Difference between revisions of "ESXi - 6.7 network"
Jump to navigation
Jump to search
(→policy) |
|||
Line 991: | Line 991: | ||
* '''get''' | * '''get''' | ||
: Get the failover policy settings governing the given virtual switch | : Get the failover policy settings governing the given virtual switch | ||
:* <code>esxcli network vswitch standard policy failover get</code> | :* <code>esxcli network vswitch standard policy failover get '''CMD_OPTIONS'''</code> | ||
'''CMD_OPTIONS''' | |||
-v|--vswitch-name=<str> | |||
The name of the virtual switch to use when fetching the switch failover | |||
policy. (required) | |||
* '''set''' | * '''set''' | ||
: Configure the Failover policy for a virtual switch. | : Configure the Failover policy for a virtual switch. | ||
:* <code>esxcli network vswitch standard policy failover set</code> | :* <code>esxcli network vswitch standard policy failover set '''CMD_OPTIONS'''</code> | ||
'''CMD_OPTIONS''' | |||
-a|--active-uplinks=<str> | |||
Configure the list of active adapters and their failover order. This list | |||
must be a comma seperated list of values with the uplink name and no | |||
spaces. Example: --active-uplinks=vmnic0,vmnic3,vmnic7,vmnic1 | |||
-b|--failback=<bool> Configure whether a NIC will be used immediately when it comes back in | |||
service after a failover | |||
-f|--failure-detection=<str> | |||
Set the method of determining how a network outage is detected. | |||
beacon: Detect failures based on active beaconing to the vswitch | |||
link: Detect failures based on the NIC link state | |||
-l|--load-balancing=<str> | |||
Set the load balancing policy for this policy. This can be one of the | |||
following options: | |||
explicit: Always use the highest order uplink from the list of active | |||
adapters which pass failover criteria. | |||
iphash: Route based on hashing the src and destination IP addresses | |||
mac: Route based on the MAC address of the packet source. | |||
portid: Route based on the originating virtual port ID. | |||
-n|--notify-switches=<bool> | |||
Indicate whether to send a notification to physical switches on failover | |||
-s|--standby-uplinks=<str> | |||
Configure the list of standby adapters and their failover order. This list | |||
must be a comma seperated list of values with the uplink name and no | |||
spaces. Example: --standby-uplinks=vmnic2,vmnic4,vmnic8,vmnic6,vmnic11 | |||
-v|--vswitch-name=<str> | |||
The name of the virtual switch to use when configuring the switch failover | |||
policy. (required) | |||
===== security ===== | ===== security ===== | ||
* '''get''' | * '''get''' | ||
: Get the Security Policy governing the given virtual switch. | : Get the Security Policy governing the given virtual switch. | ||
:* <code>esxcli network vswitch standard policy security get</code> | :* <code>esxcli network vswitch standard policy security get '''CMD_OPTIONS'''</code> | ||
'''CMD_OPTIONS''' | |||
-v|--vswitch-name=<str> | |||
The name of the virtual switch to use when fetching the network security | |||
policy. (required) | |||
* '''set''' | * '''set''' | ||
: Set the security policy for a given virtual switch | : Set the security policy for a given virtual switch | ||
:* <code>esxcli network vswitch standard policy security set</code> | :* <code>esxcli network vswitch standard policy security set '''CMD_OPTIONS'''</code> | ||
'''CMD_OPTIONS''' | |||
-f|--allow-forged-transmits=<bool> | |||
Allow ports on the virtual switch to send packets with forged source | |||
information. | |||
-m|--allow-mac-change=<bool> | |||
Allow ports on the virtual switch to change their MAC address. | |||
-p|--allow-promiscuous=<bool> | |||
Allow ports on the virtual switch to enter promiscuous mode. | |||
-v|--vswitch-name=<str> | |||
The name of the virtual switch to use when setting the switch security | |||
policy. (required) | |||
===== shaping ===== | ===== shaping ===== | ||
* '''get''' | * '''get''' | ||
: Get the shaping policy settings for the given virtual switch | : Get the shaping policy settings for the given virtual switch | ||
:* <code>esxcli network vswitch standard policy shaping get</code> | :* <code>esxcli network vswitch standard policy shaping get '''CMD_OPTIONS'''</code> | ||
'''CMD_OPTIONS''' | |||
-v|--vswitch-name=<str> | |||
The name of the virtual switch to use when fetching the switch shaping | |||
policy. (required) | |||
* '''set''' | * '''set''' | ||
: Set the shaping policy settings for the given virtual switch | : Set the shaping policy settings for the given virtual switch | ||
:* <code>esxcli network vswitch standard policy shaping set</code> | :* <code>esxcli network vswitch standard policy shaping set '''CMD_OPTIONS'''</code> | ||
'''CMD_OPTIONS''' | |||
-b|--avg-bandwidth=<long> | |||
The averge bandwidth allowed for this shaping policy. This value is in Kbps | |||
(1 Kbps = 1000 bits/s) | |||
-t|--burst-size=<long> | |||
The largest burst size allowed for this shaping policy. This value is in | |||
Kib (1 Kib = 1024 bits) | |||
-e|--enabled=<bool> Indicate whether to enable traffic shaping on this policy. If this is true | |||
then the --avg-bandwidth, --peak-bandwidth and --burst-size options are | |||
required. | |||
-k|--peak-bandwidth=<long> | |||
The peak bandwidth allowed for this shaping policy. This value is in Kbps | |||
(1 Kbps = 1000 bits/s) | |||
-v|--vswitch-name=<str> | |||
The name of the virtual switch to use when setting the switch shaping | |||
policy. (required) | |||
==== portgroup ==== | ==== portgroup ==== |
Revision as of 04:46, 10 February 2022
network
Operations that pertain to the maintenance of networking on an ESX host. This includes a wide variety of commands to manipulate virtual networking components (vswitch, portgroup, etc) as well as local host IP, DNS and general host networking settings.
