ipaddr
Filters the port information for the specified IP address of the node.
ip_addr
Specifies a node’s IP address.
node-l3 node-ipp-addr Filters the port information for the Layer 3 adjacency of a node.
node-l3 module
(Optional) Displays module keyword.
module-num
Specifies the module number to see all the vservice connections on the
module.
path-name
Filters the port information for the specified path name.
name
(Optional) Displays service node name.
node-name
Specifies the service node.
node-vlan
Filters the VLAN number associated with the service node
vlan-num
node-vxlan
bridge-domain
Filters the VXLAN number associated with the service node.
bdname
path-name
Filters the vservice path name
path_name
Specifies the service path name.
port-profile
Filters the port information for the specified port-profile name.
port-profile
Specifies the port-profile name.
service-profile
Filters the port information for the specified service-profile name.
service_profile
Specifies the service-profile name.
vethernet
Filters the port information for the specified virtual ethernet number.
vethernet_num
Specifies the virtual ethernet number.
Command Modes
EXEC
SupportedUserRoles
Network-admin
Network-operator
Cisco vPath and vServices Reference Guide for VMware vSphere
4-48
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice port brief
Command History
Usage Guidelines
Examples
Release
Modification
4.1(2)SV1(5.2)
This command was introduced.
You can use the following operators with the show vservice port brief command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
module—Filter the output per a specific module number.
•
|—Pipes the command output to a filter.
This example shows how to display the brief summary information of the vservice ports per module
number 4:
vsm# show vservice port brief module 4
-------------------------------------------------------------------------------Port Information
-------------------------------------------------------------------------------PortProfile:tC-bd5-vsgbd6
Org:root/tC
Node:vsgtCbd6(10.10.10.103)
Profile(Id):sp-tC(5)
Veth Mod VM-Name
vNIC IP-Address
9
4 cos-8.10-bd5-spvsgbd6
2 172.8.8.10,
23
4 cos-8.41-bd6-vsgbd6
1 172.8.8.41,
37
4 xp-8.11-504-vsg504
1 172.8.8.11,
51
4 cos-8.37-503-s...04vasa503
1 172.8.8.37,
53
4 cos-8.31-503-vsgbd6
1 172.8.8.31,
PortProfile:tD-bd5-spvsgl3vasabd5
Org:root/tD
Path:sp-tDvsgl3vasabd5
Node
vsgl3tD104(10.10.10.204)
vasatDbd5(172.8.8.201)
Veth Mod VM-Name
72
4 cos-8.40-bd5-s...l3vasabd5
Profile(Id)
sp-tD(6)
ep-tD(8)
vNIC IP-Address
1 172.8.8.40,
PortProfile:tD-504-vsg504
Org:root/tD
Node:vsgl2tD104(10.10.10.104)
Veth Mod VM-Name
69
4 cos-8.38-504-vsg504
Profile(Id):sp-tD(6)
vNIC IP-Address
1 172.8.8.38,
PortProfile:tD-bd5-vsgl3
Org:root/tD
Node:vsgl3tD104(10.10.10.204)
Veth Mod VM-Name
50
4 2k3-9.8-bd6-spvsgl3
Profile(Id):sp-tDl3(7)
vNIC IP-Address
1 172.9.9.8,
PortProfile:tC-bd6-vsgbd6
Org:root/tC
Node:vsgtCbd6(10.10.10.103)
Veth Mod VM-Name
11
4 cos-9.13-bd6-vsgl3
Profile(Id):sp-tC(5)
vNIC IP-Address
1 172.9.9.13,
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-49
Chapter 4
vPath and vServices Commands
show vservice port brief
Related Commands
Command
Description
vservice port detail
Displays details of the configured ports in the network.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-50
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice port detail
show vservice port detail
To display details of the configured ports in the network, use the show vservice port detail command.
show vservice port detail {module module_num | node-ipaddr ip_addr | node-l3[node-ipaddr
ip-addr | module module-num] | node-name node_name | node-vlan vlan_num | node-vxlan
bridge-domain bdname| path-name path_name | port-profile port_profile | service-profile
service_profile | vethernet vethernet_num}
Syntax Description
module
Filters the port information for the specified module.
module_num
Specifies a module number.
node-ipaddr
Filters the port information for the specified IP address of the node.
ip_addr
Specifies a node’s IP address.
node-l3
Filters the port information for the Layer 3 adjacency of a node.
path-name
Filters the port information for the specified path name.
path_name
Specifies the service path name.
port-profile
Filters the port information for the specified port-profile name.
port-profile
Specifies the port-profile name.
service-profile
Filters the port information for the specified service-profile name.
service_profile
Specifies the service-profile name.
vethernet
Filters the port information for the specified virtual ethernet number.
vethernet_num
Specifies the virtual ethernet number.
