VMware Cloud Community
mjpbc
Contributor
Contributor
‎01-18-2010 04:05 AM

PowerCLI incorrectly reports portgroup spec booleans!

Hi everyone,

I'm wondering whether anyone else has noticed this limitation/bug within the PowerCLI.

How can I query whether a security (or other) policy on a portgroup is "unset"? When I browse through the SDK () i can correctly see the value as "unset". When it is queried from within PowerCLI it is returned as "false" which is wrong.

Try this on a portgroup which has it's promiscuous security policy unticked (ie. inhertied from the vSwitch):

(get-vmhost -name "esx1.domain.com").id
$hostview = get-view -id (get-vmhost -name "esx1.domain.com").id
$hostview.Config.Network.portgroup[1].spec.policy.security.AllowPromiscuous

And you will get a return value of "false" which is wrong. I'm assuming it should be $null... Is there any other way to tell that this is unset?

Basically what I am trying to do is copy an existing port group with all of its settings by copying the spec across, this doesn't work as all the "unset" values come across incorrectly.

Cheers,

Mike

0 Kudos
8 Replies
rengelen
Enthusiast
Enthusiast
‎01-18-2010 06:51 AM

Actually, I do get $NULL when I try this. I've just made a test portgroup named 'test'

-

$vmhost = Get-vmhost
$Hostview = $vmhost[1] | get-view
$pg = $Hostview.config.network.portgroup | Where {$_.key -like "*-test"}
$pg.spec.policy

Security :
NicTeaming :

OffloadPolicy :

ShapingPolicy :

DynamicType :

DynamicProperty :

-

All enherited from the vSwitch, so all empty as expected....

But when I do set the policy to reject promiscuous mode i see the following:

-

$vmhost = Get-vmhost
$Hostview = $vmhost[1] | get-view
$pg = $Hostview.config.network.portgroup | Where {$_.key -like "*-test"}
$pg.spec.policy

Security : VMware.Vim.HostNetworkSecurityPolicy
NicTeaming :

OffloadPolicy :

ShapingPolicy :

DynamicType :

DynamicProperty :

$pg.spec.policy.security.allowpromiscuous

False

-

What version of PowerCLI and vCenter/ESX are you using?

0 Kudos
mjpbc
Contributor
Contributor
‎01-18-2010 07:08 AM

We're using the latest:

4.0.1 build 208462

I don't see any properties ending in "bq" though - where are you getting these from?

0 Kudos
rengelen
Enthusiast
Enthusiast
‎01-18-2010 07:18 AM

Sorry, 'bq' didn't belong there, the awesome rich text editor messed up my post..

0 Kudos
mjpbc
Contributor
Contributor
‎01-18-2010 07:53 AM

I see what you're saying... You're saynig that the $null values are one level higher telling you whether any of the values are set within?

C:\> $hstview.Config.Network.portgroup[1].spec.policy

Security : VMware.Vim.HostNetworkSecurityPolicy

NicTeaming :

OffloadPolicy :

ShapingPolicy : VMware.Vim.HostNetworkTrafficShapingPolicy

DynamicType :

DynamicProperty :

So, in the above case you can see that I've set the security policy and the shaping policy. But, how do you tell which of the values out of the 3 (say) security values is set?

0 Kudos
mjpbc
Contributor
Contributor
‎01-18-2010 08:21 AM

Actually this doesn't work in reality - when I double-checked this portgroup, none of these values were set... perhaps a non-null value means that they have historically been set to something? But doesn't tell you whether they are currently set...

0 Kudos
admin
Immortal
Immortal
‎01-18-2010 01:09 PM

I can confirm this is a bug. I've reached out to see if there is any workaround and will update.

=====

Carter Shanklin

Read the PowerCLI Blog
[Follow me on Twitter|http://twitter.com/cshanklin]

0 Kudos
rengelen
Enthusiast
Enthusiast
‎01-19-2010 02:06 AM

It indeed seems to be a bug, after unchecking the policy in the VI client, it still appears active when querying in PowerCLI. Tried getting there through the Networksystem, but that also gives the incorrect information

-

$NetworkSystem = Get-view $Hostview.configmanager.networksystem

$NetworkSystem.networkconfig.portgroup[5].spec

Name : test

VlanId : 0

VswitchName : vSwitch1

Policy : VMware.Vim.HostNetworkPolicy

DynamicType :

DynamicProperty :

$NetworkSystem.networkconfig.portgroup[5].spec.policy

Security : VMware.Vim.HostNetworkSecurityPolicy

NicTeaming :

OffloadPolicy :

ShapingPolicy :

DynamicType :

DynamicProperty :

$NetworkSystem.networkconfig.portgroup[5].spec.policy.Security

AllowPromiscuous : False

MacChanges : False

ForgedTransmits : False

DynamicType :

DynamicProperty :

-

The only difference is now is that I actually get the policy information of the above vSwitch

Since you only want to copy all the vSwitch and Portgroup information, what you propably could do as a work-around is compare the portgroup policy with it's vSwitch policy and leave it alone if it's the same...

0 Kudos
jesse_gardner
Enthusiast
Enthusiast
‎05-26-2010 09:50 AM

Carter, any update on this?

0 Kudos