VCAP5-DCA – Objective 6.3 – Troubleshoot Network Performance and Connectivity

For this objective I used the following documents:

  • Documents listed in the Tools section

Objective 6.3 – Troubleshoot Network Performance and Connectivity



  • Identify vCLI commands and tools used to troubleshoot vSphere networking configurations
    • There are a good amount of vCLI commands that you can use to troubleshoot your networking configurations. Most of which start with “vicfg-. Here are some basic ones, but without their options listed. You can find a full reference in the command line concepts and examples document listed in the tools section
      • vicfg-vswitch
      • vicfg-nics
      • vicfg-vmknic
      • vicfg-route
      • vicfg-dns
  • Identify logs used to troubleshoot network issues
    • There are a few different log files you can look at for networking related issues:
      • DHCP issues – /var/log/dhclient.log
      • Networking driver and device issues – /var/log/vmkernel.log
      • vCenter issues – /var/log/vpxa.log


Skills and Abilities

  • Utilize net-dvs to troubleshoot vNetwork Distributed Switch configurations
    • the net-dvs command will show you A LOT of information about your distributed switches. Probably a lot more then you want. By simply running net-dvswithout any options or switches you’ll see the following information:
      • maximum ports
      • the switch name
      • Number of uplinks and their names
      • MTU, Discovery protocol
      • Individual configuration for each uplink, and its port numbers
    • This information can help you put together what the dvSwitch might look like, along with individual ports on the dvSwitch for their respective uplinks
    • There is a WHOLE lot more to this command then what I just went over. If you execute net-dvs –help you will see all the things that you can do with this command. One thing to keep in mind is that this command is unsupported and shouldn’t be used in a production network. To be quite honest, I have no idea why it’s on the blueprint. Since the command is unsupported, I will leave it at what I’ve explained above. If you’d like to explore the command more then I encourage you to do so in your lab
  • Utilize vSphere CLI commands to troubleshoot ESXi network configurations
    • I went over the list of basic commands in the preceding section, but I’ll list them here again
      • vicfg-vswitch
      • vicfg-nics
      • vicfg-vmknic
      • vicfg-route
      • vicfg-dns
    • Use the above commands to perform troubleshooting
  • Troubleshoot Private VLANs
    • Andrew Scorsone over at thefoglite has a good write-up on this, check it out here
  • Troubleshoot vmkernel related network configuration issues
    • First place to look here is the vmkernel log file, located on every host at /var/log/vmkernel.log. This will present any events related to networking configuration and the vmkernel.
    • Ensure you have at least one vmkernel interface enabled for management. You should have at least two vmkernel interfaces on different networks plugged into separate switches for redundancy
    • Use vicfg-vmknic to assist in configuration validation as well as the vSphere Client/Web Client
    • Use the DCUI to test management networking connectivity
    • You can also use esxcli network diag ping to troubleshoot connectivity
  • Troubleshoot DNS and routing related issues
    • Use the vicfg-dns and vicfg-route commands to troubleshooting DNS and routing
    • Use the DCUI or the vSphere client to set DNS servers and DNS domain names
    • Use esxcli commands to set/troubleshooting DNS related items
      • esxcli network ip dns server
      • esxcli network ip dns search
    • You can also use esxli commands to troubleshooting routing issues
      • esxcli network ip route ipv4 list < this command will list the current routes on the host
      • explore the esxcli network ip route namespace for more options
  • Use esxtop / resxtop to identify network performance problems
    • Again, thefoglite has put together a great article on identifying network performance problems with esxtop / resxtop here, it is well worth the read
  • Analyze troubleshooting data to determine if the root cause for a give network problem originates in the physical infrastructure or vSphere environment
  • Configure and administer Port Mirroring
    • This process assumes you know the IP address of the source/destination VM
    • Log into the vSphere client and goto the networking view
    • If you don’t already know the port you want to mirror:
      • Select the vDS you want to configure port mirroring on
      • Click the Ports tab
      • Find the virtual machine whose port you want to mirror, and record the port it is connected to
      • Also record the destination virtual machine port that you will be mirroring to (if you’re mirroring to a VM)
    • Right-click the vDS you are configuring port mirroring on > click Edit Settings
    • Click the Port Mirroring tab > click Add
    • Enter in the Name and Description
    • Change the following options if you wish
      • Allow normal IO on destination ports
      • Encapsulation VLAN (enter in the VLAN ID)
      • Mirrored Packet Length (enter in packet length, default is 60)
    • Click Next
    • Select one of the Traffic Direction options:
      • Ingress / Egress
      • Ingress
      • Egress
    • Enter in a source port ID > click the double arrow to add > click Next
    • Select either Port or Uplink for the Destination Type
      • If you selected Port then enter in the destination port ID and click the double arrow to add
      • If you selected Uplink then choose from the list of uplinks and click the double arrow to add
    • Click Next
    • If you want to enable the port mirroring session right away check the Enable this port mirroring session checkbox
    • Click Finish
  • Utilize Direct Console User Interface (DCUI) and ESXi Shell to troubleshoot, configure, and monitor ESXi networking
    • Once logged into the DCUI you can
      • Look at log files (specifically vmkernel.log)
      • Enable / disable physical adapters
      • Change the management IP settings
      • Revert your management network back to the standard switch (if it currently resides on a vDS)
      • Test management network connectivity
      • Restore all settings to default (you probably don’t want to do this)



Comments 2

  1. Pingback: The world of Marc O'Polo – Blog VCAP5-DCA Objective 6.3 – Troubleshoot Network Performance and Connectivity » The world of Marc O'Polo - Blog

  2. Pingback: The Unofficial Official VCAP5-DCA Study Guide. - RAVIITBLOG.COM

Leave a Reply

Your email address will not be published. Required fields are marked *