Command Modes
EXEC
SupportedUserRoles
Network-admin
Network-operator
Command History
Usage Guidelines
Release
Modification
4.1(2)SV1(5.2)
This command was introduced.
You can use the following operators with the show vservice port detail command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
module—Filter the output per a specific module number.
•
|—Pipes the command output to a filter.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-51
Chapter 4
vPath and vServices Commands
show vservice port detail
Examples
This example shows how to display the detailed information of the vservice ports per module number 4:
vsm# show vservice port detail module 4
-------------------------------------------------------------------------------Port Information
-------------------------------------------------------------------------------PortProfile:tC-bd5-vsgbd6
Org:root/tC
Node:vsgtCbd6(10.10.10.103)
Profile(Id):sp-tC(5)
Veth9
Module :4
VM-Name :cos-8.10-bd5-spvsgbd6
vNIC:Network Adapter 2
DV-Port :4421
VM-UUID :50 35 a1 39 18 76 76 18-89 89 27 33 1a 30 50 20
DVS-UUID:6f df 35 50 6b 49 88 d0-ce 2f 69 82 57 25 38 55
IP-Addrs:172.8.8.10,
Veth23
Module :4
VM-Name :cos-8.41-bd6-vsgbd6
vNIC:Network Adapter 1
DV-Port :4425
VM-UUID :50 35 d5 98 de c1 04 5b-3e 84 a6 2c 9f 04 2b c2
DVS-UUID:6f df 35 50 6b 49 88 d0-ce 2f 69 82 57 25 38 55
IP-Addrs:172.8.8.41,
Veth37
Module :4
VM-Name :xp-8.11-504-vsg504
vNIC:Network Adapter 1
DV-Port :4424
VM-UUID :50 35 bc 16 8c fa a8 66-ae d9 1f ca 30 e5 21 3e
DVS-UUID:6f df 35 50 6b 49 88 d0-ce 2f 69 82 57 25 38 55
IP-Addrs:172.8.8.11,
Veth51
Module :4
VM-Name :cos-8.37-503-s...04vasa503
vNIC:Network Adapter 1
DV-Port :4416
VM-UUID :50 35 1d f6 ba 4e 26 7e-78 02 03 a8 cf c6 ed d9
DVS-UUID:6f df 35 50 6b 49 88 d0-ce 2f 69 82 57 25 38 55
IP-Addrs:172.8.8.37,
Veth53
Module :4
VM-Name :cos-8.31-503-vsgbd6
vNIC:Network Adapter 1
DV-Port :4420
VM-UUID :50 35 42 e3 93 f9 aa 46-3e 94 bb fd 39 23 a7 c0
DVS-UUID:6f df 35 50 6b 49 88 d0-ce 2f 69 82 57 25 38 55
IP-Addrs:172.8.8.31,
PortProfile:tD-bd5-spvsgl3vasabd5
Org:root/tD
Path:sp-tDvsgl3vasabd5
NumOfSvc:2
Node
Profile(Id)
vsgl3tD104(10.10.10.204)
sp-tD(6)
vasatDbd5(172.8.8.201)
ep-tD(8)
Veth72
Module :4
VM-Name :cos-8.40-bd5-s...l3vasabd5
vNIC:Network Adapter 1
DV-Port :3712
VM-UUID :50 35 af 46 40 bb ef 61-37 9e c7 6f 5a 97 4e 18
DVS-UUID:6f df 35 50 6b 49 88 d0-ce 2f 69 82 57 25 38 55
IP-Addrs:172.8.8.40,
Cisco vPath and vServices Reference Guide for VMware vSphere
4-52
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice port detail
PortProfile:tD-504-vsg504
Org:root/tD
Node:vsgl2tD104(10.10.10.104)
Profile(Id):sp-tD(6)
Veth69
Module :4
VM-Name :cos-8.38-504-vsg504
vNIC:Network Adapter 1
DV-Port :4642
VM-UUID :50 35 9a 63 d0 6a ff de-a5 66 65 2c 06 be e4 c1
DVS-UUID:6f df 35 50 6b 49 88 d0-ce 2f 69 82 57 25 38 55
IP-Addrs:172.8.8.38,
PortProfile:tD-bd5-vsgl3
Org:root/tD
Node:vsgl3tD104(10.10.10.204)
Profile(Id):sp-tDl3(7)
Veth50
Module :4
VM-Name :2k3-9.8-bd6-spvsgl3
vNIC:Network Adapter 1
DV-Port :3777
VM-UUID :50 35 93 44 8b 31 35 e1-02 50 e1 5c 5e 3f 51 2a
DVS-UUID:6f df 35 50 6b 49 88 d0-ce 2f 69 82 57 25 38 55
