Highlighted
Enthusiast
Enthusiast

Does NSX-T Edge must be deployed for East-West Communication

Hi,

   Just wanted to understand NSX-T edge dependence with east-west communication.

  • Today I have configure NSX on ESXi hosts "3 hosts".
  • On top of it i have created logical switches/segments & tier-0 router, two vms on different segment.
  • Some how the communication between two different VMs was not working hence want to understand any edge dependency with it?
Please consider marking this answer "correct" or "helpful" if you think your query have been answered correctly. Regards Amol Jadhav VCP NSXT | VCP NSXV | VCIX6-NV | VCAP-DCA | CCNA | CCNP - BSCI
3 Replies
Highlighted
Enthusiast
Enthusiast

Hi dear,

If you want to connect your segments directly to a Tier-0 gateway, then an NSX-T edge cluster is needed for sure as routing between the VMs for their E-W traffic will happen on the Tier-0 gateway which runs on NSX-T edge cluster. However, if you add an NSX-T Tier-1 gateway and connect your segments to it, then there is no need for the edge cluster to have a successfull E-W traffic between the VMs connected to segments on that Tier-1 gateway. In addition, if you want to enable statefull services on your Tier-1 gateway, then you need to connect that Tier-1 gateway to an edge cluster and in this case the edge cluster is mandatory.

Going back to your case, if the segments are directly connected to your Tier-0 gateway, you should have successful E-W traffic between your VMs on different segments without any routing configuration as these are direct connected segments. If you still have issues, I recommend you to check the Geneve tunnel status between your vSphere transport nodes and your edge transport nodes. If the tunnel is up then this is may be an MTU issue and rather than an issue with Tier-0 gateway or edge cluster.

Please consider marking this answer "correct" or "helpful" if you think your question have been answered correctly. Cheers, @vExpertConsult www.vexpertconsultancy.com VCIX-DCV 2018 | VCIX-NV 2019 | VCAP7-CMA Design | vSAN Specialist | vExpert ** | vExpert NSX | vExpert vSAN
Highlighted
VMware Employee
VMware Employee

It should work. Even though the setup is not usual as you normally have an Edge for the T0 to connect to the physical network, but I tested it out and it works.

If you have 2 VMs in different networks in the same host can they ping each other and their default gateways? Send us some screenshots to try to help out better.

Highlighted
Enthusiast
Enthusiast

Hi Mohamad,

I have recreated the setup as mention below, I could able to ping between VM1 (x network) to VM2 (y Network) without edge/edge cluster.

Here is my topology looks like

ESX1 - Web-VM1 - LS-Web1 ==> Tier 0 <==> LS-Web2 - Web-VM2 - ESX2 ( Ping work without Edge )

ESX1 - Web-VM1 - LS-Web1 ==> Tier 1 <==> LS-Web2 - Web-VM2 - ESX2 ( Ping work without Edge )

I am not sure about your point, In what scenario i need Edge for E-W Communion.

If you want to connect your segments directly to a Tier-0 gateway, then an NSX-T edge cluster is needed for sure as routing between the VMs for their E-W traffic will happen on the Tier-0 gateway which runs on NSX-T edge cluster.

Please consider marking this answer "correct" or "helpful" if you think your query have been answered correctly. Regards Amol Jadhav VCP NSXT | VCP NSXV | VCIX6-NV | VCAP-DCA | CCNA | CCNP - BSCI
0 Kudos