Scribd
Upload
82 views7 pages

Esxcfg Command Help

The document describes the esxcfg command and its subcommands for configuring networking and storage settings on an ESXi host. It provides descriptions and syntax for esxcfg-firewall, esxcfg-nics, esxcfg-vswitch, esxcfg-vswif, and esxcfg-route. Examples are given for how to use each subcommand to perform common configuration tasks like enabling services, setting NIC speeds, adding port groups and uplinks, configuring service console networking, and managing VMkernel routes.

Uploaded by

Pieter Botha
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
82 views7 pages

Esxcfg Command Help

The document describes the esxcfg command and its subcommands for configuring networking and storage settings on an ESXi host. It provides descriptions and syntax for esxcfg-firewall, esxcfg-nics, esxcfg-vswitch, esxcfg-vswif, and esxcfg-route. Examples are given for how to use each subcommand to perform common configuration tasks like enabling services, setting NIC speeds, adding port groups and uplinks, configuring service console networking, and managing VMkernel routes.

Uploaded by

Pieter Botha
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Esxcfg command help

 
Jump To:
Networking: EsxcfgFirewall EsxcfgNics EsxcfgRoute EsxcfgVmknic EsxcfgVswif EsxcfgVswitch
Storage: Esxcfg-mpath Esxcfg-nas Esxcfg-swisci Esxcfg-vmhbadevs
General: Esxcfg-advcfg Esxcfg-auth Esxcfg-info Esxcfg-resgrp Esxcfg-upgrade
Boot/Diagnostic: Esxcfg-boot Esxcfg-dumppart Esxcfg-init Esxcfg-linuxnet Esxcfg-module
 

Esxcfg-firewall
Description: Configures the service console firewall ports
Syntax: esxcfg-firewall <options>

Options:

-q Lists current settings

-q <service> Lists settings for the specified service

-q incoming|outgoing Lists settings for non-required incoming/outgoing ports

-s Lists known services

-l Loads current settings

-r Resets all options to defaults

-e <service> Allows specified service through the firewall (enables)

-d <service> Blocks specified service (disables)

-o <port, tcp|udp,in|out,name> Opens a port

-c <port, tcp|udp,in|out> Closes a port previously opened by –o

-h Displays command help

-allowincoming Allow all incoming ports

-allowoutgoing Allow all outgoing ports

-blockincoming Block all non-required incoming ports (default value)

-blockoutgoing Block all non-required outgoing ports (default value)

Default Services:

Added by the vpxa RPM: Traffic between ESX Server hosts for VMware
AAMClient High Availability (HA) and EMC Autostart Manager – inbound and
outbound TCP and UDP Ports 2050 – 5000 and 8042 – 8045

activeDirectorKerberos Active Directory Kerberos - outbound TCPs Port 88 and 464


CIMHttpServer First-party optional service: CIM HTTP Server - inbound TCP Port 5988

CIMHttpsServer First-party optional service: CIM HTTPS Server - inbound TCP Port 5989

First-party optional service: CIM SLP - inbound and outbound TCP and
CIMSLP
UDP Ports 427

Backup agent: Commvault dynamic – inbound and outbound TCP Ports


commvaultDynamic
8600 – 8619

Backup agent: Commvault static – inbound and outbound TCP Ports


commvaultStatic
8400 – 8403

ftpClient FTP client - outbound TCP Port 21

ftpServer FTP server - inbound TCP Port 21

kerberos Kerberos - outbound TCPs Port 88 and 749

LicenseClient FlexLM license server client - outbound TCP Ports 27000 and 27010

nfsClient NFS client - outbound TCP and UDP Ports 111 and 2049 (0 – 65535)

nisClient NIS client - outbound TCP and UDP Ports 111 (0 – 65535)

ntpClient NTP client - outbound UDP Port 123

smbClient SMB client - outbound TCP Ports 137 – 139 and 445

snmpd SNMP services - inbound TCP Port 161 and outbound TCP Port 162

sshClient SSH client - outbound TCP Port 22

sshServer SSH server - inbound TCP Port 22

First-party optional service: Software iSCSI client - outbound TCP Port


swISCSIClient
3260

telnetClient NTP client - outbound TCP Port 23

Backup agent: IBM Tivoli Storage Manager – inbound and outbound


TSM
TCP Ports 1500

veritasBackupExec Backup agent: Veritas BackupExec – inbound TCP Ports 10000 – 10200

Backup agent: Veritas NetBackup – inbound TCP Ports 13720, 13732,


veritasNetBackup
13734, and 13783

vncServer VNC server - Allow VNC sessions 0-64: inbound TCP Ports 5900 – 5964

vpxHeartbeats vpx heartbeats - outbound UDP Port 902

Note: You can configure your own services in the file /etc/vmware/firewall/services.xml
esxcfg-firewall examples:
Enable ssh client connections from the Service Console:
# esxcfg-firewall -e sshClient
Disable the Samba client connections:
# esxcfg-firewall -d smbClient
Allow syslog outgoing traffic:
# esxcfg-firewall -o 514,udp,out,syslog
Turn off the firewall:
# esxcfg-firewall -allowIncoming
# esxcfg-firewall -allowOutgoing
Re-enable the firewall:
# esxcfg-firewall -blockIncoming
# esxcfg-firewall –blockOutgoing

Esxcfg-nics
Description: Prints a list of physical network adapters along with information on the driver, PCI
device, and link state of each NIC. You can also use this command to control a physical network
adapter’s speed and duplexing.
Syntax: esxcfg-nics <options> [nic]

Options:

Set the speed of this NIC to one of 10/100/1000/10000. Requires a NIC


-s <speed>
parameter.