IP-Addrs:172.9.9.8,
PortProfile:tC-bd6-vsgbd6
Org:root/tC
Node:vsgtCbd6(10.10.10.103)
Profile(Id):sp-tC(5)
Veth11
Module :4
VM-Name :cos-9.13-bd6-vsgl3
vNIC:Network Adapter 1
DV-Port :4832
VM-UUID :50 35 f0 fb 15 4a 2b 46-4c 69 4c 24 d3 ab ff 0f
DVS-UUID:6f df 35 50 6b 49 88 d0-ce 2f 69 82 57 25 38 55
IP-Addrs:172.9.9.13,
Related Commands
Command
Description
show vservice port
brief
Displays a brief summary of the configured ports in the network.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-53
Chapter 4
vPath and vServices Commands
show vservice port vethernet
show vservice port vethernet
To display information about virtual Ethernet (vEth) ports, use the show vservice port vethernet
command.
show vservice port vethernet port-number
Syntax Description
port-number
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.0(4)SV1(1)
This command was introduced.
Usage Guidelines
Examples
Port number. The range is from 1 to 1048575.
You can use the following operators with the show vservice port vethernet command:
•
>—Redirects the output to a file.
•
>>—Redirects the output to a file in append mode.
•
|—Pipes the command output to a filter.
This example shows how to display information about vEth port 2:
vsm# show vservice port vethernet 2
Veth
VM Name
VM uuid
DV Port
DVS uuid
Flags
vservice Data IP
Security Profile
Org
VNSP id
IP addresses:
vsm#
:
:
:
:
:
:
Veth2
UD136-1
42 3b e1 60 17 e6 92 c4-3b 47 f4 b7 4c a0 be 1b
7458
90 33 3b 50 c2 11 2a 50-ae c5 0f 07 b2 b3 23 2c
0x148
: 192.168.136.1
: sp1
: Not set
: 1
Cisco vPath and vServices Reference Guide for VMware vSphere
4-54
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice port vethernet
Related Commands
Command
Description
show vservice statistics Displays virtual service node statistics.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-55
Chapter 4
vPath and vServices Commands
show vservice statistics
show vservice statistics
To display the information about the configuration, MAC address, state of associated Cisco VSG and Virtual
Ethernet Module (VEM), Veths to which Cisco VSGs are bound, and Virtual Service (vservice) statistics for
all VEM modules associated with Cisco VSGs, use show vservice statistics command.
show vservice statistics [ip ip-addr | module module-num | vlan vlan-num]
Syntax Description
ip
(Optional) Displays IP address statistics.
ip-addr
Specifies the MAC address
module
(Optional) Displays VEM module statistics.
module-num
Specifies the VSG and VEM module
vlan
(Optional) Displays VLAN statistics.
vlan-num
Specifies the VLAN number associated with the node in l2 mode.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)SV1(5.2)
The name of the command is changed and the command uses the variables.
4.2(1)SV1(5.1)
This command is changed to show the vservice statistic details
4.0(4)SV1(1)
This command was introduced.
Usage Guidelines
You can use the following operators with the show vservice statistics command:
•
>—Redirects the output to a file.
•
Examples
•
>>—Redirects the output to a file in append mode.
•
|—Pipes the command output to a filter.
