Difference between revisions of "ESXi - 6.7 network"
Jump to navigation
Jump to search
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Operations that pertain to the maintenance of networking on an ESX host. This includes a wide variety of commands to manipulate virtual networking components (vswitch, portgroup, etc) as well as local host IP, DNS and general host networking settings.<br> | Operations that pertain to the maintenance of networking on an ESX host. This includes a wide variety of commands to manipulate virtual networking components (vswitch, portgroup, etc) as well as local host IP, DNS and general host networking settings.<br> | ||
Line 5: | Line 4: | ||
* '''ping''' | * '''ping''' | ||
: Send ICMP echo requests to network hosts. | : Send ICMP echo requests to network hosts. | ||
:* <code>esxcli network diag ping ''' | :* <code>esxcli network diag ping '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-c|--count=<long> Specify the number of packets to send. | -c|--count=<long> Specify the number of packets to send. | ||
-D|--debug VMKPing debug mode. | -D|--debug VMKPing debug mode. | ||
Line 110: | Line 109: | ||
:::: '''set''' | :::: '''set''' | ||
::::: Set firewall ruleset status (allowedAll flag and enabled status). | ::::: Set firewall ruleset status (allowedAll flag and enabled status). | ||
:::::* <code>esxcli network firewall ruleset set '''LABEL''' ''' | :::::* <code>esxcli network firewall ruleset set '''LABEL''' '''OPTIONS'''</code> | ||
'''LABEL''' | '''LABEL''' | ||
-r{{!}}--ruleset-id=<str> The label of the ruleset. (required) | -r{{!}}--ruleset-id=<str> The label of the ruleset. (required) | ||
''' | '''OPTIONS''' | ||
-a{{!}}--allowed-all=<bool> Set to true to allowed all ip, set to false to use allowed ip list. | -a{{!}}--allowed-all=<bool> Set to true to allowed all ip, set to false to use allowed ip list. | ||
-e{{!}}--enabled=<bool> Set to true to enable ruleset, set to false to disable it. | -e{{!}}--enabled=<bool> Set to true to enable ruleset, set to false to disable it. | ||
Line 205: | Line 204: | ||
* '''set''' | * '''set''' | ||
: This command sets the enabled status and MTU size of a given IP interface | : This command sets the enabled status and MTU size of a given IP interface | ||
:* <code>esxcli network ip interface set ''' | :* <code>esxcli network ip interface set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-e|--enabled=<bool> Set to true to enable the interface, set to false to disable it. | -e|--enabled=<bool> Set to true to enable the interface, set to false to disable it. | ||
-i|--interface-name=<str> | -i|--interface-name=<str> | ||
Line 214: | Line 213: | ||
* '''add''' | * '''add''' | ||
: Add a new VMkernel network interface. | : Add a new VMkernel network interface. | ||
:* <code>esxcli network ip interface add ''' | :* <code>esxcli network ip interface add '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-P|--dvport-id=<str> DVPort ID of the connection point. This requires | -P|--dvport-id=<str> DVPort ID of the connection point. This requires | ||
--dvs-name to be given in the same command | --dvs-name to be given in the same command | ||
Line 236: | Line 235: | ||
* '''remove''' | * '''remove''' | ||
: Remove a VMkernel network interface from the ESXi host. A VMKernel network interface can be uniquely specified by --interface-name or --portgroup-name or --dvs-name/--dvport-id. i.e. Providing its name or its connection point are two ways to uniquely specify a VMKernel network interface. | : Remove a VMkernel network interface from the ESXi host. A VMKernel network interface can be uniquely specified by --interface-name or --portgroup-name or --dvs-name/--dvport-id. i.e. Providing its name or its connection point are two ways to uniquely specify a VMKernel network interface. | ||
:* <code>esxcli network ip interface remove ''' | :* <code>esxcli network ip interface remove '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-P|--dvport-id=<str> DVPort ID of the connection point. This requires | -P|--dvport-id=<str> DVPort ID of the connection point. This requires | ||
--dvs-name to be given in the same command | --dvs-name to be given in the same command | ||
Line 258: | Line 257: | ||
* '''set''' | * '''set''' | ||
: Configure IPv4 setting for a given VMkernel network interface. | : Configure IPv4 setting for a given VMkernel network interface. | ||
:* <code>esxcli network ip interface ipv4 set ''' | :* <code>esxcli network ip interface ipv4 set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-g|--gateway=<str> The default gateway for this interface. The value must be a valid IPv4 | -g|--gateway=<str> The default gateway for this interface. The value must be a valid IPv4 | ||
address. Gateway would be reset if not provided | address. Gateway would be reset if not provided | ||
Line 286: | Line 285: | ||
* '''set''' | * '''set''' | ||
: Configure IPv6 settings for a given VMkernel network interface. | : Configure IPv6 settings for a given VMkernel network interface. | ||
:* <code>esxcli network ip interface ipv6 set ''' | :* <code>esxcli network ip interface ipv6 set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-d|--enable-dhcpv6=<bool> | -d|--enable-dhcpv6=<bool> | ||
Setting this value to true will enable DHCPv6 on this interface and attempt | Setting this value to true will enable DHCPv6 on this interface and attempt | ||
Line 312: | Line 311: | ||
* '''add''' | * '''add''' | ||
: Add a static IPv6 address to a given VMkernel network interface. | : Add a static IPv6 address to a given VMkernel network interface. | ||
:* <code>esxcli network ip interface ipv6 address add ''' | :* <code>esxcli network ip interface ipv6 address add '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-i|--interface-name=<str> | -i|--interface-name=<str> | ||
The name of the VMkernel network interface to add a static IPv6 address to. | The name of the VMkernel network interface to add a static IPv6 address to. | ||
Line 322: | Line 321: | ||
* '''remove''' | * '''remove''' | ||
: Remove an IPv6 address from a given VMkernel network interface. | : Remove an IPv6 address from a given VMkernel network interface. | ||
:* <code>esxcli network ip interface ipv6 address remove ''' | :* <code>esxcli network ip interface ipv6 address remove '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-i|--interface-name=<str> | -i|--interface-name=<str> | ||
The name of the VMkernel network interface to remove an IPv6 address from. | The name of the VMkernel network interface to remove an IPv6 address from. | ||
Line 358: | Line 357: | ||
* '''add''' | * '''add''' | ||
: Add a Security Association. | : Add a Security Association. | ||
:* <code>esxcli network ip ipsec sa add ''' | :* <code>esxcli network ip ipsec sa add '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-e|--encryption-algorithm=<str> | -e|--encryption-algorithm=<str> | ||
Encryption algorithm for the Security Association. Should be one in set | Encryption algorithm for the Security Association. Should be one in set | ||
Line 383: | Line 382: | ||
* '''remove''' | * '''remove''' | ||
: Operation to remove Security Association(s) | : Operation to remove Security Association(s) | ||
:* <code>esxcli network ip ipsec sa remove ''' | :* <code>esxcli network ip ipsec sa remove '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-a|--remove-all Set to remove all Security Associations. | -a|--remove-all Set to remove all Security Associations. | ||
-d|--sa-destination=<str> | -d|--sa-destination=<str> | ||
Line 402: | Line 401: | ||
* '''add''' | * '''add''' | ||
: Add a Security Policy. | : Add a Security Policy. | ||
:* <code>esxcli network ip ipsec sp add ''' | :* <code>esxcli network ip ipsec sp add '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-A|--action=<str> Action for Security Policy. Should be one in set [none, discard, ipsec]. | -A|--action=<str> Action for Security Policy. Should be one in set [none, discard, ipsec]. | ||
-P|--destination-port=<long> | -P|--destination-port=<long> | ||
Line 437: | Line 436: | ||
* '''remove''' | * '''remove''' | ||
: Remove ARP table entries | : Remove ARP table entries | ||
:* <code>esxcli network ip neighbor remove ''' | :* <code>esxcli network ip neighbor remove '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-i|--interface-name=<str> | -i|--interface-name=<str> | ||
The name of the VMkernel network interface to remove the neighbor entry | The name of the VMkernel network interface to remove the neighbor entry | ||
Line 463: | Line 462: | ||
* '''set''' | * '''set''' | ||
: Configure settings for a given Netstack Instance. | : Configure settings for a given Netstack Instance. | ||
:* <code>esxcli network ip netstack set '''NETSTACK''' ''' | :* <code>esxcli network ip netstack set '''NETSTACK''' '''OPTIONS'''</code> | ||
'''NETSTACK''' | '''NETSTACK''' | ||
Line 470: | Line 469: | ||
-d|--disabled Create the netstack instance only in config i.e. in disabled state. Does | -d|--disabled Create the netstack instance only in config i.e. in disabled state. Does | ||
not create in kernel. | not create in kernel. | ||
''' | '''OPTIONS''' | ||
-c|--ccalgo=<str> The TCP Congestion Contol Algorithm for this netstack instance (not applied | -c|--ccalgo=<str> The TCP Congestion Contol Algorithm for this netstack instance (not applied | ||
to existing connections).: | to existing connections).: | ||
Line 531: | Line 530: | ||
* '''set''' | * '''set''' | ||
: Set the general options for the specified ethernet device. | : Set the general options for the specified ethernet device. | ||
:* <code>esxcli network nic set '''NIC_NAME''' ''' | :* <code>esxcli network nic set '''NIC_NAME''' '''OPTIONS'''</code> | ||
* '''down''' | * '''down''' | ||
