When running InfiniGuard version 3.3.x and above, the InfiniGuard services includes the ability for Backup Admins to use the CLI based “iguard_netcli” tool to troubleshoot or validate network services.

This feature allows Backup Admins to troubleshoot, diagnose, or validate InfiniGuard DDE Networking. The tool allows for various scenarios of Networking diagnostics scenarios between InfiniGuard DDEs and the servers used for protecting data to the DDE shares.

Your TA can assist you in obtaining these tools before they are officially available from the Infinidat Support site. Once you have obtained it, it can then be installed (as an RPM) on any AIX 7.1, AIX 7.2, Redhat or Centos Linux server.

Once installed, the script-based tools allow authenticated access to any 3.3.x or above InfiniGuard version to list and sort contents of any or all of the Deduplication Engine NetBoost Shares. The tool requires a read-only account on the InfiniGuard UI (as a minimum).

  1. Install the InfiniGuard_Netcli RPM on the system you wish to use as a cli tool server to validate networking on InfiniGuard Deduplication Engines (DDEs).
  2. Obtain the RPM appropriate for your host operating system (LINUX/AIX) from Infinidat Support or your TA.
  3. Install the RPM using “rpm –ivh INFINIDAT_InfiniGuard_netcli.rpm
  4. Once installed, you can use the tool to run cli-based Networking tools.

If issues are discovered, the customer team can work with their networking staff and/or Infinidat Support to resolve any issues (thru the normal ticket-based support system). Some examples follow,

[root@io-wt-11 ~]# iguard_netcli --help

Help shows the syntax of using the command:

[root@io-wt-11 ~]# iguard_netcli –help
   iguard_netcli --ping --hostname=<hostname> [--username=<username>]  
                 [--password=<password>] --dde=<dde_id> --dst=<ip> 
                 [--src=<dde_ip>] [--time=<time>] [--do_not_fragment]
   iguard_netcli --iperf --hostname=<hostname> [--username=<username>]
                 [--password=<password>] --dde=<dde_id> --dst=<ip> 
   iguard_netcli --traceroute --hostname=<hostname> [--username=<username>]
                 [--password=<password>] --dde=<dde_id> --dst=<ip> 
   iguard_netcli  --dig --hostname=<hostname> [--username=<username>] 
                 [--password=<password>] --dde=<dde_id> --dst=<ip>
   iguard_netcli  --ethtool --hostname=<hostname> [--username=<username>] 
                 [--password=<password>] --dde=<dde_id> [--interface=<dev>]
   iguard_netcli --ifconfig --hostname=<hostname> [--username=<username>] 
                 [--password=<password>] --dde=<dde_id> [--interface=<dev>]
   iguard_netcli --mtu --hostname=<hostname> [--username=<username>] 
                 [--password=<password>] --dde=<dde_id>  --dst=<ip>
   iguard_netcli  --bonds --hostname=<hostname> [--username=<username>]
                 [--password=<password>] --dde=<dde_id> [--interface=<dev>]
   iguard_netcli --resolv --hostname=<hostname> [--username=<username>] 
                 [--password=<password>] --dde=<dde_id> 
   iguard_netcli --hostname=<hostname> --username=<username> --password=<password> --save
   iguard_netcli --delete
   iguard_netcli -h | --help
   iguard_netcli --version

   -H hostname --hostname=<hostname>              DNS name/IP  of InfiniGuard
   -u username --username=<username>              Administrator's username
   -p password --password=<password>              Administrator's password
   -d dde_id, --dde=<dde_id>                      DDE ID (1/2)
   -P, --ping                                     Ping from DDE
   -T, --traceroute                               Traceroute from DDE
   -N, --dig                                      Dig from DDE
   -E, --ethtool                                  Ethtool on interface(s)
   -i, --ifconfig                                 Ifconfig on interface(s)
   -M, --mtu                                      Calculate MTU between DDE and IP address
   -B, --bonds                                    Display bonds information
   -R, --resolv                                   Show contents of resolv.conf
   -I, --iperf                                    Run iperf client from DDE to Iperf server
   -D ip, --dst=<ip>                              Destination IP
   -S dde_ip, --src=<dde_ip>                      DDE IP to use as source
   -t sec, --time=<sec>                           Time to run the command (in seconds)
   --do_not_fragment                              Set TCP DO_NOT_FRAGMENT flag
   --payload_size=<size>                          Ping payload size
   --buffer_len=<len>                             Iperf buffer length (in KB)
   --parallel=<num>                               Iperf number of parallel threads
   --iperf_version=<ver>                          Iperf version to use (1 or 3) [default: 3]
   --reverse                                      Iperf3 only: reverse test direction
   --interface=<dev>                              Network interface to use
   --delete                                       Delete all stored credentials
   --save                                         Save credentials for hostname
   -h, --help                                     Show this screen
   -V, --version                                  Show iguard_netcli version

The iguard_netcli command will use the –H (or - –hostname) and point to the InfiniGuard DNS-hostname or IP address.  User and Password can be saved to avoid having to authenticate each task.

