3 Replies Latest reply on Jan 9, 2020 6:36 AM by amolnjadhav

    Does NSX-T Edge must be deployed for East-West Communication

    amolnjadhav Enthusiast
    vExpert

      Hi,

         Just wanted to understand NSX-T edge dependence with east-west communication.

       

      • Today I have configure NSX on ESXi hosts "3 hosts".
      • On top of it i have created logical switches/segments & tier-0 router, two vms on different segment.
      • Some how the communication between two different VMs was not working hence want to understand any edge dependency with it?
        • 1. Re: Does NSX-T Edge must be deployed for East-West Communication
          MohamadAlhoussein Hot Shot
          vExpert

          Hi dear,

           

          If you want to connect your segments directly to a Tier-0 gateway, then an NSX-T edge cluster is needed for sure as routing between the VMs for their E-W traffic will happen on the Tier-0 gateway which runs on NSX-T edge cluster. However, if you add an NSX-T Tier-1 gateway and connect your segments to it, then there is no need for the edge cluster to have a successfull E-W traffic between the VMs connected to segments on that Tier-1 gateway. In addition, if you want to enable statefull services on your Tier-1 gateway, then you need to connect that Tier-1 gateway to an edge cluster and in this case the edge cluster is mandatory.

           

          Going back to your case, if the segments are directly connected to your Tier-0 gateway, you should have successful E-W traffic between your VMs on different segments without any routing configuration as these are direct connected segments. If you still have issues, I recommend you to check the Geneve tunnel status between your vSphere transport nodes and your edge transport nodes. If the tunnel is up then this is may be an MTU issue and rather than an issue with Tier-0 gateway or edge cluster.

          • 2. Re: Does NSX-T Edge must be deployed for East-West Communication
            mauricioamorim Hot Shot
            VMware Employees

            It should work. Even though the setup is not usual as you normally have an Edge for the T0 to connect to the physical network, but I tested it out and it works.

             

            If you have 2 VMs in different networks in the same host can they ping each other and their default gateways? Send us some screenshots to try to help out better.

            • 3. Re: Does NSX-T Edge must be deployed for East-West Communication
              amolnjadhav Enthusiast
              vExpert

              Hi Mohamad,

               

              I have recreated the setup as mention below, I could able to ping between VM1 (x network) to VM2 (y Network) without edge/edge cluster.

               

              Here is my topology looks like

               

              ESX1 - Web-VM1 - LS-Web1 ==> Tier 0 <==> LS-Web2 - Web-VM2 - ESX2 ( Ping work without Edge )

               

              ESX1 - Web-VM1 - LS-Web1 ==> Tier 1 <==> LS-Web2 - Web-VM2 - ESX2 ( Ping work without Edge )

               

              I am not sure about your point, In what scenario i need Edge for E-W Communion.

               

              If you want to connect your segments directly to a Tier-0 gateway, then an NSX-T edge cluster is needed for sure as routing between the VMs for their E-W traffic will happen on the Tier-0 gateway which runs on NSX-T edge cluster.