Troubleshoot dynamic routing protocols in NSX

 
For this section, I will mainly be focusing on OSPF, however debuging other routing protocols is very similar, just change the commands to bgp or isis. To troubleshooting dynamic routing protocols in NSX, you should first enable logging for the edge devices. To enable logging, navigate to Networking & Security -> NSX Edges and double click the edge device to enable routing logging.
 
1
 
Click on Manage -> Routing and Edit next to Dynamic Routing Configuration
 
2
 
Check the box Enable Logging and then set your log level. I usually just set it to debug so that it gathers the most information. Click OK
 
From there, you can SSH or console into the edge device and run the following command.
 

vShield-edge-2-0> show ip ospf neighbor
Neigbhor ID         Priority    Address             Dead Time   State
192.168.10.2        128         192.168.10.3        37          Full

 
You should be able to see your neighbor list, if you do not, then you will need to review the log. There can be many things wrong with the configuration, incorrect hello intervals, dead intervals, configuration for uplinks or forwarding/protocol addresses are wrong, or even route redistribution not being configured correctly.
 
To check the log, run the following command.
 

vShield-edge-2-0> debug ip ospf
2015-05-26T23:57:56+00:00 vShield-edge-2-0 routing[397]:  [user.debug] DEV 0x3e01-17179869408: OSPF 1  i/f idx 0X00000004  rtr ID 192.168.10.2 IP addr 192.168.10.3 NM neighbor Get FSM has changed state.
2015-05-26T23:58:05+00:00 vShield-edge-2-0 routing[397]:  [user.debug] DEV 0x3e02-20: OSPF 1 NM has sent a Hello packet.

 
If there is a problem with OSPF, or a configuration, the log will tell you what the problem is, and does a good job at being specific. I have highlighed an example below. As you can see, OSPF is not working due to a mismatched hello interval.

vShield-edge-2-0> debug ip ospf
2015-05-27T00:02:11+00:00 vShield-edge-1-0 routing[344]:  [user.emerg] EXCEPTION 0x3e02-49: OSPF 1 Hello packet with mismatched hello interval received from router 192.168.100.3.
2015-05-27T00:02:12+00:00 vShield-edge-1-0 vtysh[1728]:  [daemon.debug] EXECUTE = /usr/local/bin/sudo sudo /opt/vmware/vshield/cli/msrcli.pl SHOW_IP_OSPF_NEIGHBOR   ## log_execv @vtysh_bluelane.c:135
2015-05-27T00:02:18+00:00 vShield-edge-1-0 routing[344]:  [user.debug] DEV 0x3e02-20: OSPF 1 NM has sent a Hello packet.
2015-05-27T00:02:23+00:00 vShield-edge-1-0 routing[344]:  [user.debug] DEV 0x3e02-17179869205: OSPF 1 NM has received a Hello packet.
2015-05-27T00:02:23+00:00 vShield-edge-1-0 routing[344]:  [user.emerg] EXCEPTION 0x3e02-49: OSPF 1 Hello packet with mismatched hello interval received from router 192.168.100.3.

 
I suggest playing around in your lab environment with incorrect settings to see what specific log messages you get, and how you can work toward resolving them. As mentioned, I only went through OSPF troubleshooting, but the concept is the same across the routing protocols.
 

Leave A Comment

Your email address will not be published. Required fields are marked (required):

Back to Top