 This requires “http” access to the ibox floating IP (the System Management IP), and at least a read-only user on the iGuard UI.

The Following example shows several use-case examples of using the iguard_netcli tool to validate networking from the DDE’s to the Backup Server.

Review MTU between Source and Target IPs.

[root@io-wt-11 ~]# iguard_netcli --mtu -H ibox1593 -d1 --src --dst

Review Traceroutes between source and target IP’s.

[root@io-wt-11 ~]# iguard_netcli --traceroute -H ibox1593 -d1 --dst
Traceroute to ( 56 data bytes, 30 hops max
  1            0.13 ms

Review DDE Network Bond Settings.

[root@io-wt-11 ~]# iguard_netcli --bonds -H ibox1593 -d1 --interface=bond0
Settings for bond0:
        Bonding Mode: IEEE 802.3ad Dynamic link aggregation
        Transmit Hash Policy: layer 3 4 (1)
        MII Status: up
        MII Polling Interval (ms): 500
        Up Delay (ms): 0
        Down Delay (ms): 0

        802.3ad info
        LACP rate: slow
        Min links: 0
        Aggregator selection policy (ad_select): stable
        System priority: 65535
        System MAC address: f8:f2:1e:47:33:e3
        Active Aggregator Info:
                Aggregator ID: 1
                Number of ports: 1
                Actor Key: 15
                Partner Key: 1
                Partner Mac Address: 00:00:00:00:00:00

        Slave Interface: p7p1
                MII Status: up
                Speed: 10000Mb/s
                Duplex: Full
                Link detected: yes
                Link Failure Count: 2
                Permanent HW addr: f8:f2:1e:47:29:b0

        Slave Interface: p4p4
                MII Status: up
                Speed: 10000Mb/s
                Duplex: Full
                Link detected: yes
                Link Failure Count: 2
                Permanent HW addr: f8:f2:1e:47:33:e3

Iperf testing requires you to run iperf in Server mode on the backup server. This allows for a bandwidth test to be run between the InfiniGuard DDE Target IP and the Backup Server Source IP.

Ex. from Backup Server, start iperf in Server mode.

 [root@io-wt-11 ~]# iperf -s
Server listening on TCP port 5001
TCP window size: 85.3 KByte (default)

Example in running netcli to test iPerf Bandwidth

 [root@io-wt-11 ~]# iguard_netcli --iperf -H ibox1593 -d1 --iperf_version=1 --src --dst
Client connecting to, TCP port 5001
Binding to local address
TCP window size: 4.00 MByte (default)
[  3] local port 5001 connected with port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0- 1.0 sec  1.15 GBytes  9.92 Gbits/sec
[  3]  1.0- 2.0 sec  1.15 GBytes  9.89 Gbits/sec
[  3]  2.0- 3.0 sec  1.15 GBytes  9.90 Gbits/sec
[  3]  3.0- 4.0 sec  1.15 GBytes  9.90 Gbits/sec
[  3]  4.0- 5.0 sec  1.15 GBytes  9.89 Gbits/sec
[  3]  5.0- 6.0 sec  1.15 GBytes  9.90 Gbits/sec
[  3]  6.0- 7.0 sec  1.15 GBytes  9.89 Gbits/sec
[  3]  7.0- 8.0 sec  1.15 GBytes  9.89 Gbits/sec
[  3]  8.0- 9.0 sec  1.15 GBytes  9.90 Gbits/sec
[  3]  9.0-10.0 sec  1.15 GBytes  9.90 Gbits/sec
[  3]  0.0-10.0 sec  11.5 GBytes  9.90 Gbits/sec
Was this article helpful?
0 out of 0 found this helpful

0 out of 0 found this helpful

Last edited: 2022-08-06 08:20:50 UTC