02-12-2019 01:28 AM - edited 03-01-2019 05:46 AM
I have a few questions regarding diagnostic tools in ACI environment.
Suppose I get a complain from server team that they cannot login via ssh to a server with IP addr. 10.36.136.51.
To troubleshoot, I login to ACI GUI and search for this IP address in EP tracker. Suppose I find this IP:
So I have found out these details but what should I do with them? I mean, is the mere fact that I found this IP address the indicator that the server is up and running? Is there any ping-like tool that could allow me to test if the server is responding? How could I trace which leaf switchport this server is attached to.
And another scenario - suppose I get a complain from server team that they cannot login via ssh to a server with IP addr. 10.36.136.51. This time, I cannot find the 10.36.136.51 in EP tracker. What troubleshooting steps should I take. If i cannot find the IP address in EP tracker, could it meant that the host is offline?
Solved! Go to Solution.
02-12-2019 04:39 AM
OK, so it turns out that i had to use "ping" command instead of "iping" because i have a different kind of Nexus 9K - it's Cisco 9336C-FX2 Nexus, which uses simple ping. And the ping works like a charm:
leaf# ping 10.36.136.51
PING 10.36.136.51 (10.36.136.51): 56 data bytes
64 bytes from 10.36.136.51: icmp_seq=0 ttl=123 time=2.608 ms
64 bytes from 10.36.136.51: icmp_seq=1 ttl=123 time=0.716 ms
64 bytes from 10.36.136.51: icmp_seq=2 ttl=123 time=0.685 ms
64 bytes from 10.36.136.51: icmp_seq=3 ttl=123 time=0.774 ms
64 bytes from 10.36.136.51: icmp_seq=4 ttl=123 time=0.684 ms
64 bytes from 10.36.136.51: icmp_seq=5 ttl=123 time=0.649 ms
02-12-2019 02:08 AM
by the way, iping command does not work on my leaf/spine switches:
leaf# iping ?
bash: iping: command not found
leaf#
leaf version n9000-13.1(2m)
02-12-2019 02:34 AM
Try this from leaf:
iping -V tenant_name:vrf_name <ipadd>
02-12-2019 03:01 AM
My leaf is version 13.2(3i) - not too much different from yours, so it should work on 13.1.
Leaf101# iping --help
iping: invalid option -- '-'
usage: iping [ -d set the SO_DEBUG option]
[ -D enable debug information ]
[ -F enable do not fragment bit in IP header ]
[ -L receive packets on supplied interface ]
[ -n enable printing host IP address than resolved name ]
[ -q quiet output ]
[ -r disable routing of the packets, send only to directly connected hosts ]
[ -v output in verbose format ]
[ -V <vrf-name> name of the VRF through which destination is reachable ]
[ -c <count> no of packets to send ]
[ -i <wait> no of seconds to wait before sending next packet ]
[ -p <pattern> packet payload pattern ]
[ -s <packetsize> size of packets to send ]
[ -t <timeout> wait for seconds to receive reply ]
[ -S <source ip/interface> send packet with given source-ip or IP of given interface and
send packet out of that interface ]
<host> destination host-name or ip address
Leaf101# iping Vrf context to use [management] : Tenant9:Production_VRF Target IP address or Hostname : 192.168.92.10 Repeat count [5] : Datagram size [56] : Timeout in seconds [2] : Sending interval in seconds [2] : Extended commands [no] : Sweep range of sizes [no] : Sending 5, 56-bytes ICMP Echos to 192.168.92.10 Timeout is 2 seconds, data pattern is 0xABCD 64 bytes from 192.168.92.10: icmp_seq=0 ttl=63 time=0.398 ms 64 bytes from 192.168.92.10: icmp_seq=1 ttl=63 time=0.385 ms 64 bytes from 192.168.92.10: icmp_seq=2 ttl=63 time=0.331 ms 64 bytes from 192.168.92.10: icmp_seq=3 ttl=63 time=0.348 ms 64 bytes from 192.168.92.10: icmp_seq=4 ttl=63 time=0.334 ms --- 192.168.92.10 ping statistics --- 5 packets transmitted, 5 packets received, 0.00% packet loss round-trip min/avg/max = 0.331/0.359/0.398 ms Leaf101#
02-12-2019 03:33 AM
That's strange, because iping does not work even though as you said the versions are not too different:
leaf# iping --help
bash: iping: command not found
leaf# iping
bash: iping: command not found
leaf#
Maybe I need to leave bash and enter some other mode? What are these things here, when I issue "ls" command?:
leaf# ls
aci bin controller debug dev etc isan lc lib mit proc sbin sys tmp usr var
leaf#
And when I issue "show version" on the leaf the output is this:
leaf# show version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Documents: http://www.cisco.com/en/US/products/ps9372/tsd_products_support_series_home.html
Copyright (c) 2002-2014, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license. Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or the GNU
Lesser General Public License (LGPL) Version 2.1. A copy of each
such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://www.opensource.org/licenses/lgpl-2.1.php
Software
BIOS: version Unknown
kickstart: Unknown
system: Unknown
PE: version Unknown
BIOS compile time: 12/25/2020
kickstart image file is: Unknown
kickstart compile time: 12/25/2020 12:00:00 [12/25/2020 12:00:00]
system image file is: Unknown
system compile time: 12/25/2020 12:00:00 [12/25/2020 12:00:00]
Hardware
cisco Unknown ("supervisor")
Unknown CPU with 0 kB of memory.