diag
- ping
- Send ICMP echo requests to network hosts.
esxcli network diag ping CMD_OPTIONS
CMD_OPTIONS -c|--count=<long> Specify the number of packets to send. -D|--debug VMKPing debug mode. -d|--df Set DF bit on IPv4 packets. -H|--host=<str> Specify the host to send packets to. This parameter is required when not executing ping in debug mode (-D) -I|--interface=<str> Specify the outgoing interface. -i|--interval=<str> Set the interval for sending packets in seconds. --ipv4 Ping with ICMPv4 echo requests. --ipv6 Ping with ICMPv6 echo requests. --netstack=<str> Specify the TCP/IP netstack which the interface resides on -N|--nexthop=<str> Override the system's default route selection, in dotted quad notation. (IPv4 only. Requires interface option) -s|--size=<long> Set the payload size of the packets to send. -t|--ttl=<long> Set IPv4 Time To Live or IPv6 Hop Limit -W|--wait=<str> Set the timeout to wait if no responses are received in seconds.
ens
lcore
- list
- List ENS contexts.
esxcli network ens lcore list
- add
- Create ENS context.
esxcli network ens lcore add ID
ID -l|--lcore-id=<long> ENS context id to be created. (required)
- remove
- Destroy ENS context.
esxcli network ens lcore remove ID
ID -l|--lcore-id=<long> ENS context id to be destroyed. (required)
affinity
- get
- Get the affinity for given ENS context.
esxcli network ens lcore affinity get ID
ID -l|--lcore-id=<long> ENS context id. (required)
- set
- Set affinity for given ENS context.
esxcli network ens lcore affinity set ID NODE
ID -l|--lcore-id=<long> ENS context id. (required) NODE -a|--affinity=<long> Numa node affinity. (required)
switch
- get
- Get the switch associated with given ENS context.
esxcli network ens lcore switch get ID
ID -l|--lcore-id=<long> ENS context id. (required)
- add
- Associate given ENS context with given switch.
esxcli network ens lcore switch add ID SWITCH
ID -l|--lcore-id=<long> ENS context id. (required) SWITCH -s|--switch=<str> Switch name. (required)
- remove
- Disassociate given ENS context from virtual switch.
esxcli network ens lcore switch remove ID
ID -l|--lcore-id=<long> ENS context id. (required)
maxLcores
- get
- Get the maximum number of ENS contexts (lcores).
esxcli network ens maxLcores get
- set
- Set the maximum number of ENS contexts.
esxcli network ens maxLcores set MAXCORES
MAXCORES -n|--maxlcores=<long> Number of maximum ENS contexts to be assigned. (required)
firewall
- get
- Get the firewall status.
esxcli network firewall get
- set
- Set firewall enabled status and default action.
esxcli network firewall set PARAM
- Set firewall enabled status and default action.
PARAM --enabled OR --default-action
- refresh
- Load ruleset configuration for firewall.
esxcli network firewall refresh
- load
- Load firewall module and rulesets configuration.
esxcli network firewall load
- unload
- Allow unload firewall module.
esxcli network firewall unload
- Allow unload firewall module.
- Load firewall module and rulesets configuration.
ruleset
- list
- List the rulesets in firewall.
esxcli network firewall ruleset list
- set
- Set firewall ruleset status (allowedAll flag and enabled status).
esxcli network firewall ruleset set LABEL CMD_OPTIONS
- Set firewall ruleset status (allowedAll flag and enabled status).
LABEL -r|--ruleset-id=<str> The label of the ruleset. (required) CMD_OPTIONS -a|--allowed-all=<bool> Set to true to allowed all ip, set to false to use allowed ip list. -e|--enabled=<bool> Set to true to enable ruleset, set to false to disable it.
allowedip
- list
- list allowed ip addresses for rulesets.
esxcli network firewall ruleset allowedip list
- add
- Add allowed ip address/range to the ruleset ruleset.
esxcli network firewall ruleset allowedip add LABEL RANGE
- remove
- Remove allowed ip address/range from the ruleset.
esxcli network firewall ruleset allowedip remove LABEL RANGE
- Add allowed ip address/range to the ruleset ruleset.
LABEL -r|--ruleset-id=<str> The label of the ruleset. (required) RANGE -i|--ip-address=<str> Allowed ip address/range for the ruleset. (required)
client
- get
- Show the number of clients using a firewall ruleset.
esxcli network firewall ruleset client get LABEL
- add
- Add a new client to a firewall ruleset. This enables the firewall ruleset and increments the number of clients using the ruleset.
esxcli network firewall ruleset client add LABEL
- remove
- Remove a client from a firewall ruleset. This decrements the number of clients using the ruleset and if the number reaches zero the ruleset is disabled.
esxcli network firewall ruleset client remove LABEL
- Remove a client from a firewall ruleset. This decrements the number of clients using the ruleset and if the number reaches zero the ruleset is disabled.
- Add a new client to a firewall ruleset. This enables the firewall ruleset and increments the number of clients using the ruleset.
LABEL -r|--ruleset-id=<str> The label of the ruleset. (required)
rule
- list
- List the rules of each ruleset in firewall.
esxcli network firewall ruleset rule list
ip
- get
- Get global IP settings
esxcli network ip get
- set
- Update global IP settings
esxcli network ip set
Configure the VMkernel Adapter Gateway by Using esxcli Commands
connection
- list
- List active TCP/IP connections
esxcli network ip connection list
dns
search
- list
- List the search domains currently configured on the ESXi host in the order in which they will be used when searching.
esxcli network ip dns search list
- add
- Add a search domain to the list of domains to be searched when trying to resolve an host name on the ESXi host.
esxcli network ip dns search add DOMAIN NETSTACK
- remove
- Remove a search domain from the list of domains to be searched when trying to resolve an host name on the ESXi host.
esxcli network ip dns search remove DOMAIN NETSTACK
server
- list
- Print a list of the DNS server currently configured on the system in the order in which they will be used.
