If you have Nuage SDN in your cloud then you’ll appreciate this post that give you guidelines in how to check out what is happening actually. Here you have some useful Nuage VRS and VSC commands that will help you out.
Useful Nuage VRS Commands
Check out Nuage VRS ports and VXLAN tunnels information
[root@compute02 ~]# ovs-dpctl show system@ovs-system: lookups: hit:48 missed:37 lost:0 flows: 0 masks: hit:112 total:0 hit/pkt:1.32 port 0: ovs-system (internal) port 1: svc-pat-tap (internal) port 2: alubr0 (internal) port 3: svc-rl-tap2 port 4: svc-rl-tap1 port 5: eth-lxc-14546 port 6: vxlan_sys_4789 (vxlan: df_default=false, ttl=0) port 7: eth-lxc-14666 port 8: eth-lxc-14775 port 9: eth-lxc-14897 port 10: eth-lxc-15034 port 11: eth-lxc-15164 port 12: eth-lxc-15281 port 13: eth-lxc-15406
To get more details try this other one
[root@compute02 ~]# ovs-appctl dpif/show system@ovs-system: hit:48 missed:37 alubr0: alubr0 65534/2: (internal) eltep-b2e041 6/6: (vxlan: df_default=false, in_key=11722817, local_ip=10.0.0.12) eth-lxc-14546 4/5: (system) eth-lxc-14666 9/7: (system) eth-lxc-14775 10/8: (system) eth-lxc-14897 11/9: (system) eth-lxc-15034 12/10: (system) eth-lxc-15164 13/11: (system) eth-lxc-15281 14/12: (system) eth-lxc-15406 15/13: (system) svc-pat-tap 1/1: (internal) svc-rl-tap1 3/4: (system) svc-rl-tap2 2/3: (system) ta00b8329de 7/6: (vxlan: df_default=false, key=8595934, remote_ip=10.0.0.11) ta00bb2e041 8/6: (vxlan: df_default=false, key=11722817, remote_ip=10.0.0.11) vltep-8329de 5/6: (vxlan: df_default=false, in_key=8595934, local_ip=10.0.0.12)
Find out the VRFS service id for our bridge alubr0 into the VRS
[root@compute02 ~]# ovs-appctl vrf/list alubr0 vrfs: 20029
Get the route table from this VRFS service id. We used the id 20029 that we’ve just got for instance.
[root@compute02 ~]# ovs-appctl vrf/route-table 20029
-----------------+----------+--------+------------+------------+-------------------------------
Routes | Duration | Cookie | Pkt Count | Pkt Bytes | EVPN-Id or Local/remote Out port
-----------------+----------+--------+------------+------------+-------------------------------
10.37.120.66 | 1357s | 0x6 | 0 | 0 | 20030
10.37.129.42 | 1369s | 0x6 | 0 | 0 | 20030
10.37.159.184 | 1353s | 0x6 | 0 | 0 | 20030
10.37.133.221 | 1362s | 0x6 | 0 | 0 | 20030
10.37.76.239 | 1366s | 0x6 | 0 | 0 | 20030
10.37.100.116 | 1380s | 0x6 | 0 | 0 | 20030
10.37.100.116 | 1380s | 0x6 | 0 | 0 | 10.37.82.136 | 1376s | 0x6 | 0 | 0 | 20030
10.37.186.42 | 1373s | 0x6 | 0 | 0 | 20030
10.37.62.63 | 1380s | 0x6 | 0 | 0 | 20030
10.37.62.63 | 1380s | 0x6 | 0 | 0 | 10.37.234.60 | 1380s | 0x6 | 0 | 0 | 20030
10.37.36.162 | 1380s | 0x6 | 0 | 0 | 20030
10.37.36.162 | 1380s | 0x6 | 0 | 0 | 10.37.0.0/16 | 119s | 0x6 | 0 | 0 | 20030
0.0.0.0/0 | 1380s | 0x6 | 0 | 0 | -----------------+----------+--------+------------+------------+-------------------------------
Get the MAC table for the associated EVPN id service.