Processor Board ID Unknown
Device name: none
bootflash: 0 kB
Kernel uptime is Unknown
Last reset at Unknown
Reason: Unknown
System version: Unknown
Service: Unknown
plugin
Core Plugin, Ethernet Plugin
leaf#
So, no GUI alternative for ping tool then?
02-12-2019 03:59 AM
Hi,
Don't try to autocomplete, type full command.
Eg. iping -V common:vrf1 2.2.2.2
10-05-2023 09:58 AM
Hi @Jayesh Singh ,
it's working for me but how we can check the connectivity between two IPs .. do we have iping option check from source IP to destination IP? if there is any cmd pls share it here
Thanks in Advance
10-05-2023 10:39 AM
Try -S flag to define your source,
LEAF-01# iping -V prod:web-vrf 192.168.201.2 -S 192.168.201.1
PING 192.168.201.2 (192.168.201.2) from 192.168.201.1: 56 data bytes
64 bytes from 192.168.201.2: icmp_seq=0 ttl=255 time=1.495 ms
64 bytes from 192.168.201.2: icmp_seq=1 ttl=255 time=1.329 ms
64 bytes from 192.168.201.2: icmp_seq=2 ttl=255 time=1.148 ms
64 bytes from 192.168.201.2: icmp_seq=3 ttl=255 time=0.856 ms
64 bytes from 192.168.201.2: icmp_seq=4 ttl=255 time=1.025 ms
--- 192.168.201.2 ping statistics ---
5 packets transmitted, 5 packets received, 0.00% packet loss
round-trip min/avg/max = 0.856/1.17/1.495 ms
LEAF-01#
10-06-2023 04:00 AM
Hi @Jayesh Singh ,
Its working only when we give source IP (same as Gateway IP ) other than gateway IP, no IPs are working.. it gives an error that invalid source IP like that..
My concern here do we have option to check communication between 2 IPs inside ACI.. also want to check ping along with some packets sending like we do in legacy networks. i have tested it but can able sent ping along with packets but only from gateway IP.
Thanks
02-12-2019 04:39 AM
OK, so it turns out that i had to use "ping" command instead of "iping" because i have a different kind of Nexus 9K - it's Cisco 9336C-FX2 Nexus, which uses simple ping. And the ping works like a charm:
leaf# ping 10.36.136.51
PING 10.36.136.51 (10.36.136.51): 56 data bytes
64 bytes from 10.36.136.51: icmp_seq=0 ttl=123 time=2.608 ms
64 bytes from 10.36.136.51: icmp_seq=1 ttl=123 time=0.716 ms
64 bytes from 10.36.136.51: icmp_seq=2 ttl=123 time=0.685 ms
64 bytes from 10.36.136.51: icmp_seq=3 ttl=123 time=0.774 ms
64 bytes from 10.36.136.51: icmp_seq=4 ttl=123 time=0.684 ms
64 bytes from 10.36.136.51: icmp_seq=5 ttl=123 time=0.649 ms
02-12-2019 05:00 AM
Compact spine switch model it seems.
On leaf switches model iping should work fine.
Regards,
Jayesh
02-12-2019 11:41 AM
Well there you go! You've taught me something too - I'm actually hoping to get hold of a 9336C-FX2 for Tetration purposes, so nice to know that this switch is more special than I thought.
I can't imagine why Cisco changed the command on this model when they basically all run the same software!!
05-15-2023 02:08 AM
hi
btw: how do you stop this continuos ping? ctrl+c doesn't work
05-15-2023 03:16 AM - edited 05-16-2023 06:01 AM
Yes, there is a ping command in the ACI (Application Centric Infrastructure) environment. You can use the ping command to test connectivity between two endpoints within the ACI fabric.
To use the ping command, you can access the ACI fabric through the APIC (Application Policy Infrastructure Controller) interface or through the ACI CLI (Command Line Interface) using SSH.
Here's an example of how to use the ping command in ACI:
Note that in ACI, the ping command operates at Layer 2, so you may need to specify the MAC address of the destination endpoint if it is not in the same subnet as the source endpoint.
05-15-2023 03:25 AM
hi.
the ping runs continuosly, how can I stop it?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide