To route traffic in and out of a data center group network to an external network, you can configure an NSX edge gateway to be the egress point for a data center group.

When you configure an edge gateway to be the egress point for a data center group, you increase its scope to the data center group. The edge gateway becomes shared across all data centers that participate in the group. All routed networks that are attached to the edge gateway are attached to the data center group and scoped to it.

All edge gateway services remain part of the edge gateway functions. For more information, see Managing NSX Edge Gateways in VMware Cloud Director Tenant Portal.

If a VDC is a member of the data center group and if no workloads are attached to any of the routed networks that are not part of the targeted scope, you can remove an edge gateway from a data center group and scope it to a single VDC.

You can add an edge gateway to an isolated data center group network and convert it to a routed data center network. You can also remove the connection to an edge gateway from a data center group network, converting the routed network to an isolated data center group network.

Add an NSX Edge Gateway to a Data Center Group in the VMware Cloud Director Tenant Portal

To configure an NSX edge gateway to be the egress point for a data center group, increase the scope of the edge gateway. The gateway then becomes shared across all data centers that participate in the group.

When you scope an edge gateway to a data center group, all routed networks that are attached to the edge gateway become attached to the data center group and scoped to it.

All new routed networks that you attach to the edge gateway belong to the data center group.

A routed network attached to an edge gateway which is scoped to a VDC can participate in a data center group only if the scope of the edge is increased to this data center group.

Prerequisites

Verify that you have associated an existing NSX edge gateway with one of the VDCs that participate in the data center group.

Procedure

  1. From the primary left navigation panel, select Networking, and from the page top navigation bar, select the Data Center Groups tab.
    The list of data center groups appears.
  2. Click the target data center group.
  3. Click Edge Gateway and then click Add Edge.
  4. Select one of the available edge gateways and click Save.

Results

The scope of the edge gateway is increased to the data center group. The change of scope does not affect any existing underlying services or networks.

Remove an NSX Edge Gateway from a Data Center Group in the VMware Cloud Director Tenant Portal

You can decrease the scope of an NSX edge gateway to a specific VDC by removing the edge gateway from the data center group to which it is scoped.

When you decrease the scope of an edge gateway to a specific VDC, all security group objects that are in use by the edge gateway remain with it. Security groups that are used exclusively by the distributed firewall remain part of the VDC group.

Prerequisites

  • Verify that the VDC to which you want to decrease the scope of the edge gateway is a member of the data center group.
  • Verify that there are no workloads attached to any routed networks that are not part of the targeted edge gateway scope.
  • Verify that there are no security groups or IP sets in the data center group that are in use by both the edge gateway and the distributed firewall.

Procedure

  1. From the primary left navigation panel, select Networking, and from the page top navigation bar, select the Data Center Groups tab.
    The list of data center groups appears.
  2. Click the target data center group.
  3. Click Edge Gateway and then click Remove Edge.
  4. Select a VDC to which to decrease the scope of the edge gateway and click Save.