: Bring down the specified network device. | : Bring down the specified network device. | ||
Line 542: | Line 541: | ||
-n|--nic-name=<str> The name of the NIC to configured. This must be one of the cards listed in | -n|--nic-name=<str> The name of the NIC to configured. This must be one of the cards listed in | ||
the nic list command. (required) | the nic list command. (required) | ||
''' | '''OPTIONS''' | ||
-a|--auto Set the speed and duplexity settings to autonegotiate. | -a|--auto Set the speed and duplexity settings to autonegotiate. | ||
-D|--duplex=<str> The duplex to set this NIC to. Acceptable values are : [full, half] | -D|--duplex=<str> The duplex to set this NIC to. Acceptable values are : [full, half] | ||
Line 582: | Line 581: | ||
* '''set''' | * '''set''' | ||
: Set coalesce parameters on a nic | : Set coalesce parameters on a nic | ||
:* <code>esxcli network nic coalesce set '''NIC_NAME''' '''[ | :* <code>esxcli network nic coalesce set '''NIC_NAME''' '''[OPTIONS]'''</code> | ||
'''NIC_NAME''' | '''NIC_NAME''' | ||
-n|--vmnic=<str> Name of vmnic to set coalesce parameters. (required) | -n|--vmnic=<str> Name of vmnic to set coalesce parameters. (required) | ||
''' | '''OPTIONS''' | ||
-a|--adaptive-rx=<bool> | -a|--adaptive-rx=<bool> | ||
enable or disable adaptive RX algorithm in driver. | enable or disable adaptive RX algorithm in driver. | ||
Line 607: | Line 606: | ||
* '''set''' | * '''set''' | ||
: Set parameters to control the behavior of a NIC when it sends or receives packets at high packet rate. | : Set parameters to control the behavior of a NIC when it sends or receives packets at high packet rate. | ||
:* <code>esxcli network nic coalesce high set '''NIC_NAME''' '''[ | :* <code>esxcli network nic coalesce high set '''NIC_NAME''' '''[OPTIONS]'''</code> | ||
==== low ==== | ==== low ==== | ||
* '''get''' | * '''get''' | ||
Line 614: | Line 613: | ||
* '''set''' | * '''set''' | ||
: Set parameters to control the behavior of a NIC when it sends or receives packets at low packet rate. | : Set parameters to control the behavior of a NIC when it sends or receives packets at low packet rate. | ||
:* <code>esxcli network nic coalesce low set '''NIC_NAME''' '''[ | :* <code>esxcli network nic coalesce low set '''NIC_NAME''' '''[OPTIONS]'''</code> | ||
'''NIC_NAME''' | '''NIC_NAME''' | ||
-n|--vmnic=<str> The name of the pnic for which information should be retrieved. (required) | -n|--vmnic=<str> The name of the pnic for which information should be retrieved. (required) | ||
''' | '''OPTIONS''' | ||
-p|--pkt-rate=<long> The high packet rate measured in number of packets per second. When packet | -p|--pkt-rate=<long> The high packet rate measured in number of packets per second. When packet | ||
rate is above this parameter, the RX/TX coalescing parameters configured by | rate is above this parameter, the RX/TX coalescing parameters configured by | ||
Line 640: | Line 639: | ||
* '''set''' | * '''set''' | ||
: Set checksum offload settings on a nic | : Set checksum offload settings on a nic | ||
:* <code>esxcli network nic cso set ''' | :* <code>esxcli network nic cso set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-e|--enable=<long> RX/TX checksum offload (required) | -e|--enable=<long> RX/TX checksum offload (required) | ||
-n|--vmnic=<str> Name of vmnic to set offload settings. (required) | -n|--vmnic=<str> Name of vmnic to set offload settings. (required) | ||
Line 649: | Line 648: | ||
* '''dump''' | * '''dump''' | ||
: Dump device EEPROM | : Dump device EEPROM | ||
:* <code>esxcli network nic eeprom dump ''' | :* <code>esxcli network nic eeprom dump '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-l|--length=<long> Bytes of EEPROM to dump | -l|--length=<long> Bytes of EEPROM to dump | ||
-o|--offset=<long> Offset of EEPROM starting to dump | -o|--offset=<long> Offset of EEPROM starting to dump | ||
Line 657: | Line 656: | ||
* '''change''' | * '''change''' | ||
: Change EEPROM on a nic | : Change EEPROM on a nic | ||
:* <code>esxcli network nic eeprom change ''' | :* <code>esxcli network nic eeprom change '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-f|--file=<str> File name of new EEPROM content | -f|--file=<str> File name of new EEPROM content | ||
-m|--magic=<long> Magic key of EEPROM (required) | -m|--magic=<long> Magic key of EEPROM (required) | ||
Line 678: | Line 677: | ||
* '''set''' | * '''set''' | ||
: Set pause parameters for a NIC | : Set pause parameters for a NIC | ||
:* <code>esxcli network nic pauseParams set ''' | :* <code>esxcli network nic pauseParams set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-a|--auto=<bool> Enable/disable auto negotiation. | -a|--auto=<bool> Enable/disable auto negotiation. | ||
-n|--nic-name=<str> Name of NIC whose pause parameters should be set. (required) | -n|--nic-name=<str> Name of NIC whose pause parameters should be set. (required) | ||
Line 692: | Line 691: | ||
* '''set''' | * '''set''' | ||
: Set number of netqueues on a nic | : Set number of netqueues on a nic | ||
:* <code>esxcli network nic queue count set ''' | :* <code>esxcli network nic queue count set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-q|--num=<long> Number of queues to set. (required) | -q|--num=<long> Number of queues to set. (required) | ||
-r|--rx=<bool> Rx netqueue to set count. | -r|--rx=<bool> Rx netqueue to set count. | ||
Line 715: | Line 714: | ||
* '''set''' | * '''set''' | ||
: Enable/disable netqueue load balancer setting on a NIC. | : Enable/disable netqueue load balancer setting on a NIC. | ||
:* <code>esxcli network nic queue loadbalancer set ''' | :* <code>esxcli network nic queue loadbalancer set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
--dynpoollb=<bool> Configure Dynamic queue pool at netqueue load balancer. | --dynpoollb=<bool> Configure Dynamic queue pool at netqueue load balancer. | ||
--geneveoamlb=<bool> Configure Geneve OAM at netqueue load balancer. | --geneveoamlb=<bool> Configure Geneve OAM at netqueue load balancer. | ||
Line 735: | Line 734: | ||
* '''set''' | * '''set''' | ||
: Enable/disable netqueue load balancer setting on a NIC. | : Enable/disable netqueue load balancer setting on a NIC. | ||
:* <code>esxcli network nic queue loadbalancer plugin set ''' | :* <code>esxcli network nic queue loadbalancer plugin set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-e|--enable=<bool> Netqueue balancer plugin state (required) | -e|--enable=<bool> Netqueue balancer plugin state (required) | ||
-m|--module=<str> Name of netqueue balancer module (required) | -m|--module=<str> Name of netqueue balancer module (required) | ||
Line 748: | Line 747: | ||
* '''set''' | * '''set''' | ||
: Enable/disable netqueue balancer on a NIC | : Enable/disable netqueue balancer on a NIC | ||
:* <code>esxcli network nic queue loadbalancer state set ''' | :* <code>esxcli network nic queue loadbalancer state set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-e|--enable=<bool> Netqueue balancer state (required) | -e|--enable=<bool> Netqueue balancer state (required) | ||
-n|--vmnic=<str> Name of vmnic to change netqueue balancer state (required) | -n|--vmnic=<str> Name of vmnic to change netqueue balancer state (required) | ||
Line 771: | Line 770: | ||
* '''set''' | * '''set''' | ||
: Set current RX/TX ring buffer parameters of a NIC | : Set current RX/TX ring buffer parameters of a NIC | ||
:* <code>esxcli network nic ring current set '''NIC_NAME''' ''' | :* <code>esxcli network nic ring current set '''NIC_NAME''' '''OPTIONS'''</code> | ||
'''NIC_NAME''' | '''NIC_NAME''' | ||
-n|--nic-name=<str> The name of the NIC whose current RX/TX ring buffer parameters should be | -n|--nic-name=<str> The name of the NIC whose current RX/TX ring buffer parameters should be | ||
set. (required) | set. (required) | ||
''' | '''OPTIONS''' | ||
-r|--rx=<long> Number of ring entries for the RX ring. | -r|--rx=<long> Number of ring entries for the RX ring. | ||
-j|--rx-jumbo=<long> Number of ring entries for the RX jumbo ring. | -j|--rx-jumbo=<long> Number of ring entries for the RX jumbo ring. | ||
Line 792: | Line 791: | ||
* '''run''' | * '''run''' | ||
: Run self test | : Run self test | ||
:* <code>esxcli network nic selftest run ''' | :* <code>esxcli network nic selftest run '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-o|--online=<long> Performing limited set of tests do not inetrrupt normal adapter operation, | -o|--online=<long> Performing limited set of tests do not inetrrupt normal adapter operation, | ||
default is offline | default is offline | ||
Line 804: | Line 803: | ||
* '''set''' | * '''set''' | ||
: Set scatter-gatter settings on a nic | : Set scatter-gatter settings on a nic | ||
:* <code>esxcli network nic sg set ''' | :* <code>esxcli network nic sg set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-e|--enable=<long> Enable/disable scatter-gather (required) | -e|--enable=<long> Enable/disable scatter-gather (required) | ||
-n|--vmnic=<str> Name of vmnic to configure scatter-gather settings. (required) | -n|--vmnic=<str> Name of vmnic to configure scatter-gather settings. (required) | ||
Line 815: | Line 814: | ||
* '''set''' | * '''set''' | ||
: Enable and disable software simulation settings on a NIC. | : Enable and disable software simulation settings on a NIC. | ||
:* <code>esxcli network nic software set ''' | :* <code>esxcli network nic software set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
--geneveoffload=<bool> | --geneveoffload=<bool> | ||
Configure Geneve encapsulation offload software simulation. | Configure Geneve encapsulation offload software simulation. | ||
Line 848: | Line 847: | ||
* '''set''' | * '''set''' | ||
: Set TCP segmentation offload settings on a nic | : Set TCP segmentation offload settings on a nic | ||
