VMware SD-WAN by

VeloCloud™
Edge CLI Documentation

Version History
Doc Version 1.0

Publication Date 1/28/19

VMware SD-WAN by VeloCloud EDGE CLI Documentation

Table of Contents

Version History 1
Copyright 13
Trademarks 13
Software License Agreement 13
Disclaimer 13
Overview 14
Purpose of this Guide 14
Version Compatibility 14
CLI Commands 15
debug.py --applications 15
Brief Description and Use Case 15
Sample Command 15
Related Commands 15
debug.py --bgp_view 15
Brief Description and Use Cases 15
Sample Command 16
debug.py --bgp_view_summary 16
Brief Description and Use Case 16
Sample Command 16
debug.py --bgp_redis_dump 17
Brief Description and Use Case 17
Sample Command 17
debug.py --bgpd_dump 17
Brief Description and Use Case 17
Sample Command 18
Related Commands 19
debug.py --biz_pol_dump 20
Brief Description and Use Case 20
Sample Command 20

Page 2
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --bw_retest 21
Brief Description and Use Case 21
Sample Command 21
debug.py --bw_testing_dump 22
Brief Description and Use Case 22
Sample Command 22
debug.py --chat_stats 23
Brief Description and Use Case 23
Sample Command 23
Related Commands 24
debug.py --clear_arp_cache 24
Brief Description and Use Case 24
Sample Command 24
Related Commands 25
debug.py --cluster_info 25
Brief Description and Use Case 25
Sample Command 25
Related Commands 25
debug.py --control_bytes 25
Brief Description and Use Case 25
Sample Command 26
debug.py --Current_apps 27
Brief Description and Use Case 27
Sample Command 27
debug.py --Dce_edge 27
Brief Description and Use Case (see debug.py --path) 27
Sample Command 27
debug.py --De2e_delete 28
Brief Description and Use Case (see debug.py --path) 28
Sample Command 28
Related Commands 28

Page 3
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --De2e_print 29
Brief Description and Use Case 29
Sample Command 29
Related Commands 29
debug.py --debug_bw_test 30
Brief Description and Use Case 30
Sample Command 30
debug.py --dns_name_cache 30
Brief Description and Use Case 30
Sample Command 30
Related Commands 30
debug.py --dpdk_bond_dump 31
Brief Description and Use Case 31
Sample Command 31
debug.py --dpdk_ports_dump 31
Brief Description and Use Case 31
Sample Command 31
debug.py --Edge_list 32
Brief Description and Use Case 32
Sample Command 32
Related Commands 32
debug.py --Edge_peers 32
Brief Description and Use Case 32
Sample Command 33
debug.py --Fast_learning_db 34
Brief Description and Use Case 34
Sample Command 34
Related Commands 34
debug.py --Firewall_dump 34
Brief Description and Use Case 34
Sample Command 34

Page 4
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Flow_dump 35
Brief Description and Use Case 35
Sample Command 35
Related Commands 36
debug.py --flow_flush 36
Brief Description and Use Case 36
Sample Command 36
Related Commands 37
debug.py --Flow_route_dump 37
Brief Description and Use Case 37
Sample Command 37
Related Commands 38
debug.py --Gateways 38
Brief Description and Use Case 38
Sample Command 38
debug.py --Ha 38
Brief Description and Use Case 38
Sample Command 38
debug.py --ha verp 39
Brief Description and Use Case 39
Sample Command 39
debug.py --ha intf 42
Brief Description and Use Case 42
Sample Command 42
Related Commands 42
debug.py --ha lstate 43
Brief Description and Use Case 43
Sample Command 43
Related Commands 44
debug.py --ha apath 44
Brief Description and Use Case 44

Page 5
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Sample Command 44
Related Commands 45
debug.py --ha spath 45
Brief Description and Use Case 45
Sample Command 45
Related Commands 46
debug.py --ha tcp 46
Brief Description and Use Case 46
Sample Command 46
Related Commands 46
debug.py --Ha_flow_dump 48
Brief Description and Use case 48
Sample Command 48
debug.py --Ha_switch 48
Brief Description and Use case (see debug.py --path) 48
Sample Command 48
debug.py --Handoffqdbg 48
Brief Description and Use Case 48
Sample Command 48
Related Commands 49
debug.py --Hub_list 50
Brief Description and Use Case 50
Sample Command 50
Related Commands 50
debug.py --Igmp_dump 50
Brief Description and Use Case (see debug.py --path) 50
Sample Command 50
Related Commands 50
debug.py --Ike 51
Brief Description and Use Case 51
Sample Command 51

Page 6
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Related Commands 51
debug.py --Ike_childsa 52
Brief Description and Use Case 52
Sample Command 52
Related Commands 52
debug.py --Ike_debug_instance 52
Brief Description and Use Case 52
Sample Command 52
Related Commands 53
debug.py --Ike_sa 53
Brief Description and Use Case 53
Sample Command 53
Related Commands 53
debug.py --ike_setdebuglevel 53
Brief Description and Use Case 53
Sample Command 53
Related Commands 53
debug.py --Ike_setdynamiclog 54
Brief Description and Use Case 54
Sample Command 54
Related Commands 54
debug.py --Ike_spd 54
Brief Description and Use Case 54
Sample Command 54
Related Commands 54
debug.py --Interfaces 54
Brief Description and Use Case 54
Sample Command 55
Related Commands 55
debug.py --Link_stats 55
Brief Description and Use Case 55

Page 7
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Sample Command 55
Related Commands 56
debug.py --mcr_dump 57
Brief Description and Use Case 57
Sample Command 57
debug.py --pimd_dump 57
debug.py --nat_db_flush 57
debug.py --nat_dump 57
debug.py --nat_dump_depth 57
debug.py --nvs_list 58
debug.py --ospf_info 58
Brief Description and Use Case 58
Sample Command 59
debug.py --ospf_redis_dump 61
Brief Description and Use Case 61
Sample Command 61
debug.py --Ospf_view 61
Brief Description and Use Case 61
Sample Command 62
debug.py --Ospfd_dump 62
Brief Description and Use Case 62
Sample Command (see the images on the following pages) 63
debug.py --Overlay_routes 69
Brief Description and Use Case 69

Page 8
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Sample Command

69
debug.py --Path_stats 69
Brief Description and Use Case 69
Sample Command 69
Sample Command 71
Sample Command 71
Related Commands 72
debug.py --pim_neighbor 72
Brief Description and Use Case 72
debug.py --pimd_dump 72
Brief Description and Use Case 72
Sample Command 72
Related Commands 74
debug.py --pki 74
Brief Description and Use Case (see debug.py --path) 74
Sample Command 75
debug.py --pktsqed 75
debug.py --profile_dump 75
Brief Description and Use Case (see debug.py --path) 75
Sample Command 75
Related Commands 76
debug.py --Qos_link 76
Brief Description and Use Case 76
Sample Command 76

Page 9
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Qos_net 77
Brief Description and Use Case 77
Sample Command 77
debug.py --qos_dump_link 78
Brief Description and Use Case 78
Sample Command 78
debug.py --Qos_dump_net 79
Brief Description and Use Case (see debug.py --qos_dump_net) 79
Sample Command 79
debug.py --Radius_on_routed 80
Brief Description and Use Case (see debug.py --path) 80
Sample Command 80
Related Commands 80
debug.py --Reinit_routes 80
Brief Description and Use Case: 80
Sample Command: 80
Remote_routes 80
Brief Description and Use Case: 80
Sample Command: 81
debug.py --Remote_services 81
Brief Description and Use Case 81
Sample Command: 81
debug.py --routes 82
Brief Description and Use Case: 82
Sample Output: 82
Related Commands 84
debug.py --Segments 84
Brief Description and Use Case 84
debug.py --slow_learning_db 88
Brief Description and Use Case 88
Sample Command 88

Page 10
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Related Commands 88
debug.py --Uptime 89
Brief Description and Use Case 89
Sample Command 89
debug.py --vnf 89
Brief Description and Use Case 89
Sample Command 89
debug.py --vpn_test 90
Brief Description and Use Case 90
Sample Command 90
debug.py --Vrrp_dump 91
Brief Description and Use Case 91
Sample Command 91
Related Commands 93
debug.py --is_active.py 93
Brief Description and Use Case (see debug.py --path) 93
Sample Command 94
Related Commands 94
GetPolicy 94
Log Files 94
Tcpdump 94
Log Files 94
Troubleshooting 94
Activation and Initial Configuration 94
DMPO 99
Path Creation 101
Debug User connection (Packet Path) 101
Edge Offline 101
Debug HA 101
Debug Cluster 101
Performance 101

Page 11
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

DPDK Drops 103

Edged Drops 103
General Drops/Error 104
Common Performance Issues 104
DPDK Not assigned to a single CPU in Virtual Edges 104
Small Packets 104
Large Number of Flows 104
Large Configuration 104
QoS 104
Bandwidth Cap validation 104
Traffic prioritization validation 104

Page 12
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Copyright
Copyright © 2019 VMware SD-WAN by VeloCloud. All rights reserved.

This documentation is confidential and proprietary information of VMware.

Trademarks
VMware SD-WAN by VeloCloud, the VMware SD-WAN by VeloCloud Logo, among others, are registered
trademarks and/or registered service marks of VMware in the United States and other countries.

Software License Agreement

The contents of this document are subject to the User License Agreement (“License"). You may not use
this document except in compliance with the License.

Disclaimer
Software and documents distributed under the License are distributed on an "AS IS" basis, WITHOUT
WARRANTY OF ANY KIND, either expressed or implied. See the License for the specific language
governing rights and limitations under the License.

Page 13
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Overview
Purpose of this Guide
This guide provides an introduction to the VeloCloud SD-WAN Edge CLI Commands and
instructions on how to monitor your Gateway deployments.

This document is comprised of two sections, CLI Commands and Troubleshooting. The ‘CLI
Commands’ section lists all debug commands available on the Edge, along with a brief
description of each command. The ‘Troubleshooting’ section provides troubleshooting
information for various issues from the ‘CLI Commands’ section.

Version Compatibility
This guide was authored using Release 3.2.1 of the Edge as a reference. While the principles
contained in this guide are largely applicable to any version of the Edge, certain commands and
example outputs may only be relevant to Release 3.2.1.

Page 14
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

CLI Commands
debug.py --applications
Brief Description and Use Case
This command dumps the available list of applications that user traffic could be classified as
(either via the DPI engine or fast learnt via the pre-populated database).

This command is a reflection of the application map uploaded and applied to the customer
settings on the orchestrator.

Fast learnt applications are pre-populated via the application map and injected into the IP-Port
DB (indicated as ‘IP Routable’) or the Port-Protocol DB (indicated as ‘Port Routable’).

Slow application classification occurs generally via the internal DPI engine.

Sample Command
NAME DISPLAY APP_ID CLASS_ID IP ROUTABLE PORT ROUTABLE
APP_UNCLASSIFIED unclassified 0 0 False False
APP_BASE base 3 13 False False
APP_UNKNOWN unknown 4 0 False False
APP_MALFORMED malformed 5 13 False False
APP_INCOMPLETE incomplete 6 13 False False
APP_8021Q 8021q 7 13 False False
APP_AIM aim 8 10 False False
APP_AMQP amqp 9 13 False False
APP_APOLLO apollo 10 13 False False
APP_ARP arp 11 13 False False
APP_ATALK atalk 12 13 False False
APP_BGP bgp 13 13 False True
APP_BITTORRENT bittorrent 15 14 False False

Related Commands
● Verbose dumps of the same command are available to view via --verbose_applications
● A fast learnt pre-populated list of applications can be viewed against --fast_learning_db
● A DPI classified list of applications can be viewed against --slow_learning_db

debug.py --bgp_view
Brief Description and Use Cases
This command displays the consolidated list of all routes learnt via the BGP protocol from all
segments (underlay learnt BGP routes).

Important use cases:

● Check if route(s) advertised by the BGP neighbor(s) are locally learnt on the Edge.

Page 15
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

● The ‘Advertise’ field indicates if a particular route has been advertised to the overlay.
● The ‘U’ flag in the ‘Type’ field indicates if the route is classified as ‘Uplink’.
The command supports the ‘verbose’ option to display more details about each prefix in the
table.

Sample Command

debug.py --bgp_view_summary
Brief Description and Use Case
This command displays a list of all BGP neighbors configured in the system for all the
segments.
Important use cases:
● Check if the local AS number, router-id, and neighbor-ip(s) are correctly configured on
the Edge from the VCO.
● Check if the BGP neighborship to a particular neighbor is established or stuck in another
state.
● Check the number of prefixes received from a particular neighbor in the ‘Up’ state
(State/PfxRcd).

Sample Command

Page 16
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --bgp_redis_dump
Brief Description and Use Case
This command displays the list of prefixes that could be redistributed to local BGP neighbor(s).
The routes could be learnt via overlay/static/connected/OSPF protocol and re-distributed to
BGP protocol.

The command supports the ‘verbose’ option to display more details about each prefix in the
table.

Sample Command

debug.py --bgpd_dump
Brief Description and Use Case
This is the most comprehensive BGP command that is used to dump the complete BGP
database, including configuration, neighbor states (bgp_view_summary), BGP routes
(bgp_view), BGP routes, and BGP scan status per segment.

Page 17
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Sample Command

Page 18
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Related Commands
The individual commands, bgp_view and bgp_view_summary could be used for the purposes
described above.

Page 19
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --biz_pol_dump
Brief Description and Use Case
This command displays the business policy configuration of the Edge.
It is generally used to determine if a particular flow matches the user configured policy.

Sample Command

Field Definitions from the Sample Command:

● Name: Name of the policy entered in the VCO.
● Seg: The segment this policy belongs to.
● Hits: Number of times a flow matches this policy.
● RouteType:
○ E2Any: Local source to ‘Any’ destination.
○ E2C: Local Source to the Internet.
○ E2E: Local Source to the Peer Edge (secure Route).
● Priority: Indicates if the policy is configured as High, Med, or Low priority.
● Traffic Type:
○ Bulk
○ Transactional
○ Realtime
● Route Policy:
○ Gateway
○ Direct

Page 20
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

● ServiceGroup:
○ All
○ Private
○ Public-Wired
○ Public-Wireless
● Link Policy:
○ Loadbalance
○ Bw_balance
○ Replicate
● Interface: Indicates the Edge interface that is used to route traffic.
● ErrorCorrection: Error correction that will be applied upon SLA degradation.
● Link: Indicates the UUID of the link object used for link steering.

debug.py --bw_retest
Brief Description and Use Case
This command is used to perform the bandwidth retest on all links.
Performing this command re-measures the bandwidth on all paths.

Sample Command

Page 21
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --bw_testing_dump
Brief Description and Use Case
This command provides detailed bandwidth test information for each path.
It is used for triaging bandwidth test failures.

Sample Command

"

Field Definitions from the Sample Command:

● BW Test count: Number of bandwidth (bw) tests run over a link. This is reset to zero
after a successful measurement.
● RX:Bandwidth in kbps: Downstream bandwidth measured in Kbps.
● RX:Test_in_progress: Indicates that a downstream bandwidth test is in progress.
● Reschedule in progress: Indicates if the path bandwidth measurement has been
rescheduled.
● Reschedule time: The wait time before the next measurement is performed.
● TX:Bandwidth in kbps: Upstream bandwidth measured in Kbps.
● TX:Test in progress: Indicates that the upstream bandwidth test is in progress.
● Undermeasure retry count: Counter that indicates how many times the bandwidth
measurement was lower than expected. Remeasurement is performed if the measured
bandwidth is less than 90 percent of the cached bandwidth value.
● Unmeasurable retry count: Counter reflecting a retry of the bandwidth test due to
various failures.

Page 22
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

● td version: Unique path identifier.

debug.py --chat_stats
Brief Description and Use Case
This command displays detailed information for the flow chats between two endpoints. Can be
used for the following scenarios:
1. Troubleshoot connection and traffic between two endpoints
2. To determine which links are being used for certain traffic
3. Number of floats matching the following [App, SourceIP,DestinatioIP,DestinationPort]

Sample Command
velocloud vEdge 8CPU Hub:/opt/vc/bin# debug.py --chat_stats
{
"appClass": 20,
"appClassString": "APP_CLASS_VELOCLOUD",
"application": 4095,
"applicationString": "APP_VELOCLOUD_MGMT",
"bytesRx": 149,
"bytesTx": 149,
"endpoints": {
"innerHostName": "VeloCloud Edge",
"innerIp": "172.16.3.55",
"innerMac": "52:54:00:1f:84:10",
"outerHostName": "velocloud.net",
"outerIp": "216.229.0.50",
"outerPort": 123,
"segmentId": 0
},
"flowCount": 1,
"flowPath": "Edge2CloudViaGateway",
"gatewayIp": "151.0.0.16",
"links": [
{
"bytesRx": 149,
"bytesTx": 149,
"internalId": "89635b61-70ec-40d9-93f7-7582a645be01",
"logicalId": "54:7f:ee:da:c4:7c:0000",
"packetsRx": 1,
"packetsTx": 1
}.. (Multiple links possible)
],
"network": 17,
"packetsRx": 1,
"packetsTx": 1,
"transport": 17
},

Import Field Definitions:

● appClassString: Class Name
● applicationString: Application String
● bytesRx: Bytes Received
● bytesTx: Bytes Sent

Page 23
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

● Endpoints: Identifies the endpoints. Note that innerPort is not included. This this is a
representation of multiple aggregated flows, as long their endpoint IP/application and
port are the same.
● flowPath: Flow path taken, possibilities are as follows:
○ Edge2CloudViaGateway
○ Edge2CloudDirect
○ Edge2EdgeViaGateway
○ Edge2EdgeViaHub
○ Edge2EdgeDirect
○ Edge2DataCenterDirect
○ Edge2DataCenterViaGateway
○ Edge2Backhaul
○ Edge2Proxy
○ Edge2OPG
○ Routed
● Links: Links usage information
○ links.[0].BytesRx Bytes received on this link
○ links.[0].BytesTx Bytes set on this link
○ links.[0].internalId Link ID
○ links.[0].logicalId Link Logical ID
● Network: Specifies the protocol ID
● packetsRx Total packets received
● packetsRx Total Packets sent

Related Commands
Use debug.py --link to correlate the link id with the link name.

debug.py --clear_arp_cache
Brief Description and Use Case
This command clears the internal VMware SD-WAN Edge ARP cache on a per interface basis.

