[VMware]
| esxcfg-vswitch | esxcli network vswitch standard | net-dvs -l | esxcfg-vmknic | esxcli network ip | esxcli network nic |
List vSwitches
~ # esxcfg-vswitch -l
Switch Name Num Ports Used Ports Configured Ports MTU Uplinks
vSwitch0 128 1 128 1500
PortGroup Name VLAN ID Used Ports Uplinks
VM Network 0 0
DVS Name Num Ports Used Ports Configured Ports MTU Uplinks
dvSwitch2 512 7 512 1500 vmnic0,vmnic1
DVPort ID In Use Client
128 1 vmnic1
129 1 vmnic0
130 0
131 0
0 1 vmk0
1 1 test-win.eth0
10 0
OR:
~ # esxcli network vswitch standard list
vSwitch0
Name: vSwitch0
Class: etherswitch
Num Ports: 128
Used Ports: 1
Configured Ports: 128
MTU: 1500
CDP Status: listen
Beacon Enabled: false
Beacon Interval: 1
Beacon Threshold: 3
Beacon Required By:
Uplinks:
Portgroups: VM Network
~ # esxcli network vswitch standard portgroup list
To unlink an uplink:
~ # esxcfg-vswitch -U vmnic1 vSwitch0
Be Careful 🙂
I had to revert it back from console:
As I tried to add that uplink back but didn’t work
To add an uplink:
~ # esxcfg-vswitch -L vmnic0 vSwitch0
After executing
~ # esxcli network ip interface list
vmk0
Name: vmk0
MAC Address: 00:50:56:ba:5b:37
Enabled: true
Portset: vSwitch0
Portgroup: Management Network
Netstack Instance: defaultTcpipStack
VDS Name: N/A
VDS UUID: N/A
VDS Port: N/A
VDS Connection: -1
MTU: 1500
TSO MSS: 65535
Port ID: 33554448
~ # esxcli network ip connection list
~ # esxcli network ip route ipv4 list
~ # esxcli network nic list
~ # esxcli network nic get -n vmnic0
~ # esxcfg-vmknic -l
~ # esxcli network diag ping -H 10.26.0.221
| esxcli network vswitch dvs vmware list | net-dvs -l |
List dvSwitches
~ # esxcli network vswitch dvs vmware list
dvSwitch2
Name: dvSwitch2
VDS ID: 86 05 10 50 6e 24 a2 91-2b fb ab 74 5a 37 52 ed
Class: etherswitch
Num Ports: 512
Used Ports: 7
Configured Ports: 512
MTU: 1500
CDP Status: listen
Beacon Timeout: -1
Uplinks: vmnic0, vmnic1
VMware Branded: true
DVPort:
Client: vmnic1
DVPortgroup ID: dvportgroup-118
In Use: true
Port ID: 128
Client: vmnic0
DVPortgroup ID: dvportgroup-118
In Use: true
Port ID: 129
Client:
DVPortgroup ID: dvportgroup-118
In Use: false
Port ID: 130
Client:
DVPortgroup ID: dvportgroup-118
In Use: false
Port ID: 131
Client: vmk0
DVPortgroup ID: dvportgroup-119
In Use: true
Port ID: 0
Client: test-win.eth0
DVPortgroup ID: dvportgroup-119
In Use: true
Port ID: 1
Client:
DVPortgroup ID: dvportgroup-119
In Use: false
Port ID: 10
~ # net-dvs -l |more
https://pubs.vmware.com/vsphere-55/index.jsp#com.vmware.vcli.ref.doc/esxcli_network.html
Nice article: http://www.thegeekstuff.com/2015/01/vmware-esx-vswitch/
>> esxcli network Commands
| Command | Description | Options Help |
| network fence list | Get all fence switch info on the system. | –help | -h
Show the help message. |
| network fence network bte list | Get all fence network bridge table entries information | –fence-id | -f
The fence id used to retrieve fence info. –help | -h Show the help message. –vds-name | -s The vds name used to retrieve fence info. |
| network fence network list | Get all fence network info on the vds. | –fence-id | -f
The fence id used to retrieve fence info. –help | -h Show the help message. –vds-name | -s The vds name used to retrieve fence info. |
| network fence network port list | Get all fence port info on the fence network. | –fence-id | -f
The fence id used to retrieve fence info. –help | -h Show the help message. –vds-name | -s The vds name used to retrieve fence info. |
| network firewall get | Get the firewall status. | –help | -h
Show the help message. |
| network firewall load | Load firewall module and rulesets configuration. | –help | -h
Show the help message. |
| network firewall refresh | Load ruleset configuration for firewall. | –help | -h
Show the help message. |
| network firewall ruleset allowedip add | Add allowed ip address/range to the ruleset ruleset. | –help | -h
Show the help message. –ip-address | -i Allowed ip address/range for the ruleset. –ruleset-id | -r The label of the ruleset. |
| network firewall ruleset allowedip list | list allowed ip addresses for rulesets. | –help | -h
Show the help message. –ruleset-id | -r The label of the ruleset. |
| network firewall ruleset allowedip remove | Remove allowed ip address/range from the ruleset. | –help | -h
Show the help message. –ip-address | -i Allowed ip address/range for the ruleset. –ruleset-id | -r The label of the ruleset. |
| network firewall ruleset list | List the rulesets in firewall. | –help | -h
Show the help message. –ruleset-id | -r List configuration for specfic ruleset |
| network firewall ruleset rule list | List the rules of each ruleset in firewall. | –help | -h
Show the help message. –ruleset-id | -r List rules for specfic ruleset |
| network firewall ruleset set | Set firewall ruleset status (allowedAll flag and enabled status). | –allowed-all | -a
Set to true to allowed all ip, set to false to use allowed ip list. –enabled | -e Set to true to enable ruleset, set to false to disable it. –help | -h Show the help message. –ruleset-id | -r The label of the ruleset. |