:* <code>esxcli network nic tso set ''' | :* <code>esxcli network nic tso set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-e|--enable=<long> TCP segmentation offload (required) | -e|--enable=<long> TCP segmentation offload (required) | ||
-n|--vmnic=<str> Name of vmnic to set TSO settings. (required) | -n|--vmnic=<str> Name of vmnic to set TSO settings. (required) | ||
Line 863: | Line 862: | ||
* '''set''' | * '''set''' | ||
: Enable/disable VLAN statistics collection on the NIC. | : Enable/disable VLAN statistics collection on the NIC. | ||
:* <code>esxcli network nic vlan stats set ''' | :* <code>esxcli network nic vlan stats set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-e|--enabled=<bool> Whether to enable or disable VLAN statistics (required) | -e|--enabled=<bool> Whether to enable or disable VLAN statistics (required) | ||
-n|--nic-name=<str> Name of the NIC to get statistics from. (required) | -n|--nic-name=<str> Name of the NIC to get statistics from. (required) | ||
Line 899: | Line 898: | ||
* '''stats''' | * '''stats''' | ||
: Get statistics for given VF of a SRIOV NIC. | : Get statistics for given VF of a SRIOV NIC. | ||
:* <code>esxcli network sriovnic vf stats ''' | :* <code>esxcli network sriovnic vf stats '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-n|--nic-name=<str> The name of the SRIOV NIC. This must be one of the cards listed in the | -n|--nic-name=<str> The name of the SRIOV NIC. This must be one of the cards listed in the | ||
sriovNic list command. (required) | sriovNic list command. (required) | ||
Line 944: | Line 943: | ||
* '''set''' | * '''set''' | ||
: Set long/short timeout for vmnics in one LACP LAG | : Set long/short timeout for vmnics in one LACP LAG | ||
:* <code>esxcli network vswitch dvs vmware lacp timeout set ''' | :* <code>esxcli network vswitch dvs vmware lacp timeout set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-l|--lag-id=<long> The ID of LAG to be configured. (required) | -l|--lag-id=<long> The ID of LAG to be configured. (required) | ||
-n|--nic-name=<str> The nic name. If it is set, then only this vmnic in the lag will be | -n|--nic-name=<str> The nic name. If it is set, then only this vmnic in the lag will be | ||
Line 959: | Line 958: | ||
* '''add''' | * '''add''' | ||
: Add a new virtual switch to the ESXi networking system. | : Add a new virtual switch to the ESXi networking system. | ||
:* <code>esxcli network vswitch standard add ''' | :* <code>esxcli network vswitch standard add '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-P|--ports=<long> The number of ports to to give this newly created virtual switch. Maximum | -P|--ports=<long> The number of ports to to give this newly created virtual switch. Maximum | ||
ports per virtual switch is 4096. If no value is given the default | ports per virtual switch is 4096. If no value is given the default | ||
Line 971: | Line 970: | ||
* '''remove''' | * '''remove''' | ||
: Remove a virtual switch from the ESXi networking system. | : Remove a virtual switch from the ESXi networking system. | ||
:* <code>esxcli network vswitch standard remove ''' | :* <code>esxcli network vswitch standard remove '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-v|--vswitch-name=<str> | -v|--vswitch-name=<str> | ||
The name of the virtual switch to remove. (required) | The name of the virtual switch to remove. (required) | ||
Line 978: | Line 977: | ||
* '''set''' | * '''set''' | ||
: This command sets the MTU size and CDP status of a given virtual switch. | : This command sets the MTU size and CDP status of a given virtual switch. | ||
:* <code>esxcli network vswitch standard set ''' | :* <code>esxcli network vswitch standard set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-c|--cdp-status=<str> The CDP status of the given virtual switch. It can be 'down', 'listen', | -c|--cdp-status=<str> The CDP status of the given virtual switch. It can be 'down', 'listen', | ||
'advertise' or 'both' | 'advertise' or 'both' | ||
Line 990: | Line 989: | ||
* '''get''' | * '''get''' | ||
: Get the failover policy settings governing the given virtual switch | : Get the failover policy settings governing the given virtual switch | ||
:* <code>esxcli network vswitch standard policy failover get ''' | :* <code>esxcli network vswitch standard policy failover get '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-v|--vswitch-name=<str> | -v|--vswitch-name=<str> | ||
The name of the virtual switch to use when fetching the switch failover | The name of the virtual switch to use when fetching the switch failover | ||
Line 997: | Line 996: | ||
* '''set''' | * '''set''' | ||
: Configure the Failover policy for a virtual switch. | : Configure the Failover policy for a virtual switch. | ||
:* <code>esxcli network vswitch standard policy failover set ''' | :* <code>esxcli network vswitch standard policy failover set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-a|--active-uplinks=<str> | -a|--active-uplinks=<str> | ||
Configure the list of active adapters and their failover order. This list | Configure the list of active adapters and their failover order. This list | ||
Line 1,030: | Line 1,029: | ||
* '''get''' | * '''get''' | ||
: Get the Security Policy governing the given virtual switch. | : Get the Security Policy governing the given virtual switch. | ||
:* <code>esxcli network vswitch standard policy security get ''' | :* <code>esxcli network vswitch standard policy security get '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-v|--vswitch-name=<str> | -v|--vswitch-name=<str> | ||
The name of the virtual switch to use when fetching the network security | The name of the virtual switch to use when fetching the network security | ||
Line 1,038: | Line 1,037: | ||
* '''set''' | * '''set''' | ||
: Set the security policy for a given virtual switch | : Set the security policy for a given virtual switch | ||
:* <code>esxcli network vswitch standard policy security set ''' | :* <code>esxcli network vswitch standard policy security set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-f|--allow-forged-transmits=<bool> | -f|--allow-forged-transmits=<bool> | ||
Allow ports on the virtual switch to send packets with forged source | Allow ports on the virtual switch to send packets with forged source | ||
Line 1,054: | Line 1,053: | ||
* '''get''' | * '''get''' | ||
: Get the shaping policy settings for the given virtual switch | : Get the shaping policy settings for the given virtual switch | ||
:* <code>esxcli network vswitch standard policy shaping get ''' | :* <code>esxcli network vswitch standard policy shaping get '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-v|--vswitch-name=<str> | -v|--vswitch-name=<str> | ||
The name of the virtual switch to use when fetching the switch shaping | The name of the virtual switch to use when fetching the switch shaping | ||
Line 1,062: | Line 1,061: | ||
* '''set''' | * '''set''' | ||
: Set the shaping policy settings for the given virtual switch | : Set the shaping policy settings for the given virtual switch | ||
:* <code>esxcli network vswitch standard policy shaping set ''' | :* <code>esxcli network vswitch standard policy shaping set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-b|--avg-bandwidth=<long> | -b|--avg-bandwidth=<long> | ||
The averge bandwidth allowed for this shaping policy. This value is in Kbps | The averge bandwidth allowed for this shaping policy. This value is in Kbps | ||
Line 1,086: | Line 1,085: | ||
* '''add''' | * '''add''' | ||
: Allows the addition of a standard port group to a virtual switch. | : Allows the addition of a standard port group to a virtual switch. | ||
:* <code>esxcli network vswitch standard portgroup add ''' | :* <code>esxcli network vswitch standard portgroup add '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-p|--portgroup-name=<str> | -p|--portgroup-name=<str> | ||
The name of the port group to add (required) | The name of the port group to add (required) | ||
Line 1,095: | Line 1,094: | ||
* '''remove''' | * '''remove''' | ||
: Remove a port group from the given virtual switch | : Remove a port group from the given virtual switch | ||
:* <code>esxcli network vswitch standard portgroup remove ''' | :* <code>esxcli network vswitch standard portgroup remove '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-p|--portgroup-name=<str> | -p|--portgroup-name=<str> | ||
(required) | (required) | ||
Line 1,104: | Line 1,103: | ||
* '''set''' | * '''set''' | ||
: Set the vlan id for the given port group | : Set the vlan id for the given port group | ||
:* <code>esxcli network vswitch standard portgroup set ''' | :* <code>esxcli network vswitch standard portgroup set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-p|--portgroup-name=<str> | -p|--portgroup-name=<str> | ||
The name of the port group to set vlan id for. (required) | The name of the port group to set vlan id for. (required) | ||
Line 1,114: | Line 1,113: | ||
* '''get''' | * '''get''' | ||
: Get the network failover policy settings governing the given port group | : Get the network failover policy settings governing the given port group | ||
:* <code>esxcli network vswitch standard portgroup policy failover get ''' | :* <code>esxcli network vswitch standard portgroup policy failover get '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-p|--portgroup-name=<str> | -p|--portgroup-name=<str> | ||
The name of the port group to use when fetching the port group failover | The name of the port group to use when fetching the port group failover | ||
Line 1,122: | Line 1,121: | ||
* '''set''' | * '''set''' | ||
