Last updated - Oct 22, 2020
APIC Controller commands
Misc/management
acidiag fnvread - display information about fabric nodes (leaves and spines).
fabric <NODE_ID> <COMMAND> - execute a COMMAND on NODE_ID. NODE_ID can be specified as range or list of nodes, i.e. 101-103 or 101,105.
show oob - display information about Out-of-band management configuration.
Endpoints
show endpoints vlan xxx - display endpoints of specific VLAN xxx. Here xxx is exact encapsulation ID specified in EPG interface deployment, not internal ID of leaves.
show tenant <TENANT> application <APP> epg - display list of EPGs inside TENANT / APP and their contracts list.
show tenant <TENANT> application <APP> endpoints - list of endpoints for all EPGs inside TENANT / APP.
show tenant <TENANT> application <APP> epg <EPG> endpoints - list of endpoints for specific EPG inside TENANT / APP.
show tenant <TENANT> endpoints vlan <ID> - list of endpoints for TENANT and specific encapsulation VLAN ID.
show tenant <TENANT> application <APP> epg <EPG> details - display detailed information about EPG inside TENANT / APP, including EPG configuration details, assigned domains, contracts, static paths.
PC/VPC
show vpc map - display VPC to interfaces mapping table which includes VPC name, VPC cluster ID, VPC ID, Leaf ID/Name, port-channel interface ID, exact physical leaf interface.
show vpc map <VPC_IF_POLICY> - same as above, but only for specific VPC interface policy name.
show port-channel mapshow port-channel map <VPC_IF_POLICY> - same as above, but little less info.
Bridge-domains
show tenant <TENANT> ip interface bridge-domain | egrep "Interface|<IP>" - find bridge-domain name in TENANT with IP.
Interfaces
show stats granularity 15min leaf 103 interface ethernet 1/5 - show interface statistics for specified interval.
Leaf commands
PC/VPC, VLANs
show vlan extended - display list of internal leaf VLAN ID mapping to EPG/BD and encap VLAN including leaf interfaces.
show vpc extended - display list of VPC IDs mapping to internal Port-channel IDs, encap VLAN IDs, interface policies.
vsh_lc -c "show system internal eltmc info vlan brief" - display table of internal VLANs. Access_enc field represents the VLAN ID deployed to the interface (EPG/L3Out).
vsh_lc -c "show system internal eltmc info vlan <VLAN>" - display info for VLAN, where VLAN is the ID of the internal VLAN. Internal VLAN ID numbers can be found with the help of show vlan extended command.
Endpoints
show system internal epm endpoint ip <IP> - display information about IP from dataplane.
clear system internal epm endpoint key vrf <TENANT>:<VRF> ip <IP> - clear learned endpoint in TENANT / VRF with address IP.
show system internal epm vlan <ID> [detail] - display information about VLAN. In this command you should pass internal VLAN ID, which could be obtained from show vlan extended command.
show ip arp internal event-history event - display ARP process traces.
Interfaces
cat /mit/sys/lldp/inst/if-[eth1--1]/summary - get information from MIT about leaf interface including its MAC address, wiring issues, operational/admin status.
cat /mit/sys/summary - get leaf manamenet information, state, sw version, uptime, last reboot reason, serial.
Routing
show ip arp vlan xxx - display next-hop IP in ARP table (only for L3Out).
show ip route vrf TENANT:VRF_NAME [PREFIX] - display routes, PREFIX is optional.
show ip eigrp int bri vrf TENANT:VRF_NAMEshow ip ospf int bri vrf TENANT:VRF_NAME - verify OSPF/EIGRP is enabled on a correct interface.
show ip eigrp neighbors vrf TENANT:VRF_NAMEshow ip ospf neighbors vrf TENANT:VRF_NAME - check the status of neighbors.
show ip eigrp vrf TENANT:VRF_NAME | egrep 'AS|K' - display EIGRP AS, K values.
show ip bgp neighbors vrf TENANT:VRF_NAME | egrep 'BGP nei|Using|Opens|hops' - display BGP neighbors info.
show ip bgp summary vrf TENANT:VRF_NAME - show BGP summary information.
show bgp sessions vrf overlay-1 - check if leaf have BGP sessions with RR spines.
show bgp vpnv4 unicast vrf overlay-1 - display redistributed/exported external routes in VRF overlay-1.
Overlay
show isis dteps vrf overlay-1 - display Dynamic Tunnel Endpoints, existing in IS-IS.
show isis adjacency vrf overlay-1 - display IS-IS neighbor information for overlay-1.
Checks
iping -V <TENANT>:<VRF> <IP> - perform ping inside specific TENANT / VRF to IP. Complete list of options:
usage: iping
[ -d set the SO_DEBUG option]
[ -D enable debug information ]
[ -F enable do not fragment bit in IP header ]
[ -L receive packets on supplied interface ]
[ -n enable printing host IP address than resolved name ]
[ -q quiet output ]
[ -r disable routing of the packets, send only to directly connected hosts ]
[ -v output in verbose format ]
[ -V <vrf-name> name of the VRF through which destination is reachable ]
[ -c <count> no of packets to send ]
[ -i <wait> no of seconds to wait before sending next packet ]
[ -p <pattern> packet payload pattern ]
[ -s <packetsize> size of packets to send ]
[ -t <timeout> wait for seconds to receive reply ]
[ -S <source ip/interface> send packet with given source-ip or IP of given interface and send packet out of that interface ]
<host> destination host-name or ip address
Spine commands
Endpoints
show coop internal info ip-db | grep <IP> -A 13 - display information about IP.
show coop internal info repo ep dampening - see the list of dampened EPs.
The list will be updated whenever possible.
- [22.10.2020] Added commands for routing troubleshooting
- [18.02.2021] Added EPM VLAN details command
- [19.04.2021] Added commands for displaying dteps in IS-IS, IS-IS neighbor info in overlay, internal VLAN info, ARP process traces.