This example shows how to display statistics for a module:
vsm# show vservice statistics module 4
#vservice VLAN: 0, IP-ADDR: 10.10.10.205
Module: 4
#VPath Packet Statistics
Ingress
Egress
Total
Cisco vPath and vServices Reference Guide for VMware vSphere
4-56
OL-27702-02
Chapter 4
vPath and vServices Commands
show vservice statistics
Total Seen
Policy Redirects
No-Policy Passthru
Policy-Permits Rcvd
Policy-Denies Rcvd
Permit Hits
Deny
Hits
Decapsulated
Fail-Open
Badport Err
vservice Config Err
vservice State Down
Encap Err
All-Drops
Flow Notificns Sent
Total Rcvd From vservice
Non-Cisco Encap Rcvd
VNS-Port Drops
Policy-Action Err
Decap Err
L2-Frag Sent
L2-Frag Rcvd
L2-Frag Coalesced
Encap exceeded MTU
ICMP Too Big Rcvd
#VPath Flow Statistics
Active Flows
Forward Flow Create
Reverse Flow Create
Flow ID Alloc
Connection ID Alloc
L2 Flow Create
L3 Flow Create
L4 TCP Flow Create
L4 UDP Flow Create
L4 Oth Flow Create
Embryonic Flow Create
L2 Flow Timeout
L3 Flow Timeout
L4 TCP Flow Timeout
L4 UDP Flow Timeout
L4 Oth Flow Timeout
Flow Lookup Hit
Flow Dual Lookup
TCP chkfail InvalACK
TCP chkfail WndVari
Flow Classify Err
Conn ID Alloc Err
Flow Exist
Flow Removal Err
Flow Entry Miss
Bad Action Receive
Invalid Connection
Hash Alloc
InvalFID Lookup
Deferred Delete
25
16
4666
16
0
9
0
16
0
0
39
21
3609
21
0
18
0
21
0
0
0
2380
0
2380
64
37
8275
37
0
27
0
37
0
0
0
10765
0
10765
0
13145
0
13145
0
42
0
5
0
0
0
0
0
0
0
0
11
11
22
11
0
0
0
22
0
0
0
0
0
59
0
90
112
0
0
0
0
0
0
0
0
0
0
37
0
Active Connections
Forward Flow Destroy
Reverse Flow Destroy
Flow ID Free
Connection ID Free
L2 Flow Destroy
L3 Flow Destroy
L4 TCP Flow Destroy
L4 UDP Flow Destroy
L4 Oth Flow Destroy
Embryonic Flow Bloom
L2 Flow Offload
L3 Flow Offload
L4 TCP Flow Offload
L4 UDP Flow Offload
L4 Oth Flow Offload
Flow Lookup Miss
L4 TCP Tuple-reuse
TCP chkfail SeqPstWnd
0
11
11
22
11
0
0
0
22
0
0
0
0
0
37
0
22
0
0
Flow ID Alloc Err
Hash Alloc Err
Flow Entry Exhaust
Bad Flow ID Receive
Flow Full Match Err
Invalid Flow Pair
0
0
0
37
0
0
Hash Free
InvalFID Lookup Err
0
0
vsm#
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-57
Chapter 4
vPath and vServices Commands
show vservice statistics
Related Commands
Command
Description
show vservice port
vethernet
Displays information about virtual Ethernet (vEth) ports.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-58
OL-27702-02
Chapter 4
vPath and vServices Commands
tcp state-checks
tcp state-checks
To configure the Cisco Nexus 1000V switch to perform TCP state checks, use the tcp state-checks
command. To disable TCP state checks functionality, use the no form of the command.
tcp state-checks [invalid-ack | seq-past-window | window-variation]
no tcp state-checks [invalid-ack | seq-past-window | window-variation]
Syntax Description
Defaults
invalid-ack
(Optional) Enables the invalid-ack TCP state check on the Cisco VSG. When a
data packet triggers an invalid ACK, the packet is dropped by the Cisco VSG.
seq-past-window
(Optional) Enables the seq-past-window TCP state check on the Cisco VSG.
When a data packet’s sequence number is greater than the right edge of the TCP
receiving window, the packet is dropped by the Cisco VSG.
window-variation
(Optional) Enables the window-variation TCP state check on the Cisco VSG.
Thus, any attempt to make the window smaller is disallowed.
The default behavior of the TCP checks is as follows:
•
invalid-ack—Disabled.
•
seq-past-window—Disabled.
•
window-variation—Disabled.
Command Modes
vservice global configuration (config-vservice-global)
SupportedUserRoles
network-admin
system-admin
Command History
Release
Modification
4.2(1)SV2(1.1)
This command was modified to add the invalid-ack, seq-past-window, and
window-variation TCP state checks.