: Configure the Failover policy for a port group. These setting may potentially override virtual switch settings. | : Configure the Failover policy for a port group. These setting may potentially override virtual switch settings. | ||
:* <code>esxcli network vswitch standard portgroup policy failover set ''' | :* <code>esxcli network vswitch standard portgroup policy failover set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-a|--active-uplinks=<str> | -a|--active-uplinks=<str> | ||
Configure the list of active adapters and their failover order. This list | Configure the list of active adapters and their failover order. This list | ||
Line 1,159: | Line 1,158: | ||
* '''get''' | * '''get''' | ||
: Get the Security Policy governing the given port group. | : Get the Security Policy governing the given port group. | ||
:* <code>esxcli network vswitch standard portgroup policy security get ''' | :* <code>esxcli network vswitch standard portgroup policy security get '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-p|--portgroup-name=<str> | -p|--portgroup-name=<str> | ||
The name of the port group to use when fetching the network security | The name of the port group to use when fetching the network security | ||
Line 1,167: | Line 1,166: | ||
* '''set''' | * '''set''' | ||
: Set the security policy for a given port group | : Set the security policy for a given port group | ||
:* <code>esxcli network vswitch standard portgroup policy security set ''' | :* <code>esxcli network vswitch standard portgroup policy security set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-f|--allow-forged-transmits=<bool> | -f|--allow-forged-transmits=<bool> | ||
Allow ports on the virtual switch to send packets with forged source | Allow ports on the virtual switch to send packets with forged source | ||
Line 1,187: | Line 1,186: | ||
* '''get''' | * '''get''' | ||
: Get the network shaping policy settings governing the given port group | : Get the network shaping policy settings governing the given port group | ||
:* <code>esxcli network vswitch standard portgroup policy shaping get ''' | :* <code>esxcli network vswitch standard portgroup policy shaping get '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-p|--portgroup-name=<str> | -p|--portgroup-name=<str> | ||
The name of the port group to use when fetching the port group shaping | The name of the port group to use when fetching the port group shaping | ||
Line 1,195: | Line 1,194: | ||
* '''set''' | * '''set''' | ||
: Set the shaping policy settings for the given port group | : Set the shaping policy settings for the given port group | ||
:* <code>esxcli network vswitch standard portgroup policy shaping set ''' | :* <code>esxcli network vswitch standard portgroup policy shaping set '''OPTIONS'''</code> | ||
''' | '''OPTIONS''' | ||
-b|--avg-bandwidth=<long> | -b|--avg-bandwidth=<long> | ||
The averge bandwidth allowed for this shaping policy. This value is in Kbps | The averge bandwidth allowed for this shaping policy. This value is in Kbps | ||
Line 1,220: | Line 1,219: | ||
* '''add''' | * '''add''' | ||
: Add an uplink to the given virtual switch. Note if this virtual switch has a NIC teaming policy assigned to it then the policy must also be modified to enable use of this uplink on this virtual switch | : Add an uplink to the given virtual switch. Note if this virtual switch has a NIC teaming policy assigned to it then the policy must also be modified to enable use of this uplink on this virtual switch | ||
:* <code>esxcli network vswitch standard uplink add</code> | :* <code>esxcli network vswitch standard uplink add '''OPTIONS'''</code> | ||
'''OPTIONS''' | |||
-u|--uplink-name=<str> | |||
The name of the uplink to add to the virtual switch. (required) | |||
-v|--vswitch-name=<str> | |||
The name of the virtual switch to add an uplink to. (required) | |||
* '''remove''' | * '''remove''' | ||
: Remove an uplink from the given virtual switch. Note if this virtual switch has a NIC teaming policy assigned to it then the policy must also be modified to disable use of this uplink on this virtual switch | : Remove an uplink from the given virtual switch. Note if this virtual switch has a NIC teaming policy assigned to it then the policy must also be modified to disable use of this uplink on this virtual switch | ||
:* <code>esxcli network vswitch standard uplink remove</code> | :* <code>esxcli network vswitch standard uplink remove '''OPTIONS'''</code> | ||
'''OPTIONS''' | |||
-u|--uplink-name=<str> | |||
The name of the uplink to remove from the virtual switch. (required) | |||
-v|--vswitch-name=<str> | |||
The name of the virtual switch to remove an uplink from. (required) |
Latest revision as of 20:06, 10 February 2022
Operations that pertain to the maintenance of networking on an ESX host. This includes a wide variety of commands to manipulate virtual networking components (vswitch, portgroup, etc) as well as local host IP, DNS and general host networking settings.
diag
- ping
- Send ICMP echo requests to network hosts.
esxcli network diag ping OPTIONS
OPTIONS -c|--count=<long> Specify the number of packets to send. -D|--debug VMKPing debug mode. -d|--df Set DF bit on IPv4 packets. -H|--host=<str> Specify the host to send packets to. This parameter is required when not executing ping in debug mode (-D) -I|--interface=<str> Specify the outgoing interface. -i|--interval=<str> Set the interval for sending packets in seconds. --ipv4 Ping with ICMPv4 echo requests. --ipv6 Ping with ICMPv6 echo requests. --netstack=<str> Specify the TCP/IP netstack which the interface resides on -N|--nexthop=<str> Override the system's default route selection, in dotted quad notation. (IPv4 only. Requires interface option) -s|--size=<long> Set the payload size of the packets to send. -t|--ttl=<long> Set IPv4 Time To Live or IPv6 Hop Limit -W|--wait=<str> Set the timeout to wait if no responses are received in seconds.
ens
lcore
- list
- List ENS contexts.
esxcli network ens lcore list
- add
- Create ENS context.
esxcli network ens lcore add ID
ID -l|--lcore-id=<long> ENS context id to be created. (required)
- remove
- Destroy ENS context.
esxcli network ens lcore remove ID
ID -l|--lcore-id=<long> ENS context id to be destroyed. (required)
affinity
- get
- Get the affinity for given ENS context.
esxcli network ens lcore affinity get ID
ID -l|--lcore-id=<long> ENS context id. (required)
- set
- Set affinity for given ENS context.
esxcli network ens lcore affinity set ID NODE
ID -l|--lcore-id=<long> ENS context id. (required) NODE -a|--affinity=<long> Numa node affinity. (required)
switch
- get
- Get the switch associated with given ENS context.
esxcli network ens lcore switch get ID
ID -l|--lcore-id=<long> ENS context id. (required)
- add
- Associate given ENS context with given switch.
esxcli network ens lcore switch add ID SWITCH
ID -l|--lcore-id=<long> ENS context id. (required) SWITCH -s|--switch=<str> Switch name. (required)
- remove
- Disassociate given ENS context from virtual switch.
esxcli network ens lcore switch remove ID
ID -l|--lcore-id=<long> ENS context id. (required)
maxLcores
- get
- Get the maximum number of ENS contexts (lcores).
esxcli network ens maxLcores get
- set
- Set the maximum number of ENS contexts.
esxcli network ens maxLcores set MAXCORES
MAXCORES -n|--maxlcores=<long> Number of maximum ENS contexts to be assigned. (required)
firewall
- get
- Get the firewall status.
esxcli network firewall get
- set
- Set firewall enabled status and default action.
esxcli network firewall set PARAM
- Set firewall enabled status and default action.
PARAM --enabled OR --default-action
- refresh
- Load ruleset configuration for firewall.
esxcli network firewall refresh
- load
- Load firewall module and rulesets configuration.
esxcli network firewall load
- unload
- Allow unload firewall module.
esxcli network firewall unload
- Allow unload firewall module.
- Load firewall module and rulesets configuration.
ruleset
- list
- List the rulesets in firewall.
esxcli network firewall ruleset list
- set
- Set firewall ruleset status (allowedAll flag and enabled status).
esxcli network firewall ruleset set LABEL OPTIONS
- Set firewall ruleset status (allowedAll flag and enabled status).
LABEL -r|--ruleset-id=<str> The label of the ruleset. (required) OPTIONS -a|--allowed-all=<bool> Set to true to allowed all ip, set to false to use allowed ip list. -e|--enabled=<bool> Set to true to enable ruleset, set to false to disable it.
allowedip
- list
- list allowed ip addresses for rulesets.
esxcli network firewall ruleset allowedip list
- add
- Add allowed ip address/range to the ruleset ruleset.
esxcli network firewall ruleset allowedip add LABEL RANGE
- remove
- Remove allowed ip address/range from the ruleset.
esxcli network firewall ruleset allowedip remove LABEL RANGE
- Add allowed ip address/range to the ruleset ruleset.
LABEL -r|--ruleset-id=<str> The label of the ruleset. (required) RANGE -i|--ip-address=<str> Allowed ip address/range for the ruleset. (required)
client
- get
- Show the number of clients using a firewall ruleset.
esxcli network firewall ruleset client get LABEL
- add
- Add a new client to a firewall ruleset. This enables the firewall ruleset and increments the number of clients using the ruleset.
esxcli network firewall ruleset client add LABEL
- remove
- Remove a client from a firewall ruleset. This decrements the number of clients using the ruleset and if the number reaches zero the ruleset is disabled.
esxcli network firewall ruleset client remove LABEL
- Remove a client from a firewall ruleset. This decrements the number of clients using the ruleset and if the number reaches zero the ruleset is disabled.
- Add a new client to a firewall ruleset. This enables the firewall ruleset and increments the number of clients using the ruleset.