esxcli network ip dns server list
- add
- Add a new DNS server to the end of the list of DNS servers to use for this ESXi host.
esxcli network ip dns server add DOMAIN SERVER
- remove
- Remove a DNS server from the list of DNS servers to use for this ESXi host.
esxcli network ip dns server remove PARAM
DOMAIN -d|--domain=<str> The string name of a domain to remove from the list of search domains. (required) NETSTACK -N|--netstack=<str> The network stack instance; if unspecified, use the default netstack instance SERVER -s|--server=<str> The IP address (v4 or v6) of the DNS server to add to the DNS server list. (required) PARAM --all, --server
interface
- list
- This command will list the VMkernel network interfaces currently known to the system.
esxcli network ip interface list
- set
- This command sets the enabled status and MTU size of a given IP interface
esxcli network ip interface set CMD_OPTIONS
CMD_OPTIONS -e|--enabled=<bool> Set to true to enable the interface, set to false to disable it. -i|--interface-name=<str> The name of the interface to apply the configurations. (required) -m|--mtu=<long> The MTU size of the IP interface.
- add
- Add a new VMkernel network interface.
esxcli network ip interface add CMD_OPTIONS
CMD_OPTIONS -P|--dvport-id=<str> DVPort ID of the connection point. This requires --dvs-name to be given in the same command -s|--dvs-name=<str> DVSwitch name of the connection point. This requires --dvport-id to be given in the same command -i|--interface-name=<str> The name of the VMkernel network interface to create. This name must be in the form vmkX, where X is a number 0-255 -M|--mac-address=<str> Set the MAC address for the newly created VMkernel network interface. -m|--mtu=<long> Set the MTU setting for a given VMkernel network interface on creation -N|--netstack=<str> The network stack instance; if unspecified, use the default netstack instance -p|--portgroup-name=<str> The name of the vswitch port group to add this VMkernel network interface to.
- remove
- Remove a VMkernel network interface from the ESXi host. A VMKernel network interface can be uniquely specified by --interface-name or --portgroup-name or --dvs-name/--dvport-id. i.e. Providing its name or its connection point are two ways to uniquely specify a VMKernel network interface.
esxcli network ip interface remove CMD_OPTIONS
CMD_OPTIONS -P|--dvport-id=<str> DVPort ID of the connection point. This requires --dvs-name to be given in the same command -s|--dvs-name=<str> DVSwitch name of the connection point. This requires --dvport-id to be given in the same command -i|--interface-name=<str> The name of the VMkernel network interface to remove. This name must be in the form vmkX, where X is a number 0-255 -N|--netstack=<str> The network stack instance; if unspecified, use the default netstack instance -p|--portgroup-name=<str> The name of the vswitch port group to delete this VMkernel network interface from.
ipv4
- get
- List the IPv4 addresses assigned to VMkernel network interfaces.
esxcli network ip interface ipv4 get
- set
- Configure IPv4 setting for a given VMkernel network interface.
esxcli network ip interface ipv4 set CMD_OPTIONS
CMD_OPTIONS -g|--gateway=<str> The default gateway for this interface. The value must be a valid IPv4 address. Gateway would be reset if not provided -i|--interface-name=<str> The name of the VMkernel network interface to set IPv4 settings for. This name must be an interface listed in the interface list command. (required) -I|--ipv4=<str> The static IPv4 address for this interface. -N|--netmask=<str> The static IPv4 netmask for this interface. -P|--peer-dns=<bool> A boolean value to indicate if the system should use the DNS settings published via DHCPv4 for this interface. -t|--type=<str> IPv4 Address type : dhcp: Use DHCP to aquire IPv4 setting for this interface. none: Remove IPv4 settings form this interface. static: Set Static IPv4 information for this interface. Requires --ipv4 and --netmask options.
address
- list
- List the IPv4 addresses assigned to VMkernel network interfaces.
esxcli network ip interface ipv4 address list
ipv6
- get
- Get IPv6 settings for VMkernel network interfaces. This does not include the IPv6 addresses which can be found in the "address list" command.
esxcli network ip interface ipv6 get
- set
- Configure IPv6 settings for a given VMkernel network interface.
esxcli network ip interface ipv6 set CMD_OPTIONS
CMD_OPTIONS -d|--enable-dhcpv6=<bool> Setting this value to true will enable DHCPv6 on this interface and attempt to aquire an IPv6 address from the network -e|--enable-ipv6=<bool> Setting this value to true enables IPv6 on thisinterface while setting it to false disables IPv6 on this interface. -r|--enable-router-adv=<bool> Setting this value to true will enable IPv6 Router Advertised IPv6 addresses to be added to this interface from any routers broadcasting on the local network. -g|--gateway=<str> A default gateway for this interface. The value must be a valid IPv6 address. -i|--interface-name=<str> The name of the VMkernel network interface to set IPv6 settings for. This name must be an interface listed in the interface list command. (required) -P|--peer-dns=<bool> A boolean value to indicate if the system should use the DNS settings published via DHCPv6 for this interface.
address
- list
- This command will list all of the IPv6 addresses currently assigned to the system
esxcli network ip interface ipv6 address list
- add
- Add a static IPv6 address to a given VMkernel network interface.
esxcli network ip interface ipv6 address add CMD_OPTIONS
CMD_OPTIONS -i|--interface-name=<str> The name of the VMkernel network interface to add a static IPv6 address to. This name must be an interface listed in the interface list command. (required) -I|--ipv6=<str> The IPv6 address to add to the given VMkernel network interface. This must be in X:X:X::/X format (required)
- remove
- Remove an IPv6 address from a given VMkernel network interface.
esxcli network ip interface ipv6 address remove CMD_OPTIONS
CMD_OPTIONS -i|--interface-name=<str> The name of the VMkernel network interface to remove an IPv6 address from. This name must be an interface listed in the interface list command. (required) -I|--ipv6=<str> The IPv6 address to remove from the given VMkernel network interface. This must be in X:X:X::/X format (required)
tag
- get
- Gets the tags set on the given VMkernel network interface.