4.2(1)VSG1(4a)
This command was introduced.
Usage Guidelines
Use the tcp state-checks command to enable TCP state checks. By default, TCP state checks are
disabled.
Examples
This example shows how to configure the switch to perform the default TCP state checks:
n1000v(config)# vservice global type vsg
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-59
Chapter 4
vPath and vServices Commands
tcp state-checks
n1000v(config-vservice-global)# tcp state-checks
This example shows how to enable the seq-past-window TCP state check:
n1000v(config-vservice-global)# tcp state-checks seq-past-window
This example shows how to disable the invalid-ack TCP state check:
n1000v(config-vservice-global)# no tcp state-checks invalid-ack
Related Commands
Command
Description
vservice global type
vsg
Enters the vservice global configuration mode.
bypass asa-traffic
Configures the switch traffic to bypass the Cisco VSG nodes in a service
chain.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-60
OL-27702-02
Chapter 4
vPath and vServices Commands
vn-service ip-address
vn-service ip-address
To assign a data IP address, a VLAN number, and a profile to a Cisco VSG L2 mode, use the vn-service
ip-address command. To disable the data IP address, use the no form of the command.
vn-service ip-address ip-address vlan vlan-number [fail {close | open} | security-profile
profile-name]
no vn-service ip-address ip-address vlan vlan-number [fail {close | open} | security-profile
profile-name]
To assign a data IP address and a profile to a Cisco VSG L3 mode, use the vn-service ip-address
command. To disable the data IP address, use the no form of the command.
vn-service ip-address ip-address l3-mode [fail {close | open} | security-profile profile-name]
no vn-service ip-address ip-address l3-mode [fail {close | open} | security-profile profile-name]
Syntax Description
ip-address
IP address. The format is A.B.C.D.
vlan vlan-number
Specifies the service VLAN number. The range of values is from 1
to 3967 and 4048 to 4093.
fail
(Optional) Sets state to be in either fail close or fail open.
close
Drops packets if the Cisco VSG is down.
open
Passes packets through if the Cisco VSG is down.
security-profile profile-name
(Optional) Specifies the security profile name.
l3-mode
Specifies that the Cisco VSG is in L3 mode.
Command Default
Fail close
Command Modes
Port profile configuration (config-port-prof)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)SV1(5.1)
This command was changed to include the command syntax and description
for the L3 mode.
4.0(4)SV1(1)
This command was introduced.
Usage Guidelines
Use the vn-service ip-address command to configure the IP address, VLAN, and security profile for the
Cisco VSG, and optionally to allow for a fail-safe configuration.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-61
Chapter 4
vPath and vServices Commands
vn-service ip-address
The fail mode specifies what the behavior is when the Virtual Ethernet Module (VEM) does not have
connectivity to the Cisco VSG. The default fail mode is close, which means that the packets are dropped.
The open fail mode means that packets are passed.
The security profile name must match one of the security profiles created on the Cisco VSG.
The IP address must match the data interface IP address on the Cisco VSG.
Examples
This example shows how to assign the IP address and VLAN number and how to specify that packets are
to be passed when the Cisco VSG fails:
vsm# configure
Enter configuration commands, one per line. End with CNTL/Z.
vsm(config)# port-profile pP1
vsm(config-port-prof)# vn-service ip-address 209.165.200.236 vlan 2 fail open
vsm(config-port-prof)#
Related Commands
Command
Description
show
virtual-service-domain
Displays virtual service domain information.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-62
OL-27702-02
Chapter 4
vPath and vServices Commands
vservice
vservice
To associate a port-profile with a service node or path, use the vservice command from the
config-port-profile mode of the port-profile. To delete a port-profile configuration, use the no form of
this command.
vservice {node node_name [profile profile_name] | path svc_path_name}
no vservice
Syntax Description
node
Specifies the service node to associate the port-profile with.
node_name
The pre-defined service node name.
profile
(Optional) Specifies the service profile the service node is to be associated
with.
profile_name
The pre-defined service profile name.
path
Specifies the service path (vPath) to associate the port-profile with.
svc_path_name
The pre-defined service path name.
Defaults
None
Command Modes
Port-profile configuration (config-port-prof)
SupportedUserRoles
Network-admin
Command History
Release
Modification
4.2(1)SV1(5.2)
This command was introduced.
