The NSX Public Cloud Gateway (PCG) provides north-south connectivity between the public cloud and the on-prem management components of NSX-T Data Center.

The PCG can either be a standalone gateway appliance or shared between your public cloud VPCs or VNets to achieve a hub and spoke topology.
Note: The PCG is deployed in a single default size for each supported public cloud:
Public Cloud PCG instance type
AWS C4.xlarge
Note: Some regions may not support the C4.xlarge instance type. Refer to AWS documentation for details.
Microsoft Azure Standard DS3 v.2
Figure 1. NSX Public Cloud Gateway Architecture
Transit or Self-managed VPC or VNet: When you deploy the PCG in a VPC or VNet, it qualifies the VPC or VNet as self-managed, that is, you can bring VMs hosted in this VPC or VNet under NSX management. This VPC or VNet also qualifies as a Transit VPC or VNet because you can use the PCG deployed on it to onboard VMs hosted in other VPCs or VNets. The PCG utilizes the following subnets that you set up in your VPC/VNet. See Connect your Microsoft Azure Network with your On-prem NSX-T Data Center Deployment or Connect your Amazon Web Services (AWS) Network with your On-prem NSX-T Data Center Deployment.
  • Management subnet: This subnet is used for management traffic between on-prem NSX-T Data Center and PCG. The recommended range is /28.
  • Uplink subnet: This subnet is used for north-south internet traffic. The recommended range is /24.
  • Downlink subnet: This subnet encompasses the workload VM's IP address range, and should be sized accordingly. Bear in mind that you may need to incorporate additional interfaces on the workload VMs for debugging purposes.

Compute VPC or VNet: VPCs or VNets that do not have the PCG deployed on them but link to a Transit VPC or VNet are called Compute VPCs or VNets.

PCG deployment aligns with your network addressing plan with FQDNs for the NSX-T Data Center components and a DNS server that can resolve these FQDNs.

Note: It is not recommended to use IP addresses for connecting the public cloud with NSX-T Data Center using PCG, but if you choose that option, do not change your IP addresses.