| network firewall set | Set firewall enabled status and default action. | –default-action | -d
Set to true to set defaultaction PASS, set to false to DROP. –enabled | -e Set to true to enable the firewall, set to false to disable the firewall. –help | -h Show the help message. |
| network firewall unload | Allow unload firewall module. | –help | -h
Show the help message. |
| network ip connection list | List active TCP/IP connections | –help | -h
Show the help message. –type | -t Connection type : [ip, tcp, udp, all] |
| network ip dns search add | Add a search domain to the list of domains to be searched when trying to resolve an host name on the ESXi host. | –domain | -d
The string name of a domain to add to the list of search domains. –help | -h Show the help message. |
| network ip dns search list | List the search domains currently configured on the ESXi host in the order in which they will be used when searching. | –help | -h
Show the help message. |
| network ip dns search remove | Remove a search domain from the list of domains to be searched when trying to resolve an host name on the ESXi host. | –domain | -d
The string name of a domain to remove from the list of search domains. –help | -h Show the help message. |
| network ip dns server add | Add a new DNS server to the end of the list of DNS servers to use for this ESXi host. | –help | -h
Show the help message. –server | -s The IP address (v4 or v6) of the DNS server to add to the DNS server list. |
| network ip dns server list | Print a list of the DNS server currently configured on the system in the order in which they will be used. | –help | -h
Show the help message. |
| network ip dns server remove | Remove a DNS server from the list of DNS servers to use for this ESXi host. | –all | -a
–help | -h Show the help message. –server | -s |
| network ip get | Get global IP settings | –help | -h
Show the help message. |
| network ip interface add | Add a new VMkernel network interface. | –help | -h
Show the help message. –interface-name | -i The name of the VMkernel network interface to create. This name must be in the form vmkX, where X is a number 0-99 –mac-address | -M Set the MAC address for the newly created VMkernel network interface. –mtu | -m Set the MTU setting for a given VMkernel network interface on creation –portgroup-name | -p The name of the port group to add this VMkernel network interface to. This option is required. |
| network ip interface ipv4 get | Get IPv4 settings for VMkernel network interfaces. | –help | -h
Show the help message. –interface-name | -i The name of the VMkernel network interface to limit the output of this command to. |
| network ip interface ipv4 set | Configure IPv4 setting for a given VMkernel network interface. | –help | -h
Show the help message. –interface-name | -i The name of the VMkernel network interface to set IPv4 settings for. This name must be an interface listed in the interface list command. –ipv4 | -I The static IPv4 address for this interface. –netmask | -N The static IPv4 netmask for this interface. –peer-dns | -P A boolean value to indicate if the system should use the DNS settings published via DHCP for this interface. –type | -t IPv4 Address type : dhcp: Use DHCP to aquire IPv4 setting for this interface. none: Remove IPv4 settings form this interface. static: Set Static IPv4 information for this interface. Requires –ipv4 and –netmask options. |
| network ip interface ipv6 address add | Add a static IPv6 address to a given VMkernel network interface. | –help | -h
Show the help message. –interface-name | -i The name of the VMkernel network interface to add a static IPv6 address to. This name must be an interface listed in the interface list command. –ipv6 | -I The IPv6 address to add to the given VMkernel network interface. This must be in X:X:X::/X format |
| network ip interface ipv6 address list | This command will list all of the IPv6 addresses currently assigned to the system | –help | -h
Show the help message. |
| network ip interface ipv6 address remove | Remove an IPv6 address from a given VMkernel network interface. | –help | -h
Show the help message. –interface-name | -i The name of the VMkernel network interface to remove an IPv6 address from. This name must be an interface listed in the interface list command. –ipv6 | -I The IPv6 address to remove from the given VMkernel network interface. This must be in X:X:X::/X format |
| network ip interface ipv6 get | Get IPv6 settings for VMkernel network interfaces. This does not include the IPv6 addresses which can be found in the listipv6 command | –help | -h
Show the help message. –interface-name | -n The name of the VMkernel network interface to limit the output of this command to. |
| network ip interface ipv6 set | Configure IPv6 settings for a given VMkernel network interface. | –enable-dhcpv6 | -d