esxcli network ip interface tag get INTERFACE
- add
- Adds a tag on a given VMkernel network interface. Supported tags are: Management, VMotion, faultToleranceLogging, vSphereReplication, vSphereReplicationNFC, vSphereProvisioning, VSAN, VSANWitness
esxcli network ip interface tag add INTERFACE'TAGNAME'
- remove
- Removes a tag on a given VMkernel network interface.
esxcli network ip interface tag remove INTERFACE'TAGNAME'
INTERFACE -i|--interface-name=<str> Name of the VMkernel network interface (vmknic) whose tags are to be read/set/removed (required) This name must be an interface listed in the interface list command. (required) TAGNAME -t|--tagname=<str> Tag name to assign to the interface (required)
ipsec
sa
- list
- List configured Security Associations
esxcli network ip ipsec sa list
- add
- Add a Security Association.
esxcli network ip ipsec sa add CMD_OPTIONS
CMD_OPTIONS -e|--encryption-algorithm=<str> Encryption algorithm for the Security Association. Should be one in set [null, 3des-cbc, aes128-cbc]. (required) -k|--encryption-key=<str> Encryption key(ASCII or hex). Length of hex key is dependent upon algorithm used. Required when a encryption algorithm has been specified. -i|--integrity-algorithm=<str> Integrity algorithm for the Security Association. Should be one in set [hmac-sha1, hmac-sha2-256]. (required) -K|--integrity-key=<str> Integrity key(ASCII or hex). Length of hex key is dependent upon algorithm used. (required) -d|--sa-destination=<str> Ipv6 address of Security Association destination. Can be specified as 'any' or a correct IPv6 address. (required) -m|--sa-mode=<str> Security Association mode. Should be one in set [transport, tunnel]. -n|--sa-name=<str> Name for the Security Association to be added. (required) -s|--sa-source=<str> Ipv6 address of Security Association source. Can be specified as 'any' or a correct IPv6 address. (required) -p|--sa-spi=<str> SPI value for the Security Association(hex). (required)
- remove
- Operation to remove Security Association(s)
esxcli network ip ipsec sa remove CMD_OPTIONS
CMD_OPTIONS -a|--remove-all Set to remove all Security Associations. -d|--sa-destination=<str> Ipv6 address of Security Association destination. This option needs to be specified when removing an auto SA. -n|--sa-name=<str> Name for the Security Association to be removed. Specify 'auto' to remove an auto SA. -s|--sa-source=<str> Ipv6 address of Security Association source. This option needs to be specified when removing an auto SA. -p|--sa-spi=<str> SPI value for the Security Association (hex). This option needs to be specified when removing an auto SA
sp
- list
- List configured Security Policys
esxcli network ip ipsec sp list
- add
- Add a Security Policy.
esxcli network ip ipsec sp add CMD_OPTIONS
CMD_OPTIONS -A|--action=<str> Action for Security Policy. Should be one in set [none, discard, ipsec]. -P|--destination-port=<long> Destination Port for Security Policy. '0' stands for 'any' (required) -w|--flow-direction=<str> Flow direction for Security Policy. Should be one in set [in, out]. -a|--sa-name=<str> Name for the Security Association. Not being Specified lets vmkernel automatically choose an Security Association. If no applicable Security Association exists, then vmkernel may request one using IKE. -p|--source-port=<long> Source Port for Security Policy. '0' stands for 'any' (required) -d|--sp-destination=<str> Ipv6 address and prefix length of Security Policy destination. Can be specified as 'any' or a correct Ipv6 network address. (required) -m|--sp-mode=<str> Security Policy mode. Should be one in set [transport, tunnel]. -n|--sp-name=<str> Name for the Security Policy to be added. (required) -s|--sp-source=<str> Ipv6 address and prefix length of Security Policy source. Can be specified as 'any' or a correct IPv6 network address. (required) -u|--upper-layer-protocol=<str> Upper layer protocol for Security Policy, Should be one in set [any, tcp, udp, icmp6].
- remove
- Operation to remove Security Policy
esxcli network ip ipsec sp remove PARAM
PARAM --remove-all OR --sa-name
neighbor
- list
- List ARP table entries
esxcli network ip neighbor list
- remove
- Remove ARP table entries
esxcli network ip neighbor remove CMD_OPTIONS
CMD_OPTIONS -i|--interface-name=<str> The name of the VMkernel network interface to remove the neighbor entry from. If not specified, neighbor will be removed from all interfaces -a|--neighbor-addr=<str> The IPv4/IPv6 address of the neighbor. (required) -N|--netstack=<str> The network stack instance; if unspecified, use the default netstack instance -v|--version=<str> IP version : [4, 6] (required)
netstack
- list
- This command will list the VMkernel Netstack instances currently known to the system.
esxcli network ip netstack list
- get
- Get runtime/configuration settings for a given Netstack Instance.
esxcli network ip netstack get NETSTACK
- add
- Add a new Netstack Instance.
esxcli network ip netstack add NETSTACK DISABLE
- remove
- Remove a new Netstack Instance.
esxcli network ip netstack remove NETSTACK
- set
- Configure settings for a given Netstack Instance.
esxcli network ip netstack set NETSTACK CMD_OPTIONS
NETSTACK -N|--netstack=<str> The network stack instance (required) DISABLE -d|--disabled Create the netstack instance only in config i.e. in disabled state. Does not create in kernel. CMD_OPTIONS -c|--ccalgo=<str> The TCP Congestion Contol Algorithm for this netstack instance (not applied to existing connections).: cubic: Set cubic as the algorithm newreno: Set newreno as the algorithm -e|--enable=<bool> Enable the netstack instance (create in kernel) -i|--ipv6enabled=<bool> To enable IPv6 for this netstack instance (aplied only during netstack creation). -m|--maxconn=<long> The maximum number of connections for this netstack instance (applied only during netstack creation). -n|--name=<str> The name for this netstack instance.
