Troubleshoot Logical Load Balancer implementation issues in NSX

 
As with the previous sections, the first thing you want to do when troubleshooting the Load balancer service is to run the following command and ensure the service is up and running. Along with the status, you can see the PID and connection information.
 

vShield-edge-4-0> show service loadbalancer
-----------------------------------------------------------------------
Loadbalancer Services Status:

L7 Loadbalancer     : running
Health Monitor      : running
-----------------------------------------------------------------------
L7 Loadbalancer Status Information:
STATUS     PID        MAX_MEM_MB MAX_SOCK   MAX_CONN   MAX_PIPE   CUR_CONN   CONN_RATE  CONN_RATE_LIMIT MAX_CONN_RATE
running    947        0          2079       1024       0          0          0          0               0
-----------------------------------------------------------------------
L4 Loadbalancer Statistics:
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn

 
If the service is up and running, there are a variety of commands to get the configuration as well as errors. I have listed all of the load balancer commands below. I will go through each one of these individually and give a brief description of what they do.
 

vShield-edge-4-0> show service loadbalancer ?
  
  error    Show loadbalancer Latest Errors information.
  monitor  Show loadbalancer HealthMonitor information.
  pool     Show loadbalancer pool information.
  session  Show loadbalancer Session information.
  table    Show loadbalancer Sticky-Table information.
  virtual  Show loadbalancer virtualserver information.

 
The first is show service loadbalancer error. This will display any errors that are captured, as you can see, my lab doesn’t show any error messages but it’s very important to check this if you are having any issues.
 

vShield-edge-4-0> show service loadbalancer error
-----------------------------------------------------------------------
L7 Loadbalancer Request/Response Errors:

Total events captured on [27/May/2015:20:12:51.993] : 0

 
Next is show service loadbalancer monitor will give you the health status of each of your pool members. You can see I have two members in my Pool monitoring “default_https_monitor” and the status for both is “OK”
 

vShield-edge-4-0> show service loadbalancer monitor
-----------------------------------------------------------------------
Loadbalancer HealthMonitor Statistics:

POOL                           MEMBER                         HEALTH STATUS     
Web-Tier                       web-sv-02a                     default_https_monitor:OK
Web-Tier                       web-sv-01a                     default_https_monitor:OK

 

Show service loadbalancer pool is going to give you detailed information on your Pool, the algorithm, transparency, sessions, and connection information.
 

vShield-edge-4-0> show service loadbalancer pool
-----------------------------------------------------------------------
Loadbalancer Pool Statistics:

POOL Web-Tier
|  LB METHOD round-robin
|  LB PROTOCOL L7
|  Transparent disabled
|  SESSION (cur, max, limit, total) = (0, 0, 103, 0)
|  BYTES in = (0), out = (0)
   +->POOL MEMBER: Web-Tier/web-sv-01a, STATUS: UP
   |  |  STATUS = UP, MONITOR STATUS = default_https_monitor:OK
   |  |  SESSION (cur, max, limit, total) = (0, 0, , 0)
   |  |  BYTES in = (0), out = (0)
   +->POOL MEMBER: Web-Tier/web-sv-02a, STATUS: UP
   |  |  STATUS = UP, MONITOR STATUS = default_https_monitor:OK
   |  |  SESSION (cur, max, limit, total) = (0, 0, , 0)
   |  |  BYTES in = (0), out = (0)

 
Show service loadbalancer session is going to give detailed information on the current sessions as show below.
 

vShield-edge-4-0> show service loadbalancer session
-----------------------------------------------------------------------
L7 Loadbalancer Current Sessions:

0x9aabfc5ed90: proto=unix_stream src=unix:1 fe=GLOBAL be= srv= ts=09 age=0s calls=2 rq[f=c08200h,i=0,an=00h,rx=20s,wx=,ax=] rp[f=008000h,i=0,an=00h,rx=,wx=,ax=] s0=[7,8h,fd=1,ex=] s1=[7,0h,fd=-1,ex=] exp=20s

 
show service loadbalancer table gives information on the Sticky Table Status. This will only give information if you have configured the services with a sticky setting. A table will be displayed showing the relation between the servers and the connections. I don’t have this setting in my lab so there is no information shown below.
 

vShield-edge-4-0> show service loadbalancer table
-----------------------------------------------------------------------
L7 Loadbalancer Sticky Table Status:

TABLE                          TYPE                 SIZE(BYTE)      USED(BYTE)  

 
Finally, show service loadbalancer virtual gives your the Virtual IP (VIP) information.
 

vShield-edge-4-0> show service loadbalancer virtual
-----------------------------------------------------------------------
Loadbalancer VirtualServer Statistics:

VIRTUAL Web-VIP
|  ADDRESS [172.16.10.10]:443
|  SESSION (cur, max, limit, total) = (0, 0, 1024, 0)
|  RATE (cur, max, limit) = (0, 0, 0)
|  BYTES in = (0), out = (0)
   +->POOL Web-Tier
   |  LB METHOD round-robin
   |  LB PROTOCOL L7
   |  Transparent disabled
   |  SESSION (cur, max, limit, total) = (0, 0, 103, 0)
   |  BYTES in = (0), out = (0)
      +->POOL MEMBER: Web-Tier/web-sv-01a, STATUS: UP
      |  |  STATUS = UP, MONITOR STATUS = default_https_monitor:OK
      |  |  SESSION (cur, max, limit, total) = (0, 0, , 0)
      |  |  BYTES in = (0), out = (0)
      +->POOL MEMBER: Web-Tier/web-sv-02a, STATUS: UP
      |  |  STATUS = UP, MONITOR STATUS = default_https_monitor:OK
      |  |  SESSION (cur, max, limit, total) = (0, 0, , 0)
      |  |  BYTES in = (0), out = (0)

 
If all else fails, I would enable logging on the Load Balancer service by navigating to Networking & Security -> NSX Edges and double click the Edge device with the load balancer service configured then select Load Balancer -> Global Configuration. Ensure that Logging is checked and set the level of logging that you would like, I have set mine to info.
 
1
 
From there, you can run the following command to check the log. You will want to look for entries with loadbalanncer as shown below to troubleshoot the specific issue that you are having.
 

vShield-edge-4-0> show log
2015-05-27T21:39:03+00:00 vShield-edge-4-0 config:  [daemon.info] INFO :: C_ServiceControl :: reload haproxy...
2015-05-27T21:39:03+00:00 vShield-edge-4-0 loadbalancer[29070]: [default]:  [local0.notice] Proxy Web-Tier started.
2015-05-27T21:39:03+00:00 vShield-edge-4-0 loadbalancer[29070]: [default]:  [local0.notice] Proxy Web-VIP started.
Load balancer HA-Load-Balancer: vse-ha-lb is re-loaded

 

Leave A Comment

Your email address will not be published. Required fields are marked (required):

Back to Top