[root@compute02 ~]# ovs-appctl evpn/mac-table 20030
evpn_id: 20030 gen_id: 0x6 vni_id: 0xb2e041 ref_cnt: 10 ltep_port: 6
mode: L3_MODE arp_proxy: DISABLED aging_period: 300
pat_enabled: DISABLED default_action: drop dhcp_enabled: ENABLED dhcp_relay: DISABLED dhcp_pool: DISABLED
resiliency: DISABLED l2_encryption:DISABLED
subnet: 10.37.0.0 mask: 255.255.0.0 gw: 10.37.0.1 gw_mac: 68:54:ed:00:00:01
dhcp servers: mac_count: 11 cookie: 455606272
------------------+------+----------+----------+--------+------------+------------+-------------
Mac | Port | Duration | Expiry | Cookie | Pkt Count | Pkt Bytes | VM Port name
------------------+------+----------+----------+--------+------------+------------+-------------
ff:ff:ff:ff:ff:ff | - | 1486s | 0s | 0x6 | 0 | 0 | flood
02:ff:1e:3f:70:09 | 8 | 1486s | 0s | 0x6 | 0 | 0 | Vxlan: key=11722817 remote_ip=10.0.0.11
f2:87:87:aa:3b:a4 | 14 | 1463s | 0s | 0x6 | 0 | 0 | eth-lxc-15281 (grave_euler)
7e:ff:1e:10:18:55 | 8 | 1486s | 0s | 0x6 | 0 | 0 | Vxlan: key=11722817 remote_ip=10.0.0.11
66:87:87:06:c5:4d | 12 | 1472s | 0s | 0x6 | 0 | 0 | eth-lxc-15034 (desperate_archimedes)
4a:87:87:1f:75:d6 | 4 | 1486s | 0s | 0x6 | 0 | 0 | eth-lxc-14546 (suspicious_mirzakhani)
6e:87:87:ca:8d:40 | 11 | 1475s | 0s | 0x6 | 0 | 0 | eth-lxc-14897 (gloomy_liskov)
a2:87:87:37:d6:68 | 13 | 1468s | 0s | 0x6 | 0 | 0 | eth-lxc-15164 (modest_keller)
36:87:87:71:5b:9e | 9 | 1482s | 0s | 0x6 | 0 | 0 | eth-lxc-14666 (hopeful_nobel)
c2:ff:1e:82:1c:e9 | 8 | 1486s | 0s | 0x6 | 0 | 0 | Vxlan: key=11722817 remote_ip=10.0.0.11
16:87:87:5e:42:dc | 10 | 1478s | 0s | 0x6 | 0 | 0 | eth-lxc-14775 (backstabbing_thompson)
76:87:87:1e:c2:6b | 15 | 1459s | 0s | 0x6 | 0 | 0 | eth-lxc-15406 (fervent_goldstine)
------------------+------+----------+----------+--------+------------+------------+-------------
Useful Nuage VSC Commands
Here you have some useful commands for VSC to check out what vswicthes (VRSs) are being managed by VSC
*A:vsc01# show vswitch-controller vswitches detail =============================================================================== Virtual Switch Table =============================================================================== vswitch-instance : va-10.0.0.4/1 Personality : VRS_G Uptime : 2d 12:00:26 VM Count : 0 Num of hostIf : 0 Num of bridgeIf : 1 Num of multiVMs : 0 OF version : 1 OF nego. version : 1 OF Conn. port : 6633 Cntrl. role : primary Cntrl. Conn. type : none Cntrl. crl lookup : false Cntrl. Conn. mode : secure Cntrl. Conn. state : ready Cntrl. client verification : false Cntrl. client IP verification : false Peer IP for resiliency : - Received Role from VRS_G : master Elected Role for VRS_G : master Gateway Hold Time(sec) : 3 Gateway Echo Time(sec) : 1 Gateway Topic : nuage_gateway_id_10.0.0.4 Gateway Retry/Audit Time : 915 XMPP error code : 0 XMPP error text : (Not Specified) JSON Conn. State : Up JSON Sess. Uptime : 2d 11:59:57 Static Peer : False XMPP Tls Profile : n/a OF Tls Profile : n/a Ovsdb Tls Profile : n/a Ovsdb Conn Type : none vswitch-instance : va-10.0.0.11/1 Personality : VRS Uptime : 1d 03:17:15 VM Count : 17 Num of hostIf : 0 Num of bridgeIf : 0 Num of multiVMs : 0 OF version : 1 OF nego. version : 1 OF Conn. port : 6633 Cntrl. role : primary Cntrl. Conn. type : none Cntrl. crl lookup : false Cntrl. Conn. mode : secure Cntrl. Conn. state : ready Cntrl. client verification : false Cntrl. client IP verification : false Hold Time(sec) : 15 Echo