cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7880
Views
21
Helpful
5
Replies

How to check physical interface status on Nexus 9504 via CLI?

Blackschwanzer
Level 1
Level 1

I am googling around trying to find out how to check physical interface status of a switch in ACI environment via CLI. If I ssh to a leaf switch and issue "show interface x/y" I get the following:

 

URL: http://127.0.0.1:7777/api//class/nwIf.xml?&target-subtree-class=mgmtMgmtIf&query-target=subtree&order-by=nwIf.id|asc

Code: 403

Output: <?xml version="1.0" encoding="UTF-8"?><imdata totalCount="1"><error code="403" text="Need a valid webtoken cookie (named APIC-Cookie) or a signed request with signature in the cookie APIC-Request-Signature for all REST API requests"/></imdata>

Data Posted:

None

Error executing command, check logs for details

 

I tried to ssh to APIC and issue these commeands but no luck:

 

apic1# config
apic1(config)# leaf 103
apic1(config-leaf)# interface eth 1/7
apic1(config-leaf-if)# show
Error: Invalid argument ''. Please check syntax in command reference guide
apic1(config-leaf-if)#

 

I used "show" keyword because I saw one example where the same commands are issued but instead of just "show" you must use "show running-config", like this:

 

apic1(config)# leaf 103
apic1(config-leaf)# interface ethernet 1/2.150
apic1(config-leaf-if)# show running-config
# Command: show running-config leaf 103 interface ethernet 1 / 2 . 150
# Time: Tue Dec 8 08:08:37 2015
leaf 103
interface ethernet 1/2.150
vrf member tenant t1 vrf v1
ip address 169.10.10.1/24
ip router ospf default area 0.0.0.1
exit
So I thought if I just issued "show" keyword, the I will get the interface statistics, just like in using IOS command "show interface x/y"

 

 

 

1 Accepted Solution

Accepted Solutions

RedNectar
VIP
VIP

Hi Blackschwanzer,

From the APIC, put the word fabric followed by the node id, followed by a regular command - use anywhere along the way to get help.  For example, to examine ethernet interface 1/1 on the switch with ID 201, issue the command

fabric 201 show interface ethernet1/1

(See output below)

This should give you exactly the same output as issuing the command

show interface ethernet1/1

on the actual switch from an ssh session.  I'm not sure why you got the error message shown, but the command syntax is show interface ethernet x/y - not show interface x/y

 


 

apic1# fabric 201 show interface ethernet1/1
----------------------------------------------------------------
 Node 201 (Spine201)
----------------------------------------------------------------
Ethernet1/1 is up
admin state is up, Dedicated Interface
  Hardware: 40000 Ethernet, address: 0000.0000.0000 (bia 881d.fcc4.3648)
  MTU 9366 bytes, BW 40000000 Kbit, DLY 1 usec
  reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, medium is broadcast
  Port mode is routed
  full-duplex, 40 Gb/s, media type is 40G
  FEC (forward-error-correction) : disable-fec
  Beacon is turned off
  Auto-Negotiation is turned on
  Input flow-control is off, output flow-control is off
  Auto-mdix is turned off
  Rate mode is dedicated
  Switchport monitor is off
  EtherType is 0x8100
  EEE (efficient-ethernet) : n/a
  Last link flapped 05w00d
  Last clearing of "show interface" counters never
  1 interface resets
  30 seconds input rate 624 bits/sec, 1 packets/sec
  30 seconds output rate 992 bits/sec, 1 packets/sec
  Load-Interval #2: 5 minute (300 seconds)
    input rate 2952 bps, 2 pps; output rate 6576 bps, 2 pps
  L3 in Switched:
    ucast: 0 pkts, 0 bytes - mcast: 0 pkts, 0 bytes
  L3 out Switched:
    ucast: 0 pkts, 0 bytes - mcast: 0 pkts, 0 bytes
  RX
    14498194 unicast packets  4569110 multicast packets  1 broadcast packets
    19067305 input packets  3135504484 bytes
    0 jumbo packets  0 storm suppression bytes
    0 runts  0 giants  0 CRC  0 no buffer
    0 input error  0 short frame  0 overrun   0 underrun  0 ignored
    0 watchdog  0 bad etype drop  0 bad proto drop  0 if down drop
    0 input with dribble  0 input discard 20114 input total drop
    0 Rx pause
  TX
    14864734 unicast packets  3742689 multicast packets  1 broadcast packets
    18607424 output packets  3529176839 bytes
    0 jumbo packets
    0 output error  0 collision  0 deferred  0 late collision
    0 lost carrier  0 no carrier  0 babble  0 output discard 0 output total drops
    0 Tx pause

 

I hope this helps.


Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem.


RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

View solution in original post

5 Replies 5

RedNectar
VIP
VIP

Hi Blackschwanzer,

From the APIC, put the word fabric followed by the node id, followed by a regular command - use anywhere along the way to get help.  For example, to examine ethernet interface 1/1 on the switch with ID 201, issue the command

fabric 201 show interface ethernet1/1

(See output below)

This should give you exactly the same output as issuing the command

show interface ethernet1/1

on the actual switch from an ssh session.  I'm not sure why you got the error message shown, but the command syntax is show interface ethernet x/y - not show interface x/y

 


