In my last blog-post, we saw how to deploy and configure NSX-T EDGE nodes. Now, we will start with configuring Logical routing for layer 3 network connectivity. In this blog post, we will configure Tier 1 gateway and test the east west network connectivity between vms from different subnets.
Deploy Tier-1 Gateway :
A tier-1 gateway performs the functions of a tier-1 logical router. It has downlink connections to the logical segments and uplink connections to tier-0 gateways.
To deploy a Tier-1 gateway, Login to the NSX Simplified UI Home page, click Networking > Tier-1 Gateways and click on ADD TIER-1 GATEWAY
Give a NAME for the Tier-1 gateway and also select the EDGE cluster that we have created earlier. Leave the rest of the settings as default and click on SAVE
In the next page, click on YES to continue the editing of the Tier-1 gateway.
Expand the Route Advertisement and enable the below two routes.
- All Static Routes
- All Connected Segments & Service Ports
Once done, click on SAVE
Note :
To provide Layer 3 connectivity between VMs connected to logical switches that are attached to different tier-1 logical routers, it is necessary to enable tier-1 route advertisement towards tier-0. You do not need to configure a routing protocol or static routes between tier-1 and tier-0 logical routers. NSX-T Data Center creates NSX-T Data Center static routes automatically when you enable route advertisement. If you don’t want to advertise all connected routes, you can specify which routes to advertise.
Once the changes are saved, click on CLOSE EDITING
Confirm the Tier-1 logical router created is Up as in the below screenshot.
Create Gateway Ports :
In this step we will connect the Logical Segments to the Tier-1 gateway that we have just created. For that, let’s create gateway ports to associate the Tier-1 gateway with the logical segments.
Go to Networking > Segments and click on the three vertical ellipses icon next to the logical segment and select Edit.
Select the Tier-1 gateway from the Uplink & Type drop-down menu and click on Set Subnets
In the Set Subnets page, click on ADD SUBNET. Provide an IP address for the gateway and click on ADD
Click on APPLY tab to close the window
Now the created subnet is available under the Subnets section as below. Now, click on SAVE.
Once the changes are saved, click on CLOSE EDITING
Perform the same steps on all the Logical Segments available. In the below screenshot, you can see that all the three Logical Segments are connected to the Tier-1 gateway.
Test East-West L3 Connectivity:
To test the L3 connectivity, I have created few test virtual machines as below.
| VM name | IP Address | Logical Switch |
| App | 172.16.10.10 | App-LS |
| Web | 172.16.20.10 | Web-LS |
| Database | 172.16.30.10 | DB-LS |
From the below PING test, we can see that the App virtual machine can reach the Web and Database virtual machines from a different subnet.
In this blog post, we saw how to enable L3 communication with the help of Tier-1 logical router. For more details please refer to the VMware document.
Kontainers 
Leave a Reply