Time(sec) : 5 JSON Conn. State : Up JSON Sess. Uptime : 1d 03:17:13 Static Peer : False XMPP Tls Profile : n/a OF Tls Profile : n/a Ovsdb Tls Profile : n/a Ovsdb Conn Type : none vswitch-instance : va-10.0.0.12/1 Personality : VRS Uptime : 2d 12:00:44 VM Count : 8 Num of hostIf : 0 Num of bridgeIf : 0 Num of multiVMs : 0 OF version : 1 OF nego. version : 1 OF Conn. port : 6633 Cntrl. role : primary Cntrl. Conn. type : none Cntrl. crl lookup : false Cntrl. Conn. mode : secure Cntrl. Conn. state : ready Cntrl. client verification : false Cntrl. client IP verification : false Hold Time(sec) : 15 Echo Time(sec) : 5 JSON Conn. State : Up JSON Sess. Uptime : 2d 12:00:28 Static Peer : False XMPP Tls Profile : n/a OF Tls Profile : n/a Ovsdb Tls Profile : n/a Ovsdb Conn Type : none ------------------------------------------------------------------------------- No. virtual switches: 3 ===============================================================================
Check out what virtual instances are being managed for an specific Enterprise like “ACME Corp”. We are showing containers (docker) names for instance.
*A:vsc01# show vswitch-controller virtual-machines enterprise "ACME Corp" =============================================================================== Virtual Machine Table =============================================================================== vswitch-instance VM Name UUID ------------------------------------------------------------------------------- va-10.0.0.11/1 tender_meitner 35c5fcc9-11f1-b809-19ae-6d0167702e2c va-10.0.0.11/1 hungry_mclean 497c0ee3-0696-fe66-35f7-cad3ecebc72b va-10.0.0.11/1 boring_ardinghe* 57e8e917-974f-2b63-ba35-72d7e3752f01 va-10.0.0.11/1 prickly_northcu* 65e57580-a51b-58fc-b783-1744b2dc477d va-10.0.0.11/1 berserk_visvesv* 732e4e99-d689-146d-fd51-681d8b80946a va-10.0.0.11/1 trusting_keller 76850489-155d-b55d-dda6-dc8f2d729956 va-10.0.0.11/1 sick_leakey 77e628c9-3939-f620-51d3-35cacbd90f5c va-10.0.0.11/1 sleepy_roentgen 80142e10-dc97-071a-6207-28e33b2a2166 va-10.0.0.11/1 modest_chandras* 8646cf04-9d24-f317-ebcf-7901c2b4590f va-10.0.0.11/1 gigantic_wescoff 8d14224d-eaed-a50c-182c-8a5154e96516 va-10.0.0.11/1 prickly_mahavira 91233ace-7512-fa0b-f674-da68ba71c470 va-10.0.0.11/1 jovial_franklin 9258a63d-05f0-bf04-babe-ee107b97e961 va-10.0.0.11/1 lonely_keller 93446d20-3343-4c22-e6d4-e68f91d15818 va-10.0.0.11/1 admiring_murdock b325e587-5e6c-1c3d-b8a4-0bff402e6745 va-10.0.0.11/1 insane_kare c0bca010-43c5-5078-c23d-fbec4ee97361 va-10.0.0.11/1 silly_feynman ed4b8fe3-a4b2-2b3a-10d2-c4b5868dd939 va-10.0.0.11/1 jovial_blackwell f3899140-a0d4-921e-f89a-00c5e0cc6f0a va-10.0.0.12/1 modest_keller 357a8ad9-bd16-c93e-2bd4-c02c69fc0b07 va-10.0.0.12/1 grave_euler 3a248af3-89b8-0f1f-1626-5f271682a746 va-10.0.0.12/1 suspicious_mirz* 3ae74fc1-4ac8-9b66-4ee8-4e1178f68b5c va-10.0.0.12/1 desperate_archi* 52a98dcd-6628-690c-bb6b-ec5734d5ce77 va-10.0.0.12/1 backstabbing_th* aa46363a-2726-b10c-5a9a-95c6a2509752 va-10.0.0.12/1 gloomy_liskov abd4d701-ec2f-8238-9a79-3e863638c203 va-10.0.0.12/1 fervent_goldsti* b6378095-5092-3643-33c0-8ae40da4f073 va-10.0.0.12/1 hopeful_nobel fb43ddbd-81ee-6d6f-a87a-5dbe0bbb1774 ------------------------------------------------------------------------------- No. of virtual machines: 25 ===============================================================================
We can get more details regarding instances even MAC Address, IP Address, VPRN and EVPN.
