The Nexus1000V differentiates between virtual and physical ports on each of the VEMs. Figure 11-1 shows how ports on the Nexus1000V switch are bound to physical and virtual VMware ports within a VEM.
Figure 11-1 VEM View of Ports
On the virtual side of the switch, there are three layers of ports that are mapped together:
Virtual NICs: There are three types of Virtual NICs in VMware. The virtual NIC (vnic) is part of the VM, and represents the physical port of the host which is plugged into the switch. The virtual kernel NIC (vmknic) is used by the hypervisor for management, VMotion, iSCSI, NFS and other network access needed by the kernel. This interface would carry the IP address of the hypervisor itself, and is also bound to a virtual Ethernet port. The vswif (not shown) appears only in COS-based systems, and is used as the VMware management port. Each of these types maps to a veth port within Nexus1000V.
Virtual Ethernet Ports (VEth): A VEth port is a port on the Cisco Nexus 1000V Distributed Virtual Switch. Cisco Nexus 1000V has a flat space of VEth ports 0..N. The virtual cable plugs into these VEth ports that are moved to the host running the VM.
VEth ports are assigned to port groups.
Local Virtual Ethernet Ports (lveth): Each host has a number of local VEth ports. These ports are dynamically selected for VEth ports that are needed on the host.
These local ports do not move, and are addressable by the module-port number method.
On the physical side of the switch, from bottom to top:
Each physical NIC in VMware is represented by an interface called a vmnic. The vmnic number is allocated during VMware installation, or when a new physical NIC is installed, and remains the same for the life of the host.
Each uplink port on the host represents a physical interface. It acts a lot like an lveth port, but because physical ports do not move between hosts, the mapping is 1:1 between an uplink port and a vmnic.
Each physical port added to Nexus1000V switch appears as a physical Ethernet port, just as it would on a hardware-based switch.
The uplink port concept is handled entirely by VMware, and is used to associate port configuration with vmnics. There is no fixed relationship between the uplink # and vmnic #, and these can be different on different hosts, and can change throughout the life of the host. On the VSM, the Ethernet interface number, such as ethernet 2/4, is derived from the vmnic number, not the uplink number.
To verify a connection between two veth ports on a VEM, follow these steps:
Step 1 On the VSM, enter the
command to view the state of the VLANs associated with the port. If the VLAN associated with a port is not active, then the port may be down. In this case, you must create the VLAN and activate it.
Step 2 To see the state of the port on the VSM, enter a
show interface brief
Step 3 Enter the
module vem module-number execute vemcmd show port
command to display the ports that are present on the VEM, their local interface indices, VLAN, type (physical or virtual), CBL state, port mode, and port name.
The key things to look for in the output are:
State of the port.
Attached device name.
The LTL of the port you are trying to troubleshoot. It will help you identify the interface quickly in other VEM commands where the interface name is not displayed.
Make sure the state of the port is up. If not, verify the configuration of the port on the VSM.
Step 4 To view the VLANs and their port lists on a particular VEM, use the
module vem module-number execute vemcmd show bd
n1000V# module vem 5 execute vemcmd show bd
If you are trying to verify that a port belongs to a particular VLAN, make suer you see the port name or LTL in the port list of that VLAN.
Verifying a Connection Between VEMs
To verify a connection between veth ports on two separate VEMs, follow these steps:
Step 1 Issue the
command to check if the VLAN associated with the port is created on the VSM.
Step 2 Issue the
show interface brief
command to check if the ports are up in the VSM.
Step 3 On the VEM, issue the
module vem 3 execute vemcmd show port
command to check if the CBL state of the two ports is set to the value of 1 for forwarding (active).
Step 4 On the VEM, issue the
module vem 3 execute vemcmd show bd
command to check if the two veth ports are listed in the flood list of the VLAN to which they are trying to communicate.
Step 5 Verify that the uplink switch to which the VEMs are connected is carrying the VLAN to which the ports belong.
Step 6 Find out the port on the upstream switch to which the pnic (that is supposed to be carrying the VLAN) on the VEM is connected to.
show cdp neighbors
Capability Codes: R - Router, T - Trans-Bridge, B - Source-Route-Bridge
S - Switch, H - Host, I - IGMP, r - Repeater,
V - VoIP-Phone, D - Remotely-Managed-Device,
s - Supports-STP-Dispute
Device ID Local Intrfce Hldtme Capability Platform Port ID
swordfish-6k-2 Eth5/2 168 R S I WS-C6506-E Gig1/38
The PNIC (Eth 5/2) is connected to swordfish-6k-2 on port Gig1/38.
Step 7 Log in to the upstream switch and make sure the port is configured to allow the VLAN you are looking for.