Sample Command
edge:ESXi-Spoke:~# debug.py --arp_dump GE3
Interface Address C-Tag Flags Mac S-Tag Source Mac State IsArp_failure_event_sent Arp Retry count
GE3 11.5.1.37 0 0 f0:8e:db:01:98:85 0 f0:8e:db:1d:00:85 ALIVE 0 0
GE3 11.5.1.254 0 0 36:ae:4c:a7:c8:e4 0 f0:8e:db:1d:00:85 ALIVE 0 0
edge:ESXi-Spoke:~# debug.py --clear_arp_cache GE3
{
"ALERT": "ARP Cache cleaned up"
}
edge:ESXi-Spoke:~# debug.py --arp_dump GE3
Interface Address C-Tag Flags Mac S-Tag Source Mac State IsArp_failure_event_sent Arp Retry count
GE3 11.5.1.254 0 0 36:ae:4c:a7:c8:e4 0 f0:8e:db:1d:00:85 ALIVE 0 0

Page 24
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

edge:ESXi-Spoke:~#

Related Commands
● debug.py --arp_dump
Dumps the arp cache for active interfaces.
Use --arp_dump <interface name> for interface the specific dump

Verbose dumps of the above command are also available.

debug.py --cluster_info Commented [1]: [email protected]

_Assigned to Craig Connors_

Brief Description and Use Case

Sample Command

Related Commands

debug.py --control_bytes
Brief Description and Use Case
This command provides insight into the number of bytes and packets of each TX and RX control
message sent on a per link basis.

--control_bytes - this displays all the non-zero bytes for each TX and RX counter.
--control_bytes all - this displays all the TX and RX counters (zero and non zero values).
--control_bytes clear - resets all the counters.

It is used to monitor the amount of control messages transmitted over the Vmware SD-WAN by
VeloCloud tunnels and is useful to triage any control message utilizing a higher link bandwidth.

Page 25
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Sample Command

Page 26
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Current_apps
Brief Description and Use Case
Similar in usage to --chat_stats and condensed for easier viewing and consumption.
Dumps the current identified 4-tuple based flow stats data.

Note: A 4-tuple chat could be a collection of multiple 5-tuple flows (each with a different source
port) and generally indicates one application session.

Sample Command
edge:K:~# debug.py --current
SRC IP DST IP DST PORT PROTOCOL SEGID APPLICATION HOSTNAME APP CLASS PATH
10.52.9.74 216.6.2.70 123 17 0 APP_VELOCLOUD_MGMT(4095) velocloud.net APP_CLASS_VELOCLOUD(20) Edge2CloudViaGateway
10.0.0.2 54.90.228.177 443 6 0 APP_VELOCLOUD_MGMT(4095) velocloud.net APP_CLASS_VELOCLOUD(20) Edge2CloudViaGateway
10.52.9.74 204.2.134.164 123 17 0 APP_VELOCLOUD_MGMT(4095) velocloud.net APP_CLASS_VELOCLOUD(20) Edge2CloudViaGateway

debug.py --Dce_edge
Brief Description and Use Case (see debug.py --path)
This command lists the tunnels formed by a spoke with its Hub. The spoke forms tunnels to the
Hub based on the information received from the Gateway. The tunnel information can be
identified by the Hub’s logical identifier and peer IP address.

Usage: debug.py [--dec_edge]

Sample Command
This example displays the list of tunnels formed by the spoke (b2-edge1) with the Hub (logical-
id:ccb39d28-103b-4cd8-a301-3567ae801d26:ccb39d28-103b-4cd8-a301-3567ae801d26). The
address column lists the IP address of tunnel’s Hub endpoint.

edge:b2-edge1:~# debug.py --dce_edge

DCE LogicalId Address
Private Type VCMP Port IKE Port NAT-t Port MPLS Network
ccb39d28-103b-4cd8-a301-3567ae801d26:ccb39d28-103b-4cd8-a301-3567ae801d26 172.16.1.2
yes DCE 2426 500 0 0
ccb39d28-103b-4cd8-a301-3567ae801d26:ccb39d28-103b-4cd8-a301-3567ae801d26 169.254.7.10
no DCE 2426 500 4500 0
ccb39d28-103b-4cd8-a301-3567ae801d26:ccb39d28-103b-4cd8-a301-3567ae801d26 169.254.9.3
no DCE 2426 500 4500 0
edge:b2-edge1:~#

Page 27
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --De2e_delete
Brief Description and Use Case (see debug.py --path)
The Branch-to-Branch VPN feature enables Edges to establish tunnels directly with their peer
Edges instead of going through the Gateway.

This command can be used to tear down tunnels that are setup between an Edge and its peer.
These tunnels are setup when the Branch-to-Branch VPN feature is enabled and traffic is
exchanged with the peer site or when traffic is exchanged with its peers in the recent past.

This command is particularly useful when an admin would like to reduce the number of Edge-to-
Edge tunnels maintained by an Edge. An Edge handling many tunnels can degrade its
performance significantly.

Usage: debug.py --de2e_delete [vce-id]

Sample Command
In the example below, the dynamic tunnels setup from ‘b2-edge1’ to peer ‘b1-edge1’ will be torn
down once provided with the correct peer logical-id (ccb39d28-103b-4cd8-a301-3567ae801d26
in this example).

edge:b2-edge1:~# debug.py --de2e_print

{'debug': 'de2e_dump'}
Peer Name Initiator Now Last Update Rx
Bytes Rx Bytes Last Tx Bytes Tx Bytes Last
ccb39d28-103b-4cd8-a301-3567ae801d26 b1-edge1 0 23038 23035 105963
105963 152646 152646
dcfc4bdf-f388-44f5-8804-ac17aace4f6f b3-edge1 1 23038 23038 117403
117260 169126 168920
edge:b2-edge1:~#
edge:b2-edge1:~# debug.py --de2e_delete ccb39d28-103b-4cd8-a301-3567ae801d26
{'vceid': 'ccb39d28-103b-4cd8-a301-3567ae801d26'}
{
"DE2E": "Dynamic tunnel tear down command issued!!"
}
edge:b2-edge1:~#

Related Commands
● debug.py --de2e_print

Page 28
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --De2e_print
Brief Description and Use Case
This command lists the tunnels currently formed by an Edge with its peers when the following
occurs:
● Branch-to-Branch VPN is enabled and traffic is exchanged with the peer sites.

Usage: debug.py --de2e_print

Sample Command
In the example, an Edge (b2-edge1) has formed tunnels with its peer Edges (b1-edge1 and b3-
edge1). The number of Rx and Tx bytes exchanged are also displayed.
edge:b2-edge1:~# debug.py --de2e_print
{'debug': 'de2e_dump'}
Peer Name Initiator Now Last Update Rx
Bytes Rx Bytes Last Tx Bytes Tx Bytes Last
ccb39d28-103b-4cd8-a301-3567ae801d26 b1-edge1 0 22292 22291 286
143 412 206
dcfc4bdf-f388-44f5-8804-ac17aace4f6f b3-edge1 1 22292 22291 11297
11154 16274 16068
edge:b2-edge1:~#

Related Commands
● debug.py --de2e_delete

Page 29
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --debug_bw_test
Brief Description and Use Case
This command is used to perform the bandwidth test on an interface basis. It requires the name
of the link for which the retest must be performed.

This command should be used when only one of the links requires remeasurement.
Usage: --debug_bw_test {GE3,GE4,GE5,GE6,GE7,GE8}

Sample Command

debug.py --dns_name_cache
Brief Description and Use Case
This command is used to dump the current entries of the edged DNS name cache. This
command is useful to determine which hostnames will be converted to IP addresses through the
local DNS name resolver for a quicker resolution.

Sample Command
velocloud edge-215:~# debug.py --dns_name_cache
NAME ADDRESS
.jellybelly.com 13.64.119.53
.r32-us3.eng.velocloud.net 52.205.50.80
.sfgate.com 98.129.228.59
velocloud edge-215:~#

Related Commands
● debug.py --dns_ip_cache dump the dns ip cache
● debug.py --dns_ip_lookup IP ADDRESS
lookup an address in the dns ip cache
● debug.py --dns_name_lookup HOSTNAME

Page 30
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

lookup a hostname in the dns domain name cache

debug.py --dpdk_bond_dump
Brief Description and Use Case
Similar to --dpdk_ports_dump - displays information about bonded interface members for a
given interface. See dpdk_port_dump for details.

Sample Command
debug.py --dpd_bond_dump bond0
name port link strip speed duplex autoneg
eth0 0 1 1 10000 1 1
eth1 1 1 1 10000 1 1

debug.py --dpdk_ports_dump
Brief Description and Use Case
This command is used to display the list of ports currently using DPDK poll-mode drivers (vs.
common Linux kernel drivers). For each port, it displays the ‘internal’ name and id, link status
(0/1), hardware vlan strip flag, effective link speed, duplex, and link auto-negotiation settings.

Sample Command
debug.py --dpdk_ports_dump
name port link strip speed duplex autoneg
eth0 0 1 1 10000 1 1
eth1 1 1 1 10000 1 1
eth2 2 0 1 0 0 0

Page 31
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Edge_list
Brief Description and Use Case
This command is currently only available when Branch-to-Branch VPN traffic is enabled.
It allows you to match the Edge with its unique LogicalD(UUID format) and ProfileId.

Sample Command
velocloud vEdge 8CPU Hub:/opt/vc/bin# debug.py --edge_list
Name LogicalId ProfileId
Edge_2000_Spoke_2 3e7691bf-b509-4039-90c4-8f568843e65a 28850056-0d39-11e8-961b-322b6f5d07eb
Edge_2000_Hub 71d7ce67-607f-4085-914e-6d68cb3d50c9 af1fe1b4-0d36-11e8-961b-322b6f5d07eb
Edge_1000_Spoke 7ae63eef-9675-44e5-a522-71872753ac10 28850056-0d39-11e8-961b-322b6f5d07eb
Edge_2000_Spoke_1 b9669a18-7781-4033-ac91-db80f38b1255 28850056-0d39-11e8-961b-322b6f5d07eb
velocloud vEdge 8CPU Hub:

Related Commands
Once you get an Edge ID you can use it to search in the logs and get debug information for that
specific end-point.

Additionally, can also check for routes for the specific destination-id.
● debug --routes | grep <logical-id>
● cat /var/log/edged.log | grep "LogicalId"

debug.py --Edge_peers
Brief Description and Use Case
This command is used to check the peers associated with an edge when branch to branch VPN
is enabled. It provides an insight into VPN peer connectivity segment wise.

Page 32
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Sample Command

Important Field Definitions:

● "peer_id": Peer’s unique logical id(UUID format).
● "segment_id": Segment id for this configuration.
● "subnet_count": Number of unique prefixes associated with this peer.
● "type": Type of peer; i.e Edge - 1, DC- 2

Page 33
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Fast_learning_db
Brief Description and Use Case
This command allows you to dump the available list of applications that the user traffic could be
classified against via the pre-populated IP-Port database (added/deleted/modified via the
orchestrator enabled application map editor).

Fast learnt applications are pre-populated via the application map and injected into the IP-Port
DB (indicated as ‘IP Routable’) or Port-Protocol DB (indicated as ‘Port Routable’).

This command simply dumps the available list of IP-Port Routable Applications.

--port_routable_apps can be further used to dump the Port-Protocol Routable Application DB.

Sample Command
IP ADDR NETMASK PORT(S) APPLICATION CLASS
199.30.107.1 255.255.255.255 [80, 5060, 8000, 8080] APP_SPEEDTEST APP_CLASS_FILE_SHARING
194.105.179.1 255.255.255.255 [80, 5060, 8000, 8080] APP_SPEEDTEST APP_CLASS_FILE_SHARING
195.64.183.1 255.255.255.255 [80, 5060, 8000, 8080] APP_SPEEDTEST APP_CLASS_FILE_SHARING
180.240.197.1 255.255.255.255 [80, 5060, 8000, 8080] APP_SPEEDTEST APP_CLASS_FILE_SHARING
77.72.2.2 255.255.255.255 [80, 5060, 8000, 8080] APP_SPEEDTEST APP_CLASS_FILE_SHARING
64.195.18.2 255.255.255.255 [80, 5060, 8000, 8080] APP_SPEEDTEST APP_CLASS_FILE_SHARING
64.111.20.2 255.255.255.255 [80, 5060, 8000, 8080] APP_SPEEDTEST APP_CLASS_FILE_SHARING
162.221.46.2 255.255.255.255 [80, 5060, 8000, 8080] APP_SPEEDTEST APP_CLASS_FILE_SHARING
198.91.48.2 255.255.255.255 [80, 5060, 8000, 8080] APP_SPEEDTEST APP_CLASS_FILE_SHARING

Related Commands
● Verbose dumps of the same command are available to view via --verbose_applications
● Fast learnt pre-populated list of applications can be viewed against --fast_learning_db
● DPI classified list of applications can be viewed against --slow_learning_db

debug.py --Firewall_dump
Brief Description and Use Case
This command allows you to dump the firewall config on the Edge.

The rule name, along with the number of hits and the action configured, will be displayed on a
per segment basis. It also displays the inbound Port-Forwarding and 1:1 NAT configurations
and associated hit counter.

Sample Command
edge:b1-edge1:~# debug.py --firewall_dump

Firewall logging for segment 0

Global firewall logging : Disabled
Segment firewall logging : Disabled

Page 34
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

====================== OUTBOUND ====================

Name Hits Action
AllowAny 5514 allow
default_inbound_outbound 0 allow
velocloud_mgmt_outbound 6895 allow

====================== INBOUND ====================

------------------PORT FORWARDING------------------
Name Protocol Interface WAN Port(s) LAN IP LAN Port Segment Id Hits

------------------ONE-TO-ONE NAT-------------------
Name Interface Outside IP Inside IP Bidirectional Allowed Protocol Allowed Port(s) Segment Id Hits

Firewall logging for segment 1

Global firewall logging : Disabled
Segment firewall logging : Disabled

====================== OUTBOUND ====================

Name Hits Action
AllowAny 2757 allow
default_inbound_outbound 0 allow
velocloud_mgmt_outbound 6895 allow

====================== INBOUND ====================

------------------PORT FORWARDING------------------
Name Protocol Interface WAN Port(s) LAN IP LAN Port Segment Id Hits
------------------ONE-TO-ONE NAT-------------------
Name Interface Outside IP Inside IP Bidirectional Allowed Protocol Allowed Port(s) Segment Id Hits

Firewall logging for segment 2

Global firewall logging : Disabled
Segment firewall logging : Disabled

====================== OUTBOUND ====================

Name Hits Action
AllowAny 1380 allow
default_inbound_outbound 0 allow
velocloud_mgmt_outbound 6895 allow

====================== INBOUND ====================

------------------PORT FORWARDING------------------
Name Protocol Interface WAN Port(s) LAN IP LAN Port Segment Id Hits

------------------ONE-TO-ONE NAT-------------------
Name Interface Outside IP Inside IP Bidirectional Allowed Protocol Allowed Port(s) Segment Id Hits
edge:b1-edge1:~#

debug.py --Flow_dump
Brief Description and Use Case
This command allows you to dump the current active flows in the device. The command has the
following syntax:
--flow_dump [local | logical-id | all] [all | dest-ip] [all|segid]

Executing this command in a heavily loaded device may result in device failure, as there may be
a large number of flows, and dumping all the flows might increase memory usage and might
terminate the process. This command should be executed with caution.

Sample Command
edge:b1-edge1:~# debug.py --flow_dump all 8.8.8.8 all

Page 35
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

FID SECURE SEGID FDSN MAX_RECV_FDSN FDSN_READ LAST_LATE_FDSN SRC_IP DEST_IP SRC_PORT DEST_PORT PROTO PRIORITY APPLICATION
APP_CLASS TRAFFIC-TYPE ROUTE-POL LINK-POL NH-ID LINK-ID FLAGS1 VERSION SRC ADDR SR DR
53614 1 0 11 10 10 0 10.0.1.25 8.8.8.8 13200 0 1 normal APP_ICMP(70) APP_CLASS_NETWORK_SERVICE(13) transactional
backhaul loadbalance 37f5da1b- N/A 0x9000800000002L 1 local 0x7f679400adb0 0x7f67dc248000 0x7f67dc24c600

edge:b1-edge1:~# debug.py --flow_dump all all 2

FID SECURE SEGID FDSN MAX_RECV_FDSN FDSN_READ LAST_LATE_FDSN SRC_IP DEST_IP SRC_PORT DEST_PORT PROTO PRIORITY
APPLICATION APP_CLASS TRAFFIC-TYPE ROUTE-POL LINK-POL NH-ID LINK-ID FLAGS1 VERSION SRC ADDR SR DR
53558 0 2 -1 -1 -1 -1 172.18.1.2 172.18.1.3 179 50508 6 normal APP_VELOCLOUD_MGMT(4095) APP_CLASS_VELOCLOUD(20)
realtime N/A N/A 00000000- N/A 0x2000002L 0 local 0x7f679400c080 0x7f67dc24aa00 0x7f67dc24cfa0
53595 0 2 -1 -1 -1 -1 172.18.1.2 172.18.1.3 179 50706 6 normal APP_VELOCLOUD_MGMT(4095) APP_CLASS_VELOCLOUD(20)
realtime N/A N/A 00000000- N/A 0x2000002L 0 local 0x7f679400d5a0 0x7f67dc24aa00 0x7f67dc24cfa0

Definitions from Sample Command:

● FID - Flow id
● FDSN - No of packets sent in VCMP
FDSN_READ - Packets received in VCMP
SRC - whether it is locally created flow or remote synced flow

Related Commands
debug.py --flow_route_dump can be used to dump the source route and destination route for
the particular flow.
debug.py --flow_flush can be used to flush the particular flow.

debug.py --flow_flush
Brief Description and Use Case
This command clears/deletes a particular flow or all flows.

