ESXi - 6.7 network
Jump to navigation
Jump to search
network
Operations that pertain to the maintenance of networking on an ESX host. This includes a wide variety of commands to manipulate virtual networking components (vswitch, portgroup, etc) as well as local host IP, DNS and general host networking settings.
diag
- ping
- Send ICMP echo requests to network hosts.
esxcli network diag ping CMD_OPTIONS
CMD_OPTIONS -c|--count=<long> Specify the number of packets to send. -D|--debug VMKPing debug mode. -d|--df Set DF bit on IPv4 packets. -H|--host=<str> Specify the host to send packets to. This parameter is required when not executing ping in debug mode (-D) -I|--interface=<str> Specify the outgoing interface. -i|--interval=<str> Set the interval for sending packets in seconds. --ipv4 Ping with ICMPv4 echo requests. --ipv6 Ping with ICMPv6 echo requests. --netstack=<str> Specify the TCP/IP netstack which the interface resides on -N|--nexthop=<str> Override the system's default route selection, in dotted quad notation. (IPv4 only. Requires interface option) -s|--size=<long> Set the payload size of the packets to send. -t|--ttl=<long> Set IPv4 Time To Live or IPv6 Hop Limit -W|--wait=<str> Set the timeout to wait if no responses are received in seconds.
ens
lcore
- list
- List ENS contexts.
esxcli network ens lcore list
- add
- Create ENS context.
esxcli network ens lcore add ID
ID -l|--lcore-id=<long> ENS context id to be created. (required)
- remove
- Destroy ENS context.
esxcli network ens lcore remove ID
ID -l|--lcore-id=<long> ENS context id to be destroyed. (required)
affinity
- get
- Get the affinity for given ENS context.
esxcli network ens lcore affinity get ID
ID -l|--lcore-id=<long> ENS context id. (required)
- set
- Set affinity for given ENS context.
esxcli network ens lcore affinity set ID NODE
ID -l|--lcore-id=<long> ENS context id. (required) NODE -a|--affinity=<long> Numa node affinity. (required)
switch
- get
- Get the switch associated with given ENS context.
esxcli network ens lcore switch get ID
ID -l|--lcore-id=<long> ENS context id. (required)
- add
- Associate given ENS context with given switch.
esxcli network ens lcore switch add ID SWITCH
ID -l|--lcore-id=<long> ENS context id. (required) SWITCH -s|--switch=<str> Switch name. (required)
- remove
- Disassociate given ENS context from virtual switch.
esxcli network ens lcore switch remove ID
ID -l|--lcore-id=<long> ENS context id. (required)
maxLcores
- get
- Get the maximum number of ENS contexts (lcores).
esxcli network ens maxLcores get
- set
- Set the maximum number of ENS contexts.
esxcli network ens maxLcores set MAXCORES
MAXCORES -n|--maxlcores=<long> Number of maximum ENS contexts to be assigned. (required)
firewall
- get
- Get the firewall status.
esxcli network firewall get
- set
- Set firewall enabled status and default action.
esxcli network firewall set PARAM
PARAM --enabled or --default-action
- refresh
- Load ruleset configuration for firewall.
esxcli network firewall refresh
- load
- Load firewall module and rulesets configuration.
esxcli network firewall load
- unload
- Allow unload firewall module.
esxcli network firewall unload
ruleset
- list
- List the rulesets in firewall.
esxcli network firewall ruleset list
- set
- Set firewall ruleset status (allowedAll flag and enabled status).
esxcli network firewall ruleset set LABEL CMD_OPTIONS
LABEL -r|--ruleset-id=<str> The label of the ruleset. (required) CMD_OPTIONS -a|--allowed-all=<bool> Set to true to allowed all ip, set to false to use allowed ip list. -e|--enabled=<bool> Set to true to enable ruleset, set to false to disable it.
allowedip
- list
- list allowed ip addresses for rulesets.
esxcli network firewall ruleset allowedip list
- add
- Add allowed ip address/range to the ruleset ruleset.
esxcli network firewall ruleset allowedip add LABEL RANGE
- remove
- Remove allowed ip address/range from the ruleset.
esxcli network firewall ruleset allowedip remove LABEL RANGE
LABEL -r|--ruleset-id=<str> The label of the ruleset. (required) RANGE -i|--ip-address=<str> Allowed ip address/range for the ruleset. (required)
client
- get
- Show the number of clients using a firewall ruleset.
esxcli network firewall ruleset client get LABEL
- add
- Add a new client to a firewall ruleset. This enables the firewall ruleset and increments the number of clients using the ruleset.
esxcli network firewall ruleset client add LABEL
- remove
- Remove a client from a firewall ruleset. This decrements the number of clients using the ruleset and if the number reaches zero the ruleset is disabled.
esxcli network firewall ruleset client remove LABEL
LABEL -r|--ruleset-id=<str> The label of the ruleset. (required)
rule
- list
- List the rules of each ruleset in firewall.
esxcli network firewall ruleset rule list
ip
- get
- Get global IP settings
esxcli network ip get
- set
- Update global IP settings
esxcli network ip set
Configure the VMkernel Adapter Gateway by Using esxcli Commands
connection
- list
- List active TCP/IP connections
esxcli network ip connection list
dns
search
- list
- List the search domains currently configured on the ESXi host in the order in which they will be used when searching.
esxcli network ip dns search list
- add
- Add a search domain to the list of domains to be searched when trying to resolve an host name on the ESXi host.
esxcli network ip dns search add DOMAIN NETSTACK
- remove
- Remove a search domain from the list of domains to be searched when trying to resolve an host name on the ESXi host.
esxcli network ip dns search remove DOMAIN NETSTACK
server
- list
- Print a list of the DNS server currently configured on the system in the order in which they will be used.
esxcli network ip dns server list
- add
- Add a new DNS server to the end of the list of DNS servers to use for this ESXi host.
esxcli network ip dns server add DOMAIN SERVER
- remove
- Remove a DNS server from the list of DNS servers to use for this ESXi host.
esxcli network ip dns server remove PARAM
DOMAIN -d|--domain=<str> The string name of a domain to remove from the list of search domains. (required) NETSTACK -N|--netstack=<str> The network stack instance; if unspecified, use the default netstack instance SERVER -s|--server=<str> The IP address (v4 or v6) of the DNS server to add to the DNS server list. (required) PARAM --all, --server