route
ipv4
- list
- List configured IPv4 routes
esxcli network ip route ipv4 list
- add
- Add IPv4 route to the VMkernel.
esxcli network ip route ipv4 add GATEWAY [NETSTACK] NETWORK
- remove
- Remove IPv4 route
esxcli network ip route ipv4 remove GATEWAY [NETSTACK] NETWORK
ipv6
- list
- List configured IPv6 routes
esxcli network ip route ipv6 list
- add
- Add IPv6 route to the VMkernel.
esxcli network ip route ipv6 add GATEWAY [NETSTACK] NETWORK
- remove
- Remove IPv6 route from the VMkernel
esxcli network ip route ipv6 remove GATEWAY [NETSTACK] NETWORK
GATEWAY -g|--gateway=<str> The Ipv6 address of the gateway through which a route to be removed (required) NETSTACK -N|--netstack=<str> The network stack instance; if unspecified, use the default netstack instance NETWORK -n|--network=<str> The Ipv6 address and prefix length of the network to remove the route from. Specify 'default' to indicate the default network. (required)
multicast
group
- list
- List all the multicast group members.
esxcli network multicast group list
nic
- list
- This command will list the Physical NICs currently installed and loaded on the system.
esxcli network nic list
- get
- Get the generic configuration of a network device
esxcli network nic get NIC_NAME
- set
- Set the general options for the specified ethernet device.
esxcli network nic set NIC_NAME CMD_OPTIONS
- down
- Bring down the specified network device.
esxcli network nic down NIC_NAME
- up
- Bring up the specified network device.
esxcli network nic up NIC_NAME
NIC_NAME -n|--nic-name=<str> The name of the NIC to configured. This must be one of the cards listed in the nic list command. (required) CMD_OPTIONS -a|--auto Set the speed and duplexity settings to autonegotiate. -D|--duplex=<str> The duplex to set this NIC to. Acceptable values are : [full, half] -l|--message-level=<long> Sets the driver message level. Meaning differ per driver. -P|--phy-address=<long> Set the PHY address of the device -p|--port=<str> Selects device port. Available device ports are aui: Select AUI (Attachment Unit Interface) as the device port bnc: Select BNC (Bayonet Neill-Concelman) as the device port da: Select DA (Direct Attach copper) as the device port fibre: Select fibre as the device port mii: Select MII (Media Independent Interface) as the device port tp: Select TP (Twisted Pair) as the device port -S|--speed=<long> The speed to set this NIC to, in Mbps. Acceptable values are : [10, 100, 1000, 2500, 5000, 10000, 20000, 25000, 40000, 50000, 56000, 100000] -t|--transceiver-type=<str> Selects transeiver type. Currently only internal and external can be specified, in the future future types might be added. Available transeiver types are external: Set the transceiver type to external internal: Set the transceiver type to internal -V|--virtual-address=<str> Set the virtual address of the device -w|--wake-on-lan=<str> Sets Wake-on-LAN options. Not all devices support this. The argument to this option is a string of characters specifying which options to enable. p Wake on phy activity u Wake on unicast messages m Wake on multicast messages b Wake on broadcast messages a Wake on ARP g Wake on MagicPacket(tm) s Enable SecureOn(tm) password for MagicPacket(tm)
coalesce
- get
- Get coalesce parameters
esxcli network nic coalesce get
- set
- Set coalesce parameters on a nic
esxcli network nic coalesce set NIC_NAME [CMD_OPTIONS]
NIC_NAME -n|--vmnic=<str> Name of vmnic to set coalesce parameters. (required) CMD_OPTIONS -a|--adaptive-rx=<bool> enable or disable adaptive RX algorithm in driver. -A|--adaptive-tx=<bool> enable or disable adaptive TX algorithm in driver. -R|--rx-max-frames=<long> Maximum number of RX frames driver to process before interrupting. -r|--rx-usecs=<long> Number of microseconds driver to wait for RX before interrupting. -i|--sample-interval=<long> Packet rate sampling internal in seconds for the adaptive coalescing algorithm in driver. -T|--tx-max-frames=<long> Maximum number of completed TX frames driver to process before interrupting. -t|--tx-usecs=<long> Number of microseconds driver to wait for completed TX before interrupting.
high
- get
- Get information about the behavior of a NIC when it sends or receives packets at high packet rate.
esxcli network nic coalesce high get NIC_NAME
- set
- Set parameters to control the behavior of a NIC when it sends or receives packets at high packet rate.
esxcli network nic coalesce high set NIC_NAME [CMD_OPTIONS]
low
- get
- Get information about the behavior of a NIC when it sends or receives packets at low packet rate.
esxcli network nic coalesce low get NIC_NAME
- set
- Set parameters to control the behavior of a NIC when it sends or receives packets at low packet rate.