When any business policy is applied and the flow is stuck in the old policy for some reason, you
can clear the flow/flows to force the flow to use latest business policies.
● Running this command without any argument deletes all flows.
● To delete a particular flow, you should use the flow id as the argument. The flow id can
be retrieved from the flow_dump command.

Sample Command
edge:b1-edge1:~# debug.py --flow_flush
{
"ALERT": "Flow cleaned up"
}

edge:b1-edge1:~# debug.py --flow_flush 53595

{
"ALERT": "Flow cleaned up"
edge:b1-edge1:~# debug.py --flow_dump all all 2

Page 36
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

FID SECURE SEGID FDSN MAX_RECV_FDSN FDSN_READ LAST_LATE_FDSN

SRC_IP DEST_IP SRC_PORT DEST_PORT PROTO PRIORITY
APPLICATION APP_CLASS TRAFFIC-TYPE ROUTE-POL LINK-POL
NH-ID LINK-ID FLAGS1 VERSION SRC ADDR SR
DR
53684 0 2 -1 -1 -1 -1
172.18.1.2 172.18.1.3 179 51092 6 normal
APP_VELOCLOUD_MGMT(4095) APP_CLASS_VELOCLOUD(20) realtime N/A
N/A 00000000- N/A 0x2000001L 0 local 0x7f679400d5a0
0x7f67dc24aa00 0x7f67dc24cfa0
edge:b1-edge1:~#

Related Commands
debug.py --flow_dump can be used to dump the current active flows in the device.

debug.py --Flow_route_dump
Brief Description and Use Case
This command allows you to dump the source route and destination route used in the current
active flow in the device. The command has the following syntax:
--flow_route_dump [local | logical-id | all] [all | dest-ip] [all|segid] [flowIdx | noroute]

The first three arguments follow the same convention as the flow_dump debug command.
The fourth argument can be the flow id, which can be retrieved from the flow_dump debug
command, which is used to dump the src and dst routes associated with the particular flow.
no_route argument behaves similar to the flow_dump command

Sample Command
edge:b1-edge1:~# debug.py --flow_dump all all 1
FID SECURE SEGID FDSN MAX_RECV_FDSN FDSN_READ LAST_LATE_FDSN SRC_IP DEST_IP SRC_PORT DEST_PORT PROTO PRIORITY
APPLICATION APP_CLASS TRAFFIC-TYPE ROUTE-POL LINK-POL NH-ID LINK-ID FLAGS1 VERSION SRC ADDR SR DR
53715 0 1 -1 -1 -1 -1 172.17.1.10 172.17.1.11 179 39604 6 normal APP_VELOCLOUD_MGMT(4095) APP_CLASS_VELOCLOUD(20)
realtime N/A N/A 00000000- N/A 0x2000001L 0 local 0x7f679400fda0 0x7f67dc24ad80 0x7f67dc249dc0
53709 0 1 -1 -1 -1 -1 172.17.1.2 172.17.1.3 179 43192 6 normal APP_VELOCLOUD_MGMT(4095) APP_CLASS_VELOCLOUD(20)
realtime N/A N/A 00000000- N/A 0x2000002L 0 local 0x7f6794006fa0 0x7f67dc24a920 0x7f67dc249ce0

edge:b1-edge1:~# debug.py --flow_route_dump all all 1 53709

Address Netmask Type Gateway Next Hop ID Dst LogicalId Reachable Metric Preference Flags Vlan Intf Sub-Intf-Id MTU
172.17.1.2 255.255.255.255 any any N/A N/A True 0 0 Ss 100 GE6 100 N/A
172.17.1.0 255.255.255.248 any any N/A N/A True 0 0 CS 100 GE6 100 N/A
P - PG, D - DCE, L - LAN SR, C - Connected, O - External, W - WAN SR, S - SecureEligible, R - Remote, s - self, H - HA, m - Management, n - nonVelocloud, v - ViaVeloCloud

Page 37
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Related Commands
● debug.py --flow_dump can be used to dump the current active flows in the device.

debug.py --Gateways
Brief Description and Use Case
This command dumps the list of VMware SD-WAN Gateways (peers) that the Edge has been
configured to establish an overlay with the peer.

Sample Command
edge:K:~# debug.py --gateways
[
{
"CDE Enabled": 0,
"Controller": 0,
"IPSec gateway IP Addr": "N/A",
"Local Gateway": true,
"LogicalId": "fb0bc136-0000-0000-0000-000000000000",
"Name": "kontiki-gw",
"Primary Global GW": 1,
"Private IP Address": "N/A",
"Public IP Address": "54.193.11.251",
"Type": "Public",
"epType": 16,
"onPremise": "No",
"peer_state": "ALIVE",
"private_network_id": 0,
"state": "ACTIVE"
}
]

debug.py --Ha
Brief Description and Use Case
This command gets details about the state of High Availability.
There are multiple sub-commands to this option.

Sample Command
debug.py --ha verp
debug.py --ha intf
debug.py --ha lstate
debug.py --ha apth
debug.py --ha spath
debug.py --ha tcp

Page 38
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --ha verp

Brief Description and Use Case
This is the main command to get details about the state of High Availability.
Describes the state of the current Edge. This command must be executed on individual Edges
in the HA to understand the state independently.

Sample Command
debug.py --ha verp
[
{
"Active events": 0,
"Degraded lan heartbeats": 0,
"Degraded wan heartbeats": 0,
"Drop packets": 0,
"Failover interval ms": 700,
"Force switch": 0,
"HA event qdrop": 0,
"HA event qlen": 0,
"HA pkt pool fail": 0,
"HA pkt pool free": 256,
"HA skb pool fail": 0,
"HA skb pool free": 256,
"Heartbeat interval ms": 100,
"Init count": 0,
"My HA State": "ACTIVE",
"Num Degraded lan/wan heartbeats checked": 7,
"Peer Activated": 1,
"Peer CERT": 0,
"Peer CSR": 0,
"Peer HA State": "STANDBY",
"Peer HA version": 9,
"Peer Key seen": 1,
"Peer SN": "VCE0840000XXXX",
"Peer Serial Number": 0,
"Pvt Wan hold down (ms)": 0,
"Real Peer HA version": 9,
"Seconds post flow flood": 161080,
"Self Key read": 1,
"Self mac count": 0,
"Self mac previous": 0,
"Serial Number": "VCE0840000XXXX",
"Skip Pvt for LAN election": 1,
"Switched over in last 5 secs": 0,
"Switchover time": 0,
"Swover on ARP down secs": 0,
"Swover on intfdown": 1,
"Swover wait on intfdown": 15,
"UP Lan interfaces": 4,
"UP PPPoE interfaces": 0,
"UP Private interfaces": 0,
"UP Wan interfaces": 1,
"Use Peer": 1,
"VCO event qlen": 0,
"VCO qdrop": 0

Page 39
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

}
]

Field Definitions from the Sample Command:

● Active events - Number of packets received from active Edge.
● Degraded lan heartbeats - When the Edge detects the number of lan interfaces on the
peer Edge is more than the current edge, for each such heartbeat from peer received,
this count is incremented. When goes beyond limit (e.g. 7), the peer will take over as
active.
● Degraded wan heartbeats - Same as above but done for WAN interfaces.
● Drop packets - Set to 1 on STANDBY edge - indicates to drop packets. On active, this
will be zero.
● Failover interval ms - The time interval to wait for the heartbeat from peer before
announcing the peer as dead.
● HA event qdrop - Internal module event queue drop count.
● HA event qlen - Internal module event queue length.
● Heartbeat interval ms - Interval in ms to send to the HA heartbeats.
● My HA State - Current state of the Edge.
Edge states can be one of the following:
UNKNOWN - When the standalone (HA is not enabled)
INITIALIZING - When the Edge is brought up and the state of Active/Standby is not yet
determined.
ACTIVE - In an active state. Handles the control and data traffic.
STANDBY - In a standby state.
● Num Degraded lan/wan heartbeats checked - Number of heartbeats to be checked
before triggering a failover when the peer is detected to have more LAN or WAN
interfaces than the current Edge.
● Peer Activated - Indicates if the peer Edge has been activated by the VCO (value of 1)
or not (value 0).
● Peer CERT - Length of the certificate received during sync from the peer.
● Peer CSR - Length of the CSR received from the peer.
● Peer HA State - State of the peer Edge.
This can be one of the following:
UNKNOWN - When the standalone (HA is not enabled).
INITIALIZING - When the Edge is brought up and the state of Active/Standby is not yet
determined.
ACTIVE - In active state. Handles the control and data traffic
STANDBY - In standby state.
● Peer HA version - Version of the HA software - internal number.
● Peer Key seen - Indicates if a peer sent its security key

Page 40
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

● Peer SN - Serial Number of the peer.

● Peer Serial Number - Numeric value of the serial number of the peer.
● Real Peer HA version - Internal version of the HA software.
● Seconds post flow flood - Time since the bulk sync of flow to the peer.
● Serial Number - Current Edge serial number.
● Skip Pvt for LAN election - Flags to indicate priority given to private links over LAN.
● Switched over in last 5 secs - Indicates when the last switch over occurred.
● Switchover time - Indicates the time when the last switchover occurred.
● Swover on ARP down secs - Seconds to wait from next hop on LAN before triggering a
failover
● Swover on intfdown - Indicates if a failover should be triggered based on LAN/WAN
interface count check.
● Swover wait on intfdown - The wait time between two successive failovers based on
the count of LAN/WAN interfaces.
● UP Lan interfaces - Number of LAN side interfaces that the state is UP.
● UP PPPoE interfaces - Number of PPPoE configured interface that is the state is UP.
● UP Private interfaces - Number of interfaces configured for private links that the state is
UP.
● UP Wan interfaces - Number of WAN interfaces configured that the state is UP.
● Use Peer - Indicates the WAN link from STANDBY peer is being used if that WAN link is
down on the Active Edge. (Enhanced HA)
● VCO event qlen - Internal VeloCloud Orchestrator event send queue length
● VCO qdrop - Number of the drops while sending events to the VCO.

Page 41
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --ha intf

Brief Description and Use Case
This command lists the details of the links synced with the peer Edge.

Sample Command
debug.py --ha intf
[
{
"my_table_version": 0,
"peer_table_version": 2054625046
},
{
"HA IP": "169.254.7.10",
"HA IPMASK": "255.255.255.248",
"LINKID": "00000003-5b53-4850-be21-78441134abed",
"NHOP IP": "169.254.7.9",
"NHOP MAC": "00:ba:be:60:00:c2",
"SOCK ARP STATE": 0,
"SOCK IP": "169.254.7.10",
"SOCK MAC": "f0:8e:db:ab:ed:82",
"SOCK PEERIP": "169.254.7.9",
"SOCK PEERMAC": "00:ba:be:60:00:c2",
"physical": "eth2"
}
]

Important Field Definitions:

● Peer_table_version - These two indicate the version of the data that each Edge has.
● HA IP - Interface IP.
● HA_IPMASK - Net Mask of the interface.
● LINKID - Internal logical id of the link.
● NHOP IP - Next hop IP of the interface.
● NHOP MAC - MAC address of the Next HOP.
● SOCK ARP STATE - State of the MAC (alive or dead).
● SOCK IP - IP in the interface socket.
● SOCK MAC - MAC address of the interface set in the interface socket.
● SOCK PEERIP - Next hop IP set in the socket.
● SOCK PEERMAC - Next hop MAC set in the socket.
● Physical - Physical interface name.

Related Commands
Used with ‘debug.py --ha verp’, ‘debug.py --link’ and ‘debug.py --path’ to determine the interface
and overall HA state.

Page 42
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --ha lstate

Brief Description and Use Case
This command provides the details of the interfaces synced with the peer Edge.
This is useful mainly if deployed with Enhanced HA

Sample Command
debug.py --ha lstate
[
{
"HA IP": "169.254.7.10",
"HA IPMASK": "255.255.255.248",
"IF STATE": "USED_BY_PEER",
"LINK IDENTIFIER": 101,
"LINK STATE": 1,
"LINKID": "00000003-5b53-4850-be21-78441134abed",
"NHOP IP": "169.254.7.9",
"NHOP MAC": "00:ba:be:60:00:c2",
"PEER LINK STATE": 0,
"PEER USE": 1,
"POINTER": "0xc1e2300",
"SOCK ARP STATE": 0,
"SOCK IP": "169.254.7.10",
"SOCK MAC": "f0:8e:db:ab:ed:82",
"SOCK PEERIP": "169.254.7.9",
"SOCK PEERMAC": "00:ba:be:60:00:c2",
"logical": "GE3",
"physical": "eth2"
}
]

Field Definitions from the Sample Command:

● HA IP - Interface IP
● HA_IPMASK - Net Mask of the interface
● IF STATE - Interface state. It can be one of the following:
○ LOCAL UP - if interface is up in the local edge
○ LOCAL DOWN - if the interface is down in the local edge
○ USE_PEER - Seen only on ACTIVE edge when interface uses the peer
(standby’s) to build a overlay via standby.
○ USED_BY_PEER - Seen only on STANDBY when interface is used by the
active to build a wan overlay.
● LINK IDENTIFIER - Internal number to identify the interface.
● LINK STATE - Indicates the interface status in the local Edge. 0 - down, 1 up.
● LINKID - Internal logical id of the link.
● NHOP IP - Next hop IP of the interface.
● NHOP MAC - MAC address of the Next HOP.
● PEER LINK STATE - State of the interface in the standby Edge. 0 - down, 1 - up.
● PEER USE - Indicates local using or used by the peer.
● POINTER - Memory location of the data in memory.
● SOCK ARP STATE - State of the MAC (alive or dead).

Page 43
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

● SOCK IP - IP in the interface socket.

● SOCK MAC - MAC address of the interface set in the interface socket.
● SOCK PEERIP - Next hop IP set in the socket.
● SOCK PEERMAC - Next hop MAC set in the socket
● Logical - Logical name of the interface.
● Physical - Physical interface name.

Related Commands
Used with ‘debug.py --ha verp’, ‘debug.py --link’, ‘debug.py --path’ and ‘debug.py --verbose_arp’
to understand the interface and the state.

debug.py --ha apath

Brief Description and Use Case
This command is for the Edge in the standby state. This provides the path details synced from
the active Edge.

Sample Command
debug.py --ha apath
[
{
"my_table_version": 0,
"peer_table_version": 2054623950,
"which path": "active"
},
{
"Gateway IP": "169.254.10.2",
"Local IP": "169.254.6.37",
"Logical ID": "00000004-5b53-4850-be21-78441134abed",
"TD version": "3972188945"
},
{
"Gateway IP": "169.254.10.2",
"Local IP": "169.254.7.10",
"Logical ID": "00000003-5b53-4850-be21-78441134abed",
"TD version": "2054623939"
}
]

Field Definitions from the Sample Command:

● My_table_version - Indicates the version of the table maintained on the local Edge.
● Peer_table_version - Indicates the version of the table maintained in the peer Edge for
the data.
● Which path - Indicates the active path table.
● Gateway IP - The destination endpoint for the path (WAN overlay).
● Local IP - The source endpoint for the path (WAN overlay).
● Logical ID - The link over which this path is established on the active. This provides the
logical id of the link.

Page 44
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

● TD version - Version number in the path.

Related Commands
debug.py --path on the active,
debug.py --ha verp provides the HA state.
debug.py --ha apath on the standby to see this matches the path output on the active.
debug.py --ha spath to check on the active edge

debug.py --ha spath

Brief Description and Use Case
This command is for the Edge in the active state. This command provides the path details that
will be synced to the standby Edge.

Sample Command
debug.py --ha spath
[
{
"my_table_version": 2054623950,
"peer_table_version": -322778341,
"which path": "standby"
},
{
"Gateway IP": "169.254.10.2",
"Local IP": "169.254.6.37",
"Logical ID": "00000004-5b53-4850-be21-78441134abed",
"TD version": "3972188945"
},
{
"Gateway IP": "169.254.10.2",
"Local IP": "169.254.7.10",
"Logical ID": "00000003-5b53-4850-be21-78441134abed",
"TD version": "2054623939"
}
]

Field Definitions from the Sample Command:

● My_table_version - Indicates the version of the table maintained on the local Edge.
● Peer_table_version - Indicates the version of the table maintained on the peer Edge for
the data.
● Which path - Indicates the active path table.
● Gateway IP - The destination endpoint for the path (WAN overlay).
● Local IP - The source endpoint for the path (WAN overlay).
● Logical ID - The link over which this path is established on the active. This provides the
logical id of the link.
● TD version - Version number in the path.

Page 45
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Related Commands
debug.py --path on the active.
debug.py --ha verp provides the HA state.
debug.py --ha apath on the standby to see this matches the path output on the active.
debug.py --ha spath on the active to match with apath output on the standby.

debug.py --ha tcp

Brief Description and Use Case
This command provides data about the internal communication for syncing data in the HA
module.

Sample Command
debug.py --ha tcp
[
{
"active fd": 106,
"bad_msg": 0,
"flow_floods": 1,
"flow_qlen": 0,
"ha state": "ACTIVE",
"rd offset": 0,
"remote fd": 107,
"standby fd": 106,
"sync_fail": 0,
"tcp state": "ACCEPTED"
}
]

Definitions from the Sample Command:

● active_fd - File descriptor listening for local communication.
● bad_msg - Unknown sync data received from peer.
● flow_floods - Indicates a bulk sync of flows performed from active to standby.
● flow_qlen - Length of internal queue to send the data.
● ha state - HA state - ACTIVE/STANDBY.
● rd offset - Internal offset position in reading the data.
● remote fd - File descriptor to communicate to the peer.
● standby fd - File descriptor used when the HA state is in standby.
● sync_fail - Number of times the sync to peer failed.
● tcp state - Indicates the TCP state of the connection between the peers.

