Tag: Network

Diagnose Network Problems In A Container Using The Filesystem

So you need to figure out why you application is not working, but your toolset is very limited because you are using either a minimal installation of Linux or you are in a container. This technique should work either way.

You can use the /dev filesystem to check network connections.

Example 1:
You would like to know if you can reach the host 172.16.0.10 on port 443.

ip=172.16.0.10
port=443
if $((echo > /dev/tcp/$ip/$port) &>/dev/null)
then echo "TCP port $port is open"
else echo "TCP port $port is closed"
fi

The above command will you the answer.

You can also write this as a one-liner

ip=172.16.0.10;port=443; (echo > /dev/tcp/$ip/$port) &>/dev/null && echo "TCP port $port is open" || echo "TCP port $port is closed"

Example 2:

You would like to know what connections are being made to and from the container or host, but you do not have netstat.

NSX-T Traffic Analysis Traceflow fails

So you are trying to do a traceflow to see where the traffic is going, but as it turns out it is not working. If this is the case, and if you are running NSX-T 3.2, and the segment that your VMs belong to is VLAN backed. Then I might have a solutions for you.

ERROR

Traceflow request failed. The request might be cancelled because it took more time than normal. Please retry.Error Message: Error: Traceflow intent /infra/traceflows/<guid> realized on enforcement point /infra/sites/default/enforcement-points/default with error Traceflow on VLAN logical port LogicalPort/<guid> requires INT (In-band Network Telemetry) to be enabled (Error code: 500060)

Powershell: Migrate Standard Portgroups

Hi, just wanted to share this piece of code with you. This short script creates a mirror of virtual portgroups from one vSphere ESXi host to another.

I only takes the name and vlan id into account, so all policies, nics and other settings are not migrated at this time, but it is easy to do. I however does not always want that.

You need VMware.PowerCLI module for it to work.

Use it at you own risk.

Import-Module VMware.PowerCLI

connect-viserver <vCenter Name>

$srcHost = Get-VMHost <Source Host Name>
$dstHost = Get-VMHost <Destination Host Name>

# Change the source and destination switch names if you need to
$srcSwitch = $srcHost | Get-VirtualSwitch -Name vSwitch0
$dstSwitch = $dstHost | Get-VirtualSwitch -Name vSwitch0

$srcPGs = $srcSwitch | Get-VirtualPortGroup
$dstSwitch = $dstHost | Get-VirtualSwitch -Name vSwitch1 -ErrorAction:SilentlyContinue
if ($dstSwitch -eq $null) {
  $dstSwitch = $dstHost | New-VirtualSwitch -Name $srcSwitch.Name
}

foreach ($srcPg in $srcPGs) {
  $pgName = $srcPg.name
  $pgVlan = $srcPg.VLanId

  $pgExists = $false
  foreach ($dstPg in $dstPGs) {
    if ($dstPg.Name -eq $pgName) {
      $pgExists = $true
    }
  }
  if (-not $pgExists) {
    #Write-Host "Creating portgroup $pgName with vlan $pgVlan"
    $dstSwitch | New-VirtualPortGroup -Name $pgName -VLanId $pgVlan
  }
}