After you have identified the edges on which you want the bridging functionality to be performed and created the appropriate edge bridge profile, the final step is to edit the segment configuration and specify the edge bridge profile to which you want to associate with the segment and the VLAN ID or range of VLAN IDs to which to bridge your segment. This will instantiate one or two bridges on the edges identified in the edge bridge profile.

When you configure a bridge with a single VLAN ID, a frame received on the overlay segment by the bridge gets decapsulated and forwarded on the VLAN uplink of the bridge with an added 802.1Q tag corresponding to this VLAN ID.

When you create the bridge specifying a VLAN ID range, you must configure the overlay segment being bridged for Guest VLAN Tagging (GVT). This means that the encapsulated frames already carry an 802.1Q tag. When the bridge receives an encapsulated frame carrying a VLAN tag on its overlay interface, it first checks that VLAN ID in the tag belongs to the VLAN range configured for the bridge. If this is the case, it forwards the frame on the VLAN uplink of the bridge carrying the original 802.1Q tag that was received on the overlay. Otherwise, it drops the frame.
Note: If needed, you can configure multiple bridges on the same segment, but:
  • The same segment cannot be bridged twice on the same edge.
  • The bridge does not have any loop detection or prevention. If you configure multiple bridges to the same bridging domain on the VLAN side it results in a permanent bridging loop.

Prerequisites

  • You have identified an overlay segment you want to bridge.
  • You have an edge bridge profile specifying one or two edges attached to the overlay transport zone of your segment.
  • If you are using edge VMs, you have checked the configuation requirements in Configure an Edge VM for Bridging in Manager Mode.

Procedure

  1. With admin privileges, log in to NSX Manager.
  2. Select Networking > Logical Switches.
  3. Click the name of an overlay switch (traffic type: overlay).
  4. Click Attach.
  5. To attach to an Edge bridge profile
    1. Select an Edge bridge profile.
    2. Select a transport zone.
    3. Enter a VLAN ID.
    4. Click Save.
  6. Connect VMs to the logical switch if they are not already connected.
    The VMs must be on transport nodes in the same transport zone as the Edge bridge profile.

Results

You can test the functionality of the bridge by sending a ping from the NSX-T Data Center-internal VM to a node that is external to NSX-T Data Center.

You can monitor traffic on the bridge switch by clicking the Monitor tab.

You can also view the bridge traffic with the GET https://192.168.110.31/api/v1/bridge-endpoints/<endpoint-id>/statistics API call: 
{
  "tx_packets": {
    "total": 134416,
    "dropped": 0,
    "multicast_broadcast": 0
  },
  "rx_bytes": {
    "total": 22164,
    "multicast_broadcast": 0
  },
  "tx_bytes": {
    "total": 8610134,
    "multicast_broadcast": 0
  },
  "rx_packets": {
    "total": 230,
    "dropped": 0,
    "multicast_broadcast": 0
  },
  "last_update_timestamp": 1454979822860,
  "endpoint_id": "ba5ba59d-22f1-4a02-b6a0-18ef0e37ef31"
}