esxcli network nic coalesce low set NIC_NAME [CMD_OPTIONS]
NIC_NAME -n|--vmnic=<str> The name of the pnic for which information should be retrieved. (required) CMD_OPTIONS -p|--pkt-rate=<long> The high packet rate measured in number of packets per second. When packet rate is above this parameter, the RX/TX coalescing parameters configured by this command are used. -R|--rx-max-frames=<long> The maximum number of RX packets to delay an RX interrupt after they arrive under high packet rate conditions. -r|--rx-usecs=<long> The number of microseconds to delay an RX interrupt after a packet arrives under high packet rate conditions. -T|--tx-max-frames=<long> The maximum number of TX packets to delay an TX interrupt after they are sent under high packet rate conditions. -t|--tx-usecs=<long> The number of microseconds to delay a TX interrupt after a packet is sent under high packet rate conditions. -n|--vmnic=<str> Name of the vmnic for which parameters should be set. (required)
cso
- get
- Get checksum offload settings
esxcli network nic cso get
- set
- Set checksum offload settings on a nic
esxcli network nic cso set CMD_OPTIONS
CMD_OPTIONS -e|--enable=<long> RX/TX checksum offload (required) -n|--vmnic=<str> Name of vmnic to set offload settings. (required)
eeprom
- dump
- Dump device EEPROM
esxcli network nic eeprom dump CMD_OPTIONS
CMD_OPTIONS -l|--length=<long> Bytes of EEPROM to dump -o|--offset=<long> Offset of EEPROM starting to dump -n|--vmnic=<str> The name of pnic to dump EEPROM (required)
- change
- Change EEPROM on a nic
esxcli network nic eeprom change CMD_OPTIONS
CMD_OPTIONS -f|--file=<str> File name of new EEPROM content -m|--magic=<long> Magic key of EEPROM (required) -o|--offset=<long> Offset of EEPROM to change -v|--value=<long> New EEPROM value in double word -n|--vmnic=<str> Name of vmnic to change EEPROM. (required)
negotiate
- restart
- Restart N-Way negotiation on a nic
esxcli network nic negotiate restart NIC_NAME
NIC_NAME -n|--vmnic=<str> Name of vmnic to restart negotiation (required)
pauseParams
- list
- List pause parameters of all NICs
esxcli network nic pauseParams list
- set
- Set pause parameters for a NIC
esxcli network nic pauseParams set CMD_OPTIONS
CMD_OPTIONS -a|--auto=<bool> Enable/disable auto negotiation. -n|--nic-name=<str> Name of NIC whose pause parameters should be set. (required) -r|--rx=<bool> Enable/disable pause RX flow control. -t|--tx=<bool> Enable/disable pause TX flow control.
queue
count
- get
- Get netqueue count on a nic
esxcli network nic queue count get
- set
- Set number of netqueues on a nic
esxcli network nic queue count set CMD_OPTIONS
CMD_OPTIONS -q|--num=<long> Number of queues to set. (required) -r|--rx=<bool> Rx netqueue to set count. -t|--tx=<bool> Tx netqueue to set count. -n|--vmnic=<str> Name of vmnic to set netqueue count. (required)
filterclass
- list
- List the netqueue supported filterclass of all physical NICs currently installed and loaded on the system.
esxcli network nic queue filterclass list
loadbalancer
- list
- List the netqueue load balancer settings of all physical NICs currently installed and loaded on the system. Setting legend as follows,
- S: Setting supported by device
- U: Setting unsupported by device
- N: Setting not applicable to device
- A: Setting allowed at load balancing
- D: Setting disallowed at load balancing
esxcli network nic queue loadbalancer list
- set
- Enable/disable netqueue load balancer setting on a NIC.
esxcli network nic queue loadbalancer set CMD_OPTIONS
CMD_OPTIONS --dynpoollb=<bool> Configure Dynamic queue pool at netqueue load balancer. --geneveoamlb=<bool> Configure Geneve OAM at netqueue load balancer. --lrolb=<bool> Configure Large Receive Offload at netqueue load balancer. --maclearnlb=<bool> Configure Mac learn load balancing at netqueue load balancer. --rsslb=<bool> Configure Receive Side Scaling at netqueue load balancer. --rxdynlb=<bool> Configure RX dynamic load balancing at netqueue load balancer. --rxqlatency=<bool> Configure Rx queue latency at netqueue load balancer. --rxqnofeat=<bool> Configure Rx queue no feature at netqueue load balancer. --rxqpair=<bool> Configure Rx queue pair at netqueue load balancer. --rxqpreempt=<bool> Configure pre-emptible queue at netqueue load balancer. -n|--vmnic=<str> Name of vmnic to update netqueue load balancer setting. (required)
plugin
- list
- Details of netqueue balancer plugins on all physical NICs currently installed and loaded on the system
esxcli network nic queue loadbalancer plugin list
- set
- Enable/disable netqueue load balancer setting on a NIC.
esxcli network nic queue loadbalancer plugin set CMD_OPTIONS
CMD_OPTIONS -e|--enable=<bool> Netqueue balancer plugin state (required) -m|--module=<str> Name of netqueue balancer module (required) -p|--plugin=<str> Name of netqueue balancer plugin (required) -n|--vmnic=<str> Name of vmnic to change netqueue balancer plugin state (required)
state
- list
- Netqueue balancer state of all physical NICs currently installed and loaded on the system
esxcli network nic queue loadbalancer state list
- set
- Enable/disable netqueue balancer on a NIC
esxcli network nic queue loadbalancer state set CMD_OPTIONS
CMD_OPTIONS -e|--enable=<bool> Netqueue balancer state (required) -n|--vmnic=<str> Name of vmnic to change netqueue balancer state (required)
register
- dump
- Dump device registers
esxcli network nic register dump NIC_NAME
NIC_NAME -n|--vmnic=<str> The name of pnic to dump registers (required)
ring
current
- get
- Get current RX/TX ring buffer parameters of a NIC
esxcli network nic ring current get NIC_NAME
NIC_NAME -n|--nic-name=<str> The name of the NIC whose current RX/TX ring buffer parameters should be retrieved. (required)
- set
- Set current RX/TX ring buffer parameters of a NIC
esxcli network nic ring current set NIC_NAME CMD_OPTIONS
NIC_NAME -n|--nic-name=<str> The name of the NIC whose current RX/TX ring buffer parameters should be set. (required) CMD_OPTIONS -r|--rx=<long> Number of ring entries for the RX ring. -j|--rx-jumbo=<long> Number of ring entries for the RX jumbo ring. -m|--rx-mini=<long> Number of ring entries for the RX mini ring. -t|--tx=<long> Number of ring entries for the TX ring.
preset
- get
- Get preset RX/TX ring buffer parameters of a NIC
esxcli network nic ring preset get NIC_NAME
NIC_NAME -n|--nic-name=<str> The name of the NIC whose preset RX/TX ring buffer parameters should be retrieved. (required)
selftest
- run
- Run self test
esxcli network nic selftest run CMD_OPTIONS
CMD_OPTIONS -o|--online=<long> Performing limited set of tests do not inetrrupt normal adapter operation, default is offline -n|--vmnic=<str> The name of pnic to dump EEPROM (required)
sg
- get
- Get scatter-gather settings
esxcli network nic sg get
- set
- Set scatter-gatter settings on a nic
esxcli network nic sg set CMD_OPTIONS
CMD_OPTIONS -e|--enable=<long> Enable/disable scatter-gather (required) -n|--vmnic=<str> Name of vmnic to configure scatter-gather settings. (required)
software
- list
- List software simulation settings of physical NICs currently installed and loaded on the system.
esxcli network nic software list
- set
- Enable and disable software simulation settings on a NIC.
esxcli network nic software set CMD_OPTIONS
CMD_OPTIONS --geneveoffload=<bool> Configure Geneve encapsulation offload software simulation. --highdma=<bool> Configure high DMA software simulation. --ipv4cso=<bool> Configure IPv4 checksum offload software simulation. --ipv4tso=<bool> Configure IPv4 TCP segmentation offload software simulation. --ipv6cso=<bool> Configure IPv6 checksum offload software simulation. --ipv6csoext=<bool> Configure IPv6 extend header checksum offload software simulation. --ipv6tso=<bool> Configure IPv6 TCP segmentation offload software simulation. --ipv6tsoext=<bool> Configure IPv6 extend header TCP segmentation offload software simulation. --obo=<bool> Configure offset based encapsulation offload software simulation. --sg=<bool> Configure scatter gather software simulation. --sgsp=<bool> Configure scatter gather span multiple pages software simulation. --tagging=<bool> Configure TX VLAN tagging software simulation. --untagging=<bool> Configure RX VLAN untagging software simulation. -n|--vmnic=<str> Name of the vmnic whose software similation settings should be updated. (required) --vxlanencap=<bool> Configure VXLAN encapsulation offload software simulation.
stats
- get
- Get NIC statistics for a given interface.
esxcli network nic stats get NIC_NAME
NIC_NAME -n|--nic-name=<str> Name of the NIC to get statistics from. (required)
tso
- get
- Get TCP segmentation offload settings
esxcli network nic tso get
- set
- Set TCP segmentation offload settings on a nic
esxcli network nic tso set CMD_OPTIONS
CMD_OPTIONS -e|--enable=<long> TCP segmentation offload (required) -n|--vmnic=<str> Name of vmnic to set TSO settings. (required)
vlan
stats
- get
- List VLAN statistics for active VLAN's on the NIC.
esxcli network nic vlan stats get NIC_NAME
NIC_NAME -n|--nic-name=<str> Name of the NIC to get statistics from. (required)
- set
- Enable/disable VLAN statistics collection on the NIC.
esxcli network nic vlan stats set CMD_OPTIONS
CMD_OPTIONS -e|--enabled=<bool> Whether to enable or disable VLAN statistics (required) -n|--nic-name=<str> Name of the NIC to get statistics from. (required)
port
filter
stats
- get
- Filter statistics for a given port.
esxcli network port filter stats get PORT_ID
PORT_ID -p|--portid=<long> Port ID for the port to get filter statistics. (required)
stats
- get
- Packet statistics for a given port.
esxcli network port stats get PORT_ID
PORT_ID -p|--portid=<long> Port ID for the port to get statistics. (required)
sriovnic
- list
- This command will list the SRIOV Enabled NICs (PFs) currently installed and loaded on the system.
esxcli network sriovnic list
vf
- list
- Get the generic configuration of VFs for SRIOV NIC.
esxcli network sriovnic vf list NIC_NAME
NIC_NAME -n|--nic-name=<str> The name of the SRIOV NIC to configured. This must be one of the cards listed in the sriovNic list command. (required)
- stats
- Get statistics for given VF of a SRIOV NIC.
esxcli network sriovnic vf stats CMD_OPTIONS
CMD_OPTIONS -n|--nic-name=<str> The name of the SRIOV NIC. This must be one of the cards listed in the sriovNic list command. (required) -v|--vf-id=<long> The VF ID of the virtual function whose stats are to be collected. This must be one of the VF IDs listed in the sriovnic vf list command. (required)
vm
- list
- List networking information for the VM's that have active ports.
esxcli network vm list
port
- list
- List of active ports for a given VM.
esxcli network vm port list VM_WORLD_ID
VM_WORLD_ID -w|--world-id=<long> World ID of the VM for listing ports. (required)
vswitch
dvs
vmware
- list
- List the VMware vSphere Distributed Switch currently configured on the ESXi host.
esxcli network vswitch dvs vmware list
lacp
config
- get
- Get LACP configuration on DVS
esxcli network vswitch dvs vmware lacp config get
stats
- get
- Get LACP stats on DVS uplinks
esxcli network vswitch dvs vmware lacp stats get
status
- get
- Get LACP status on DVS
esxcli network vswitch dvs vmware lacp status get
timeout
- set
- Set long/short timeout for vmnics in one LACP LAG
esxcli network vswitch dvs vmware lacp timeout set CMD_OPTIONS
CMD_OPTIONS -l|--lag-id=<long> The ID of LAG to be configured. (required) -n|--nic-name=<str> The nic name. If it is set, then only this vmnic in the lag will be configured. -t|--timeout=<bool> Set long or short timeout: 1 for short timeout and 0 for long timeout. (required) -s|--vds=<str> The name of VDS. (required)
standard
- list
- List the virtual switches current on the ESXi host.
esxcli network vswitch standard list
- add
- Add a new virtual switch to the ESXi networking system.
esxcli network vswitch standard add CMD_OPTIONS
CMD_OPTIONS -P|--ports=<long> The number of ports to to give this newly created virtual switch. Maximum ports per virtual switch is 4096. If no value is given the default value(128) is used. The number of ports is limited by the number of already allocated ports on the host. The system wide port count cannot be greater than 4608. -v|--vswitch-name=<str> The name of the virtual switch to create. (required)
- remove
- Remove a virtual switch from the ESXi networking system.