Setting this value to true will enable DHCPv6 on this interface and attempt to aquire an IPv6 address from the network –enable-router-adv | -r Setting this value to true will enable IPv6 Router Advertised IPv6 addresses to be added to this interface from any routers broadcasting on the local network. –help | -h Show the help message. –interface-name | -i The name of the VMkernel network interface to set IPv6 settings for. This name must be an interface listed in the interface list command. –peer-dns | -P A boolean value to indicate if the system should use the DNS settings published via DHCPv6 for this interface. |
| network ip interface list | This command will list the VMkernel network interfaces currently known to the system. | –help | -h
Show the help message. |
| network ip interface remove | Remove a new VMkernel network interface from the ESXi host. | –help | -h
Show the help message. –interface-name | -i The name of the VMkernel network interface to remove. This name must be in the form vmkX, where X is a number 0-99 |
| network ip interface set | This command sets the enabled status and MTU size of a given IP interface | –enabled | -e
Set to true to enable the interface, set to false to disable it. –help | -h Show the help message. –interface-name | -i The name of the interface to apply the configurations. –mtu | -m The MTU size of the IP interface. |
| network ip neighbor list | List ARP table entries | –help | -h
Show the help message. –version | -v IP version : [4, 6, all] |
| network ip set | Update global IP settings | –help | -h
Show the help message. –ipv6-enabled | -e Enable or disable IPv6 (Reboot Required) |
| network nic down | Bring down the specified network device. | –help | -h
Show the help message. –nic-name | -n The name of the NIC to configured. This must be one of the cards listed in the nic list command. |
| network nic get | Get the generic configuration of a network device | –help | -h
Show the help message. –nic-name | -n The name of the NIC to configured. This must be one of the cards listed in the nic list command. |
| network nic list | This command will list the Physical NICs currently installed and loaded on the system. | –help | -h
Show the help message. |
| network nic set | Set the general options for the specified ethernet device. | –auto | -a
Set the speed and duplexity settings to autonegotiate. –duplex | -D The duplex to set this NIC to. Acceptable values are : [full, half] –help | -h Show the help message. –message-level | -l Sets the driver message level. Meaning differ per driver. –nic-name | -n The name of the NIC to configured. This must be one of the cards listed in the nic list command. –phy-address | -P Set the PHY address of the device –port | -p Selects device port. Available device ports are aui: Select aui as the device port bnc: Select bnc as the device port fibre: Select mii as the device port mii: Select mii as the device port tp: Select tp as the device port –speed | -S The speed to set this NIC to. Acceptable values are : [10, 100, 1000, 10000] –transceiver-type | -t Selects transeiver type. Currently only internal and external can be specified, in the future future types might be added. Available transeiver types are external: Set the transceiver type to external internal: Set the transceiver type to internal –wake-on-lan | -w Sets Wake-on-LAN options. Not all devices support this. The argument to this option is a string of characters specifying which options to enable. p Wake on phy activity u wake on unicast messages m Wake on multicast messages b wake on broadcast messages a Wake on ARP g Wake on MagicPacket(tm) s Enable SecureOn(tm) password for MagicPacket(tm) |
| network nic up | Bring up the specified network device. | –help | -h
Show the help message. –nic-name | -n The name of the NIC to configured. This must be one of the cards listed in the nic list command. |
| network vswitch dvs vmware list | List the VMware vSphere Distributed Switch currently configured on the ESXi host. | –help | -h
Show the help message. –vds-name | -v Limit the output of this command to only vDS with the given name. |
| network vswitch standard add | Add a new virtual switch to the ESXi networking system. | –help | -h
Show the help message. –ports | -P The number of ports to to give this newly created virtual switch. Maximum ports per virtual switch is 4096. If no value is given the default value(128) is used. The number of ports is limited by the number of already allocated ports on the host. The system wide port count cannot be greater than 4608. –vswitch-name | -v The name of the virtual switch to create. |
| network vswitch standard list | List the virtual switches current on the ESXi host. | –help | -h
Show the help message. –vswitch-name | -v Limit the output of this command to only virtual switches with the given name. |
| network vswitch standard policy failover get | Get the failover policy settings governing the given virtual switch | –help | -h
Show the help message. –vswitch-name | -v The name of the virtual switch to use when fetching the switch failover policy. |
| network vswitch standard policy failover set | Configure the Failover policy for a virtual switch. | –active-uplinks | -a