 

apic1# fabric 201 show interface ethernet1/1
----------------------------------------------------------------
 Node 201 (Spine201)
----------------------------------------------------------------
Ethernet1/1 is up
admin state is up, Dedicated Interface
  Hardware: 40000 Ethernet, address: 0000.0000.0000 (bia 881d.fcc4.3648)
  MTU 9366 bytes, BW 40000000 Kbit, DLY 1 usec
  reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, medium is broadcast
  Port mode is routed
  full-duplex, 40 Gb/s, media type is 40G
  FEC (forward-error-correction) : disable-fec
  Beacon is turned off
  Auto-Negotiation is turned on
  Input flow-control is off, output flow-control is off
  Auto-mdix is turned off
  Rate mode is dedicated
  Switchport monitor is off
  EtherType is 0x8100
  EEE (efficient-ethernet) : n/a
  Last link flapped 05w00d
  Last clearing of "show interface" counters never
  1 interface resets
  30 seconds input rate 624 bits/sec, 1 packets/sec
  30 seconds output rate 992 bits/sec, 1 packets/sec
  Load-Interval #2: 5 minute (300 seconds)
    input rate 2952 bps, 2 pps; output rate 6576 bps, 2 pps
  L3 in Switched:
    ucast: 0 pkts, 0 bytes - mcast: 0 pkts, 0 bytes
  L3 out Switched:
    ucast: 0 pkts, 0 bytes - mcast: 0 pkts, 0 bytes
  RX
    14498194 unicast packets  4569110 multicast packets  1 broadcast packets
    19067305 input packets  3135504484 bytes
    0 jumbo packets  0 storm suppression bytes
    0 runts  0 giants  0 CRC  0 no buffer
    0 input error  0 short frame  0 overrun   0 underrun  0 ignored
    0 watchdog  0 bad etype drop  0 bad proto drop  0 if down drop
    0 input with dribble  0 input discard 20114 input total drop
    0 Rx pause
  TX
    14864734 unicast packets  3742689 multicast packets  1 broadcast packets
    18607424 output packets  3529176839 bytes
    0 jumbo packets
    0 output error  0 collision  0 deferred  0 late collision
    0 lost carrier  0 no carrier  0 babble  0 output discard 0 output total drops
    0 Tx pause

 

I hope this helps.


Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem.


RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

thank you Chris, your suggested command works!

Regarding the show command issued from the leaf itself, yes, I meant "show interface ethernet x/y". And I still get the same error, but it does not matter now since I can check the interface status from the APIC.

Still, it's interesting what this error is about. Maybe I have to go into some special mode before issuing the show interface command.

Here is a bit more clues, maybe someone had experience with this:

leaf# show interface ethernet 1/50
URL: http://127.0.0.1:7777/api//class/nwIf.xml?&target-subtree-class=mgmtMgmtIf&query-target=subtree&order-by=nwIf.id|asc
Code: 403
Output: <?xml version="1.0" encoding="UTF-8"?><imdata totalCount="1"><error code="403" text="Need a valid webtoken cookie (named APIC-Cookie) or a signed request with signature in the cookie APIC-Request-Signature for all REST API requests"/></imdata>
Data Posted:
None
Error executing command, check logs for details
leaf# ls
aci bin controller debug dev etc isan lc lib mit proc sbin sys tmp usr var
leaf# show ?
Incorrect command "show ?"
leaf#

Alright, that error message is a known bug CSCvi51338

Just an FYI - when you issue commands from the APIC using the fabric xxx prefix, you can use the ? key as per normal NXOS/IOS CLI.

When you have a session directly with a leaf switch, the ? key doesn't work. <Tab> still works, but not ? However, there is an alternative.  When you need help, hit <Esc><Esc> and you will get help similar to ?

E.g.

Leaf101# show interface <Esc><Esc>
 <CR>                   Carriage return
 bbcredits              Show interface bbcredits information
 brief                  Show brief info of interface
 capabilities           Show interface capabilities information
 counters               Show interface counters
 debounce               Show interface debounce time information
 description            Show interface description
 ethernet               Ethernet IEEE 802.3z
 fc                     Fc interface
 fex-fabric             Show all FEX fabric ports
 flowcontrol            Show interface flowcontrol information
 loopback               Loopback interface
 mac-address            Show interface MAC address
 mgmt                   Management interface
 port-channel           Port Channel interface
 priority-flow-control  Show interface PFC information
 snmp-ifindex           Show snmp ifindex list
 status                 Show interface line status
 switchport             Show interface switchport information
 transceiver            Transceiver Information
 trunk                  Show interface trunk information
 tunnel                 Tunnel interface
 vfc                    Vfc interface
 vfc-port-channel       Vfc Port Channel interface
 vlan                   Vlan interface
RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

And just to extend the discussion about the show commands - how could I check the logs of a spine/leaf switch?

Because now, if I issue "fabric 220 show logging" from the APIC, I get "incorrect command" error message:

 

apic1# fabric 220 show logging
----------------------------------------------------------------
Node 220 (leaf2)
----------------------------------------------------------------
Incorrect command "show logging"

apic1#

 

I can only see logging of some access list cache:

 

apic1# fabric 220 show logging ip ?
access-list Access-list
apic1# fabric 220 show logging ip access-list ?
cache show entries in ACLLOG cache
drop-codes Drop Codes
internal Show internal acllog information
span show entries in ACLLOG span
apic1# fabric 220 show logging ip access-list cache ?
deny action is deny
permit action is permit
apic1# fabric 220 show logging ip access-list cache deny ?
<CR> Carriage return
apic# fabric 220 show logging ip access-list cache deny

 

And I cannot issue "show logging" locally on the switch due to earlier mentioned bug.

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Save 25% on Day-2 Operations Add-On License