esxcli network vswitch standard remove CMD_OPTIONS
CMD_OPTIONS -v|--vswitch-name=<str> The name of the virtual switch to remove. (required)
- set
- This command sets the MTU size and CDP status of a given virtual switch.
esxcli network vswitch standard set CMD_OPTIONS
CMD_OPTIONS -c|--cdp-status=<str> The CDP status of the given virtual switch. It can be 'down', 'listen', 'advertise' or 'both' -m|--mtu=<long> The MTU size of the given virtual switch. -v|--vswitch-name=<str> The name of virtual switch to apply the configurations. (required)
Ooga Booga Ooga Booga Ooga Booga Ooga Booga Ooga Booga Ooga Booga Ooga Booga Ooga Booga Ooga Booga
policy
failover
- get
- Get the failover policy settings governing the given virtual switch
esxcli network vswitch standard policy failover get CMD_OPTIONS
CMD_OPTIONS -v|--vswitch-name=<str> The name of the virtual switch to use when fetching the switch failover policy. (required)
- set
- Configure the Failover policy for a virtual switch.
esxcli network vswitch standard policy failover set CMD_OPTIONS
CMD_OPTIONS -a|--active-uplinks=<str> Configure the list of active adapters and their failover order. This list must be a comma seperated list of values with the uplink name and no spaces. Example: --active-uplinks=vmnic0,vmnic3,vmnic7,vmnic1 -b|--failback=<bool> Configure whether a NIC will be used immediately when it comes back in service after a failover -f|--failure-detection=<str> Set the method of determining how a network outage is detected. beacon: Detect failures based on active beaconing to the vswitch link: Detect failures based on the NIC link state -l|--load-balancing=<str> Set the load balancing policy for this policy. This can be one of the following options: explicit: Always use the highest order uplink from the list of active adapters which pass failover criteria. iphash: Route based on hashing the src and destination IP addresses mac: Route based on the MAC address of the packet source. portid: Route based on the originating virtual port ID. -n|--notify-switches=<bool> Indicate whether to send a notification to physical switches on failover -s|--standby-uplinks=<str> Configure the list of standby adapters and their failover order. This list must be a comma seperated list of values with the uplink name and no spaces. Example: --standby-uplinks=vmnic2,vmnic4,vmnic8,vmnic6,vmnic11 -v|--vswitch-name=<str> The name of the virtual switch to use when configuring the switch failover policy. (required)
security
- get
- Get the Security Policy governing the given virtual switch.
esxcli network vswitch standard policy security get CMD_OPTIONS
CMD_OPTIONS -v|--vswitch-name=<str> The name of the virtual switch to use when fetching the network security policy. (required)
- set
- Set the security policy for a given virtual switch
esxcli network vswitch standard policy security set CMD_OPTIONS
CMD_OPTIONS -f|--allow-forged-transmits=<bool> Allow ports on the virtual switch to send packets with forged source information. -m|--allow-mac-change=<bool> Allow ports on the virtual switch to change their MAC address. -p|--allow-promiscuous=<bool> Allow ports on the virtual switch to enter promiscuous mode. -v|--vswitch-name=<str> The name of the virtual switch to use when setting the switch security policy. (required)
shaping
- get
- Get the shaping policy settings for the given virtual switch
esxcli network vswitch standard policy shaping get CMD_OPTIONS
CMD_OPTIONS -v|--vswitch-name=<str> The name of the virtual switch to use when fetching the switch shaping policy. (required)
- set
- Set the shaping policy settings for the given virtual switch
esxcli network vswitch standard policy shaping set CMD_OPTIONS
CMD_OPTIONS -b|--avg-bandwidth=<long> The averge bandwidth allowed for this shaping policy. This value is in Kbps (1 Kbps = 1000 bits/s) -t|--burst-size=<long> The largest burst size allowed for this shaping policy. This value is in Kib (1 Kib = 1024 bits) -e|--enabled=<bool> Indicate whether to enable traffic shaping on this policy. If this is true then the --avg-bandwidth, --peak-bandwidth and --burst-size options are required. -k|--peak-bandwidth=<long> The peak bandwidth allowed for this shaping policy. This value is in Kbps (1 Kbps = 1000 bits/s) -v|--vswitch-name=<str> The name of the virtual switch to use when setting the switch shaping policy. (required)
portgroup
- list
- List all of the port groups currently on the system.
esxcli network vswitch standard portgroup list
- add
- Allows the addition of a standard port group to a virtual switch.
esxcli network vswitch standard portgroup add
- remove
- Remove a port group from the given virtual switch
esxcli network vswitch standard portgroup remove
- set
- Set the vlan id for the given port group
esxcli network vswitch standard portgroup set
policy
failover
- get
- Get the network failover policy settings governing the given port group
esxcli network vswitch standard portgroup policy failover get
- set
- Configure the Failover policy for a port group. These setting may potentially override virtual switch settings.
esxcli network vswitch standard portgroup policy failover set
security
- get
- Get the Security Policy governing the given port group.
esxcli network vswitch standard portgroup policy security get
- set
- Set the security policy for a given port group
esxcli network vswitch standard portgroup policy security set
shaping
- get
- Get the network shaping policy settings governing the given port group
esxcli network vswitch standard portgroup policy shaping get
- set
- Set the shaping policy settings for the given port group
esxcli network vswitch standard portgroup policy shaping set
uplink
- add
- Add an uplink to the given virtual switch. Note if this virtual switch has a NIC teaming policy assigned to it then the policy must also be modified to enable use of this uplink on this virtual switch
esxcli network vswitch standard uplink add
- remove
- Remove an uplink from the given virtual switch. Note if this virtual switch has a NIC teaming policy assigned to it then the policy must also be modified to disable use of this uplink on this virtual switch
esxcli network vswitch standard uplink remove