Configure the list of active adapters and their failover order. This list must be a comma seperated list of values with the uplink name and no spaces. Example: –active-uplinks=vmnic0,vmnic3,vmnic7,vmnic1 –failback | -b Configure whether a NIC will be used immediately when it comes back in service after a failover –failure-detection | -f Set the method of determining how a network outage is detected. beacon: Detect failures based on active beaconing to the vswitch link: Detect failures based on the NIC link state –help | -h Show the help message. –load-balancing | -l Set the load balancing policy for this policy. This can be one of the following options: explicit: Always use the highest order uplink from the list of active adapters which pass failover criteria. iphash: Route based on hashing the src and destination IP addresses mac: Route based on the MAC address of the packet source. portid: Route based on the originating virtual port ID. –notify-switches | -n Indicate whether to send a notification to physical switches on failover –standby-uplinks | -s Configure the list of standby adapters and their failover order. This list must be a comma seperated list of values with the uplink name and no spaces. Example: –standby-uplinks=vmnic2,vmnic4,vmnic8,vmnic6,vmnic11 –vswitch-name | -v The name of the virtual switch to use when configuring the switch failover policy. |
| network vswitch standard policy security get | Get the Security Policy governing the given virtual switch. | –help | -h
Show the help message. –vswitch-name | -v The name of the virtual switch to use when fetching the network security policy. |
| network vswitch standard policy security set | Set the security policy for a given virtual switch | –allow-forged-transmits | -f
Allow ports on the virtual switch to send packets with forged source information. –allow-mac-change | -m Allow ports on the virtual switch to change their MAC address. –allow-promiscuous | -p Allow ports on the virtual switch to enter promiscuous mode. –help | -h Show the help message. –vswitch-name | -v The name of the virtual switch to use when setting the switch security policy. |
| network vswitch standard policy shaping get | Get the shaping policy settings for the given virtual switch | –help | -h
Show the help message. –vswitch-name | -v The name of the virtual switch to use when fetching the switch shaping policy. |
| network vswitch standard policy shaping set | Set the shaping policy settings for the given virtual switch | –avg-bandwidth | -b
The averge bandwidth allowed for this shaping policy. This value is in Kbps (1 Kbps = 1000 bits/s) –burst-size | -t The largest burst size allowed for this shaping policy. This value is in Kib (1 Kib = 1024 bits) –enabled | -e Indicate whether to enable traffic shaping on this policy. If this is true then the –avg-bandwidth, –peak-bandwidth and –burst-size options are required. –help | -h Show the help message. –peak-bandwidth | -k The peak bandwidth allowed for this shaping policy. This value is in Kbps (1 Kbps = 1000 bits/s) –vswitch-name | -v The name of the virtual switch to use when setting the switch shaping policy. |
| network vswitch standard portgroup add | Allows the addition of a standard port group to a virtual switch. | –help | -h
Show the help message. –portgroup-name | -p The name of the port group to add –vswitch-name | -v The virtual switch to add the port group to. |
| network vswitch standard portgroup list | List all of the port groups currently on the system. | –help | -h
Show the help message. |
| network vswitch standard portgroup policy failover get | Get the network failover policy settings governing the given port group | –help | -h
Show the help message. –portgroup-name | -p The name of the port group to use when fetching the port group failover policy. |
| network vswitch standard portgroup policy failover set | Configure the Failover policy for a port group. These setting may potentially override virtual switch settings. | –active-uplinks | -a
Configure the list of active adapters and their failover order. This list must be a comma seperated list of values with the uplink name and no spaces. Example: –active-uplinks=vmnic0,vmnic3,vmnic7,vmnic1 –failback | -b Configure whether a NIC will be used immediately when it comes back in service after a failover –failure-detection | -f Set the method of determining how a network outage is detected. beacon: Detect failures based on active beaconing to the vswitch link: Detect failures based on the NIC link state –help | -h Show the help message. –load-balancing | -l Set the load balancing policy for this policy. This can be one of the following options: explicit: Always use the highest order uplink from the list of active adapters which pass failover criteria. iphash: Route based on hashing the src and destination IP addresses mac: Route based on the MAC address of the packet source. portid: Route based on the originating virtual port ID. –notify-switches | -n Indicate whether to send a notification to physical switches on failover –portgroup-name | -p The name of the port group to set failover policy for. –standby-uplinks | -s Configure the list of standby adapters and their failover order. This list must be a comma seperated list of values with the uplink name and no spaces. Example: –standby-uplinks=vmnic2,vmnic4,vmnic8,vmnic6,vmnic11 –use-vswitch | -u Reset all values for this policy to use parent virtual switch’s settings instead of overriding the settings for the port group. Using this in conjunction with other settings will first reset all of the fields to use the virtual switch setting and then apply the other options after the reset. |