Related Commands
● Debug.py --ha verp
● Tcpdump on the br-HA interface
● Netstat -antp

Page 46
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Page 47
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Ha_flow_dump
Brief Description and Use case
This command provides data about flows synced from the active. Executed on the standby.
The flows via the Gateway are not synced.

Sample Command
debug.py --ha_flow_dump all
INTF OSIP ODIP OSPORT ODPORT OPROTO MSIP MDIP MSPORT MDPORT MPROTO ROUTE MAC APP CLASS
RETRY NRETRIES
00000003-5b53-4850-be21-78441134abed
10.0.1.25 169.254.6.18 2505 0 ICMP 0.0.0.0 0.0.0.0 0 0 ICMP 1 00:ba:be:5f:27:0c APP_ICMP APP_CLASS_NETWORK_SERVICE 0 0
00000003-5b53-4850-be21-78441134abed
10.0.1.25 169.254.6.18 2495 0 ICMP 0.0.0.0 0.0.0.0 0 0 ICMP 1 00:ba:be:5f:27:0c APP_ICMP APP_CLASS_NETWORK_SERVICE 0 0

Field Definitions from the Sample Command:

INTF is the interface from which the packet egressed.
The remaining field definitions from the output is the same data as in flow_dump and nat_dump.

debug.py --Ha_switch
Brief Description and Use case (see debug.py --path)
This command is used for forcing a failover manually. Performed only on the active Edge.

Sample Command
debug.py --ha_switch
Server was not listening

debug.py --Handoffqdbg
Brief Description and Use Case
This command is used to see the handoff queue for each process in Edged. Generally, this
command is used to determine if the Edge is running out of CPU and the threads are not able to
process their queues in time.

Sample Command
velocloud vEdge 8CPU Hub:/opt/vc/bin# debug.py --hand
Name qlimit lockfree sleeping wokenup enq deq drops head tail dummy next state
encrypt_0 4096 0 1 4434273 4476010 4476010 0 0x44c5d90 0x44c5d90 0x44c5d90 0x0 NORMAL
encrypt_1 4096 0 1 1511682 1520397 1520397 0 0x44c8110 0x44c8110 0x44c8110 0x0 NORMAL
haproxy_rx 2048 0 1 0 0 0 0 0x44ceb90 0x44ceb90 0x44ceb90 0x0 NORMAL

Page 48
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

vcmp_init 1024 0 1 45 45 45 0 0x44a2590 0x44a2590 0x44a2590 0x0 NORMAL

vcmp_ctrl_0 40960 0 1 286032 286032 286032 0 0x44c1690 0x44c1690 0x44c1690 0x0 NORMAL
vcmp_ctrl_1 40960 0 1 65945 65945 65945 0 0x44c3a10 0x44c3a10 0x44c3a10 0x0 NORMAL
vcmp_data_0 1024 0 1 4386199 4496135 4496135 0 0x44a4910 0x44a4910 0x44a4910 0x0 NORMAL
vcmp_data_1 1024 0 1 1458541 1501870 1501870 0 0x44a6c90 0x44a6c90 0x44a6c90 0x0 NORMAL
vcmp_bh_bottom 10240 0 1 1227 1227 1227 0 0x44ad710 0x44ad710 0x44ad710 0x0 NORMAL
ike_bh 1024 0 1 20093 26120 26120 0 0x44afa90 0x44afa90 0x44afa90 0x0 NORMAL
mc_readq 1024 0 1 0 0 0 0 0x44a01d0 0x44a01d0 0x44a01d0 0x0 NORMAL
natt_0 1024 0 1 1791287 1869627 1869627 0 0x44b1e10 0x44b1e10 0x44b1e10 0x0 NORMAL
natt_1 1024 0 1 571888 605521 605521 0 0x44b4190 0x44b4190 0x44b4190 0x0 NORMAL
esp_0 1024 0 1 0 0 0 0 0x44ca490 0x44ca490 0x44ca490 0x0 NORMAL
esp_1 1024 0 1 0 0 0 0 0x44cc810 0x44cc810 0x44cc810 0x0 NORMAL
ipv4_bh 2048 0 1 117232 119213 119213 0 0x44ab390 0x44ab390 0x44ab390 0x0 NORMAL
cloud_bh_bottom 2048 0 1 1276 1276 1276 0 0x44a9010 0x44a9010 0x44a9010 0x0 NORMAL
cloud_txq 1024 0 1 1227 1227 1227 0 0x44b8890 0x44b8890 0x44b8890 0x0 NORMAL
vcmp_tx 2048 0 1 0 0 0 0 0x44b6510 0x44b6510 0x44b6510 0x0 NORMAL
glob_ls_0 1024 0 1 11728338 11991530 11991530 0 0xdcad380 0xdcad380 0xdcad380 0x0 NORMAL
velocloud vEdge 8CPU Hub:/opt/vc/bin#

Related Commands
Used with other performance debug commands
● Top -H
● dispcnt -s missed -s dropped -s fail -s error -z
● debug --health

Page 49
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Hub_list Commented [2]: [email protected]

_Assigned to Thilak Raj_

Brief Description and Use Case

This command displays the Hubs that the Spoke Edge is connected to.

Sample Command
/ # /opt/vc/bin/debug.py --hub_list
LogicalId Type Order
9917c6fa-8571-4e1d-994a-157a180967d4 VPN_HUB 9
c1041f78-9b0a-4bce-84d3-d0f7f5388a9f VPN_HUB 10

Field Definitions from the Sample Command:

● LogicalId: Unique identifier of the Hub.
● Type: VPN HUB -Since it displays only Hubs, it always displays VPN_HUB.
● Order: As determined by the VCO.

Related Commands
Debu.py --dce

debug.py --Igmp_dump Commented [3]: [email protected]

_Assigned to Ravi Konduri_

Brief Description and Use Case (see debug.py --path)

Sample Command

Related Commands

Page 50
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Ike
Brief Description and Use Case
This command is used to display the IKE status of the device.

Sample Command
velocloud E1:~# debug.py --ike
{
"descriptors": [
{
"cookie": "0x2",
"dest": "50.50.52.10",
"dest-fingerPrint": "B408492DEDB790E6AEE488AE8754EEE44B437775",
"dest-issuer": "C=US S=CA L=Palo Alto O=Velocloud Networks Inc. OU=Development CN=ROOTCA",
"dest-issuer-keyId": "8D3F015457F43BFA9B7053EED887D5CE282C288C",
"dest-sn": "00D2A21BA3CCA267C9",
"dest-subject": "CN=gateway93d2acc7-2319-4b5a-a849-e089eb9addc3 CN=50.50.52.10 OU=110a0c9d-100f-11e9-a5fa-06437485e620 O=VeloCloud Inc.
serialNumber=92:11:d0:ae:b1:a6 title=gateway",
"enterprise": "8637f55c-3b3b-40a5-bb0e-12a232a910a2",
"enterpriseLogicalId": "8637f55c-3b3b-40a5-bb0e-12a232a910a2",
"host": "11.1.1.10",
"host-fingerPrint": "7FF311F3885272F1460FF94108FCD1FAF8AC338D",
"host-issuer": "C=US S=CA L=Palo Alto O=Velocloud Networks Inc. OU=Development CN=ROOTCA",
"host-subject": "CN=363d83c6-c127-40e6-8652-53c7d7007c4a O=8637f55c-3b3b-40a5-bb0e-12a232a910a2 serialNumber=90b48be5-8070-0f49-a3e3-b5f9ba352986 title=edge",
"ike_cookie_cnt": 0,
"inst_id": 2,
"logicalId": "0a343232-0000-0000-0000-000000000000",
"name": "xen03-gw-02",
"refcnt": 6,
"source": "11.1.1.10",
"state": "UP",
"td_version": "532537999",
"type": "Velocloud",
"up": 1,
"version": 2
}
],
"name": "IKE"
}

Field Definitions from the Sample Command:

● Cookie: Internal ID
● Inst_id: Server instance (Same as Cookie)
● Version: IKE version
● Td_version: used to associate which path this ike session bind to

Related Commands
Used with other performance debug commands as follows:
● Debug.py --ike_spd
● Debug.py --ike_sa
● Debug.py --ike_childsa

Page 51
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Ike_childsa
Brief Description and Use Case
This command is used to display phase-2 or child SA status of the device.

Sample Command
velocloud E1:~# debug.py --ike_childsa
Child SA
===============================================================================================================================================
===============================================
Index Users Cookie SpdId IkeSaId Flags Dir Spi Usage PeerPort Auth Encr Tunnel // Traffic
973|974 0001 0x2 80000004 8f9e1dae 00100019 outbound initiator bcbeadee 34/100 2426/* null gcm_20 // 11.1.1.10 > 50.50.52.10
974|973 0001 0x2 0003 8f9e1dae 0010001d inbound initiator d0804768 34/100 2426/* null gcm_20 // 11.1.1.10 < 50.50.52.10
975|976 0001 0x1 80000002 8f9e1d7d 00100019 outbound initiator 8610e30c 34/100 2426/* null gcm_20 // 11.1.1.10 > 50.50.51.10
976|975 0001 0x1 0001 8f9e1d7d 0010001d inbound initiator b2e65d7c 34/100 2426/* null gcm_20 // 11.1.1.10 < 50.50.51.10

Field Definitions from the Sample Command:

● Cookie: Internal ID
● SPI: Security parameter index
● Usage: Time in seconds
● Auth: Authentication methods
● Encr: Encryption algorithms

Related Commands
Used with other performance debug commands.
● Debug.py --ike_spd
● Debug.py --ike_sa
● Debug.py --ike

debug.py --Ike_debug_instance
Brief Description and Use Case
This command is used to enable IKE debug messages for a particular IKE instance for 60
seconds.
The debug output is in the /var/log/ike.log

Sample Command
Debug.py --ike_debug_instance <inst_id>
velocloud E1:~# debug.py --ike_debug_instance 4
{
"Enabled debugging on": "4"
}

Page 52
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Related Commands
Used with other performance debug commands
● Debug.py --ike

debug.py --Ike_sa
Brief Description and Use Case
This command is used to display phase-1 or parent SA status of the device.

Sample Command
velocloud E1:~# debug.py --ike_sa
IKE SA
===============================================================================================================================================
=======
Index IkeSaId Cookie IKE Flags Dir NAT Ike Spi/Cookie PeerAddr State Usage
80 8f9e1d7d 0x1 v2 0100080d initiator local peer {4b73b80ef99af58b cbccdc254be7fd6f} 50.50.51.10[2426] MAIN_I 349/600
81 8f9e1dae 0x2 v2 0100081d initiator local peer {cf32a7f464f7e0bd aa4edb5033c837ea} 50.50.52.10[2426] MAIN_I 209/600

Related Commands
Used with other performance debug commands
● Debug.py --ike_spd
● Debug.py --ike_childsa
● Debug.py --ike

debug.py --ike_setdebuglevel
Brief Description and Use Case
This command is used to enable IKE debug messages for all IKE instances. The debug output
is in the /var/log/ike.log.
The default debug level is 4. Set it to level 7 to see more details.

Sample Command
“Debug.py --ike_setdebuglevel 7” to see more details.
“Debug.py --ike_setdebuglevel 4” to restore to the default.

Related Commands
● Debug.py --ike_set_debug_instance <inst_id>

Page 53
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Ike_setdynamiclog
Brief Description and Use Case
This command is used to turn on/off the dynamic IKE log. By default, the IKE log will turn on for
60 seconds if the IKE negotiation failed. You can turn it off when necessary.

Sample Command
Debug.py --ike_setdynamiclog <0/1>

Related Commands
● Debug.py --ike_set_debug_instance <inst_id>

debug.py --Ike_spd
Brief Description and Use Case
This command is used to display the IKE security parameters of the device.

Sample Command
velocloud E1:~# debug.py --ike_spd
Security Policy
===============================================================================================================================================
=======
Index SpdId Cookie Flags Mode SecuProto Auth Encr Tunnel Traffic
1 0001 0x1 0000000d Transport ESP any_16 11.1.1.10 <-> 50.50.51.10
2 0003 0x2 0000000d Transport ESP any_16 11.1.1.10 <-> 50.50.52.10

Related Commands
Used with other performance debug commands:
● Debug.py --ike_sa
● Debug.py --ike_childsa
● Debug.py --ike

debug.py --Interfaces
Brief Description and Use Case
This command displays the current interface configuration by edged. Shows both LAN and
WAN interfaces configured in edged along with the following information:
● advertise -- route advertisement for this interface and whether enabled
● ip_addr -- static or DHCP assigned ip address to this interface
● logical_name --Logical name of this interface used internally and externally

Page 54
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

● netmask -- mask used to determine the subnet

● physical_name -- Physical name of this interface used internally
● rpf -- Reverse Path Forwarding for this interface
● secondaryips --assigned secondary IP addresses for subinterfaces for this interface
● segment_id -- segment id for this network segment
● subinterfaces -- any virtual interfaces for this interface
● trusted -- accept ingress traffic from multiple sources
● type -- type of interface defined as LAN or WAN
● underlay_accounting -- set scheduler accounting for underlay traffic
● up -- current link up/down for this interface

Sample Command
velocloud edge-215:~# debug.py --interfaces
[
{
"advertise": false,
"ip_addr": "10.33.33.193",
"logical_name": "GE1",
"netmask": "255.255.255.255",
"nhop": "0.0.0.0",
"physical_name": "ge1",
"rpf": "SPECIFIC",
"secondaryips": [],
"segment_id": 0,
"subinterfaces": [],
"trusted": false,
"type": "WAN",
"underlay_accounting": true,
"up": true
}
]
velocloud edge-215:~#

Related Commands
debug.py --dpdk_ports_dump Dump dpdk port information

debug.py --Link_stats
Brief Description and Use Case
This command is used to dump the information about the Auto-discovered or User-Defined
WAN link objects.

Sample Command
Name Interface VLAN Mode Type MTU Backup LocalIpAddr PublicIpAddr
LogicalId InternalLogicalId LinkMode State VPN State
bandwidthKbpsTx bandwidthKbpsRx BytesTx BytesRx

66.170.99.1 GE3 NONE PUBLIC WIRED 1500 FALSE 10.52.9.74 66.170.99.1

00:00:0c:9f:f5:8f:0000 00000003-fb2c-4d49-9129-221d5ce0d1ed ACTIVE STABLE STABLE
410666 661089 29167 68360

Page 55
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

66.170.99.2 GE4 NONE PUBLIC WIRED 1500 FALSE 10.33.33.175 66.170.99.2

00:00:0c:9f:f1:49:0000 00000004-fb2c-4d49-9129-221d5ce0d1ed ACTIVE STABLE STABLE
364620 757121 108091 41908

Field Definitions from the Sample Command:

● Interface: Indicates the interface on which the WAN link is inserted.
● VLAN: Indicates the VLAN used to build the WAN link and reach the next-hop Gateway.
● Mode: Indicates if PUBLIC or PRIVATE link is detected.
● Type: Indicates if WIRED or WIRELESS link is detected.
● MTU: Maximum Transmission Unit for this WAN link (detected via path MTU discovery).
● LocalIpAddr: IP used to access and initiate the connection.
Note: This could be a locally assigned private IP address that gets NATd upstream.
● PublicIpAddr: Actual IP address of the WAN link as reported by the Gateway.
● Backup: Indicates if the link is configured for backup use.
● InternalLogicalId: Unique UUID used for link identification.
● bandwidthKbpstx:The calculated upload Bandwidth as measured during link
initialization.This bandwdith measurement is generally performed with the assigned
primary Gateway. If this value is manually configured it will simply be what the
administrator set.
● bandwidthKbpsRx:The calculated download Bandwidth as measured during link
initialization.This bandwidth measurement is generally performed with the assigned
primary Gateway. If this value is manually configured it will simply be what the
administrator set.
● State
○ INITIAL: First stage in life of a link, indicates no established paths to any peer.
○ UNSTABLE: The link has no STABLE paths, but at least 1 UNSTABLE path
detected, which indicates there might be some loss/latency/jitter on the link.
(Conditions such as 3 missing heartbeats or measured lossPct > 10% will cause
the path to go into an UNSTABLE state).
○ STABLE: The link has at least 1 bi-directional connected STABLE path within
SLA.
○ QUIET: The link has no STABLE/UNSTABLE paths - at least 1 QUIET is path
detected (i.e loss > 700ms detected).
○ DEAD: If the link has not received any packets after seven seconds, the link will
be removed, and will return to an INITIAL state.

Related Commands
● Individual path status on each link can be viewed via --path_status.
● grep ‘LINKFSM’ in edged.log should give additional details on the link state changes and
corresponding timestamps.

Page 56
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

2019-01-24T00:48:01.998 SEVERE [LINKFSM] run_link_fsm:386 Link GE4 is now in UNSTABLE

state
2019-01-24T00:48:01.998 SEVERE [LINKFSM] run_link_fsm:399 Link GE4 is no longer DEAD
2019-01-24T00:48:02.049 SEVERE [LINKFSM] run_link_fsm:386 Link GE4 is now in STABLE state
2019-01-24T00:48:03.001 SEVERE [LINKFSM] run_link_fsm:386 Link GE3 is now in UNSTABLE
state
2019-01-24T00:48:03.001 SEVERE [LINKFSM] run_link_fsm:399 Link GE3 is no longer DEAD
2019-01-24T00:48:03.051 SEVERE [LINKFSM] run_link_fsm:386 Link GE3 is now in STABLE state

Commented [4]: [email protected] is this something

you can get done today?
debug.py --mcr_dump
Commented [5]: [email protected] is this something
you can get done today?
Brief Description and Use Case Commented [6]: [email protected] is this something
This command is used to dump all the multicast routes in the system. (IIF = Incoming interface you can get done today?
for the multicast traffic. OIL = List of output interfaces). Commented [7]: [email protected] is this something
you can get done today?

