When a tier-0 logical router is running in Active-Active ECMP mode, you cannot configure stateful NAT where asymmetrical paths might cause issues. For Active-Active ECMP routers, you can use reflexive NAT (sometimes called stateless NAT).

Prerequisites

Procedure

  1. From your browser, log in to an NSX Manager at https://nsx-manager-ip-address.
  2. Select Routing.
  3. Click a tier-0 logical router on which you want to configure reflexive NAT.
  4. Under NAT, click Add.
  5. For the Action, select Reflexive.
  6. For the Source IP address, enter the outside IP address of the VM.

    In this example, the source IP is 80.80.80.1.

  7. For the Translated IP address, enter the inside IP address for the VM.

    In this example, the translated IP address is 172.16.10.10.

  8. For the Destination IP address, you can leave it blank or enter an IP address.

    If you leave Destination IP blank, the NAT applies to all destinations outside of the local subnet.

  9. Enable the rule.
  10. (Optional) : Enable logging.

Results

The new rule is listed under NAT. For example:

What to do next

Configure the tier-1 router to advertise NAT routes.

To advertise the NAT routes upstream from the tier-0 router to the physical architecture, configure the tier-0 router to advertise tier-1 NAT routes.