Usage Guidelines
You can associate either the service node or path to the chosen port-profile entity. Both, the node as well
as the path need to be pre-defined. If the node is of type VSG or ASA, then specifying a profile is
mandatory. However, it is optional in case of a vWAAS or ACE nodes.
Examples
This example shows how to configure a port-profile with a node and service profile:
vsm(config)# port-profile port1 <-------- Enter the mode of the port-profile entity you
want to configure
vsm(config-port-prof)# vservice node vsg1 profile sp1
vsm(config-port-prof)#
This example shows how to configure a port-profile entity with a service path:
vsm(config-port-prof)# vservice path vpath1
vsm(config-port-prof)#
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-63
Chapter 4
vPath and vServices Commands
vservice
Related Commands
Command
Description
show port-profile
Displays information about the port profiles.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-64
OL-27702-02
Chapter 4
vPath and vServices Commands
vservice node
vservice node
To configure a service node, use the vservice node command. To disable a service node, use the no form
of the command.
vservice node node_name type {vsg | asa | adc | vwaas}
ip address ip-address | no ip address
adjacency {l2 {vlan vlan-number} | {vxlan bridge-domain bd-name} | l3} | no adjacency
failmode {close | open} | no failmode
no vservice node node_name
no ip address
no adjacenc
no failmode
Syntax Description
node_name
Specifies the service node name to identify it in the network.
type
Specifies the type of service node to be configured. The values
include vsg, asa, or ace.
vsg
Cisco virtual security gateway (VSG) service node.
asa
Cisco adaptive security appliance (ASA) service node.
adc
Cisco application deployment controller (ADC) service node.
vwaas
Cisco Virtual Wide Area Network Application Services (vWAAS)
service node.
ip-address
Specifies the IP address of the associated service node. This IP
address should match the IP address of the data interface node.
adjacency
Specifies the adjacency for either l2 or l3 mode.
l2
Specifies Layer 2 mode (uses MAC address).
vlan
In case of l2 mode, associate a VLAN with the node.
vlan-number
Specifies the VLAN module number.
vxlan
Alternatively, associate a VXLAN with the service node.
bridge-domain
Specifies a bridge-domain for the VXLAN.
bd-name
Specifies the bridge-domain name.
l3
Specifies Layer 3 (using IP address) mode for the service node.
failmode
Sets state to be in either fail close, or fail open mode.
close
Drops packets if the Cisco VSG is down. This is the default value.
open
Allows the packets to pass through if the Cisco VSG is down.
Command Default
None
Command Modes
Global configration (config)
SupportedUserRoles
Network-admin
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-65
Chapter 4
vPath and vServices Commands
vservice node
Command History
Usage Guidelines
Release
Modification
4.2(1)SV1(5.2)
This command was introduced.
Use the vservice node command to configure a service node with an existing Cisco VSG, ASA, or ACE.
That node in turn is associated with either a port profile or a vservice path.
You can only delete inactive vservice nodes. The inactive nodes are not configured with any virtual
machines or service paths.
Examples
This example shows how to enter the vservice-node mode, and configure the IP address of a vservice
node, adjacency, and fail-mode settings:
Related Commands
vsm(config)# vservice node
vsm(config-vservice-node)#
vsm(config-vservice-node)#
vsm(config-vservice-node)#
vsm(config-vservice-node)#
test type vsg <------- enter the vservice-node mode
ip address 1.1.11.11
adjacency l2 vlan 100
fail-mode close
Command
Description
show vservice node brief
Displays the vservice node information, in brief.
show vservice node detail
Displays the vservice node information, in detail.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-66
OL-27702-02
Chapter 4
vPath and vServices Commands
vservice path
vservice path
To configure a path for service chaining, use the vservice path command. To disable a service path, use
the no form of the command.
vservice path svc_path_name
node node_name [profile prof_name] order order_num
no vservice path svc_path_name
no node node_name
Syntax Description
vservice path
The service path
svc_path_name
Specifies the service path name. This name is associated with
various service no nodes and port profiles to complete service chain
configurations.
node
The destination node for this service path.
node_name
Specifies the service node name.
profile
(Optional) The destination port profile for this service path.
prof_name
Specifies the port profile name.
order
The order number for this service path.
order_num
Specifies the order number. Accepted range is 1-1000.
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
Network-admin
Command History
Release
Modification
4.2(1)SV1(5.2)
This command was introduced.