LABEL -r|--ruleset-id=<str> The label of the ruleset. (required)
rule
- list
- List the rules of each ruleset in firewall.
esxcli network firewall ruleset rule list
ip
- get
- Get global IP settings
esxcli network ip get
- set
- Update global IP settings
esxcli network ip set
Configure the VMkernel Adapter Gateway by Using esxcli Commands
connection
- list
- List active TCP/IP connections
esxcli network ip connection list
dns
search
- list
- List the search domains currently configured on the ESXi host in the order in which they will be used when searching.
esxcli network ip dns search list
- add
- Add a search domain to the list of domains to be searched when trying to resolve an host name on the ESXi host.
esxcli network ip dns search add DOMAIN NETSTACK
- remove
- Remove a search domain from the list of domains to be searched when trying to resolve an host name on the ESXi host.
esxcli network ip dns search remove DOMAIN NETSTACK
server
- list
- Print a list of the DNS server currently configured on the system in the order in which they will be used.
esxcli network ip dns server list
- add
- Add a new DNS server to the end of the list of DNS servers to use for this ESXi host.
esxcli network ip dns server add DOMAIN SERVER
- remove
- Remove a DNS server from the list of DNS servers to use for this ESXi host.
esxcli network ip dns server remove PARAM
DOMAIN -d|--domain=<str> The string name of a domain to remove from the list of search domains. (required) NETSTACK -N|--netstack=<str> The network stack instance; if unspecified, use the default netstack instance SERVER -s|--server=<str> The IP address (v4 or v6) of the DNS server to add to the DNS server list. (required) PARAM --all, --server
interface
- list
- This command will list the VMkernel network interfaces currently known to the system.
esxcli network ip interface list
- set
- This command sets the enabled status and MTU size of a given IP interface
esxcli network ip interface set OPTIONS
OPTIONS -e|--enabled=<bool> Set to true to enable the interface, set to false to disable it. -i|--interface-name=<str> The name of the interface to apply the configurations. (required) -m|--mtu=<long> The MTU size of the IP interface.
- add
- Add a new VMkernel network interface.
esxcli network ip interface add OPTIONS
OPTIONS -P|--dvport-id=<str> DVPort ID of the connection point. This requires --dvs-name to be given in the same command -s|--dvs-name=<str> DVSwitch name of the connection point. This requires --dvport-id to be given in the same command -i|--interface-name=<str> The name of the VMkernel network interface to create. This name must be in the form vmkX, where X is a number 0-255 -M|--mac-address=<str> Set the MAC address for the newly created VMkernel network interface. -m|--mtu=<long> Set the MTU setting for a given VMkernel network interface on creation -N|--netstack=<str> The network stack instance; if unspecified, use the default netstack instance -p|--portgroup-name=<str> The name of the vswitch port group to add this VMkernel network interface to.
- remove
- Remove a VMkernel network interface from the ESXi host. A VMKernel network interface can be uniquely specified by --interface-name or --portgroup-name or --dvs-name/--dvport-id. i.e. Providing its name or its connection point are two ways to uniquely specify a VMKernel network interface.
esxcli network ip interface remove OPTIONS
OPTIONS -P|--dvport-id=<str> DVPort ID of the connection point. This requires --dvs-name to be given in the same command -s|--dvs-name=<str> DVSwitch name of the connection point. This requires --dvport-id to be given in the same command -i|--interface-name=<str> The name of the VMkernel network interface to remove. This name must be in the form vmkX, where X is a number 0-255 -N|--netstack=<str> The network stack instance; if unspecified, use the default netstack instance -p|--portgroup-name=<str> The name of the vswitch port group to delete this VMkernel network interface from.
ipv4
- get
- List the IPv4 addresses assigned to VMkernel network interfaces.
esxcli network ip interface ipv4 get
- set
- Configure IPv4 setting for a given VMkernel network interface.
esxcli network ip interface ipv4 set OPTIONS
OPTIONS -g|--gateway=<str> The default gateway for this interface. The value must be a valid IPv4 address. Gateway would be reset if not provided -i|--interface-name=<str> The name of the VMkernel network interface to set IPv4 settings for. This name must be an interface listed in the interface list command. (required) -I|--ipv4=<str> The static IPv4 address for this interface. -N|--netmask=<str> The static IPv4 netmask for this interface. -P|--peer-dns=<bool> A boolean value to indicate if the system should use the DNS settings published via DHCPv4 for this interface. -t|--type=<str> IPv4 Address type : dhcp: Use DHCP to aquire IPv4 setting for this interface. none: Remove IPv4 settings form this interface. static: Set Static IPv4 information for this interface. Requires --ipv4 and --netmask options.
address
- list
- List the IPv4 addresses assigned to VMkernel network interfaces.
esxcli network ip interface ipv4 address list
ipv6
- get
- Get IPv6 settings for VMkernel network interfaces. This does not include the IPv6 addresses which can be found in the "address list" command.
esxcli network ip interface ipv6 get
- set
- Configure IPv6 settings for a given VMkernel network interface.
esxcli network ip interface ipv6 set OPTIONS
OPTIONS -d|--enable-dhcpv6=<bool> Setting this value to true will enable DHCPv6 on this interface and attempt to aquire an IPv6 address from the network -e|--enable-ipv6=<bool> Setting this value to true enables IPv6 on thisinterface while setting it to false disables IPv6 on this interface. -r|--enable-router-adv=<bool> Setting this value to true will enable IPv6 Router Advertised IPv6 addresses to be added to this interface from any routers broadcasting on the local network. -g|--gateway=<str> A default gateway for this interface. The value must be a valid IPv6 address. -i|--interface-name=<str> The name of the VMkernel network interface to set IPv6 settings for. This name must be an interface listed in the interface list command. (required) -P|--peer-dns=<bool> A boolean value to indicate if the system should use the DNS settings published via DHCPv6 for this interface.
address
- list
- This command will list all of the IPv6 addresses currently assigned to the system
esxcli network ip interface ipv6 address list
- add
- Add a static IPv6 address to a given VMkernel network interface.
esxcli network ip interface ipv6 address add OPTIONS
OPTIONS -i|--interface-name=<str> The name of the VMkernel network interface to add a static IPv6 address to. This name must be an interface listed in the interface list command. (required) -I|--ipv6=<str> The IPv6 address to add to the given VMkernel network interface. This must be in X:X:X::/X format (required)
- remove
- Remove an IPv6 address from a given VMkernel network interface.
esxcli network ip interface ipv6 address remove OPTIONS
OPTIONS -i|--interface-name=<str> The name of the VMkernel network interface to remove an IPv6 address from. This name must be an interface listed in the interface list command. (required) -I|--ipv6=<str> The IPv6 address to remove from the given VMkernel network interface. This must be in X:X:X::/X format (required)
tag
- get
- Gets the tags set on the given VMkernel network interface.
esxcli network ip interface tag get INTERFACE
- add
- Adds a tag on a given VMkernel network interface. Supported tags are: Management, VMotion, faultToleranceLogging, vSphereReplication, vSphereReplicationNFC, vSphereProvisioning, VSAN, VSANWitness
esxcli network ip interface tag add INTERFACE'TAGNAME'
- remove
- Removes a tag on a given VMkernel network interface.
esxcli network ip interface tag remove INTERFACE'TAGNAME'
INTERFACE -i|--interface-name=<str> Name of the VMkernel network interface (vmknic) whose tags are to be read/set/removed (required) This name must be an interface listed in the interface list command. (required) TAGNAME -t|--tagname=<str> Tag name to assign to the interface (required)
ipsec
sa
- list
- List configured Security Associations
esxcli network ip ipsec sa list
- add
- Add a Security Association.
esxcli network ip ipsec sa add OPTIONS
OPTIONS -e|--encryption-algorithm=<str> Encryption algorithm for the Security Association. Should be one in set [null, 3des-cbc, aes128-cbc]. (required) -k|--encryption-key=<str> Encryption key(ASCII or hex). Length of hex key is dependent upon algorithm used. Required when a encryption algorithm has been specified. -i|--integrity-algorithm=<str> Integrity algorithm for the Security Association. Should be one in set [hmac-sha1, hmac-sha2-256]. (required) -K|--integrity-key=<str> Integrity key(ASCII or hex). Length of hex key is dependent upon algorithm used. (required) -d|--sa-destination=<str> Ipv6 address of Security Association destination. Can be specified as 'any' or a correct IPv6 address. (required) -m|--sa-mode=<str> Security Association mode. Should be one in set [transport, tunnel]. -n|--sa-name=<str> Name for the Security Association to be added. (required) -s|--sa-source=<str> Ipv6 address of Security Association source. Can be specified as 'any' or a correct IPv6 address. (required) -p|--sa-spi=<str> SPI value for the Security Association(hex). (required)
- remove
- Operation to remove Security Association(s)
esxcli network ip ipsec sa remove OPTIONS
OPTIONS -a|--remove-all Set to remove all Security Associations. -d|--sa-destination=<str> Ipv6 address of Security Association destination. This option needs to be specified when removing an auto SA. -n|--sa-name=<str> Name for the Security Association to be removed. Specify 'auto' to remove an auto SA. -s|--sa-source=<str> Ipv6 address of Security Association source. This option needs to be specified when removing an auto SA. -p|--sa-spi=<str> SPI value for the Security Association (hex). This option needs to be specified when removing an auto SA
sp
- list
- List configured Security Policys
esxcli network ip ipsec sp list
- add
- Add a Security Policy.
esxcli network ip ipsec sp add OPTIONS
OPTIONS -A|--action=<str> Action for Security Policy. Should be one in set [none, discard, ipsec]. -P|--destination-port=<long> Destination Port for Security Policy. '0' stands for 'any' (required) -w|--flow-direction=<str> Flow direction for Security Policy. Should be one in set [in, out]. -a|--sa-name=<str> Name for the Security Association. Not being Specified lets vmkernel automatically choose an Security Association. If no applicable Security Association exists, then vmkernel may request one using IKE. -p|--source-port=<long> Source Port for Security Policy. '0' stands for 'any' (required) -d|--sp-destination=<str> Ipv6 address and prefix length of Security Policy destination. Can be specified as 'any' or a correct Ipv6 network address. (required) -m|--sp-mode=<str> Security Policy mode. Should be one in set [transport, tunnel]. -n|--sp-name=<str> Name for the Security Policy to be added. (required) -s|--sp-source=<str> Ipv6 address and prefix length of Security Policy source. Can be specified as 'any' or a correct IPv6 network address. (required) -u|--upper-layer-protocol=<str> Upper layer protocol for Security Policy, Should be one in set [any, tcp, udp, icmp6].