Sample Command Commented [8]: [email protected] is this something

you can get done today?
velocloud edge-215:~/opt/vc/bin/debug.py --mcr_dump
Segment Source Group IIF OIL
Commented [9]: [email protected] is this something
you can get done today?
0 * 234.0.0.1 3920145f-898e-444a-b8fc-7e549f9d5df4 3920145f-898e-444a-b8fc-7e549f9d5df4 GE5
Commented [10]: [email protected] is this
something you can get done today?
Commented [11]: [email protected] is this
debug.py --pimd_dump something you can get done today?
Commented [12]: [email protected] is this
something you can get done today?
debug.py --nat_db_flush Commented [13]: [email protected] is this
something you can get done today?
Commented [14]: [email protected] is this
debug.py --nat_dump something you can get done today?
Commented [15]: [email protected] is this
something you can get done today?
debug.py --nat_dump_depth Commented [16]: [email protected] is this
something you can get done today?
Commented [17]: [email protected]
_Assigned to Gopakumar Edakkunni_
Commented [18]: [email protected] can you please
close on this by COB today; thanks.
Commented [19]: [email protected]
_Assigned to Gopakumar Edakkunni_
Commented [20]: [email protected] can you please
close on this by COB today; thanks.
Commented [21]: [email protected]
_Assigned to Gopakumar Edakkunni_
Commented [22]: [email protected] can you please
close on this by COB today; thanks.

Page 57
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --nvs_list Commented [23]: [email protected] pls add;

thanks.
_Assigned to Jeffrey Lee_

debug.py --ospf_info
Brief Description and Use Case
This command is used to dump the ospf settings and OSPF neighbor(s) status details, including
the current neighbor state, interface state, etc.

Page 58
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Sample Command

Page 59
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Page 60
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --ospf_redis_dump
Brief Description and Use Case
This command is used to display the list of prefixes that could be re-distributed to local OSPF
neighbor(s). The routes could be learnt via the overlay/static/connected/BGP protocol and being
re-distributed to the OSPF protocol.

Sample Command

debug.py --Ospf_view
Brief Description and Use Case
This command displays the consolidated list of all the routes learnt via the OSPF protocol
(underlay learnt OSPF routes). The command supports the option to filter by the destination
prefix.

Some of the important use-cases for the command include:

● Check if route(s) advertised by the OSPF neighbor(s) are locally learnt on the Edge.
● ‘Advertise’ field indicates if a particular route has been advertised to the overlay.

The command supports the ‘verbose’ option to display more details about each prefix in the
table.

Page 61
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Sample Command

debug.py --Ospfd_dump
Brief Description and Use Case
This command is the most comprehensive OSPF command that is used to dump the complete
OSPF database, including configuration, OSPF interfaces, neighbors information, routes,
database, and self-originated LSAs.

Page 62
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Sample Command (see the images on the following pages)

Page 63
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Page 64
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Page 65
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Page 66
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Page 67
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Page 68
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Overlay_routes
Brief Description and Use Case
This command is used to display the list of all prefixes that are learnt from the overlay on the
Edge. It also includes the default cloud routes to the Gateway indicated by the ‘v’ flag.

This command supports the ‘verbose’ option to display more details about each prefix in the
table.

Sample Command

debug.py --Path_stats
Brief Description and Use Case
This command is used to display all the path status of the device. Determines which devices the
device is connected to. Used in the following scenarios:
● Determining if the device is connected to Gateway and Hubs
● Determining which paths are available between the two points of the overlay
● Determining if E2E connections are being established
● Determining the condition of one or more paths

Sample Command
velocloud vEdge 8CPU Hub:/# debug.py --path
Interface VLAN PeerName PublicIpAddr PeerIpAddr TunnelingMode Version Path State RxState TxState AvgLatencyRx AvgLatencyTx RxJitter TxJitter lossRx
lossTx MeasuredRateRx MeasuredRateTx RemoteRx HeartbeatIntervalMs MTU Dynamic Dir Overhead
GE4 NONE Edge 1000 Spoke 151.0.0.9 151.0.0.103 DEFAULT 3969858055 ACTIVE STABLE STABLE 0 0 0.0 0.0 0.0 0.0
10000000 10000000 6000000 500 1500 No IN 0
GE4 NONE vcg2-10g-perf 151.0.0.9 151.0.0.16 DEFAULT 1420455520 ACTIVE STABLE STABLE 0 0 0.0 0.0 0.0 0.0
10000000 10000000 10000000 500 1500 No OUT 0
GE4 NONE Edge 2000 Spoke 1 151.0.0.9 151.0.0.101 DEFAULT 330549209 ACTIVE STABLE STABLE 0 0 0.0 0.0 0.0 0.0
10000000 10000000 6000000 500 1500 No IN 0
GE4 NONE Edge 2000 Spoke 2 151.0.0.9 151.0.0.102 DEFAULT 415149737 ACTIVE STABLE STABLE 0 0 0.1 0.0 0.0 0.0
10000000 10000000 6000000 500 1500 No IN 0
velocloud vEdge 8CPU Hub:/#

In order to make it more readable, the output has been condensed.

Page 69
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Interface(1) VLAN(2) PeerName(3) PublicIpAddr(4) PeerIpAddr(5) TunnelingMode(6) Version(7) Path State(8) RxState(9) TxState(10)
GE4 NONE vcg2-10g-perf 151.0.0.9 151.0.0.16 DEFAULT 751249656 ACTIVE STABLE STABLE

Field Definitions from the Sample Command:

1. Interface: Indicates the interface on which the path is built.
2. VLAN: Indicates if a VLAN is used to build this interface.
3. PeerName: Name of the peer device, can either be a Gateway or another Edge.
4. PublicIpAddr: The source IP address as seen by the peer (post possible NAT
operation) and relayed back to initiator; reflects the public IP address of the link
5. PeerIdAddr: The IP address of the peer. Note this could be the Public IP address
before NAT.
6. Version: Unique Path Identifier.
7. Path
○ ACTIVE
○ BACKUP
8. RxState
○ INITIAL: The link is attempting to connect to the Gateway, the very first step in
the life of a link. The Edge has sent a packet to the Gateway attempting to
connect, but has not yet has not received any communication from the Gateway.
○ STABLE: The link has established a bi-directional connection with the Gateway
and all the QoE parameters, etc. are good.
○ UNSTABLE: The link has established a bi-directional connection with the
Gateway, but there is some loss/latency/jitter on the link. (A condition such as
three missing heartbeats will cause the link to go into an UNSTABLE state. The
Edge and Gateway will avoid the UNSTABLE links).
○ QUIET: Packets on the link have not been received for 700 milliseconds.
Reasons can include, too much loss on the link for the transient period of time, or
the Gateway crashed and nothing was received on the link for 700 milliseconds.
○ DEAD: The link has not received packets on it for seven seconds, and the link
will be removed soon and will return to the INITIAL state.
9. TxState
○ INITIAL: The link is trying to connect to the Gateway, the very first step in the life
of a link. The Edge has sent a packet to the Gateway attempting to connect, but
has not yet has not received any communication from the Gateway.
○ STABLE: The link has established a bi-directional connection with the Gateway
and all the QoE parameters, etc. are good.
○ UNSTABLE: The link has established a bi-directional connection with the
Gateway, but there is some loss/latency/jitter on the link. (A condition such as
three missing heartbeats will cause the link to go into an UNSTABLE state. The
Edge and Gateway will avoid the UNSTABLE links).

Page 70
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

○ QUIET: Packets on the link have not been received for 700 milliseconds.
Reasons can include, too much loss on the link for this transient period of time,
or the Gateway crashed and nothing was received on the link for 700
milliseconds.
○ DEAD: The link has not received packets on it for seven seconds, and the link
will be removed soon and will return to the INITIAL state.

Sample Command
AvgLatencyRx(10) AvgLatencyTx(11) RxJitter(12) TxJitter(13) lossRx(14) lossTx(15)
0 0 0.0 0.0 0.0 0.0

Field Definitions from the Sample Command:

10. AvgLatencyRx: Latency currently been seen on the receiving end. The latency is the
based on the ClockSync of the two ends, minus the difference of the packets received.
This is a moving average of 150 samples collected every 100ms.
11. AvgLatencyTx: Latency currently been seen on the sending end. The latency is the
based on the ClockSync of the two ends, minus the difference of the packets received.
This is a moving average of 150 samples collected every 100ms.
12. AvgJitterRx: Jitter currently been seen on the receiving end. Based on RFC 3550.
13. AvgJitterTx: Jitter currently been seen on the sending end. Based on RFC 3550.
14. lossRx: Loss seen on the receiving end. This is calculated when the device detects
missing packets.
15. lossTx: Loss seen on the sending end. This is calculated when the device receives
NACKs that signal missing packets. There is also a device sync every (X) minutes.

Sample Command
MeasuredRateRx(16) MeasuredRateTx(17) RemoteRx(18) HeartbeatIntervalMs(19) MTU(20) Dynamic(21) Dir(22) Overhead(23)
10000000 10000000 10000000 500 1500 No OUT 0

Field Definitions from the Sample Command:

16. MeasuredRateRx: The calculated, received Bandwidth during the speed test for each
overlay. This is done with the primary Gateway. If this value is set manually, it will be the
value set by the administrator.
17. MeasuredRateTx:The calculated, upload Bandwidth during the speed test for each
overlay. This is done with the primary Gateway. If this value is set manually, it will be the
value set by the administrator.
18. RemoteRx: The maximum value receiving bandwidth of the receiving end.
19. HeartbeatInervalMs: Heartbeats are sent to guarantee accurate link information. If high
priority traffic is present, a heartbeat will be sent every 100Ms. If no traffic is present, a
heartbeat will be sent every 500ms.

Page 71
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

20. MTU: Maximum Transmission Unit for this overlay.

21. Dynamic: Indicates if dynamic/static tunnel establishment
22. Dir: Defines the direction of tunnel initiation. ‘Out’ was initiated by the current device. ‘In’
was initiated by the peer endpoint.
23. Overhead: This is an advanced configuration in which there is an upstream device that
adds an Overhead and thereby affects the maximum bandwidth available.

Related Commands
It is common to use this command in conjunction with the following:

tail -f /var/log/edged.log

Edged.log contains the logs for path creation:

Tcpdump.sh -nni interface port 2426

Tcpdump captured on ‘port 2426’ will troubleshoot if packets are being sent and received
correctly.

debug.py --pim_neighbor Commented [24]: Is the work here done?

Brief Description and Use Case Commented [25]: Is the work here done?

This command is used to dump information about the list of PIM neighbors. Commented [26]: Is the work here done?

debug.py --pimd_dump
Brief Description and Use Case
This command is used to dump information about the PIMd daemon, which handles the control
plane for multicast in the system. This includes full configuration, information about PIM enabled
interfaces, multicast RP info, various PIM states, and the list of PIM neighbors.

Sample Command
velocloud edge-215:~/opt/vc/bin/debug.py --pimd_dump
show running-config
===================
Building configuration...

Current configuration:
!

Page 72
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

log file /var/log/pimd.log

log facility
ip multicast-routing
ip pim rp 169.254.2.89 224.0.0.0/4
!
debug igmp events
debug igmp trace
debug mroute
debug pim events
debug pim trace
debug pim zebra
debug pim packets joins
!
password zebra
!
interface GE3
!
interface GE4
!
interface GE5
ip pim sm
!
interface br-management
!
interface br-network1
ip igmp
ip igmp version 2
ip pim sm
!
interface hub0
ip pim sm
!
interface hub1
ip pim sm
!
interface pimreg
!
interface vce1
!
access-list vty permit 127.0.0.0/8
access-list vty deny any
!
line vty
access-class vty
!
end

show ip pim assert

==================
Interface Address Source Group State Winner Uptime Timer
GE5 169.254.2.18 * 234.0.0.1 NOINFO * 00:09:26 --:--

show ip pim interface

=====================
Interface State Address PIM Nbrs PIM DR FHR
GE5 up 169.254.2.18 1 local 0
br-network1 up 10.192.0.1 0 local 0

Page 73
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

hub0 up 10.192.0.1 1 10.128.0.1 0

hub1 up 10.192.0.1 1 10.0.0.1 0

show ip pim neighbor

====================
Interface Neighbor Uptime Holdtime DR Pri
GE5 169.254.2.17 00:09:32 00:01:43 1
hub0 10.128.0.1 00:13:28 00:01:17 100
hub1 10.0.0.1 00:13:27 00:01:18 100

show ip pim state

=================
Codes: J -> Pim Join, I -> IGMP Report, S -> Source, * -> Inherited from (*,G)
Installed Source Group IIF OIL
1 * 234.0.0.1 hub1 GE5( J )

show ip pim rp-info

===================
RP address group/prefix-list OIF I am RP
169.254.2.89 224.0.0.0/4 hub1 no

show ip pim rpf

===============
RPF Cache Refresh Delay: 50 msecs
RPF Cache Refresh Timer: 0 msecs
RPF Cache Refresh Requests: 3
RPF Cache Refresh Events: 3
RPF Cache Refresh Last: 00:09:32
Nexthop Lookups: 10
Nexthop Lookups Avoided: 21

Source Group RpfIface RpfAddress RibNextHop Metric Pref

* 234.0.0.1 hub1 10.0.0.1 10.0.0.1 0 0

show ip pim join

================
Interface Address Source Group State Uptime Expire Prune
GE5 169.254.2.18 * 234.0.0.1 JOIN 00:09:26 02:58 --:--

Related Commands
Commented [27]: [email protected] can you help
● pim_neighbor close on this by COB today; thanks.
● mcr_dump
Commented [28]: [email protected] can you help
close on this by COB today; thanks.

debug.py --pki Commented [29]: [email protected] can you help

close on this by COB today; thanks.
Commented [30]: [email protected] can you help
Brief Description and Use Case (see debug.py --path) close on this by COB today; thanks.
This command is used to dump PKI related information. This includes information about the Commented [31]: [email protected] can you help
device’s own certificate and the issuing CA’s X509 certificates and PKI settings from the close on this by COB today; thanks.
configuration. Commented [32]: [email protected] can you help
close on this by COB today; thanks.

Page 74
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Commented [33]: [email protected] can you help

close on this by COB today; thanks.
Commented [34]: [email protected] can you help
close on this by COB today; thanks.
Sample Command
Commented [35]: [email protected] can you help
TBD: get better output from another device close on this by COB today; thanks.
{
Commented [36]: [email protected] can you help
"Identity Certificate": { close on this by COB today; thanks.
"N/A": "N/A"
Commented [37]: [email protected] can you help
},
close on this by COB today; thanks.
"Revoked Certificates": {
"N/A": "N/A" Commented [38]: [email protected] can you help
close on this by COB today; thanks.
},
"Trusted CA List": { Commented [39]: [email protected] can you help
"N/A": "N/A" close on this by COB today; thanks.
}, Commented [40]: [email protected] can you help
"pkiSettings": { close on this by COB today; thanks.
"crlNumber": "0", Commented [41]: [email protected] can you help
"endpointIgnoreVCOCertificateErrors": true, close on this by COB today; thanks.
"endpointPkiAlg": "RSA", Commented [42]: [email protected] can you help
"endpointPkiKeyLength": "2048", close on this by COB today; thanks.
"endpointPkiMode": "CERTIFICATE_DISABLED",
Commented [43]: [email protected] can you help
"endpointTrustedIssuerVersion": "0" close on this by COB today; thanks.
}
} Commented [44]: [email protected] can you help
close on this by COB today; thanks.
Related Commands
Commented [45]: [email protected] can you help
... [1]
ike
ike_sa Commented [46]: [email protected] can you help
... [2]
ike_childsa Commented [47]: [email protected] can you help
... [3]
Commented [48]: [email protected] can you help
... [4]
Commented [49]: [email protected] can you help
... [5]

debug.py --pktsqed Commented [50]: [email protected] can you help

... [6]
Commented [51]: [email protected] can you help
... [7]
Commented [52]: [email protected] can you help
... [8]
debug.py --profile_dump Commented [53]: [email protected] can you help
... [9]
Commented [54]: [email protected] can you help
... [10]
Brief Description and Use Case (see debug.py --path)
Commented [55]: [email protected] can you help
... [11]
This command is used to dump the details of the profiles configured. It indicates if the “Isolation” Commented [56]: [email protected] can you help
... [12]
is configured on some segments and the logical-id of the profile.
Commented [57]: [email protected] can you help
... [13]
Commented [58]: [email protected] can you help
... [14]
Sample Command
Commented [59]: [email protected] can you help
... [15]
On Edge:
Commented [60]: [email protected] can you help
... [16]
# debug.py --profile_dump Commented [61]: [email protected] ... [17]
[
Commented [62]: [email protected] pls close by
... [18]

Page 75
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

{
"DE2E Isolation ON Segments": "0 2",
"Isolation ON Segments": "0 2",
"Profile Id": "15dc2416-f2a2-11e8-b90c-00babe757e09"
}
]
velocloud root:/#

On Gateway:
On gateway, this command needs the logical-id of the enterprise as a parameter.
# debug.py --profile_dump d1707f2a-4a57-4245-a2fc-bc6a852897e5
[
{
"DE2E Isolation ON Segments": "0 2",
"Isolation ON Segments": "0 2",
"Profile Id": "15dc2416-f2a2-11e8-b90c-00babe757e09"
}
]
#

Related Commands
Debug.py --peers

debug.py --Qos_link
Brief Description and Use Case
debug.py --qos_link <Peer logical Id> stats

<Peer logical Id> : Refers to Remote peer’s logical ID. All links used by this peer
shall be listed in the output.