| network vswitch standard portgroup policy security get | Get the Security Policy governing the given port group. | –help | -h
Show the help message. –portgroup-name | -p The name of the port group to use when fetching the network security policy. |
| network vswitch standard portgroup policy security set | Set the security policy for a given port group | –allow-forged-transmits | -f
Allow ports on the virtual switch to send packets with forged source information. –allow-mac-change | -m Allow ports on the virtual switch to change their MAC address. –allow-promiscuous | -o Allow ports on the virtual switch to enter promiscuous mode. –help | -h Show the help message. –portgroup-name | -p The name of the port group to set security policy for. –use-vswitch | -u Reset all values for this policy to use parent virtual switch’s settings instead of overriding the settings for the port group. Using this in conjunction with other settings will first reset all of the fields to use the virtual switch setting and then apply the other options after the reset. |
| network vswitch standard portgroup policy shaping get | Get the network shaping policy settings governing the given port group | –help | -h
Show the help message. –portgroup-name | -p The name of the port group to use when fetching the port group shaping policy. |
| network vswitch standard portgroup policy shaping set | Set the shaping policy settings for the given port group | –avg-bandwidth | -b
The averge bandwidth allowed for this shaping policy. This value is in Kbps (1 Kbps = 1000 bits/s) –burst-size | -t The largest burst size allowed for this shaping policy. This value is in Kib (1 Kib = 1024 bits) –enabled | -e Indicate whether to enable traffic shaping on this policy. If this is true then the –avg-bandwidth, –peak-bandwidth and –burst-size options are required. –help | -h Show the help message. –peak-bandwidth | -k The peak bandwidth allowed for this shaping policy. This value is in Kbps (1 Kbps = 1000 bits/s) –portgroup-name | -p The name of the port group to set shaping policy for. –use-vswitch | -u Reset all values for this policy to use parent virtual switch’s settings instead of overriding the settings for the port group. Using this in conjunction with other settings will first reset all of the fields to use the virtual switch setting and then apply the other options after the reset. |
| network vswitch standard portgroup remove | Remove a port group from the given virtual switch | –help | -h
Show the help message. –portgroup-name | -p –vswitch-name | -v |
| network vswitch standard portgroup set | Set the vlan id for the given port group | –help | -h
Show the help message. –portgroup-name | -p The name of the port group to set vlan id for. –vlan-id | -v The vlan id for this port group. This value is in the range (0 – 4095) |
| network vswitch standard remove | Remove a virtual switch from the ESXi networking system. | –help | -h
Show the help message. –vswitch-name | -v The name of the virtual switch to remove. |
| network vswitch standard set | This command sets the MTU size and CDP status of a given virtual switch. | –cdp-status | -c
The CDP status of the given virtual switch. It can be ‘down’, ‘listen’, ‘advertise’ or ‘both’ –help | -h Show the help message. –mtu | -m The MTU size of the given virtual switch. –vswitch-name | -v The name of virtual switch to apply the configurations. |
| network vswitch standard uplink add | Add an uplink to the given virtual switch. Note if this virtual switch has a NIC teaming policy assigned to it then the policy must also be modified to enable use of this uplink on this virtual switch | –help | -h
Show the help message. –uplink-name | -u The name of the uplink to add to the virtual switch. –vswitch-name | -v The name of the virtual switch to add an uplink to. |
| network vswitch standard uplink remove | Remove an uplink from the given virtual switch. Note if this virtual switch has a NIC teaming policy assigned to it then the policy must also be modified to disable use of this uplink on this virtual switch | –help | -h
Show the help message. –uplink-name | -u The name of the uplink to remove from the virtual switch. –vswitch-name | -v The name of the virtual switch to remove an uplink from. |
From <http://pubs.vmware.com/vsphere-50/topic/com.vmware.vcli.ref.doc_50/esxcli_network.html>
Ahmad Sabry ElGendi 