An NSX-T Data Center edge gateway provides a routed organization VDC network or a data center group network with connectivity to external networks and IP management properties. It can also provide services such as firewall, network address translation (NAT), IPSec VPN, DNS forwarding, and DHCP, which is enabled by default.

Dedicated External Networks

To provide a fully routed network topology in a virtual data center, your system administrator can dedicate an external network to a specific NSX-T Data Center edge gateway.

In this configuration, there is a one-to-one relationship between the external network and the NSX-T Data Center edge gateway, and other edge gateways cannot connect to the external network.

An NSX-T Data Center tier-0 logical router or VRF gateway that is associated with a dedicated external network is part of the tenant networking stack. The external network is considered a part of the VMware Cloud Director network routing domain.

A dedicated external network provides additional edge gateway routing services, such as route advertisement management and border gateway protocol (BGP) configuration.

You can decide which of the networks that are attached to the edge gateway to advertise to the external network. This makes possible a mixture of NAT-routed and fully routed organization virtual data center networks.