This command can be used to:

● Check the bandwidth cap configured on the WAN link
● Check the current bandwidth (In Kbps and Packets/Second) usage of the WAN links
● Check the number of bytes / packets queued per link
● Check the number of bytes / packets dropped per link

Sample Command
velocloud b5-edge1:/tmp# debug.py --qos_link f228c6b9-2895-4d0b-8a17-194f62f49e72 stats
Interface Logical-Id/Remote_IP BW-Cap Kbps 10-sec-win kbps Last
slot Kbps PPS (10s win) Queued pkts Queued bytes Dropped pkts Dropped bytes
RemoteLink f228c6b9-2895-4d0b-8a17-194f62f49e72-169.254.7.2 3840 2

Page 76
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

8 2 0 0 0 0
eth2 00000003-b57d-4232-a610-a49c8b3c99a1 1920 15
8 14 0 0 0 0
RemoteLink f228c6b9-2895-4d0b-8a17-194f62f49e72-169.254.2.34 3840 1
0 2 0 0 0 0
eth4 937f53c3-577e-4c8c-9510-c6d1dc75b483 960 1
0 2 0 0 0 0

debug.py --Qos_net
Brief Description and Use Case
This command can be used to:
● Check the Total bandwidth cap configured for this Peer
● Check the current bandwidth (In Kbps and Packets/Second) usage of the Peer
● Check the number of bytes / packets queued per Peer/Segment/Traffic-Type
● Check the number of bytes / packets dropped per Peer/Segment/Traffic-Type

debug.py --qos_net <Peer logical Id> stats

<Peer logical Id> : Refers to Remote peer’s logical ID. Total traffic to this peer
can be seen at an aggregate level - For the total bandwidth (Sum of all available
links) available to this peer. Commented [63]: Not a description and not consistent

Sample Command
debug.py --qos_net f228c6b9-2895-4d0b-8a17-194f62f49e72 stats
velocloud b5-edge1:/tmp# debug.py --qos_net f228c6b9-2895-4d0b-8a17-194f62f49e72 stats
Endpoint/Class BW Cap (Kbps) Weight Kbps (10s win) PPS (10s win) Queued pkts
Queued bytes Dropped pkts Dropped bytes
Root 2850 100.00 18 15 0
0 0 0
Sum(b3-edge1) 2850 100.00 3 4 0
0 0 0
Segment-0 0 100.00 0 0 0
0 0 0
RH.0.b3-edge1 2850 35.00 0 0 0
0 0 0
RN.0.b3-edge1 2850 15.00 0 0 0
0 0 0
RL.0.b3-edge1 2850 1.00 0 0 0
0 0 0
TH.0.b3-edge1 2850 20.00 0 0 0

Page 77
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

0 0 0
TN.0.b3-edge1 2850 7.00 0 0 0
0 0 0
TL.0.b3-edge1 2850 1.00 0 0 0
0 0 0
BH.0.b3-edge1 2850 15.00 0 0 0
0 0 0
BN.0.b3-edge1 2850 5.00 0 0 0
0 0 0
BL.0.b3-edge1 2850 1.00 0 0 0
0 0 0

debug.py --qos_dump_link
Brief Description and Use Case
This command dumps the hierarchy of the link scheduler. It is used internally for development
and validation purposes. It is an CPU expensive command, and it is not recommended for use
at production sites.

Sample Command
velocloud b5-edge1:/tmp# debug.py --qos_dump_link
CC - Child count AS - Active status PQ - Pks queued WT -
QoS Weight BC - Bandwidth cap

+ Root ( CC: 4 , AS: 0 , WT: 100 , BC: 0 kbps )

+ LL.eth4 ( CC: 10 , AS: 0 , WT: 100 , BC: 960 kbps )
+ Flow - -2147483646 ( AS: 0 , PQ: 0 )
+ LL.eth2 ( CC: 2 , AS: 0 , WT: 100 , BC: 1920 kbps )
+ Flow - -2147483647 ( AS: 0 , PQ: 0 )
+ Flow - -2147483648 ( AS: 0 , PQ: 0 )
+ RL.169.254.7.2 ( CC: 2 , AS: 0 , WT: 100 , BC: 3840 kbps )
+ Flow - -2147483635 ( AS: 0 , PQ: 0 )
+ Flow - -2147483636 ( AS: 0 , PQ: 0 )
+ RL.169.254.2.34 ( CC: 2 , AS: 0 , WT: 100 , BC: 3840 kbps )
+ Flow - -2147483634 ( AS: 0 , PQ: 0 )
+ Flow - -2147483633 ( AS: 0 , PQ: 0 )

Page 78
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Qos_dump_net
Brief Description and Use Case (see debug.py --qos_dump_net)
This command dumps the hierarchy of the Net scheduler. It is used internally for development
and validation purposes. It is an CPU expensive command, and it is not recommended for use
at production sites.

Sample Command
root@ondb-vcc1:~# /opt/vc/bin/debug.py --qos_dump_net
CC - Child count AS - Active status PQ - Pks queued WT -
QoS Weight BC - Bandwidth cap

+ Root ( CC: 1 , AS: 0 , WT: 100 , BC: 0 kbps )

+ Device Cap ( CC: 3 , AS: 0 , WT: 100 , BC: 0 kbps )
+ b3-edge1 ( CC: 4 , AS: 0 , WT: 100 , BC: 1900 kbps )
+ Segment - 0 ( CC: 9 , AS: 0 , WT: 1 , BC: 3800 kbps )
+ Tran/Low ( CC: 0 , AS: 0 , WT: 20000000 , BC: 1900 kbps )
+ Bulk/High ( CC: 0 , AS: 0 , WT: 300000000 , BC: 1900 kbps )
+ Bulk/Low ( CC: 0 , AS: 0 , WT: 20000000 , BC: 1900 kbps )
+ Tran/High ( CC: 0 , AS: 0 , WT: 400000000 , BC: 1900 kbps )
+ Tran/Norm ( CC: 0 , AS: 0 , WT: 140000000 , BC: 1900 kbps )
+ Real/Low ( CC: 0 , AS: 0 , WT: 20000000 , BC: 1900 kbps )
+ Real/Norm ( CC: 0 , AS: 0 , WT: 300000000 , BC: 1900 kbps )
+ Bulk/Norm ( CC: 0 , AS: 0 , WT: 100000000 , BC: 1900 kbps )
+ Real/High ( CC: 0 , AS: 0 , WT: 700000000 , BC: 1900 kbps )
+ VC_Control ( CC: 1 , AS: 0 , WT: 100 , BC: 0 kbps )
+ Flow - -2147483646 ( AS: 0 , PQ: 0 )
+ b5-edge1 ( CC: 4 , AS: 0 , WT: 100 , BC: 950 kbps )
+ VC_Control ( CC: 1 , AS: 0 , WT: 100 , BC: 0 kbps )
+ Flow - -2147483645 ( AS: 0 , PQ: 0 )
+ Segment - 0 ( CC: 9 , AS: 0 , WT: 1 , BC: 1900 kbps )
+ Real/Norm ( CC: 0 , AS: 0 , WT: 300000000 , BC: 950 kbps )
+ Bulk/Norm ( CC: 0 , AS: 0 , WT: 100000000 , BC: 950 kbps )
+ Real/Low ( CC: 0 , AS: 0 , WT: 20000000 , BC: 950 kbps )
+ Tran/High ( CC: 0 , AS: 0 , WT: 400000000 , BC: 950 kbps )
+ Tran/Norm ( CC: 0 , AS: 0 , WT: 140000000 , BC: 950 kbps )
+ Real/High ( CC: 0 , AS: 0 , WT: 700000000 , BC: 950 kbps )
+ Bulk/Low ( CC: 0 , AS: 0 , WT: 20000000 , BC: 950 kbps )
+ Tran/Low ( CC: 0 , AS: 0 , WT: 20000000 , BC: 950 kbps )
+ Bulk/High ( CC: 0 , AS: 0 , WT: 300000000 , BC: 950 kbps )

Page 79
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Radius_on_routed Commented [64]: [email protected] pls populate by

Friday.
_Assigned to Ryan Kollist_
Brief Description and Use Case (see debug.py --path) Commented [65]: [email protected] pls help close
by COB; thanks.

Sample Command

Related Commands

debug.py --Reinit_routes
Brief Description and Use Case:
This command is mainly a debugging command that is used to flush all the local and remote
routes, and then re-learn all the routes again and converge. Upon issue of this command, we
flush the local routes and re-learn all of them. We also send a message to the gateway to re-
send the remote routes.

Usage: debug.py --reinit_routes

Sample Command:

Remote_routes

Brief Description and Use Case:

The command is used to check the routes that are learnt from remote Edges from the controller.
It can be used to check if routes are learnt from a particular remote Edge.

Usage: debug.py --remote_routes

Page 80
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Sample Command:

debug.py --Remote_services
Brief Description and Use Case
This command is used to check that services such as SSH, UI, SNMP are enabled/disabled,
and that the list of host IP addresses are allowed to access the service.

Usage: --remote_services
● “allowed_ips”: List of host IPs allowed to access the service.
● “remote_ip”: host IP address allowed to access the service.
● “ssh”: Name of the remote service.

Sample Command:

Page 81
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --routes
Brief Description and Use Case:
This command is used to dump and check the routes that are present in the unified route table
or FIB. If the same route prefixes are learnt through multiple sources on the overlay as well as
underlay, they are listed in a sorted order, which reflects the exact route ordering and matches
against incoming traffic destinations.

Usage:
Edge: debug.py --routes <prefix> <segment_id>
Default option is debug.py --routes <all> <all> - dumps all routes across all segments.

GW: debug.py --routes <entr_id> <prefix> <segment_id>

Default option is debug.py --routes <all> <all> <all>

Sample Output:
Edge:
Dump all routes belonging to all segments
# debug.py --routes
Address Netmask Type Gateway Next Hop Name
Next Hop ID Destination Name Dst LogicalId Reachable Metric
Preference Flags Vlan Intf Sub IntfId MTU SEG
172.16.1.10 255.255.255.255 any any N/A
N/A N/A N/A True 0 0
Ss 0 GE6 N/A N/A 0
172.16.1.2 255.255.255.255 any any N/A
N/A N/A N/A True 0 0
Ss 0 GE5 N/A N/A 0
169.254.129.2 255.255.255.255 any any N/A
N/A N/A N/A True 0 0
sm 0 any N/A N/A 0
169.254.129.1 255.255.255.255 cloud any gateway-1 020afea9-0000-0000-
0000-000000000000 gateway-1 020afea9-0000-0000-0000-000000000000 True 0
0 Rm 0 any N/A N/A 0
169.254.7.10 255.255.255.255 any any N/A
N/A N/A N/A True 0 0
Ss 0 GE3 N/A N/A 0
169.254.6.37 255.255.255.255 any any N/A
N/A N/A N/A True 0 0
Ss 0 GE4 N/A N/A 0
10.0.5.2 255.255.255.255 edge2edge any gateway-1 020afea9-0000-0000-
0000-000000000000 b5-edge1 109562ee-eba0-46b6-aaae-417dc4e30fe0 True 0
0 SRm 0 any N/A 1500 0

Page 82
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

10.0.5.2 255.255.255.255 edge2edge any gateway-2 0a0afea9-0000-0000-

0000-000000000000 b5-edge1 109562ee-eba0-46b6-aaae-417dc4e30fe0 True 0
0 SRm 0 any N/A 1500 0
10.0.4.2 255.255.255.255 edge2edge any gateway-1 020afea9-0000-0000-
0000-000000000000 b4-edge1 8dbf6c76-90d0-42f2-905c-956440c7740e True 0
0 SRm 0 any N/A 1500 0
10.0.4.2 255.255.255.255 edge2edge any gateway-2 0a0afea9-0000-0000-
0000-000000000000 b4-edge1 8dbf6c76-90d0-42f2-905c-956440c7740e True 0
0 SRm 0 any N/A 1500 0
10.0.3.2 255.255.255.255 edge2edge any gateway-1 020afea9-0000-0000-
0000-000000000000 b3-edge1 5ed5c3bb-7716-410b-9445-7197407f6d2d True 0
0 SRm 0 any N/A 1500 0
10.0.3.2 255.255.255.255 edge2edge any gateway-2 0a0afea9-0000-0000-
0000-000000000000 b3-edge1 5ed5c3bb-7716-410b-9445-7197407f6d2d True 0
0 SRm 0 any N/A 1500 0
10.0.2.2 255.255.255.255 edge2edge any b2-edge1 ac61d7cb-e5db-48de-b390-
d2fe0d09fb97 b2-edge1 ac61d7cb-e5db-48de-b390-d2fe0d09fb97 True 0
0 DSR 0 any N/A 1500 0
10.0.2.2 255.255.255.255 edge2edge any gateway-1 020afea9-0000-0000-
0000-000000000000 b2-edge1 ac61d7cb-e5db-48de-b390-d2fe0d09fb97 True 0
0 SRm 0 any N/A 1500 0
10.0.2.2 255.255.255.255 edge2edge any gateway-2 0a0afea9-0000-0000-
0000-000000000000 b2-edge1 ac61d7cb-e5db-48de-b390-d2fe0d09fb97 True 0
0 SRm

GW:
Dump all routes belonging to enterprise ID ae9eb3de-6feb-4265-9560-cb7fa85cffcd and
segment 0.
# debug.py --routes ae9eb3de-6feb-4265-9560-cb7fa85cffcd all 0
EnterpriseID Address Netmask Type Peer Name
Destination Reachable Metric Preference Flags C-Tag S-Tag Handoff
Mode Age SEG
ae9eb3de-6feb-4265-9560-cb7fa85cffcd 10.0.5.2 255.255.255.255 edge2edge b5-edge1
109562ee-eba0-46b6-aaae-417dc4e30fe0 True 0 0 CSm 0
0 N/A N/A 360 0
ae9eb3de-6feb-4265-9560-cb7fa85cffcd 10.0.3.2 255.255.255.255 edge2edge b3-edge1
5ed5c3bb-7716-410b-9445-7197407f6d2d True 0 0 CSm 0
0 N/A N/A 363 0
ae9eb3de-6feb-4265-9560-cb7fa85cffcd 10.0.4.2 255.255.255.255 edge2edge b4-edge1
8dbf6c76-90d0-42f2-905c-956440c7740e True 0 0 CSm 0
0 N/A N/A 362 0
ae9eb3de-6feb-4265-9560-cb7fa85cffcd 10.0.1.2 255.255.255.255 edge2edge b1-edge1
95fa2c01-3176-43dc-85c8-f7159f479ea7 True 0 0 CSm 0
0 N/A N/A 363 0

Page 83
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

ae9eb3de-6feb-4265-9560-cb7fa85cffcd 10.0.2.2 255.255.255.255 edge2edge b2-edge1

ac61d7cb-e5db-48de-b390-d2fe0d09fb97 True 0 0 CSm 0
0 N/A N/A 361 0
ae9eb3de-6feb-4265-9560-cb7fa85cffcd 10.0.5.0 255.255.255.0 edge2edge b5-edge1
109562ee-eba0-46b6-aaae-417dc4e30fe0 True 0 0 CS 0
0 N/A N/A 311 0
ae9eb3de-6feb-4265-9560-cb7fa85cffcd 10.0.3.0 255.255.255.0 edge2edge b3-edge1
5ed5c3bb-7716-410b-9445-7197407f6d2d True 0 0 CS 1
0 N/A N/A 363 0
ae9eb3de-6feb-4265-9560-cb7fa85cffcd 10.0.4.0 255.255.255.0 edge2edge b4-edge1
8dbf6c76-90d0-42f2-905c-956440c7740e True 0 0 CS 1
0 N/A N/A 362 0
ae9eb3de-6feb-4265-9560-cb7fa85cffcd 10.0.1.0 255.255.255.0 edge2edge b1-edge1
95fa2c01-3176-43dc-85c8-f7159f479ea7 True 0 0 CS 1
0 N/A N/A 363 0
ae9eb3de-6feb-4265-9560-cb7fa85cffcd 10.0.2.0 255.255.255.0 edge2edge b2-edge1
ac61d7cb-e5db-48de-b390-d2fe0d09fb97 True 0 0 CS 1
0 N/A N/A 361 0
P - PG, B - BGP, D - DCE, L - LAN SR, C - Connected, O - External, W - WAN SR, S -
SecureEligible, R - Remote, s - self, H - HA, m - Management, n - nonVelocloud, v -
ViaVeloCloud

Related Commands
debug.py --verbose_routes

debug.py --Segments
Brief Description and Use Case
This command has multiple options. It is used to get an insight into the per segment
configuration of the Gateways and VPN.

1. Usage: --segments vpn

Sample Command: Commented [66]: Are we missing an image or
Field Definitions from the Sample Command: information here? It seems that the sample command is
below--just out of order- need to verify this.
● "id": Segment ID,
Commented [67]: Why the comma?
● "name": Segment Name,
● "vpn":
● "cg_enabled": Set if Brancht-to-Branch via Cloud Gateway is enabled,
● "Cloud_vpn": Set if Cloud VPN is enabled,

Page 84
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

● "de2e enabled": Set if Dynamic Branch-to-Branch is enabled

● "de2e timeout": This is defaulted to 180secs. It Is the timeout for the teardown
of tunnels.
● "De2e_isolation": When ‘Profile Isolation’ is enabled, Dynamic Branch-to
Branch-VPN can only be enabled to Edges Within Profile. Set when DB2B is
enabled with Profile Isolation.
● "e2e_enabled": Set if Branch-to-Branch is enabled.
● "flags": VPN flags,
● "flags new": VPN flags,
● "count": Number of Hubs,
● "iamhub": Set if this is the Hub,
● "list": Shows the logical ID of the Hub configure
● "hub_enabled": Set if Branch to Velocloud Hub is enabled,
● "isolation": Set if Profile Isolation is enabled,
● "nvs": NVS configuration and count ,
● "opg_enabled": If partner gateway is enabled for this segment, Commented [68]: Should we include the word "set"?
● "vcmp responder": Set if this is a VCMP responder. If the VPN blob is present,
this is set. Commented [69]: This is set to what?

