The NSX Edge provides routing services and connectivity to network NSX Edges that are external to the NSX-T Data Center deployment. An NSX Edge is required if you want to deploy a tier-0 router or a tier-1 router with stateful services such as network address translation (NAT), VPN, and so on.
There can be only one tier-0 router per NSX Edge node. However, multiple tier-1 logical routers can be hosted on one NSX Edge node. NSX Edge VMs of different sizes can be combined in the same cluster; however, it is not recommended.
|Supported deployment methods||
NSX Edge is supported only on ESXi or on bare metal.
NSX Edge is not supported on KVM.
|PXE installation||The Password string must be encrypted with sha-512 algorithm for the root and admin user password.|
|NSX-T Data Center appliance password||
|Hostname||When installing NSX Edge, specify a hostname that does not contain invalid characters such as an underscore. If the hostname contains any invalid character, after deployment the hostname will be set to localhost. For more information about hostname restrictions, see https://tools.ietf.org/html/rfc952 and https://tools.ietf.org/html/rfc1123.|
|VMware Tools||The NSX Edge VM running on ESXi has VMTools installed. Do not remove or upgrade VMTools.|
|System||Verify that the system requirements are met. See NSX Edge VM System Requirements.|
|Ports||Verify that the required ports are open. See Ports and Protocols.|
If you have multiple management networks, you can add static routes to the other networks from the NSX-T Data Center appliance.
Plan your NSX Edge IPv4 or IPv6 IP addressing scheme.
The same NTP server must be configured on all NSX Edge VMs or Bare Metal Edges in an Edge cluster.
NSX Edge nodes are supported on ESXi-based hosts with Intel chipsets. If an unsupported chipset type is used, vSphere EVC mode may prevent Edge nodes from starting, showing an error message in the console. See NSX Edge VM System Requirements.
- AMD EPYC 7xx1 Series (Naples)
- AMD EPYC 3000 Embedded Family and newer
- AMD EPYC 7xx2 Series (Rome)
NSX Edge Support of vSphere Business Continuity Features
Starting in NSX-T Data Center 2.5.1, vMotion, DRS, and vSphere HA are supported for NSX Edge nodes.
NSX Edge VM Support on a Host Configured in Enhanced Mode
In a collapsed cluster topology, where the NSX Edge VM, management VM, and host transport nodes are deployed on a single host, if you want to install an NSX Edge VM on a transport node configured in Enhanced mode, ensure that the host version is ESXi 6.7p02.
NSX Edge Installation Scenarios
- If you specify a user name for the admin or audit user, the name must be unique. If you specify the same name, it is ignored and the default names (admin and audit) is used.
- If the password for the admin user does not meet the complexity requirements, you must log in to NSX Edge through SSH or at the console as the admin user with the password default. You are prompted to change the password.
- If the password for the audit user does not meet the complexity requirements, the user account is disabled. To enable the account, log in to NSX Edge through SSH or at the console as the admin user and run the command set user audit to set the audit user's password (the current password is an empty string).
- If the password for the root user does not meet the complexity requirements, you must log in to NSX Edge through SSH or at the console as root with the password vmware. You are prompted to change the password.
After you deploy NSX Edge from an OVA file, you cannot change the VM's IP settings by powering off the VM and modifying the OVA settings from vCenter Server.