NSX-T Data Center REST API
TraceflowObservationDroppedLogical (schema)
| Name | Description | Type | Notes |
|---|---|---|---|
| acl_rule_id | The id of the L3 firewall rule that was applied to drop the traceflow packet This field is specified when the traceflow packet matched a L3 firewall rule. |
integer | Readonly |
| arp_fail_reason | The detailed drop reason of ARP traceflow packet This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction |
string | Readonly Enum: ARP_UNKNOWN, ARP_TIMEOUT, ARP_CPFAIL, ARP_FROMCP, ARP_PORTDESTROY, ARP_TABLEDESTROY, ARP_NETDESTROY |
| component_id | The id of the component that dropped the traceflow packet. | string | Readonly |
| component_name | The name of the component that issued the observation. | string | Readonly |
| component_sub_type | The sub type of the component that issued the observation. | TraceflowComponentSubType | Readonly |
| component_type | The type of the component that issued the observation. | TraceflowComponentType | Readonly |
| jumpto_rule_id | The ID of the jump-to rule that was applied to the traceflow packet This field is specified when the traceflow packet matched a jump-to rule. |
integer | Readonly |
| l2_rule_id | The ID of the l2 rule that was applied to the traceflow packet This field is specified when the traceflow packet matched a l2 rule. |
integer | Readonly |
| lport_id | The id of the logical port at which the traceflow packet was dropped | string | Readonly |
| lport_name | The name of the logical port at which the traceflow packet was dropped | string | Readonly |
| nat_rule_id | The ID of the NAT rule that was applied to drop the traceflow packet This field is specified when the traceflow packet matched a NAT rule. |
integer | Readonly |
| reason | The reason traceflow packet was dropped This field specifies the drop reason of traceflow packet. ARP_FAIL - ARP request fails for some reasons, please refer arp_fail_reason for detail BFD - BFD packet is dropped because traversed by non-operative interface or encountering internal error (e.g., memory insufficient) BROADCAST - Packet is dropped during traversing the interface (e.g., Edge uplink, Edge centralized service port) which disallow ethernet broadcast DHCP - DHCP packet is malformed DLB - The packet is disallowed by distributed load balancing FW_RULE - The packet matches a drop or reject rule of DFW or Edge firewall GENEVE - GENEVE packet is malformed GRE - GRE packet is malformed or traverses a non-operative interface IFACE - Packet traverses a non-operative interface IP - Packet is dropped because of IP related causes (e.g., ICMPv4/ICMPv6 packet is malformed, or DF flag is set but fragment must be performed for the packet) or corresponding interface is not found or inoperative IP_REASS - Packet is dropped during IP reassembly IPSEC - IPsec protocol related packet is dropped IPSEC_VTI - IPsec required SA is not found or traversing inoperative interface cause packet dropped L2VPN - VLAN id of GRE packet is invalid L4PORT - Layer 4 packet (e.g., BFD, DHCP) is dropped LB - Packet is dropped by load balancing rule LROUTER - Packet is dropped by logical router LSERVICE - Packet is malformed or traverses inoperative logical service interface LSWITCH - Packet is dropped by logical switch MANAGEMENT - Packet is dropped by Edge datapath MANAGEMENT service port MD_PROXY - Packet is dropped by metadata proxy NAT - Packet is dropped by NAT rule RTEP_TUNNEL - Unused drop reason ND_NS_FAIL - Neighbor Discovery packet fails NEIGH - ARP or Neighbor Discovery packet fails NO_EIP_FOUND - Destination IP is not an elastic IP NO_EIP_ASSOCIATION - Elastic IP is not associated with active edge VDR ENI NO_ENI_FOR_IP - There is no ENI found for the destination IP NO_ENI_FOR_LIF - Cannot find an ENI associated with uplink LIF NO_ROUTE - Cannot find route for destination IP NO_ROUTE_TABLE_FOUND - Cannot find associated route table NO_UNDERLAY_ROUTE_FOUND - Cannot find AWS route to destination NOT_VDR_DOWNLINK - Packet is not forwarded to VMC unmanaged VDR downlink NO_VDR_FOUND - VMC unmanaged VDR associated with Edge uplink is not found NO_VDR_ON_HOST - Cannot find VMC unmanaged VDR list on this host NOT_VDR_UPLINK - Packet is not forwarded to VDR uplink SERVICE_INSERT - Packet from guest VM to service VM or from service VM to guest VM is dropped by firewall rule SPOOFGUARD - Packet is blocked by SpoofGuard policy TTL_ZERO - The IPv4 time to live field or the IPv6 hop limit field of packet is zero TUNNEL - Overlay tunnel management packet (VNI value of GENEVE header is 0, e.g., BFD) is dropped VLAN - VLAN id of packet is disallowed by the given port VXLAN - VXLAN packet is malformed or cannot find tunnel port for it VXSTT - Unused drop reason VMC_NO_RESPONSE - Failed to query VMC observations as no response from VMC app WRONG_UPLINK - Packet is not routed to the expected Edge uplink by VMC unmanaged VDR FW_STATE - Packet is dropped by stateful firewall |
string | Readonly Enum: ARP_FAIL, BFD, BROADCAST, DHCP, DLB, FW_RULE, GENEVE, GRE, IFACE, IP, IP_REASS, IPSEC, IPSEC_VTI, L2VPN, L4PORT, LB, LROUTER, LSERVICE, LSWITCH, MANAGEMENT, MD_PROXY, NAT, RTEP_TUNNEL, ND_NS_FAIL, NEIGH, NO_EIP_FOUND, NO_EIP_ASSOCIATION, NO_ENI_FOR_IP, NO_ENI_FOR_LIF, NO_ROUTE, NO_ROUTE_TABLE_FOUND, NO_UNDERLAY_ROUTE_FOUND, NOT_VDR_DOWNLINK, NO_VDR_FOUND, NO_VDR_ON_HOST, NOT_VDR_UPLINK, SERVICE_INSERT, SPOOFGUARD, TTL_ZERO, TUNNEL, VLAN, VXLAN, VXSTT, VMC_NO_RESPONSE, WRONG_UPLINK, FW_STATE, NO_MAC, UNKNOWN |
| resource_type | Must be set to the value TraceflowObservationDroppedLogical | TraceflowObservationType | Required Default: "TraceflowObservationReceived" |
| sequence_no | the sequence number is the traceflow observation hop count the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation. |
integer | Required Readonly |
| service_path_index | The index of service path The index of service path that is a chain of services represents the point where the traceflow packet was dropped. |
integer | Readonly |
| site_path | Policy path of the federated site This field contains the site path where this observation was generated. |
string | Readonly |
| timestamp | Timestamp when the observation was created by the transport node Timestamp when the observation was created by the transport node (milliseconds epoch) |
EpochMsTimestamp | Readonly |
| timestamp_micro | Timestamp when the observation was created by the transport node Timestamp when the observation was created by the transport node (microseconds epoch) |
integer | Readonly |
| transport_node_id | id of the transport node that observed a traceflow packet | string | Readonly |
| transport_node_name | name of the transport node that observed a traceflow packet | string | Readonly |
| transport_node_type | type of the transport node that observed a traceflow packet | TransportNodeType | Readonly |