Page 85
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Page 86
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

2. Usage: --segment gateway

This provides segment-based Gateway assignment information.
In a multi partner Gateway scenario, there is an option to assign a different Gateway to
segments. This command displays the Gateway assignment per segment along with
important Gateway information.
Field Definitions from the Sample Command:
● "CDE": Set if the Gateway is a CDE Gateway,
● "Controller": Set if the Gateway is a controller Gateway,
● "Local Gateway": Set if the Gateway is a primary Gateway,
● "Logical ID": Logical ID of Gateway,
● "Private IP": Private IP of Gateway,
● "Public IP": Public IP of Gateway,
● "name": Name of the Gateway,
● "onPremise": Set if the Gateway is an on premise Gateway

Page 87
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --slow_learning_db
Brief Description and Use Case
This command dumps the available list of previously classified destination IP-Port pairs as
identified or classified by the internal DPI engine.

Any new flow/session to the same destination IP-Port pair as maintained in the slow learning
database cache(as seen below) would now get classified on first packet itself.

Sample Command
IP ADDR PORT APPLICATION CLASS
172.217.4.163 443 APP_GSTATIC APP_CLASS_WEB
17.249.12.88 5223 APP_SSL APP_CLASS_TUNNELING_AND_VPN
54.85.131.40 443 APP_AMAZON APP_CLASS_WEB
17.252.226.85 443 APP_APPLE_LOCATION APP_CLASS_WEB
144.121.38.228 443 APP_SSL APP_CLASS_TUNNELING_AND_VPN
98.136.145.109 443 APP_YAHOO APP_CLASS_WEB
52.94.226.39 443 APP_AMAZON APP_CLASS_WEB
208.111.155.246 443 APP_APPLE APP_CLASS_WEB
216.58.192.5 443 APP_GMAIL APP_CLASS_EMAIL
52.218.212.74 443 APP_AMAZON_AWS APP_CLASS_INFRASTRUCTURE
66.170.97.1 443 APP_SSL APP_CLASS_TUNNELING_AND_VPN
35.241.23.116 443 APP_HTTP2 APP_CLASS_WEB
52.218.193.42 443 APP_AMAZON_AWS APP_CLASS_INFRASTRUCTURE
17.142.171.12 443 APP_APPLE_LOCATION APP_CLASS_WEB
172.217.11.174 443 APP_GOOGLE_GEN APP_CLASS_WEB
108.174.10.10 443 APP_LINKEDIN APP_CLASS_SOCIAL_NETWORKING
52.218.208.208 443 APP_AMAZON_AWS APP_CLASS_INFRASTRUCTURE

Related Commands
● --slow_learning_db_flush can be used to flush out the already learnt cache

Page 88
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Uptime
Brief Description and Use Case
This command is used to determine how long the device is UP for. The output shows the
UpTime in days, minutes, hours, and seconds.

Sample Command
# debug.py --uptime
Uptime: 15:47:49, 2 days
Start: 1755522694, Current: 1985192110
#

debug.py --vnf
Brief Description and Use Case
Shows the status of the NVF insertion - for each VLAN or interface that have VNF insertion
configured it shows - internal interface/vlan name, VLAN tag, assigned ‘mapped’ vlan, auto-
assigned LAN MAC, and ARP probing state.

Sample Command
debug.py --vnf
{
"networks": [
{
"down": 1,
"mac": "F0:8E:DB:05:00:00",
"name": "br-network1",
"tag": 0,
"vlan": 0
}
]
}

Page 89
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --vpn_test
Brief Description and Use Case
This command is used to test the VPN connectivity to the peers. It is a CLI form of the
command available in the remote diagnostics page.
It takes the segment as an input argument to perform the VPN test to all the peers.

Sample Command Commented [70]: Out of order

Field Definitions from the Sample Command:

● "dest": Destination IP used for the test. Any IP advertised by the peer that is reachable Commented [71]: phrase, not a sentence- verify
● "latency": Time taken for the test (RTT for icmp reply-response),
● "name": Name of the peer,
● "result": Flag indicating the result of test - success-1 or failure-0,
● "src": Source IP used for the test. Chooses an IP that is advertised to and reachable by
the peer.

Page 90
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

debug.py --Vrrp_dump
Brief Description and Use Case
This command is used to display all the VRRP status of the device. It is used in the following
scenarios:
1. Checking the VRRP settings
2. Checking the VRRP status
3. Checking the VRRP cause of failure

Sample Command
velocloud Edge500-Top:~# debug.py --vrrp_dump

Page 91
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

{
"ha_type": "vrrp",
"icmp_response_to_echo_req": 1,
"pathUp": 1,
"total_vrrp_active_instance": 1,
"total_vrrp_instance": 1,
"total_vrrp_stale_instance": 0,
"vrrp": [
{
"authType": 0,
"failCode": "Success",
"instanceList": "active",
"interfaceLogicalName": "br-network1",
"interfacePhysicalName": "br-network1",
"interval": 1,
"localRouterMac": "f0:8e:db:01:09:65",
"localRouterPrimaryIp": "10.0.128.1",
"masterDownExpireIn_ms": 0,
"masterDown_ms": 3218,
"peerPriority": 0,
"peerRouterPrimaryIp": "0.0.0.0",
"peerState": "UNKNOWN",
"preempt": true,
"preemptDelay_ms": 5000,
"priority": 200,
"reason": "init",
"refcnt": 2,
"skew_ms": 218,
"state": "BACKUP",
"stateDuration": "0 days 00:00:05.037",
"subinterfaceId": -1,
"triggered": "startup",
"version": 2,
"virtualIpList": [
{
"cidrIp": "10.0.128.3",
"localIp": "10.0.128.1",
"netmask": "255.255.255.0"
}
],
"virtualMac": "00:00:5e:00:01:0c",
"vlanId": 1,
"vrid": 12
}
],
"vrrp_matching_rule": 3
}

Field Definitions from the Sample Command:

● Ha_type: Indicates the type of HA setting.
● icmp_response_to_echo_req: Indicates virtual interface will response to icmp echo
request or not. Internal default is set to true (1).
● pathUp: Indicates number of gateway paths are up. Edge will drop the priority to 10 if
pathUp is zero.
● total_vrrp_active_instance: Indicates the number of active instances.
● total_vrrp_instance: Indicates the number of instances.
● total_vrrp_stale_instance: Indicates the number of stale instances.
● vrrp_matching_rule: Internal use only.
● authType: Indicates the authentication type. No authentication is supported.
● failCode: Indicates the reason for failure.
● instanceList: Indicates the instance is in the active list or stale list.

Page 92
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

● interfaceLogicalName: Indicates the interface logical name.

● interfacePhysicalName: Indicates the interface physical name.
● interval: Indicates the broadcast interval (in seconds).
● localRouterMac: Indicates the VRRP interface MAC address.
● localRouterPrimaryIp: Indicates the VRRP interface IP address.
● masterDownExpireIn_ms: Indicates the number of milliseconds getting into master
down.
● masterDown_ms: Indicates the setting of time to get into master down. (3 * interval +
skew).
● peerPriority: Indicates peer priority if peer broadcasts.
● peerRouterPrimaryIp: Indicates peer interface IP address if peer broadcasts.
● peerState: Indicates peer state if peer broadcasts.
● preempt: Indicates whether the instance should be preempted or not.
● preemptDelay_ms: Indicates the preempt delay in milliseconds.
● priority: Indicates the current local priority value (from VCO setting or 10 if pathUp=0).
● reason: Indicates the reason of the state change (like: path up, path down, …).
● refcnt: Internal use only.
● skew_ms: Indicates the skew settings in milliseconds.
● state: Indicates the current state.
● stateDuration: Indicates how long in the current state. Commented [72]: provide clarity- we should indicate
● subinterfaceId: Indicates the subinterface ID if configured. what is 'how long.'

● triggered: Indicates the reason of triggering the state change (like: no advertisement
received, peer master down …).
● version: Indicates the VRRP version.
● virtualIpList: Indicates the virtual IP list. For now, only one virtual IP is supported.
● virtualMac: Indicates the virtual MAC address.
● vlanId: Indicates the vlan ID if configured.
● vrid: Indicates the virtual router ID.

Related Commands
It is common to use this command in conjunction with “debug.py --path” to check VCE to VCG
path status.
tail -f /var/log/edged.log | grep HAD

debug.py --is_active.py
Brief Description and Use Case (see debug.py --path)
This command is used to indicated if the device is activated.
Can be used in the following scenarios:

Page 93
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

1. Determine if activation completed successful

2. When troubleshooting why paths are not coming up or Edge is not trying to
communicate with VCO.
Important Notes:
The Edge can deactivate itself for the following reasons:
● The VCO sent a deactivate command.
● The Mac Address of the first interface changed (This can happen in virtual
environments).

Sample Command
velocloud vEdge 8CPU Hub:/# is_activated.py
True
velocloud vEdge 8CPU Hub:/#

Related Commands
Check mgd.log to determine if the MAC address or deactivate command was sent from the
VCO.
Cat /var/log/mgd.log | grep EDGE_DEACTIVATED

GetPolicy

Log Files

Tcpdump

Log Files Commented [73]: Should be included in next revision.

Troubleshooting
Commented [74]: [email protected] Hey
Kangwarn can you review? Do you see other common
issues that we should address?
_Assigned to Kangwarn Chinthammit_
Activation and Initial Configuration Commented [75]: [email protected] thoughts?

Almost all activation issues we encounter are involved with some kind of miss preparation.
Activation issues are generally hard to troubleshoot, since usually you do not have CLI access
to the box. In the event you have CLI access, the following are the first to consider:

● Verify you have the correct model.

Page 94
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

velocloud vEdge 8CPU Hub:/opt/vc/bin# mgd -s

family=VC_KVM_GUEST, model=kvm, class=KVM

● Verify the device you are trying to activate is deactivated.

velocloud vEdge 8CPU Hub:/opt/vc/bin# is_activated.py
True (If Activated) False if not
velocloud vEdge 8CPU Hub:/opt/vc/bin#

● In case this device was ever used before, reset the system.
velocloud vEdge 8CPU Hub:/opt/vc/bin# reset_config.sh

Now that you are sure of the system you are working on it's clean and has the correct config,
you can should get a correct VCO and Activation Key.

1. Make sure you can reach the Internet. Commented [76]: Are these instructions they need to
follow? If so, we need to make that more clear. Are
velocloud vEdge 8CPU Hub:/opt/vc/bin# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. those instructions on how to get a correct VCO and
64 bytes from 8.8.8.8: icmp_req=1 ttl=56 time=10.1 ms Activation Key?
64 bytes from 8.8.8.8: icmp_req=2 ttl=56 time=7.57 ms
64 bytes from 8.8.8.8: icmp_req=3 ttl=56 time=7.35 ms
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 7.357/8.356/10.133/1.261 ms
velocloud vEdge 8CPU Hub:/opt/vc/bin#

2. Make sure you can reach the VCO.

velocloud vEdge 8CPU Hub:/opt/vc/bin# wget https://vco21-usvi1.velocloud.net/operator
Connecting to vco21-usvi1.velocloud.net (54.81.179.12:443)
operator 100% |**********************************************************************| 3635 0:00:00 ETA
velocloud vEdge 8CPU Hub:/opt/vc/bin#

3. Identify which interface the activation is going out.

velocloud vEdge 8CPU Hub:/opt/vc/bin# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.16.3.254 0.0.0.0 UG 5 0 0 eth2
0.0.0.0 151.0.0.3 0.0.0.0 UG 6 0 0 eth3
0.0.0.0 10.155.0.3 0.0.0.0 UG 7 0 0 eth4
10.5.8.0 0.0.0.0 255.255.255.0 U 0 0 0 br-network1
10.155.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth4
10.196.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br-network2
151.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth3
169.254.129.1 0.0.0.0 255.255.255.255 UH 0 0 0 vce1
172.16.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
velocloud vEdge 8CPU Hub:/opt/vc/bin#

4. Place a pcap capture of the traffic for the activation.

tcpdump.sh -G 30 -W 1 -w /tmp/activation.pcap -i eth2 'port 443' &

5. Perform activation.

Page 95
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

If activation fails, you will have a pcap that you can check and see what happen. Common
issues are a Firewall upstream of the device that is blocking the activation.

Device has an path to expected VCG Commented [77]: Is this part of the instructions?
You want to verify that after activation the device has a path to the expected VCG. To do this
you can do debug.py --path

velocloud vEdge 8CPU Hub:/opt/vc/bin# debug.py --path

Interface VLAN PeerName PublicIpAddr PeerIpAddr TunnelingMode Version Path State RxState TxState AvgLatencyRx AvgLatencyTx RxJitter TxJitter lossRx
lossTx MeasuredRateRx MeasuredRateTx RemoteRx HeartbeatIntervalMs MTU Dynamic Dir Overhead
GE4 NONE vcg2-10g-perf 151.0.0.9 151.0.0.16 DEFAULT 1255328917 ACTIVE STABLE STABLE 0 0 0.0 0.0 0.0 0.93
10000000 10000000 10000000 100 1500 No OUT 0
GE4 NONE Edge_2000_Spoke_2 151.0.0.9 151.0.0.102 DEFAULT 179657342 ACTIVE STABLE STABLE 0 0 0.0 0.0 0.0 0.0
10000000 10000000 6000000 100 1500 No IN 0
GE4 NONE Edge_2000_Spoke_1 151.0.0.9 151.0.0.101 DEFAULT 131517350 ACTIVE STABLE STABLE 0 0 0.0 0.0 0.0 0.0
10000000 10000000 6000000 100 1500 No IN 0
GE4 NONE Edge_1000_Spoke 151.0.0.9 151.0.0.103 DEFAULT 4154844265 ACTIVE STABLE STABLE 0 0 0.0 0.0 0.0 0.0
10000000 10000000 6000000 100 1500 No IN 0
velocloud vEdge 8CPU Hub:/opt/vc/bin#

You also want to see which networks you can reach via the Gateway.

velocloud vEdge 8CPU Hub:/opt/vc/bin# debug.py --gateways

[
{
"CDE Enabled": 0,
"Controller": 0,
"IPSec gateway IP Addr": "N/A",
"Local Gateway": true,
"LogicalId": "10000097-0000-0000-0000-000000000000",
"Name": "vcg2-10g-perf",
"Primary Global GW": 1,
"Private IP Address": "N/A",
"Public IP Address": "151.0.0.16",
"Type": "Public",
"epType": 16,
"onPremise": "No",
"peer_state": "ALIVE",
"private_network_id": 0,
"state": "ACTIVE"
}
]
velocloud vEdge 8CPU Hub:/opt/vc/bin# debug.py --routes | grep 10000097-0000-0000-0000-000000000000
169.254.129.1 255.255.255.255 cloud any 10000097-0000-0000-0000-000000000000 10000097-0000-0000-0000-000000000000 True 0 0 Rm 0
any N/A N/A 0
10.5.9.2 255.255.255.255 edge2edge any 10000097-0000-0000-0000-000000000000 7ae63eef-9675-44e5-a522-71872753ac10 True 0 0 SRm 0
any N/A 1500 0
10.5.6.0 255.255.255.0 edge2edge any 10000097-0000-0000-0000-000000000000 71d7ce67-607f-4085-914e-6d68cb3d50c9 True 0 0 SR 1
any N/A 1500 0
10.5.5.0 255.255.255.0 edge2edge any 10000097-0000-0000-0000-000000000000 b9669a18-7781-4033-ac91-db80f38b1255 True 0 0 SR 1
any N/A 1500 0

Page 96
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

10.0.0.0 255.255.255.0 edge2edge any 10000097-0000-0000-0000-000000000000 71d7ce67-607f-4085-914e-6d68cb3d50c9 True 0 0 SR 2

any N/A 1500 0
10.156.0.0 255.255.0.0 edge2edge any 10000097-0000-0000-0000-000000000000 7ae63eef-9675-44e5-a522-71872753ac10 True 0 0 SR 0
any N/A 1500 0
10.154.0.0 255.255.0.0 edge2edge any 10000097-0000-0000-0000-000000000000 3e7691bf-b509-4039-90c4-8f568843e65a True 0 0 SR 0
any N/A 1500 0
10.153.0.0 255.255.0.0 edge2edge any 10000097-0000-0000-0000-000000000000 b9669a18-7781-4033-ac91-db80f38b1255 True 0 0 SR 0
any N/A 1500 0
10.152.0.0 255.255.0.0 edge2edge any 10000097-0000-0000-0000-000000000000 71d7ce67-607f-4085-914e-6d68cb3d50c9 True 0 0 SR 0
any N/A 1500 0
0.0.0.0 0.0.0.0 cloud 151.0.0.16 10000097-0000-0000-0000-000000000000 10000097-0000-0000-0000-000000000000 True 255 0 v 0 any
N/A N/A 0
velocloud vEdge 8CPU Hub:/opt/vc/bin#

If the path is not coming up, troubleshoot the connection.

Verify which links you have available. Commented [78]: More steps?
velocloud vEdge 8CPU Hub:/opt/vc/bin# debug.py --link
Name Interface VLAN Mode Type MTU Backup LocalIpAddr PublicIpAddr LogicalId InternalLogicalId LinkMode State VPN State
bandwidthKbpsTx bandwidthKbpsRx BytesTx BytesRx
Internet GE4 NONE PUBLIC WIRED 1500 FALSE 151.0.0.9 151.0.0.9 54:7f:ee:da:c4:7c:0000 89635b61-70ec-40d9-93f7-7582a645be01 ACTIVE STABLE
STABLE 10000000 10000000 793927 701014

Make sure you are trying to reach the Gateway via that link and that packets are being received.
velocloud vEdge 8CPU Hub:/opt/vc/bin# tcpdump.sh -i eth3 port 2426 and host 151.0.0.16
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tcpdump, link-type EN10MB (Ethernet), capture size 262144 bytes
18:33:51.340876 IP 151.0.0.9.2426 > 151.0.0.16.2426: UDP, length 21
18:33:51.342885 IP 151.0.0.9.2426 > 151.0.0.16.2426: UDP, length 100
18:33:51.342888 IP 151.0.0.9.2426 > 151.0.0.16.2426: UDP, length 100
18:33:51.342889 IP 151.0.0.9.2426 > 151.0.0.16.2426: UDP, length 31
18:33:51.343880 IP 151.0.0.16.2426 > 151.0.0.9.2426: UDP, length 39

If you are sending packets but not receiving any. Please have someone on the Gateway side
verify that the packets are reaching.