*A:vsc01# show vswitch-controller vports type vm enterprise "ACME Corp"
===============================================================================
Virtual Port Table
===============================================================================
VP Name VM Name VPRN EVPN Multicast
VP IP Address MacAddress Channel
Map
-------------------------------------------------------------------------------
va-10.0.0.11/1/26 tender_meitner 20024 20026 Disabled
10.10.10.35/24 1a:ff:1e:9b:b7:03
va-10.0.0.11/1/25 hungry_mclean 20024 20026 Disabled
10.10.10.137/24 62:ff:1e:bc:3b:34
va-10.0.0.11/1/16 boring_ardinghelli 20024 20025 Disabled
10.37.39.216/16 f6:ff:1e:55:a8:43
va-10.0.0.11/1/29 prickly_northcutt 20029 20030 Disabled
10.37.62.63/16 c2:ff:1e:82:1c:e9
va-10.0.0.11/1/24 berserk_visvesvaraya 20024 20025 Disabled
10.37.116.223/16 be:ff:1e:0a:09:a0
va-10.0.0.11/1/20 trusting_keller 20024 20025 Disabled
10.37.168.238/16 8e:ff:1e:62:d8:09
va-10.0.0.11/1/23 sick_leakey 20024 20025 Disabled
10.37.165.46/16 3a:ff:1e:2a:7a:79
va-10.0.0.11/1/21 sleepy_roentgen 20024 20025 Disabled
10.37.123.69/16 86:ff:1e:7a:d6:6e
va-10.0.0.11/1/18 modest_chandrasekhar 20024 20025 Disabled
10.37.119.92/16 f2:ff:1e:4a:1f:63
va-10.0.0.11/1/15 gigantic_wescoff 20024 20025 Disabled
10.37.83.53/16 82:ff:1e:6a:a0:66
va-10.0.0.11/1/27 prickly_mahavira 20024 20026 Disabled
10.10.10.6/24 2e:ff:1e:15:01:02
va-10.0.0.11/1/22 jovial_franklin 20024 20025 Disabled
10.37.134.38/16 7a:ff:1e:a5:e1:2a
va-10.0.0.11/1/30 lonely_keller 20029 20030 Disabled
10.37.100.116/16 7e:ff:1e:10:18:55
va-10.0.0.11/1/28 admiring_murdock 20024 20026 Disabled
10.10.10.105/24 ee:ff:1e:06:3c:cc
va-10.0.0.11/1/17 insane_kare 20024 20025 Disabled
10.37.202.88/16 16:ff:1e:0b:d1:c7
va-10.0.0.11/1/19 silly_feynman 20024 20025 Disabled
10.37.105.245/16 1a:ff:1e:d3:b0:e7
va-10.0.0.11/1/31 jovial_blackwell 20029 20030 Disabled
10.37.36.162/16 02:ff:1e:3f:70:09
va-10.0.0.12/1/6 modest_keller 20029 20030 Disabled
10.37.133.221/16 a2:87:87:37:d6:68
va-10.0.0.12/1/7 grave_euler 20029 20030 Disabled
10.37.120.66/16 f2:87:87:aa:3b:a4
va-10.0.0.12/1/1 suspicious_mirzakhani 20029 20030 Disabled
10.37.234.60/16 4a:87:87:1f:75:d6
va-10.0.0.12/1/5 desperate_archimedes 20029 20030 Disabled
10.37.76.239/16 66:87:87:06:c5:4d
va-10.0.0.12/1/3 backstabbing_thompson 20029 20030 Disabled
10.37.186.42/16 16:87:87:5e:42:dc
va-10.0.0.12/1/4 gloomy_liskov 20029 20030 Disabled
10.37.129.42/16 6e:87:87:ca:8d:40
va-10.0.0.12/1/8 fervent_goldstine 20029 20030 Disabled
10.37.159.184/16 76:87:87:1e:c2:6b
va-10.0.0.12/1/2 hopeful_nobel 20029 20030 Disabled
10.37.82.136/16 36:87:87:71:5b:9e
-------------------------------------------------------------------------------
No. of virtual ports: 25
===============================================================================
Show service details, it can be a VPRN or EVPN service ID. For a VPRN you can see the VRF-target configuration which is important to interconnect with VRFs on the PE. We are taking the VPRN 20024 for instance.
