In NSX-v 6.2.3 a new feature to aid troubleshooting and operations got introduced, called Central CLI for Packet Capture. The feature is intended to reduce the administrative burden of logging onto any ESXi host to start a packet capture. The ability to perform packet captures for troubleshooting network issues is something all network guys do from time to time and using a network virtualisation platform such as VMware NSX for vSphere it’s no different. Therefore, in this post, I will go through the process of initiating a packet capture using the NSX-v Central CLI for a VM that is misbehaving.
Packet capture is an essential tool in any network/systems engineers toolset, mainly when working with services in a development environment or during troubleshooting. So recently when I was testing the installation of the NSX VIBs onto the nested ESXi host in my VMware Workstation lab, I wanted a facility to capture the conversation between a single ESXi host, NSX Manager and the vCenter Server (vcsa). You could naturally perform this packet capture directly on the ESXi host (running as a VM), or instead, perform it from your underlying operating system.
Capturing packets on the NSX Edge is relatively simple, the ESG uses similar capture syntax to that of TCPDUMP with a few minor caveats, which I will cover in this post.
When doing a packet capture, the primary thing to do is to identify the interface you want to capture traffic on and then define the traffic capture filter, which will ensure you only capture the packets that your interested in. This will cut down the noise and leave you with a fairly clean packet capture, however there is no reason you can’t just capture everything. Continue reading “NSX-V Edge (ESG) Packet Capture”