You can configure the default gateway for static routes and specify dynamic routing details for an Edge Services Gateway or Distributed Router.
About this task
You must have a working NSX Edge instance before you can configure routing on it. For information on setting up NSX Edge, see NSX Edge Configuration.
- Log in to the vSphere Web Client.
- Click Networking & Security and then click NSX Edges.
- Double-click an NSX Edge.
- Click Routing and then click Global Configuration.
- To change Equal-cost multi-path routing (ECMP) configuration click Edit next to Routing Configuration, then do the following .
For an Edge Services Gateway
To edit ECMP, click Enable or Disable next to ECMP.
For a Logical Router
Select ECMP to enable or deselect to disable.
ECMP is a routing strategy that allows next-hop packet forwarding to a single destination can occur over multiple best paths. These best paths can be added statically or as a result of metric calculations by dynamic routing protocols like OSPF or BGP. Multiple paths for static routes can be added by providing multiple next hops separated by commas in the Static Routes dialog box. For more information, see Add a Static Route.
The Edge Services Gateway utilizes Linux network stack implementation, a round-robin algorithm with a randomness component. After a next hop is selected for a particular source and destination IP address pair, the route cache stores the selected next hop. All packets for that flow go to the selected next hop. The default IPv4 route cache timeout is 300 seconds (gc_timeout). If an entry is inactive for this time, it is eligible to be removed from the route cache. The actual removal happens when garbage collection timer activates (gc_interval = 60 seconds).
The Logical Router uses an XOR algorithm to determine the next hop from a list of possible ECMP next hops. This algorithm uses the source and destination IP address on the outgoing packet as sources of entropy.
Until version 6.1.2, enabling ECMP disabled Distributed Firewall on the Edge Services Gateway virtual machine. Stateful services such as NAT did not work with ECMP. From NSX vSphere version 6.1.3 onwards, ECMP and Distributed Firewall can work together.
- To change the Locale ID on a logical router, click Edit next to Routing Configuration. Enter a locale ID and click OK.
By default, the locale ID is set to the NSX Manager UUID, but you can override it if local egress was enabled when the universal logical router was created. Locale ID is used to selectively configure routes in a cross-vCenter NSX or multi-site environment. See Cross-vCenter NSX Topologies for more information.
The locale ID must be in UUID format. For example, XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX, where each X is replaced with a base 16 digit (0-F).
- To specify the default gateway, click Edit next to Default Gateway.
- Select an interface from which the next hop towards the destination network can be reached.
- Type the Gateway IP.
- (Optional) Type the locale ID. Locale ID is an option only on universal logical routers.
- (Optional) Edit the MTU.
- If prompted, type the Admin Distance.
Choose a value between 1 and 255. The admin distance is used to choose which route to use when there are multiple routes for a given network. The lower the admin distance, the higher the preference for the route.
Table 1. Default Admin Distances
Default admin distance
- (Optional) Type a Description for the default gateway.
- Click Save.
- To configure dynamic routing, click Edit next to Dynamic Routing Configuration.
- Router ID displays the first uplink IP address of the NSX Edge that pushes routes to the kernel for dynamic routing.
- Do not enable any protocols here.
- Select Enable Logging to save logging information and select the log level.
If you have IPSec VPN configured in your environment, you should not use dynamic routing.
- Click Publish Changes.
What to do next
To delete routing configuration, click Reset. This deletes all routing configurations (default, static, OSPF, and BGP configurations, as well as route redistribution).