VMware Networking Community
Rob80
Contributor
Contributor
Jump to solution

Static route issues on NSX-T

Hi all,

It seems that I can't find the way correctly connect Tier-0 to external network via static route on NSX-T 2.4. I have attached below my provisional network setup and I can't understand where the issue occur. Any help would be appreciated.

Thanks

Reply
0 Kudos
23 Replies
Rob80
Contributor
Contributor
Jump to solution

I have some issues

pastedImage_1.png

Reply
0 Kudos
daphnissov
Immortal
Immortal
Jump to solution

Your static routes are not configured properly. When you traceroute to 10.10.10.2 from your ESXi host, it send the packet to its management vmkernel port gateway. If that is the L3 device, it drops the frame because it has no entry in its routing table to send requests for 10.10.10.0/24. I cannot advise you how to accomplish this with a Meraki device so I'd recommend reading the official docs or opening a support request with Cisco if necessary.

Reply
0 Kudos
dejongraymond
VMware Employee
VMware Employee
Jump to solution

From the NSX Tier-0 Gateway the 0.0.0.0/0 default route pointing towards your router makes sure northbound traffic is achieved. Make sure, like said earlier, you create static routes for all the networks behind the Tier-0 Gateway on your Physical Router to make sure southbound traffic works and point the routes to the HA VIP.

On your router check L2 connectivity. Check if you see HA VIP address in MAC address table. If you are available next week I might be able to have a look together with you on a remote session.

I would also like to know if your tagging VLAN on your port group or in NSX Segment. Misconfiguration there could be a reason for not having L2 connectivity from Edge Node towards physical router.

Reply
0 Kudos
Rob80
Contributor
Contributor
Jump to solution

I Can ping physical router gateway but and all addresses up to HA VIP

pastedImage_0.png

  HA VIP shown below as connected and I can ping it from router only

pastedImage_8.png

Uplink 1 & 2 also available in MAC table and can be ping them from router only

pastedImage_12.png

   Edge tagging on VDS

pastedImage_17.png

Remote session would be great if possible.

Reply
0 Kudos