- remove
- Operation to remove Security Policy
esxcli network ip ipsec sp remove PARAM
PARAM --remove-all OR --sa-name
neighbor
- list
- List ARP table entries
esxcli network ip neighbor list
- remove
- Remove ARP table entries
esxcli network ip neighbor remove OPTIONS
OPTIONS -i|--interface-name=<str> The name of the VMkernel network interface to remove the neighbor entry from. If not specified, neighbor will be removed from all interfaces -a|--neighbor-addr=<str> The IPv4/IPv6 address of the neighbor. (required) -N|--netstack=<str> The network stack instance; if unspecified, use the default netstack instance -v|--version=<str> IP version : [4, 6] (required)
netstack
- list
- This command will list the VMkernel Netstack instances currently known to the system.
esxcli network ip netstack list
- get
- Get runtime/configuration settings for a given Netstack Instance.
esxcli network ip netstack get NETSTACK
- add
- Add a new Netstack Instance.
esxcli network ip netstack add NETSTACK DISABLE
- remove
- Remove a new Netstack Instance.
esxcli network ip netstack remove NETSTACK
- set
- Configure settings for a given Netstack Instance.
esxcli network ip netstack set NETSTACK OPTIONS
NETSTACK -N|--netstack=<str> The network stack instance (required) DISABLE -d|--disabled Create the netstack instance only in config i.e. in disabled state. Does not create in kernel. OPTIONS -c|--ccalgo=<str> The TCP Congestion Contol Algorithm for this netstack instance (not applied to existing connections).: cubic: Set cubic as the algorithm newreno: Set newreno as the algorithm -e|--enable=<bool> Enable the netstack instance (create in kernel) -i|--ipv6enabled=<bool> To enable IPv6 for this netstack instance (aplied only during netstack creation). -m|--maxconn=<long> The maximum number of connections for this netstack instance (applied only during netstack creation). -n|--name=<str> The name for this netstack instance.
route
ipv4
- list
- List configured IPv4 routes
esxcli network ip route ipv4 list
- add
- Add IPv4 route to the VMkernel.
esxcli network ip route ipv4 add GATEWAY [NETSTACK] NETWORK
- remove
- Remove IPv4 route
esxcli network ip route ipv4 remove GATEWAY [NETSTACK] NETWORK
ipv6
- list
- List configured IPv6 routes
esxcli network ip route ipv6 list
- add
- Add IPv6 route to the VMkernel.
esxcli network ip route ipv6 add GATEWAY [NETSTACK] NETWORK
- remove
- Remove IPv6 route from the VMkernel
esxcli network ip route ipv6 remove GATEWAY [NETSTACK] NETWORK
GATEWAY -g|--gateway=<str> The Ipv6 address of the gateway through which a route to be removed (required) NETSTACK -N|--netstack=<str> The network stack instance; if unspecified, use the default netstack instance NETWORK -n|--network=<str> The Ipv6 address and prefix length of the network to remove the route from. Specify 'default' to indicate the default network. (required)
multicast
group
- list
- List all the multicast group members.
esxcli network multicast group list
nic
- list
- This command will list the Physical NICs currently installed and loaded on the system.
esxcli network nic list
- get
- Get the generic configuration of a network device
esxcli network nic get NIC_NAME
- set
- Set the general options for the specified ethernet device.
esxcli network nic set NIC_NAME OPTIONS
- down
- Bring down the specified network device.
esxcli network nic down NIC_NAME
- up
- Bring up the specified network device.
esxcli network nic up NIC_NAME
NIC_NAME -n|--nic-name=<str> The name of the NIC to configured. This must be one of the cards listed in the nic list command. (required) OPTIONS -a|--auto Set the speed and duplexity settings to autonegotiate. -D|--duplex=<str> The duplex to set this NIC to. Acceptable values are : [full, half] -l|--message-level=<long> Sets the driver message level. Meaning differ per driver. -P|--phy-address=<long> Set the PHY address of the device -p|--port=<str> Selects device port. Available device ports are aui: Select AUI (Attachment Unit Interface) as the device port bnc: Select BNC (Bayonet Neill-Concelman) as the device port da: Select DA (Direct Attach copper) as the device port fibre: Select fibre as the device port mii: Select MII (Media Independent Interface) as the device port tp: Select TP (Twisted Pair) as the device port -S|--speed=<long> The speed to set this NIC to, in Mbps. Acceptable values are : [10, 100, 1000, 2500, 5000, 10000, 20000, 25000, 40000, 50000, 56000, 100000] -t|--transceiver-type=<str> Selects transeiver type. Currently only internal and external can be specified, in the future future types might be added. Available transeiver types are external: Set the transceiver type to external internal: Set the transceiver type to internal -V|--virtual-address=<str> Set the virtual address of the device -w|--wake-on-lan=<str> Sets Wake-on-LAN options. Not all devices support this. The argument to this option is a string of characters specifying which options to enable. p Wake on phy activity u Wake on unicast messages m Wake on multicast messages b Wake on broadcast messages a Wake on ARP g Wake on MagicPacket(tm) s Enable SecureOn(tm) password for MagicPacket(tm)
coalesce
- get
- Get coalesce parameters
esxcli network nic coalesce get
- set
- Set coalesce parameters on a nic
esxcli network nic coalesce set NIC_NAME [OPTIONS]
NIC_NAME -n|--vmnic=<str> Name of vmnic to set coalesce parameters. (required) OPTIONS -a|--adaptive-rx=<bool> enable or disable adaptive RX algorithm in driver. -A|--adaptive-tx=<bool> enable or disable adaptive TX algorithm in driver. -R|--rx-max-frames=<long> Maximum number of RX frames driver to process before interrupting. -r|--rx-usecs=<long> Number of microseconds driver to wait for RX before interrupting. -i|--sample-interval=<long> Packet rate sampling internal in seconds for the adaptive coalescing algorithm in driver. -T|--tx-max-frames=<long> Maximum number of completed TX frames driver to process before interrupting. -t|--tx-usecs=<long> Number of microseconds driver to wait for completed TX before interrupting.
high
- get
- Get information about the behavior of a NIC when it sends or receives packets at high packet rate.
esxcli network nic coalesce high get NIC_NAME
- set
- Set parameters to control the behavior of a NIC when it sends or receives packets at high packet rate.
esxcli network nic coalesce high set NIC_NAME [OPTIONS]
low
- get
- Get information about the behavior of a NIC when it sends or receives packets at low packet rate.
esxcli network nic coalesce low get NIC_NAME
- set
- Set parameters to control the behavior of a NIC when it sends or receives packets at low packet rate.
esxcli network nic coalesce low set NIC_NAME [OPTIONS]
NIC_NAME -n|--vmnic=<str> The name of the pnic for which information should be retrieved. (required) OPTIONS -p|--pkt-rate=<long> The high packet rate measured in number of packets per second. When packet rate is above this parameter, the RX/TX coalescing parameters configured by this command are used. -R|--rx-max-frames=<long> The maximum number of RX packets to delay an RX interrupt after they arrive under high packet rate conditions. -r|--rx-usecs=<long> The number of microseconds to delay an RX interrupt after a packet arrives under high packet rate conditions. -T|--tx-max-frames=<long> The maximum number of TX packets to delay an TX interrupt after they are sent under high packet rate conditions. -t|--tx-usecs=<long> The number of microseconds to delay a TX interrupt after a packet is sent under high packet rate conditions. -n|--vmnic=<str> Name of the vmnic for which parameters should be set. (required)
cso
- get
- Get checksum offload settings
esxcli network nic cso get
- set
- Set checksum offload settings on a nic
esxcli network nic cso set OPTIONS
OPTIONS -e|--enable=<long> RX/TX checksum offload (required) -n|--vmnic=<str> Name of vmnic to set offload settings. (required)
eeprom
- dump
- Dump device EEPROM
esxcli network nic eeprom dump OPTIONS
OPTIONS -l|--length=<long> Bytes of EEPROM to dump -o|--offset=<long> Offset of EEPROM starting to dump -n|--vmnic=<str> The name of pnic to dump EEPROM (required)
- change
- Change EEPROM on a nic
esxcli network nic eeprom change OPTIONS
OPTIONS -f|--file=<str> File name of new EEPROM content -m|--magic=<long> Magic key of EEPROM (required) -o|--offset=<long> Offset of EEPROM to change -v|--value=<long> New EEPROM value in double word -n|--vmnic=<str> Name of vmnic to change EEPROM. (required)
negotiate
- restart
- Restart N-Way negotiation on a nic
esxcli network nic negotiate restart NIC_NAME
NIC_NAME -n|--vmnic=<str> Name of vmnic to restart negotiation (required)
pauseParams
- list
- List pause parameters of all NICs
esxcli network nic pauseParams list
- set
- Set pause parameters for a NIC
esxcli network nic pauseParams set OPTIONS
OPTIONS -a|--auto=<bool> Enable/disable auto negotiation. -n|--nic-name=<str> Name of NIC whose pause parameters should be set. (required) -r|--rx=<bool> Enable/disable pause RX flow control. -t|--tx=<bool> Enable/disable pause TX flow control.
queue
count
- get
- Get netqueue count on a nic
esxcli network nic queue count get
- set
- Set number of netqueues on a nic
esxcli network nic queue count set OPTIONS
OPTIONS -q|--num=<long> Number of queues to set. (required) -r|--rx=<bool> Rx netqueue to set count. -t|--tx=<bool> Tx netqueue to set count. -n|--vmnic=<str> Name of vmnic to set netqueue count. (required)
filterclass
- list
- List the netqueue supported filterclass of all physical NICs currently installed and loaded on the system.
