You can configure the default gateway for static routes and specify dynamic routing details for an Edge Services Gateway or Distributed Router.

About this task

You must have a working NSX Edge instance before you can configure routing on it. For information on setting up NSX Edge, see NSX Edge Configuration.

Procedure

  1. Log in to the vSphere Web Client.
  2. Click Networking & Security and then click NSX Edges.
  3. Double-click an NSX Edge.
  4. Click Routing and then click Global Configuration.
  5. To change Equal-cost multi-path routing (ECMP) configuration click Edit next to Routing Configuration, then do the following .

    Option

    Description

    For an Edge Services Gateway

    To edit ECMP, click Enable or Disable next to ECMP.

    For a Logical Router

    1. Select ECMP to enable or deselect to disable.

    2. Click OK.

    ECMP is a routing strategy that allows next-hop packet forwarding to a single destination can occur over multiple best paths. These best paths can be added statically or as a result of metric calculations by dynamic routing protocols like OSPF or BGP. Multiple paths for static routes can be added by providing multiple next hops separated by commas in the Static Routes dialog box. For more information, see Add a Static Route.

    The Edge Services Gateway utilizes Linux network stack implementation, a round-robin algorithm with a randomness component. After a next hop is selected for a particular source and destination IP address pair, the route cache stores the selected next hop. All packets for that flow go to the selected next hop. The default IPv4 route cache timeout is 300 seconds (gc_timeout). If an entry is inactive for this time, it is eligible to be removed from the route cache. The actual removal happens when garbage collection timer activates (gc_interval = 60 seconds).

    The Logical Router uses an XOR algorithm to determine the next hop from a list of possible ECMP next hops. This algorithm uses the source and destination IP address on the outgoing packet as sources of entropy.

    Until version 6.1.2, enabling ECMP disabled Distributed Firewall on the Edge Services Gateway virtual machine. Stateful services such as NAT did not work with ECMP. From NSX vSphere version 6.1.3 onwards, ECMP and Distributed Firewall can work together.

  6. To change the Locale ID on a logical router, click Edit next to Routing Configuration. Enter a locale ID and click OK.

    By default, the locale ID is set to the NSX Manager UUID, but you can override it if local egress was enabled when the universal logical router was created. Locale ID is used to selectively configure routes in a cross-vCenter NSX or multi-site environment. See Cross-vCenter NSX Topologies for more information.

    The locale ID must be in UUID format. For example, XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX, where each X is replaced with a base 16 digit (0-F).

  7. To specify the default gateway, click Edit next to Default Gateway.
    1. Select an interface from which the next hop towards the destination network can be reached.
    2. Type the Gateway IP.
    3. (Optional) : Type the locale ID. Locale ID is an option only on universal logical routers.
    4. (Optional) : Edit the MTU.
    5. If prompted, type the Admin Distance.

      Choose a value between 1 and 255. The admin distance is used to choose which route to use when there are multiple routes for a given network. The lower the admin distance, the higher the preference for the route.

      Table 1. Default Admin Distances

      Route Source

      Default admin distance

      Connected

      0

      Static

      1

      External BGP

      20

      OSPF Intra-Area

      30

      OSPF Inter-Area

      110

      Internal BGP

      200

    6. (Optional) : Type a Description for the default gateway.
    7. Click Save.
  8. To configure dynamic routing, click Edit next to Dynamic Routing Configuration.
    1. Router ID displays the first uplink IP address of the NSX Edge that pushes routes to the kernel for dynamic routing.
    2. Do not enable any protocols here.
    3. Select Enable Logging to save logging information and select the log level.
    Note:

    If you have IPSec VPN configured in your environment, you should not use dynamic routing.

  9. Click Publish Changes.

What to do next

To delete routing configuration, click Reset. This deletes all routing configurations (default, static, OSPF, and BGP configurations, as well as route redistribution).