Recently I got to work with the NSX API and write a tool to do a quick health check of NSX networks.
nsxchecker is a valuable operational tool to quickly report a NSX network’s health. One of the promises of SDN is automated tooling for operational teams and with the NSX API I was quickly able to deliver.
nsxchecker accepts a NSX lswitch UUID or a neutron_net_id. Rackspace’s Neutron plugin, quark, tags created lports with a neutron_net_id. nsxchecker requires administrative access to the NSX controllers.
Neutron itself supports probes but it had a couple of drawbacks:
- It doesn’t work with all implementations
- For a large network, it’s slow
There’s more details in the README on github.
Similar to this thread, I wanted to see what VLANs were allowed for a trunked port as reported by SNMP with Python.
With the help of a couple of colleagues, I made some progress.
vlan_value = '000000000020000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
for key,value in enumerate(format(int(vlan_value, 16), "0100b").rjust(len(vlan_value) * 4, '0')):
... if value == '1':
... print key
- Convert the string returned to Hex
- Convert that to Binary
- Right fill 0s to the appropriate length to give offset (determined by the size of the string)
- Loop through the resulting value and each character that is a 1 is an enabled VLAN on the port
In conjunction with LLDP, I’m able to query each switch/port and interface is connected to and determine if the VLANs are set properly on the port.