esxcli network nic queue filterclass list
loadbalancer
- list
- List the netqueue load balancer settings of all physical NICs currently installed and loaded on the system. Setting legend as follows,
- S: Setting supported by device
- U: Setting unsupported by device
- N: Setting not applicable to device
- A: Setting allowed at load balancing
- D: Setting disallowed at load balancing
esxcli network nic queue loadbalancer list
- set
- Enable/disable netqueue load balancer setting on a NIC.
esxcli network nic queue loadbalancer set OPTIONS
OPTIONS --dynpoollb=<bool> Configure Dynamic queue pool at netqueue load balancer. --geneveoamlb=<bool> Configure Geneve OAM at netqueue load balancer. --lrolb=<bool> Configure Large Receive Offload at netqueue load balancer. --maclearnlb=<bool> Configure Mac learn load balancing at netqueue load balancer. --rsslb=<bool> Configure Receive Side Scaling at netqueue load balancer. --rxdynlb=<bool> Configure RX dynamic load balancing at netqueue load balancer. --rxqlatency=<bool> Configure Rx queue latency at netqueue load balancer. --rxqnofeat=<bool> Configure Rx queue no feature at netqueue load balancer. --rxqpair=<bool> Configure Rx queue pair at netqueue load balancer. --rxqpreempt=<bool> Configure pre-emptible queue at netqueue load balancer. -n|--vmnic=<str> Name of vmnic to update netqueue load balancer setting. (required)
plugin
- list
- Details of netqueue balancer plugins on all physical NICs currently installed and loaded on the system
esxcli network nic queue loadbalancer plugin list
- set
- Enable/disable netqueue load balancer setting on a NIC.
esxcli network nic queue loadbalancer plugin set OPTIONS
OPTIONS -e|--enable=<bool> Netqueue balancer plugin state (required) -m|--module=<str> Name of netqueue balancer module (required) -p|--plugin=<str> Name of netqueue balancer plugin (required) -n|--vmnic=<str> Name of vmnic to change netqueue balancer plugin state (required)
state
- list
- Netqueue balancer state of all physical NICs currently installed and loaded on the system
esxcli network nic queue loadbalancer state list
- set
- Enable/disable netqueue balancer on a NIC
esxcli network nic queue loadbalancer state set OPTIONS
OPTIONS -e|--enable=<bool> Netqueue balancer state (required) -n|--vmnic=<str> Name of vmnic to change netqueue balancer state (required)
register
- dump
- Dump device registers
esxcli network nic register dump NIC_NAME
NIC_NAME -n|--vmnic=<str> The name of pnic to dump registers (required)
ring
current
- get
- Get current RX/TX ring buffer parameters of a NIC
esxcli network nic ring current get NIC_NAME
NIC_NAME -n|--nic-name=<str> The name of the NIC whose current RX/TX ring buffer parameters should be retrieved. (required)
- set
- Set current RX/TX ring buffer parameters of a NIC
esxcli network nic ring current set NIC_NAME OPTIONS
NIC_NAME -n|--nic-name=<str> The name of the NIC whose current RX/TX ring buffer parameters should be set. (required) OPTIONS -r|--rx=<long> Number of ring entries for the RX ring. -j|--rx-jumbo=<long> Number of ring entries for the RX jumbo ring. -m|--rx-mini=<long> Number of ring entries for the RX mini ring. -t|--tx=<long> Number of ring entries for the TX ring.
preset
- get
- Get preset RX/TX ring buffer parameters of a NIC
esxcli network nic ring preset get NIC_NAME
NIC_NAME -n|--nic-name=<str> The name of the NIC whose preset RX/TX ring buffer parameters should be retrieved. (required)
selftest
- run
- Run self test
esxcli network nic selftest run OPTIONS
OPTIONS -o|--online=<long> Performing limited set of tests do not inetrrupt normal adapter operation, default is offline -n|--vmnic=<str> The name of pnic to dump EEPROM (required)
sg
- get
- Get scatter-gather settings
esxcli network nic sg get
- set
- Set scatter-gatter settings on a nic
esxcli network nic sg set OPTIONS
OPTIONS -e|--enable=<long> Enable/disable scatter-gather (required) -n|--vmnic=<str> Name of vmnic to configure scatter-gather settings. (required)
software
- list
- List software simulation settings of physical NICs currently installed and loaded on the system.
esxcli network nic software list
- set
- Enable and disable software simulation settings on a NIC.
esxcli network nic software set OPTIONS
OPTIONS --geneveoffload=<bool> Configure Geneve encapsulation offload software simulation. --highdma=<bool> Configure high DMA software simulation. --ipv4cso=<bool> Configure IPv4 checksum offload software simulation. --ipv4tso=<bool> Configure IPv4 TCP segmentation offload software simulation. --ipv6cso=<bool> Configure IPv6 checksum offload software simulation. --ipv6csoext=<bool> Configure IPv6 extend header checksum offload software simulation. --ipv6tso=<bool> Configure IPv6 TCP segmentation offload software simulation. --ipv6tsoext=<bool> Configure IPv6 extend header TCP segmentation offload software simulation. --obo=<bool> Configure offset based encapsulation offload software simulation. --sg=<bool> Configure scatter gather software simulation. --sgsp=<bool> Configure scatter gather span multiple pages software simulation. --tagging=<bool> Configure TX VLAN tagging software simulation. --untagging=<bool> Configure RX VLAN untagging software simulation. -n|--vmnic=<str> Name of the vmnic whose software similation settings should be updated. (required) --vxlanencap=<bool> Configure VXLAN encapsulation offload software simulation.
stats
- get
- Get NIC statistics for a given interface.
esxcli network nic stats get NIC_NAME
NIC_NAME -n|--nic-name=<str> Name of the NIC to get statistics from. (required)
tso
- get
- Get TCP segmentation offload settings
esxcli network nic tso get
- set
- Set TCP segmentation offload settings on a nic
esxcli network nic tso set OPTIONS
OPTIONS -e|--enable=<long> TCP segmentation offload (required) -n|--vmnic=<str> Name of vmnic to set TSO settings. (required)
vlan
stats
- get
- List VLAN statistics for active VLAN's on the NIC.
esxcli network nic vlan stats get NIC_NAME
NIC_NAME -n|--nic-name=<str> Name of the NIC to get statistics from. (required)
- set
- Enable/disable VLAN statistics collection on the NIC.
esxcli network nic vlan stats set OPTIONS
OPTIONS -e|--enabled=<bool> Whether to enable or disable VLAN statistics (required) -n|--nic-name=<str> Name of the NIC to get statistics from. (required)
port
filter
stats
- get
- Filter statistics for a given port.
esxcli network port filter stats get PORT_ID
PORT_ID -p|--portid=<long> Port ID for the port to get filter statistics. (required)
stats
- get
- Packet statistics for a given port.
esxcli network port stats get PORT_ID
PORT_ID -p|--portid=<long> Port ID for the port to get statistics. (required)
sriovnic
- list
- This command will list the SRIOV Enabled NICs (PFs) currently installed and loaded on the system.
esxcli network sriovnic list
vf
- list
- Get the generic configuration of VFs for SRIOV NIC.
esxcli network sriovnic vf list NIC_NAME
NIC_NAME -n|--nic-name=<str> The name of the SRIOV NIC to configured. This must be one of the cards listed in the sriovNic list command. (required)
- stats
- Get statistics for given VF of a SRIOV NIC.
esxcli network sriovnic vf stats OPTIONS
OPTIONS -n|--nic-name=<str> The name of the SRIOV NIC. This must be one of the cards listed in the sriovNic list command. (required) -v|--vf-id=<long> The VF ID of the virtual function whose stats are to be collected. This must be one of the VF IDs listed in the sriovnic vf list command. (required)
vm
- list
- List networking information for the VM's that have active ports.
esxcli network vm list
port
- list
- List of active ports for a given VM.
esxcli network vm port list VM_WORLD_ID
VM_WORLD_ID -w|--world-id=<long> World ID of the VM for listing ports. (required)
vswitch
dvs
vmware
- list
- List the VMware vSphere Distributed Switch currently configured on the ESXi host.
esxcli network vswitch dvs vmware list
lacp
config
- get
- Get LACP configuration on DVS
esxcli network vswitch dvs vmware lacp config get
stats
- get
- Get LACP stats on DVS uplinks
esxcli network vswitch dvs vmware lacp stats get
status
- get
- Get LACP status on DVS
esxcli network vswitch dvs vmware lacp status get
timeout
- set
- Set long/short timeout for vmnics in one LACP LAG
esxcli network vswitch dvs vmware lacp timeout set OPTIONS
OPTIONS -l|--lag-id=<long> The ID of LAG to be configured. (required) -n|--nic-name=<str> The nic name. If it is set, then only this vmnic in the lag will be configured. -t|--timeout=<bool> Set long or short timeout: 1 for short timeout and 0 for long timeout. (required) -s|--vds=<str> The name of VDS. (required)
standard
- list
- List the virtual switches current on the ESXi host.
esxcli network vswitch standard list
- add
- Add a new virtual switch to the ESXi networking system.
esxcli network vswitch standard add OPTIONS
OPTIONS -P|--ports=<long> The number of ports to to give this newly created virtual switch. Maximum ports per virtual switch is 4096. If no value is given the default value(128) is used. The number of ports is limited by the number of already allocated ports on the host. The system wide port count cannot be greater than 4608. -v|--vswitch-name=<str> The name of the virtual switch to create. (required)
- remove
- Remove a virtual switch from the ESXi networking system.