Usage Guidelines
You can configure up to 3 service nodes in one vservice path. The supported nodes are the Cisco VSG,
vWAAS, and ASA. The specified node_name has to be pre-defined. Specifying a profile is mandatory
for VSG and ASA, but not for vWAAS. For a given path, the ASA node must be configured last. At the
end, you can disable a vservice-path from within its mode as well as at the global configuration level.
Examples
This example shows how to enter the vservice-path mode, and specify the name of a vservice node, port
profile, and the order number:
vsm(config)# vservice path test <------- enter the vservice-path mode
vsm(config-vservice-path)# node test1 profile test2 order 100
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-67
Chapter 4
vPath and vServices Commands
vservice path
vsm(config-vservice-path)#
This example shows how to disable a vservice-path:
vsm(config)# no vservice path test
vsm(config)#
Related Commands
Command
Description
show vservice path brief
Displays the vservice path information in brief.
show vservice path detail
Displays the vservice path information in detail.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-68
OL-27702-02
Chapter 4
vPath and vServices Commands
vservice license
vservice license
To assign ASA licenses to specific modules, use the vservice license command. You can transfer the
licenses within the modules and license pool. This command also enables (activate) the volatile licenses.
To disable volatile licenses, use the no form of the command.
vservice license type {asa} {transfer | volatile} {src-module mod_no | license-pool} {dst-module
mod_no | license-pool}
[no] vservice license type {asa} volatile
Syntax Description
type
Specifies the service node license. Your options are Cisco ASA.
asa
The ASA license type that you can assign to a specific module.
transfer
Specifies that the license needs to be transferred.
volatile
Specifies the volatile licenses within the network.
src-module
Specifies the source module from which the license is to be transferred.
mod_no
Module number. The acceptable number range is 3 to 258.
license-pool
Specifies that the license has to be transferred from a module to the pool and
vice versa.
dst-module
Specifies the destination module to which the license is to be assigned.
Defaults
None
Command Modes
EXEC
SupportedUserRoles
Network-admin
Command History
Release
Modification
4.2(1)SV1(5.2)
This command was introduced.
Usage Guidelines
You cannot transfer volatile licenses to the license-pool. Thus, you cannot specify any keyword after you
type “volatile” at the command line.
Examples
This example shows how to transfer an ASA license from one module to another:
vsm(config)# vservice license type asa transfer src-module 12 dst-module 34
vsm(config)#
This example shows how to disable volatile ASA licenses:
vsm(config)# no vservice license type asa volatile
vsm(config)#
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-69
Chapter 4
vPath and vServices Commands
vservice license
Related Commands
Command
Description
show vservice license
brief
Displays usage information per license type.
show vservice license
detail
Displays the license type per module.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-70
OL-27702-02
Chapter 4
vPath and vServices Commands
nsc-policy-agent
nsc-policy-agent
To enter Cisco Prime Network Services Controller (PNSC) policy agent mode, use the nsc-policy-agent
command.
nsc-policy-agent
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.0(4)SV1(1)
This command was introduced.
Usage Guidelines
Use the Cisco PNSC policy agent configuration mode to configure policy agents.
Examples
This example shows how enter policy agent mode:
vsm# configure
vsm(config)# nsc-policy-agent
vsm(config-nsc-policy-agent)#
Related Commands
Command
Description
configure
Enters global configuration mode.
Cisco vPath and vServices Reference Guide for VMware vSphere
OL-27702-02
4-71
Chapter 4
vPath and vServices Commands
vservice global type vsg
vservice global type vsg
To enter the vservice global configuration mode, use the vservice global type vsg command.
vservice global type vsg
Syntax Description
This command has no keywords or arguments.
Command Default
None
Command Modes
vservice global configration (config-vservice-global)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)SV1(5.2)
This command was introduced.
Examples
This example shows how to enter the vservice global configuration mode:
n1000v# configure <------ enter the config mode
n1000v(config)# vservice global type vsg
n1000v(config-vservice-global)#
This example shows how to enable L3 fragmentation:
n1000v# configure <------ enter the config mode
n1000v(config)# vservice global type vsg
n1000v(config-vservice-global)#l3-frag
Related Commands
Command
Description
bypass asa-traffic
Configures the switch traffic to bypass the Cisco VSG nodes in a
service chain.
tcp state-checks
Configures selective TCP state checks on the switch traffic.
Cisco vPath and vServices Reference Guide for VMware vSphere
4-72
OL-27702-02
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising