You can add two kinds of segments: overlay-backed segments and VLAN-backed segments.

Segments are created as part of a transport zone. There are two types of transport zones: VLAN transport zones and overlay transport zones. A segment created in a VLAN transport zone is a VLAN-backed segment, and a segment created in an overlay transport zone is an overlay-backed segment.

Procedure

  1. From your browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address>.
  2. Select Networking > Segments.
  3. Click Add Segment.
  4. Enter a name for the segment.
  5. Select the type of connectivity for the segment.
    Connectivity Description
    None Select this option when you do not want to connect the segment to any upstream gateway (tier-0 or tier-1). Typically, you want to add a standalone segment in the following scenarios:
    • When you want to create a local testing environment for users that are running workloads on the same subnet.
    • When east-west connectivity with users on the other subnets is not necessary.
    • When north-south connectivity to users outside the data center is not necessary.
    • When you want to configure layer 2 bridging or guest VLAN tagging.
    Tier-1

    Select this option when you want to connect the segment to a tier-1 gateway.
    Tier-0

    Select this option when you want to connect the segment to a tier-0 gateway.
    Note: You can change the connectivity of a gateway-connected segment from one gateway to another gateway (same or different gateway type). In addition, you can change the connectivity of segment from "None" to a tier-0 or tier-1 gateway. The segment connectivity changes are permitted only when the gateways and the connected segments are in the same transport zone. However, if the segment has DHCP configured on it, some restrictions and caveats apply on changing the segment connectivity. For more information, see Scenarios: Impact of Changing Segment Connectivity on DHCP.
  6. Enter the Gateway IP address of the subnet in a CIDR format. A segment can contain an IPv4 subnet, or an IPv6 subnet, or both.
    • If a segment is not connected to a gateway, subnet is optional.
    • If a segment is connected either to a tier-1 or tier-0 gateway, subnet is required.

    Subnets of one segment must not overlap with the subnets of other segments in your network. A segment is always associated with a single virtual network identifier (VNI) regardless of whether it is configured with one subnet, two subnets, or no subnet.

  7. Select a transport zone, which can be an overlay or a VLAN.
    To create a VLAN-backed segment, add the segment in a VLAN transport zone. Similarly, to create an overlay-backed segment, add the segment in an overlay transport zone.
  8. (Optional) To configure DHCP on the segment, click Set DHCP Config.
    For detailed steps on configuring DHCP Settings and DHCP Options, see Configure DHCP on a Segment.
  9. If the transport zone is of type VLAN, specify a list of VLAN IDs. If the transport zone is of type Overlay, and you want to support layer 2 bridging or guest VLAN tagging, specify a list of VLAN IDs or VLAN ranges
  10. (Optional) Select an uplink teaming policy for the segment.
    This drop-down menu displays the named teaming policies, if you have added them in the VLAN transport zone. If no uplink teaming policy is selected, the default teaming policy is used.
    • Named teaming policies are not applicable to overlay segments. Overlay segments always follow the default teaming policy.
    • For VLAN-backed segments, you have the flexibility to override the default teaming policy with a selected named teaming policy. This capability is provided so that you can steer the infrastructure traffic from the host to specific VLAN segments in the VLAN transport zone. Before adding the VLAN segment, ensure that the named teaming policy names are added in the VLAN transport zone.
  11. (Optional) Enter the fully qualified domain name.
    DHCPv4 server and DHCPv4 static bindings on the segment automatically inherit the domain name from the segment configuration as the Domain Name option.
  12. If you want to use Layer 2 VPN to extend the segment, click the L2 VPN text box and select an L2 VPN server or client session.
    You can select more than one.
  13. In VPN Tunnel ID, enter a unique value that is used to identify the segment.
  14. (Optional) In the Metadata Proxy field, click Set to attach or detach a metadata proxy to this segment.
    To attach a metadata proxy, select an existing metadata proxy. To detach a metadata proxy, deselect the metadata proxy that is selected.
  15. Click Save.
  16. To add segment ports, click Yes when prompted if you want to continue configuring the segment.
    1. Click Ports and Set.
    2. Click Add Segment Port.
    3. Enter a port name.
    4. For ID, enter the VIF UUID of the VM or server that connects to this port.
    5. Select a type: Child, or Static.
      Leave this text box blank except for use cases such as containers or VMware HCX. If this port is for a container in a VM, select Child. If this port is for a bare metal container or server, select Static.
    6. Enter a context ID.
      Enter the parent VIF ID if Type is Child, or transport node ID if Type is Static.
    7. Enter a traffic tag.
      Enter the VLAN ID in container and other use cases.
    8. Select an address allocation method: IP Pool, MAC Pool, Both, or None.
    9. Specify tags.
    10. Apply address binding by specifying the IP (IPv4 address, IPv6 address, or IPv6 subnet) and MAC address of the logical port to which you want to apply address binding. For example, for IPv6, 2001::/64 is an IPv6 subnet, 2001::1 is a host IP, whereas 2001::1/64 is an invalid input. You can also specify a VLAN ID.
      Manual address bindings, if specified, override the auto discovered address bindings.
    11. Select segment profiles for this port.
  17. To select segment profiles, click Segment Profiles .
  18. (Optional) To bind a static IP address to the MAC address of a VM on the segment, expand DHCP Static Bindings, and then click Set.
    Both DHCP for IPv4 and DHCP for IPv6 static bindings are supported. For detailed steps on configuring static binding settings, see Configure DHCP Static Bindings on a Segment.
  19. Click Save.