Every new SDDC includes a default Tier-1 gateway named the Compute Gateway (CGW). You can create and configure additional Tier-1 gateways if you need them. Each Tier-1 gateway sits between the SDDC Tier-0 gateway and an arbitrary number of compute network segments
Additional Tier-1 gateways provide a way for an SDDC network administrator to dedicate workload network capacity to specific projects, tenants, or other units of administration within a VMware Cloud on AWS organization.
Procedure
- Log in to VMware Cloud Services at https://vmc.vmware.com.
- Click , then pick an SDDC card and click VIEW DETAILS.
- Click OPEN NSX MANAGER.
You can also use the
VMC Console
Networking & Security tab for this workflow. The
Networking & Security tab combines
NSX-T
Networking tab features like VPN, NAT, and DHCP with
Security tab features like firewalls.
- Click , then give the new gateway a Name and optional Description.
- Specify the gateway Type.
Type |
Traffic Pattern |
Routed |
Segment traffic is routed through the new gateway. |
Isolated |
Segment traffic cannot traverse the new gateway. Local segments can connect with each other. Segments are not added to the routing table. |
NATted |
Segment traffic cannot traverse the new gateway until you create NAT rules for it (see Create or Modify NAT Rules). Local segments can connect with each other. Segments are not added to the routing table. |
- (Optional) Tag the new gateway.
See Add Tags to an Object in the NSX-T Data Center Administration Guide for more information about tagging NSX-T objects.
- Click SAVE to create or configure the gateway.
- Configure DHCP for the gateway.
Click
Set DHCP Configuration to open the DHCP Configuration page. The default DHCP configuration
Type for a new gateway is
No Dynamic IP Address Allocation. In this configuration, the gateway does not provide DHCP services. If you want the gateway to provide DHCP services, choose a
Type of
DHCP Server and specify a
DHCP Server Profile. You can create a new profile or use an existing one. See
Create or Modify a DHCP Profile.
- Click Additional Settings.
Select an
Ingress QoS Profile and an
Egress QoS Profile for traffic limitations. These profiles are used to set information rate and burst size for permitted traffic. See
Add a Gateway QoS Profile for more information on creating QoS profiles.
VMware Cloud on AWS does not support IPv6, so the
ND Profile and
DAD Profile options do not apply.
- (Optional) Configure static routes for the gateway.
This option is not available in the VMC Console Networking & Security tab.
You can configure a non-default route for any type of gateway. A static default route (0.0.0.0/0) can be configured only for an Isolated gateway. On the NSX Manager Networking tab, click Tier-1 Gateways. When you create or edit a Tier-1 gateway, click STATIC ROUTES to create or modify static routes and next hops for the gateway.