*A:vsc01# show service id 20024 base =============================================================================== Service Basic Information =============================================================================== Service Id : 20024 Vpn Id : 0 Service Type : VPRN Name : (Not Specified) Description : (Not Specified) Customer Id : 10006 Last Status Change: 06/27/2016 17:55:03 Last Mgmt Change : 06/27/2016 17:55:03 Admin State : Up Oper State : Up Route Dist. : 65534:13842 VPRN Type : regular AS Number : None Router Id : 255.0.0.0 ECMP : Enabled ECMP Max Routes : 1 Max IPv4 Routes : No Limit Auto Bind : GRE Max IPv6 Routes : No Limit Ignore NH Metric : Disabled Hash Label : Disabled Vrf Target : target:65534:499 Vrf Import : None Vrf Export : None MVPN Vrf Target : None MVPN Vrf Import : None MVPN Vrf Export : None Car. Sup C-VPN : Disabled Label mode : vrf BGP VPN Backup : Disabled SAP Count : 0 SDP Bind Count : 0 ------------------------------------------------------------------------------- Service Access & Destination Points ------------------------------------------------------------------------------- Identifier Type AdmMTU OprMTU Adm Opr ------------------------------------------------------------------------------- vpls:backhaul-evpn20028 rvpls 0 1500 Up Up vpls:evpn20025 rvpls 0 1500 Up Up vpls:evpn20026 rvpls 0 1500 Up Up ===============================================================================
Check the EVPN 20025 for instance now.
*A:vsc01# show service id 20025 base =============================================================================== Service Basic Information =============================================================================== Service Id : 20025 Vpn Id : 0 Service Type : VPLS Name : evpn20025 Description : (Not Specified) Customer Id : 10006 Last Status Change: 06/27/2016 17:55:03 Last Mgmt Change : 06/27/2016 17:55:03 Admin State : Up Oper State : Up MTU : 1514 Def. Mesh VC Id : 20025 SAP Count : 10 SDP Bind Count : 1 Snd Flush on Fail : Disabled Host Conn Verify : Disabled Propagate MacFlush: Disabled Per Svc Hashing : Disabled Allow IP Intf Bind: Enabled InterConnect vlan*: 0 InterConnect vlan*: 0 Def. Gateway IP : None Def. Gateway MAC : None Temp Flood Time : Disabled Temp Flood : Inactive Temp Flood Chg Cnt: 0 BGP-EVPN Encap : vxlan Vxlan Tenant ID : 368626 ------------------------------------------------------------------------------- Service Access & Destination Points ------------------------------------------------------------------------------- Identifier Type AdmMTU OprMTU Adm Opr ------------------------------------------------------------------------------- sap:va-10.0.0.11/1/15:0 q-tag 1578 1578 Up Up sap:va-10.0.0.11/1/16:0 q-tag 1578 1578 Up Up sap:va-10.0.0.11/1/17:0 q-tag 1578 1578 Up Up sap:va-10.0.0.11/1/18:0 q-tag 1578 1578 Up Up sap:va-10.0.0.11/1/19:0 q-tag 1578 1578 Up Up sap:va-10.0.0.11/1/20:0 q-tag 1578 1578 Up Up sap:va-10.0.0.11/1/21:0 q-tag 1578 1578 Up Up sap:va-10.0.0.11/1/22:0 q-tag 1578 1578 Up Up sap:va-10.0.0.11/1/23:0 q-tag 1578 1578 Up Up sap:va-10.0.0.11/1/24:0 q-tag 1578 1578 Up Up sdp:17406:368626 SB(10.0.0.11) EvpnPmsi 0 0 Up Down =============================================================================== * indicates that the corresponding row element may have been truncated.