Set the duplex of this NIC to one of 'full' or 'half'. Requires a NIC
-d <duplex>
parameter.

-a Set speed and duplex automatically. Requires a NIC parameter.

-l Print the list of NICs and their settings.

-r Restore the NICs configured speed/duplex settings. (Internal use only)

-h Displays command help

esxcfg-nics examples:
Set the speed and duplex of a NIC (vmnic2) to 100/Full:
esxcfg-nics -s 100 -d full vmnic2
Set the speed and duplex of a NIC (vmnic2) to auto-negotiate:
esxcfg-nics -a vmnic2

Esxcfg-vswitch
Description: Creates and updates virtual machine (vswitch) network settings
Syntax: esxcfg-vswitch <options> [vswitch[:ports]]

Options:

-a Add a new virtual switch.

-d Delete the virtual switch.

-l List all the virtual switches.

-L <pnic> Set pnic as an uplink for the vswitch.

-U <pnic> Remove pnic from the uplinks for the vswitch.

Specify a portgroup for operation. Use ALL for operation to work on all
-p <portgroup>
portgroups

-v <vlan id> Set VLAN ID for portgroup specified by -p. 0 would disable the VLAN.

Check to see if a virtual switch exists. Program outputs a 1 if it exists, 0


-c
otherwise.

-A <name> Add a new portgroup to the virtual switch.

-D <name> Delete the portgroup from the virtual switch.

Check to see if a portgroup exists. Program outputs a 1 if it exists, 0


-C <name>
otherwise.

Restore all virtual switches from the configuration file (Internal use
-r
only)

-h Displays command help

esxcfg-vswitch examples:
Add a pnic (vmnic2) to a vswitch (vswitch1):
esxcfg-vswitch -L vmnic2 vswitch1
Remove a pnic (vmnic3) from a vswitch (vswitch0):
esxcfg-vswitch -U vmnic3 vswitch0
Create a portgroup (VM Network3) on a vswitch (vswitch1):
esxcfg-vswitch -A "VM Network 3" vSwitch1
Assign a VLAN ID (3) to a portgroup (VM Network 3) on a vswitch (vswitch1):
esxcfg-vswitch -v 3 -p "VM Network 3" vSwitch1

Esxcfg-vswif
Description: Creates and updates service console network settings. This command is used if you
cannot manage the ESX Server host through the VI Client because of network configuration issues.
Syntax: esxcfg-vswif <options> [vswif]
Options:

-a Add vswif, requires IP parameters. Automatically enables interface.

-d Delete vswif.

-l List configured vswifs.

-e Enable this vswif interface.

-s Disable this vswif interface.

-p Set the portgroup name of the vswif.

-i <x.x.x.x> or DHCP The IP address for this vswif or specify DHCP to use DHCP for this address.

-n <x.x.x.x> The IP netmask for this vswif.

The IP broadcast address for this vswif. (not required if netmask and ip are
-b <x.x.x.x>
set)

Check to see if a virtual NIC exists. Program outputs a 1 if the given vswif
-c
exists, 0 otherwise.

Disable all vswif interfaces. (WARNING: This may result in a loss of network
-D
connectivity to the Service Console)

-E Enable all vswif interfaces and bring them up.

-r Restore all vswifs from the configuration file. (Internal use only)

-h Displays command help.

Note: You can set the Service Console default gateway by editing the /etc/sysconfig/network file or
through the VI Client under Configuration, DNS & Routing.

esxcfg-vswif examples:
Change your Service Console (vswif0) IP and Subnet Mask:
esxcfg-vswif -i 172.20.20.5 -n 255.255.255.0 vswif0
Add a Service Console (vswif0):
esxcfg-vswif -a vswif0 -p "Service Console" -i 172.20.20.40 -n 255.255.255.0

Esxcfg-route
Description: Sets or retrieves the default VMkernel gateway route
Syntax: esxcfg-route <options> [<network> [<netmask>] <gateway>]
<network> can be specified in 2 ways: as a single argument in <network>/<mask> format or as a
<network> <netmask> pair.
<gateway> is either an IP address or 'default'
Options:

Add route to the VMkernel, requires network address (or 'default') and
-a
gateway IP address.

Delete route from the VMkernel, requires network address (or


-d
'default').

-l List configured routes for the Service Console.

Restore route setting to configured values on system start. (Internal use


-r
only)

-h Displays command help

esxcfg-route examples:
Set the VMkernel default gateway route:
esxcfg-route 172.20.20.1
Add a route to the VMkernel:
esxcfg-route -a default 255.255.255.0 172.20.20.1

Esxcfg-vmknic
Description: Creates and updates VMkernel TCP/IP settings for VMotion, NAS, and iSCSI
Syntax: esxcfg-vmknic <options> [[portgroup]]

Options:

Add a VMkernel NIC to the system, requires IP parameters and portgroup


-a
name.

-d Delete VMkernel NIC on given portgroup.

-e Enable the given NIC if disabled.

-D Disable the given NIC if enabled.

-l List VMkernel NICs.

The IP address for this VMkernel NIC. Setting an IP address requires that the
-i <x.x.x.x>
-n option be given in same command.

The IP netmask for this VMkernel NIC. Setting the IP netmask requires that
-n <x.x.x.x>
the -i option be given in the same command.

Restore VMkernel TCP/IP interfaces from configuration file. (Internal use


-r
only)

-h Displays command help


esxcfg-vmknic examples:
Add a VMkernel NIC and set the IP and subnet mask:
esxcfg-vmknic -a "VM Kernel" -i 172.20.20.19 -n 255.255.255.0

You might also like