Verify the logs. Commented [79]: Step?

cat /var/log/edged.log | grep 10000097-0000-0000-0000-000000000000
2018-03-15T18:23:49.815 MSG [VCMP] vc_create_and_fill_gateway_info:2576 GW found. Name vcg2-10g-perf LID = 10000097-0000-0000-0000-000000000000
2018-03-15T18:23:49.815 MSG [VCMP] vc_find_gw_logical_id:570 Gateway 10000097-0000-0000-0000-000000000000 found in union list
2018-03-15T18:23:49.815 MSG [VCMP] vc_update_gw_edge_metric_table_per_seg:718 segId 0 CG order updated for 10000097-0000-0000-0000-000000000000 order = 1
2018-03-15T18:23:49.815 MSG [VCMP] vc_create_union_gw_list:665 segId 0 Gateway 10000097-0000-0000-0000-000000000000 not found. Adding. PG on/off = 0
2018-03-15T18:23:49.815 MSG [VCMP] lm_add_destination:471 Global local gateway is name vcg2-10g-perf id 10000097-0000-0000-0000-000000000000
2018-03-15T18:23:51.565 MSG [VCMP] vc_check_if_gw_in_segment:294 segId 0 Gateway with destid 10000097-0000-0000-0000-000000000000 found in list
2018-03-15T18:23:53.770 MSG [VCMP] vcmp_init_ack_rmsg_window_init_or_reinit:351 pi 10000097-0000-0000-0000-000000000000 peer_inc 0, inc 3001566209
2018-03-15T18:23:53.771 MSG [VPN] vc_td_vpn_is_up:761 Mark vpn_up=1 for td 0x7f1cc003bdf0/1255328917 cookie=0x1 10000097-0000-0000-0000-000000000000
2018-03-15T18:23:53.771 MSG [VCMP] vc_check_if_gw_in_segment:294 segId 0 Gateway with destid 10000097-0000-0000-0000-000000000000 found in list
2018-03-15T18:23:53.773 ERR [VCMP] vc_hub_config_ack_hdlr:6260 Hub config peer_version 0, rcvd version 1 for 10000097-0000-0000-0000-000000000000

Initial Configuration
Once the device is activated, you will want to see two main things
1. The device is talking to the VCO.
2. The device has an path to the expected VCG.

Device is talking to the VCO

Page 97
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Once the device is activated, it will receive the "new" configuration from the VCO. Depending on
the configuration, it will try to reach the VCO either via the Gateways or direct via the Internet. If
one fails, mgd will automatically switch the way it has to reach the VCO.

See the image below how a normal heartbeat looks like:

velocloud vEdge 8CPU Hub:/opt/vc/bin# tail -f /var/log/mgd.log
2018-03-15T17:38:58.823 DEBUG [worker (27872:DR Check:27909)] do_check: Sleeping for 59.46 sec
2018-03-15T17:38:58.959 DEBUG [worker (27872:Stats Upload:27905)] do_stat_upload: Sleeping for 29.33 sec
2018-03-15T17:38:59.502 DEBUG [heartbeat (27872:Heartbeat:27904)] Heartbeat: Config:
metaData:0,WAN:1518201032411,QOS:1518548682753,firewall:1520292248778,controlPlane:1521063959841,properties:1518138862000,managementPlane:1518130631708,imageUpda
te:1518130702163,deviceSettings:1521063935970
2018-03-15T17:38:59.614 DEBUG [heartbeat (27872:Heartbeat:27904)] Heartbeat reply: no action
2018-03-15T17:38:59.614 DEBUG [worker (27872:Heartbeat:27904)] do_heartbeat: Sleeping for 29.67 sec
2018-03-15T17:39:23.554 DEBUG [gwstat (27872:Gateway Stats:27907)] Polled {'BGP Summary': 0}
2018-03-15T17:39:28.963 DEBUG [worker (27872:Stats Upload:27905)] do_stat_upload: Sleeping for 29.32 sec
2018-03-15T17:39:29.618 DEBUG [heartbeat (27872:Heartbeat:27904)] Heartbeat: Config:
metaData:0,WAN:1518201032411,QOS:1518548682753,firewall:1520292248778,controlPlane:1521063959841,properties:1518138862000,managementPlane:1518130631708,imageUpda
te:1518130702163,deviceSettings:1521063935970
2018-03-15T17:39:29.756 DEBUG [heartbeat (27872:Heartbeat:27904)] Heartbeat reply: no action
2018-03-15T17:39:29.756 DEBUG [worker (27872:Heartbeat:27904)] do_heartbeat: Sleeping for 29.53 sec

The Edge reaches out to the VCO with its current configuration version,and the VCO replies the
Edge sleeps.
If the Edge is unable to reach the VCO, you will see an Error in this log.
At this point you need to fix things locally. Changing the Edge config in the VCO will not help
since the Edge can't reach the VCO.
Several things can be done at point

1: Ask MGD to take a different route.

velocloud vEdge 8CPU Hub:/opt/vc/bin# debug.py --update_mgd_route
toggle whether MGD should be sent via GW or direct

2: Disable Edged and try to reach the VCO via basic linux.
1. Disabled VeloCloud
2. Try to reach the Internet
a. Use set_wan_config to fix reaching the Internet
3. Go to the VCO and make any necessary configuration changes
4. Enable MGD by itself, so you get the new config.
5. reboot
#Disable Edged
velocloud vEdge 8CPU Hub:/opt/vc/bin# vc_procmon stop
#Verify Connectivity
ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_req=1 ttl=58 time=6.40 ms
64 bytes from 8.8.8.8: icmp_req=2 ttl=58 time=5.07 ms
64 bytes from 8.8.8.8: icmp_req=3 ttl=58 time=5.06 ms

Page 98
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

#Do any Wan Configuration Changes

Set_wan_config.sh
#Go to
#Run mgd by itself
Mgd &
#wait for 1 minute
reboot

3: Reset the box and activate again.

4: Debug the packet flow using tcpdump.sh

velocloud vEdge 8CPU Hub:/opt/vc/bin# getpolicy.py controlPlane

{
"schemaVersion": "3.0.0",
"version": "1521063959841",
"data": {
"gatewayList": [
"151.0.0.16"
],
"gatewaySelection": {
"primary": "151.0.0.16",
"mode": "dynamic",
"superDetail": {
"logicalId": "gatewayf7faeff2-08ce-4e6e-ad52-966336275593",
"ipAddress": "151.0.0.16",
"name": "vcg2-10g-perf"
},
"primaryDetail": {
"logicalId": "gatewayf7faeff2-08ce-4e6e-ad52-966336275593",
"ipAddress": "151.0.0.16",
"name": "vcg2-10g-perf"
},
"super": "151.0.0.16",
"secondary": null
},
..
}
velocloud vEdge 8CPU Hub:/opt/vc/bin#

DMPO
In order to troubleshoot DMPO, collect the following information:
● Policy Applied to the flow in question
● Policy Configuration
● Status of the Paths that apply to the flow
● Current Path remediation techniques

1: Find the flow on the flow Table. Commented [80]: What are these instructions for? Why
are are they doing them? Are these instructions related
velocloud Empalme:/# debug.py --flow_dump all 10.32.0.97
FID SECURE FDSN MAX_RECV_FDSN FDSN_READ LAST_LATE_FDSN SRC_IP DEST IP SRC PORT DEST PORT PROTO PRIORITY APPLICATION to one of the above bullet points?
APP CLASS TRAFFIC-TYPE ROUTE-POL LINK-POL NH-ID LINK-ID FLAGS1 VERSION SRC ADDR SR DR
34019 1 14 13 13 0 10.128.0.181 10.32.0.97 23094 0 1 normal APP_ICMP(70) APP_CLASS_NETWORK_SERVICE(13) transactional
gateway loadbalance 1be73cac- N/A 0x8000800000002 1 local 0x7fe4c00037f0 0x2d13d20 0x4482c30
34028 1 47 46 46 0 10.128.0.181 10.32.0.97 23095 0 1 normal APP_ICMP(70) APP_CLASS_NETWORK_SERVICE(13) transactional
gateway loadbalance 1be73cac- N/A 0x8000800000002 1 local 0x7fe4c00193e0 0x2d13d20 0x4482c30
velocloud Empalme:/#

Page 99
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

2: Find information regarding this flow.

velocloud Empalme:/# debug.py -v --flow_dump all 10.32.0.97 | grep -C 25 -e ' 34
028'
"vceid": "47e7a020-49df-4b3e-a727-5208349739af"
},
{
"flows": [],
"vceid": "201dc168-0000-0000-0000-000000000000"
},
{
"flows": [
{
"address": "0x7fe4c00193e0",
"appClass": 13,
"appClassString": "APP_CLASS_NETWORK_SERVICE",
"appProto": 70,
"appProtoString": "APP_ICMP",
"bizPolicy": "Network Service",
"bwcap": 0,
"destIP": "10.32.0.97",
"destPort": 0,
"droute": "0x4482c30",
"dstMac": "52:54:00:c9:67:01",
"fdsn": 345,
"fdsn_read": 344,
"fdsna": 0,
"fdsna_cnt": 0,
"flags1": 2251834173423618,
"flowId": 34028,
"flowType": 0,
"init_src": "local",
"last_late_fdsn": 0,
"link": "loadbalance",
"linkId": "N/A",
"max_recv_fdsn": 344,
"peerId": "1be73cac-6cdb-4d3e-901d-5b8688af1ba5",
"priority": "normal",
"proto": 1,
"route": "gateway",
"rxbw": 100,
"secure": 1,
"srcIP": "10.128.0.181",
"srcMac": "52:54:00:58:b1:69",
"srcPort": 23095,
"sroute": "0x2d13d20",
"txbw": 100,
"txpi": -589934592,
"type": "transactional",
"version": 1
}
],
"vceid": "2280cce8-29cd-4b2f-b3a2-3b0972623e37"
}
]
velocloud Empalme:/#

Page 100
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Path Creation

Debug User connection (Packet Path)

Edge Offline

Debug HA

Debug Cluster Commented [81]: Needs to be included for next revision.

Performance
Generally speaking 95% of performance issues occur because of CPU issues. Therefore, the
the first command to check is top.

1. Type top -H
2. Then press number 1 to see performance CPU.

Page 101
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

1. Verify the following:

● With the Exception of the CPU running DPDK, all other CPUs should have CPU
available.

Page 102
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

● With the Exception of the dpdk_master thread, all other threads should be under 100%.

Note:
DPDK will run differently from platform to platform. In 800 and 2000, dpdk will have a full CPU Commented [82]: Is there a reason why this is all lower
reserved for himself. In lower platforms it will share with other cores case?

DPDK Drops
DPDK runs in a loop. Depending on the platform, it will have a sleep in the loop or not. Since it's
running on a loop high, the CPU will not be able to tell you that you are running out of CPU.
If you are running in a physical platform, DPDK will detect missing packets via the following
command:
velocloud vEdge 8CPU Hub:/opt/vc/bin# dispcnt -s imissed

Thu Mar 15 16:53:16 2018

dpdk_tcpdump_pstat_imissed =0 0 /s
dpdk_eth4_pstat_imissed =0 0 /s
dpdk_eth3_pstat_imissed =0 0 /s
dpdk_eth2_pstat_imissed =0 0 /s

If DPDK is missing packets in a hardware platform, you will see it here.

If you are running DPDK in a Virtual Edge, DPDK will not have access to this information.
Therefore, you must check at the host level. Commented [83]: let's indicate what they need to check.

Edged Drops
Once the packet is in the system, most drops performed by Edged can be caught in the
debug.py --handoffqueue.
Edged works in a train processing. Each block is responsible for processing its queue and
handing it over to the next block queue.
When a process is not able to kept up, it's queue gets full and a packet is dropped.
velocloud vEdge 8CPU Hub:/opt/vc/bin# debug.py --hand
name qlimit lockfree sleeping wokenup enq deq drops head tail dummy next state
encrypt_0 4096 0 1 916454 941013 941013 0 0x44c5d90 0x44c5d90 0x44c5d90 0x0 NORMAL
encrypt_1 4096 0 1 329923 331707 331707 0 0x44c8110 0x44c8110 0x44c8110 0x0 NORMAL
haproxy_rx 2048 0 1 0 0 0 0 0x44ceb90 0x44ceb90 0x44ceb90 0x0 NORMAL
vcmp_init 1024 0 1 111 111 111 0 0x44a2590 0x44a2590 0x44a2590 0x0 NORMAL
vcmp_ctrl_0 40960 0 1 68025 68027 68027 0 0x44c1690 0x44c1690 0x44c1690 0x0 NORMAL
vcmp_ctrl_1 40960 0 1 18670 18670 18670 0 0x44c3a10 0x44c3a10 0x44c3a10 0x0 NORMAL
vcmp_data_0 1024 0 1 920426 977424 977424 0 0x44a4910 0x44a4910 0x44a4910 0x0 NORMAL
vcmp_data_1 1024 0 1 319001 333747 333747 0 0x44a6c90 0x44a6c90 0x44a6c90 0x0 NORMAL
vcmp_bh_bottom 10240 0 1 255 255 255 0 0x44ad710 0x44ad710 0x44ad710 0x0 NORMAL
ike_bh 1024 0 1 3902 4899 4899 0 0x44afa90 0x44afa90 0x44afa90 0x0 NORMAL
mc_readq 1024 0 1 0 0 0 0 0x44a01d0 0x44a01d0 0x44a01d0 0x0 NORMAL
natt_0 1024 0 1 336497 387255 387255 0 0x44b1e10 0x44b1e10 0x44b1e10 0x0 NORMAL
natt_1 1024 0 1 107992 119555 119555 0 0x44b4190 0x44b4190 0x44b4190 0x0 NORMAL
esp_0 1024 0 1 0 0 0 0 0x44ca490 0x44ca490 0x44ca490 0x0 NORMAL
esp_1 1024 0 1 0 0 0 0 0x44cc810 0x44cc810 0x44cc810 0x0 NORMAL
ipv4_bh 2048 0 1 24435 24813 24813 0 0x44ab390 0x44ab390 0x44ab390 0x0 NORMAL
cloud_bh_bottom 2048 0 1 262 262 262 0 0x44a9010 0x44a9010 0x44a9010 0x0 NORMAL
cloud_txq 1024 0 1 255 255 255 0 0x44b8890 0x44b8890 0x44b8890 0x0 NORMAL
vcmp_tx 2048 0 1 0 0 0 0 0x44b6510 0x44b6510 0x44b6510 0x0 NORMAL
glob_ls_0 1024 0 1 2482671 2545175 2545175 0 0xf067be0 0xf067be0 0xf067be0 0x0 NORMAL
velocloud vEdge 8CPU Hub:/opt/vc/bin#

Page 103
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

General Drops/Error
While generally not performance related is useful to see if any error/drops are happening in the
system.
We generally use the following command: Commented [84]: I've been trying to change most of
these to passive voice. But, do you want to indicate
dispcnt -s miss -s error -s drop -s fail -z
"we" "you" etc.?

Common Performance Issues

DPDK Not assigned to a single CPU in Virtual Edges
When creating Virtual Edges, the Host CPU and the Virtual CPU need to have a 1-1 pinning.
Otherwise, this will cause DPDK to jump across CPUs, which will cause issues.

Small Packets
All Performances tests are done with a single flow of 420 byte packet size. If a customer is
running a test with 60 byte packet size, the performance will be much lower.

Large Number of Flows

If a customer is running a performance test that each packet will be a single flow, this will have
very high impact on CPU.

Large Configuration
Performance tests are done with a basic config. A large number of Firewall Entries or Business
Policies will have a higher CPU impact.

QoS
Bandwidth Cap validation
The qos_net and qos_link command can be used to determine if the bandwidth cap is set
correctly. Caps set in qos_net represent the cap of all aggregate links. Caps set in qos_link
represent respective the link’s bandwidth cap.

Traffic prioritization validation

- The flow_dump command can be used to determine if the flow has the correct
classification - traffic type and priority.
- The Qos_net command can be used to validate if traffic prioritization is occurring
correctly. Example - A higher weighted traffic-type/priority should get a proportional
share of higher bandwidth. This can be checked using the qos_net command output.

Page 104
Copyright © 2019
VMware SD-WAN by VeloCloud
VMware SD-WAN by VeloCloud EDGE CLI Documentation

Page 105
Copyright © 2019
VMware SD-WAN by VeloCloud
Page 75: [1] Commented [45] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [2] Commented [46] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [3] Commented [47] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [4] Commented [48] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [5] Commented [49] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [6] Commented [50] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [7] Commented [51] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [8] Commented [52] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [9] Commented [53] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [10] Commented [54] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [11] Commented [55] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [12] Commented [56] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [13] Commented [57] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [14] Commented [58] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [15] Commented [59] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [16] Commented [60] Kartik Kamdar 28/01/2019 21:21:00
[email protected] can you help close on this by COB today; thanks.
Page 75: [17] Commented [61] Kartik Kamdar 23/01/2019 19:21:00
[email protected]
_Assigned to Gopakumar Edakkunni_
Page 75: [18] Commented [62] Kartik Kamdar 28/01/2019 21:21:00
[email protected] pls close by COB.