VMware vCloud Networking and Security Edge Gateway Command Line Interface (CLI) comes in handy for monitoring and troubleshooting. CLIs can be executed by login to Edge Gateway virtual machine console from vCenter or by remote access using SSH. Currently, Edge Gateway does not support configuration CLIs to apply changes. In this blog, we are going to look at few CLIs using SSH session to Edge Gateway.
Enable SSH access to Edge Gateway by ticking the “Enable Remote Access” as shown below.
Make sure to setup Edge Gateway firewall rule to allow SSH access.
Next SSH to Edge Gateway, listing of Edge Gateway interfaces and SSH login screen are shown below.
Edge Gateway CLI commands can be broadly classified into four categories
- Configuration view commands
- Status/statistics commands
- Logging commands
- Debug/troubleshooting commands
Configuration view commands
These commands allow admin to confirm that the configuration made via vCloud Networking and Security Manager GUI / REST APIs is correctly applied on Edge Gateway. Examples: “show configuration”, “show configuration dns”, “show configuration firewall”, etc.
The configuration output is shown in JSON format. In the example below, showing load balancer configuration with load-balancing algorithm set to ROUND_ROBIN (partial output of “show configuration loadbalancer” CLI shown below).
Let’s change the load-balancing algorithm to LEAST_CONN using vCenter plug-in and re-run the CLI “show configuration loadbalancer” (partial output shown).
These commands help admin to monitor Edge Gateway system state and statistics. Examples: “show interface”, “show firewall”, “show ip route”, “show service dhcp”, “show service ipsec”, “show service highavailability” etc.
Output of “show service ipsec” command is shown below (partial output shown).
These commands help admin to monitor real-time activities of Edge Gateway services. Output of “show log follow” command is shown below (partial output shown).
These commands enable admin to reset system counters and troubleshoot network. Example: “clear firewall counters”, “ping”, “traceroute”, “debug packet display” etc.
Output of “debug packet display interface vNic_1” command is shown below (partial output shown).
Execute the command “list” to see the listing of all the supported Edge Gateway CLIs. Refer CLI reference guide for additional details.
Get notification of these blogs and more vCloud Networking and Security information by following me on Twitter @vCloudNetSec.