A virtual routing and forwarding (VRF) gateway makes it possible for multiple instances of a routing table to exist within the same gateway at the same time. VRFs are the layer 3 equivalent of a VLAN. A VRF gateway must be linked to a tier-0 gateway. From the tier-0 gateway, the VRF gateway inherits the failover mode, Edge cluster, internal transit subnet, T0-T1 transit subnets, and BGP routing configuration.

Prerequisites

For VRF gateways on EVPN, ensure that you configure the EVPN settings for the tier-0 gateway that you want to link to. These settings are only needed to support EVPN:
  • Specify a VNI pool on the tier-0 gateway.
  • Set the EVPN local tunnel endpoints on the tier-0 gateway.
For more information, see Configuring EVPN.

Procedure

  1. From your browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address>.
  2. Select Networking > Tier-0 Gateway.
  3. Click Add Gateway > VRF.
  4. Enter a name for the gateway.
  5. Select a tier-0 gateway.
  6. Click VRF Settings.
    These settings are only needed to support EVPN.
    1. Specify a Route Distinguisher.
      If the connected tier-0 gateway has RD Admin Address configured, the Route Distinguisher is automatically populated. Enter a new value if you want to override the assigned Route Distinguisher.
    2. Specify an EVPN Transit VNI.
      The VNI must be unique and belong to the VNI pool configured on the linked tier-0 gateway.
    3. In the Route Targets field, click Set to add route targets.
      For each route target, select a mode, which can be Auto or Manual. Specify one or more Import Route Targets. Specify one or more Export Route Targets.
  7. Click Save and then Yes to continue configuring the VRF gateway.
  8. For VRF-lite, configure one or more external interfaces on the VRF gateway with an Access VLAN ID and connect to a VLAN Segment. For EVPN, configure one or more service interfaces on the VRF gateway with an Access VLAN ID and connect to an Overlay Segment. See Add a Segment. VRF interfaces require existing external interfaces on the linked tier-0 gateway to be mapped to each edge node. The Segment connected to the Access interface needs to have VLAN IDs configured in range or list format.
  9. Click BGP to set BGP, ECMP, Route Aggregation, and BGP Neighbours. You can add a route filter with IPv4/IPv6 address families. See Add a Tier-0 Gateway.
  10. Click Routing and complete routing configuration. For supporting route leaking between the VRF gateway and linked tier-0 gateway/peer VRF gateway, you can add a static route and select Next Hop scope as the linked tier-0 gateway, or as one of the existing peer VRF gateways. See Add a Tier-0 Gateway.