esxcli network vswitch standard remove OPTIONS
OPTIONS -v|--vswitch-name=<str> The name of the virtual switch to remove. (required)
- set
- This command sets the MTU size and CDP status of a given virtual switch.
esxcli network vswitch standard set OPTIONS
OPTIONS -c|--cdp-status=<str> The CDP status of the given virtual switch. It can be 'down', 'listen', 'advertise' or 'both' -m|--mtu=<long> The MTU size of the given virtual switch. -v|--vswitch-name=<str> The name of virtual switch to apply the configurations. (required)
policy
failover
- get
- Get the failover policy settings governing the given virtual switch
esxcli network vswitch standard policy failover get OPTIONS
OPTIONS -v|--vswitch-name=<str> The name of the virtual switch to use when fetching the switch failover policy. (required)
- set
- Configure the Failover policy for a virtual switch.
esxcli network vswitch standard policy failover set OPTIONS
OPTIONS -a|--active-uplinks=<str> Configure the list of active adapters and their failover order. This list must be a comma seperated list of values with the uplink name and no spaces. Example: --active-uplinks=vmnic0,vmnic3,vmnic7,vmnic1 -b|--failback=<bool> Configure whether a NIC will be used immediately when it comes back in service after a failover -f|--failure-detection=<str> Set the method of determining how a network outage is detected. beacon: Detect failures based on active beaconing to the vswitch link: Detect failures based on the NIC link state -l|--load-balancing=<str> Set the load balancing policy for this policy. This can be one of the following options: explicit: Always use the highest order uplink from the list of active adapters which pass failover criteria. iphash: Route based on hashing the src and destination IP addresses mac: Route based on the MAC address of the packet source. portid: Route based on the originating virtual port ID. -n|--notify-switches=<bool> Indicate whether to send a notification to physical switches on failover -s|--standby-uplinks=<str> Configure the list of standby adapters and their failover order. This list must be a comma seperated list of values with the uplink name and no spaces. Example: --standby-uplinks=vmnic2,vmnic4,vmnic8,vmnic6,vmnic11 -v|--vswitch-name=<str> The name of the virtual switch to use when configuring the switch failover policy. (required)
security
- get
- Get the Security Policy governing the given virtual switch.
esxcli network vswitch standard policy security get OPTIONS
OPTIONS -v|--vswitch-name=<str> The name of the virtual switch to use when fetching the network security policy. (required)
- set
- Set the security policy for a given virtual switch
esxcli network vswitch standard policy security set OPTIONS
OPTIONS -f|--allow-forged-transmits=<bool> Allow ports on the virtual switch to send packets with forged source information. -m|--allow-mac-change=<bool> Allow ports on the virtual switch to change their MAC address. -p|--allow-promiscuous=<bool> Allow ports on the virtual switch to enter promiscuous mode. -v|--vswitch-name=<str> The name of the virtual switch to use when setting the switch security policy. (required)
shaping
- get
- Get the shaping policy settings for the given virtual switch
esxcli network vswitch standard policy shaping get OPTIONS
OPTIONS -v|--vswitch-name=<str> The name of the virtual switch to use when fetching the switch shaping policy. (required)
- set
- Set the shaping policy settings for the given virtual switch
esxcli network vswitch standard policy shaping set OPTIONS
OPTIONS -b|--avg-bandwidth=<long> The averge bandwidth allowed for this shaping policy. This value is in Kbps (1 Kbps = 1000 bits/s) -t|--burst-size=<long> The largest burst size allowed for this shaping policy. This value is in Kib (1 Kib = 1024 bits) -e|--enabled=<bool> Indicate whether to enable traffic shaping on this policy. If this is true then the --avg-bandwidth, --peak-bandwidth and --burst-size options are required. -k|--peak-bandwidth=<long> The peak bandwidth allowed for this shaping policy. This value is in Kbps (1 Kbps = 1000 bits/s) -v|--vswitch-name=<str> The name of the virtual switch to use when setting the switch shaping policy. (required)
portgroup
- list
- List all of the port groups currently on the system.
esxcli network vswitch standard portgroup list
- add
- Allows the addition of a standard port group to a virtual switch.
esxcli network vswitch standard portgroup add OPTIONS
OPTIONS -p|--portgroup-name=<str> The name of the port group to add (required) -v|--vswitch-name=<str> The virtual switch to add the port group to. (required)
- remove
- Remove a port group from the given virtual switch
esxcli network vswitch standard portgroup remove OPTIONS
OPTIONS -p|--portgroup-name=<str> (required) -v|--vswitch-name=<str> (required)
- set
- Set the vlan id for the given port group
esxcli network vswitch standard portgroup set OPTIONS
OPTIONS -p|--portgroup-name=<str> The name of the port group to set vlan id for. (required) -v|--vlan-id=<long> The vlan id for this port group. This value is in the range (0 - 4095)
policy
failover
- get
- Get the network failover policy settings governing the given port group
esxcli network vswitch standard portgroup policy failover get OPTIONS
OPTIONS -p|--portgroup-name=<str> The name of the port group to use when fetching the port group failover policy. (required)
- set
- Configure the Failover policy for a port group. These setting may potentially override virtual switch settings.
esxcli network vswitch standard portgroup policy failover set OPTIONS
OPTIONS -a|--active-uplinks=<str> Configure the list of active adapters and their failover order. This list must be a comma seperated list of values with the uplink name and no spaces. Example: --active-uplinks=vmnic0,vmnic3,vmnic7,vmnic1 -b|--failback=<bool> Configure whether a NIC will be used immediately when it comes back in service after a failover -f|--failure-detection=<str> Set the method of determining how a network outage is detected. beacon: Detect failures based on active beaconing to the vswitch link: Detect failures based on the NIC link state -l|--load-balancing=<str> Set the load balancing policy for this policy. This can be one of the following options: explicit: Always use the highest order uplink from the list of active adapters which pass failover criteria. iphash: Route based on hashing the src and destination IP addresses mac: Route based on the MAC address of the packet source. portid: Route based on the originating virtual port ID. -n|--notify-switches=<bool> Indicate whether to send a notification to physical switches on failover -p|--portgroup-name=<str> The name of the port group to set failover policy for. (required) -s|--standby-uplinks=<str> Configure the list of standby adapters and their failover order. This list must be a comma seperated list of values with the uplink name and no spaces. Example: --standby-uplinks=vmnic2,vmnic4,vmnic8,vmnic6,vmnic11 -u|--use-vswitch Reset all values for this policy to use parent virtual switch's settings instead of overriding the settings for the port group. Using this in conjunction with other settings will first reset all of the fields to use the virtual switch setting and then apply the other options after the reset.
security
- get
- Get the Security Policy governing the given port group.
esxcli network vswitch standard portgroup policy security get OPTIONS
OPTIONS -p|--portgroup-name=<str> The name of the port group to use when fetching the network security policy. (required)
- set
- Set the security policy for a given port group
esxcli network vswitch standard portgroup policy security set OPTIONS
OPTIONS -f|--allow-forged-transmits=<bool> Allow ports on the virtual switch to send packets with forged source information. -m|--allow-mac-change=<bool> Allow ports on the virtual switch to change their MAC address. -o|--allow-promiscuous=<bool> Allow ports on the virtual switch to enter promiscuous mode. -p|--portgroup-name=<str> The name of the port group to set security policy for. (required) -u|--use-vswitch Reset all values for this policy to use parent virtual switch's settings instead of overriding the settings for the port group. Using this in conjunction with other settings will first reset all of the fields to use the virtual switch setting and then apply the other options after the reset.
shaping
- get
- Get the network shaping policy settings governing the given port group
esxcli network vswitch standard portgroup policy shaping get OPTIONS
OPTIONS -p|--portgroup-name=<str> The name of the port group to use when fetching the port group shaping policy. (required)
- set
- Set the shaping policy settings for the given port group
esxcli network vswitch standard portgroup policy shaping set OPTIONS
OPTIONS -b|--avg-bandwidth=<long> The averge bandwidth allowed for this shaping policy. This value is in Kbps (1 Kbps = 1000 bits/s) -t|--burst-size=<long> The largest burst size allowed for this shaping policy. This value is in Kib (1 Kib = 1024 bits) -e|--enabled=<bool> Indicate whether to enable traffic shaping on this policy. If this is true then the --avg-bandwidth, --peak-bandwidth and --burst-size options are required. -k|--peak-bandwidth=<long> The peak bandwidth allowed for this shaping policy. This value is in Kbps (1 Kbps = 1000 bits/s) -p|--portgroup-name=<str> The name of the port group to set shaping policy for. (required) -u|--use-vswitch Reset all values for this policy to use parent virtual switch's settings instead of overriding the settings for the port group. Using this in conjunction with other settings will first reset all of the fields to use the virtual switch setting and then apply the other options after the reset.
uplink
- add
- Add an uplink to the given virtual switch. Note if this virtual switch has a NIC teaming policy assigned to it then the policy must also be modified to enable use of this uplink on this virtual switch
esxcli network vswitch standard uplink add OPTIONS
OPTIONS -u|--uplink-name=<str> The name of the uplink to add to the virtual switch. (required) -v|--vswitch-name=<str> The name of the virtual switch to add an uplink to. (required)
- remove
- Remove an uplink from the given virtual switch. Note if this virtual switch has a NIC teaming policy assigned to it then the policy must also be modified to disable use of this uplink on this virtual switch
esxcli network vswitch standard uplink remove OPTIONS
OPTIONS -u|--uplink-name=<str> The name of the uplink to remove from the virtual switch. (required) -v|--vswitch-name=<str> The name of the virtual switch to remove an uplink from. (required)