Check out the routes into vswitch-controller for a specific enterprise and domain (i.e. “dom2”)
*A:vsc01# show vswitch-controller ip-routes enterprise "ACME Corp" domain "dom2"
===============================================================================
VPRN Routes
===============================================================================
-------------------------------------------------------------------------------
Legend:
Flag : P = Primary, S = Secondary, V = Virtual Next Hop on NAT, I = IPSEC
-------------------------------------------------------------------------------
Flag Prefix/ NextHop Owner
Prefix Length
-------------------------------------------------------------------------------
--- 10.37.0.0/16 10.0.0.11 NVC_LOCAL
--- 10.37.36.162/32 va-10.0.0.11/1/31 NVC
--- 10.37.62.63/32 va-10.0.0.11/1/29 NVC
--- 10.37.76.239/32 va-10.0.0.12/1/5 NVC
--- 10.37.82.136/32 va-10.0.0.12/1/2 NVC
--- 10.37.100.116/32 va-10.0.0.11/1/30 NVC
--- 10.37.120.66/32 va-10.0.0.12/1/7 NVC
--- 10.37.129.42/32 va-10.0.0.12/1/4 NVC
--- 10.37.133.221/32 va-10.0.0.12/1/6 NVC
--- 10.37.159.184/32 va-10.0.0.12/1/8 NVC
--- 10.37.186.42/32 va-10.0.0.12/1/3 NVC
--- 10.37.234.60/32 va-10.0.0.12/1/1 NVC
-------------------------------------------------------------------------------
No. of IP routes: 12
-------------------------------------------------------------------------------
===============================================================================
Find out the associated ingress ACLs for an specific port
*A:vsc01# show vswitch-controller vports vport-name va-10.0.0.11/1/29 acl ingress-security
===============================================================================
Virtual Port Ingress ACL Table
===============================================================================
Pri ACL UUID E-Type Action
SrcIP DestIP S-Prt[Min-Max] D-Prt[Min-Max]
Proto Match DSCP FC override Flow log/Stats log
Reflexive ACL Redirect Tgt PGID/Type
PolicyGroupTag
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
VP Name: va-10.0.0.11/1/29 VLAN ID: 0
-------------------------------------------------------------------------------
0 00000000-0000-0000-0000-000000000000 0x800 Drop
0.0.0.0/0 0.0.0.0/0 0-0 0-0
0 0xff n/a False/False
False - -
0:0
1 00000000-0000-0000-0000-000000000000 0x806 Fwd
0.0.0.0/0 0.0.0.0/0 0-0 0-0
0 0xff n/a False/False
False - -
0:0
2 00000000-0000-0000-0000-000000000000 0x0 Drop
0.0.0.0/0 0.0.0.0/0 0-0 0-0
0 0xff n/a False/False
False - -
0:0
-------------------------------------------------------------------------------
No. of ACL's: 3
-------------------------------------------------------------------------------
Total No. of Ingress ACL's: 3
===============================================================================
I hope those useful Nuage VRS and VSC commands could be really usefull for you.
See you!
