Traffic is not Redirected During Edge Failover

Existing traffic flow will not be redirected during failover if gateway firewall rules are not configured correctly.

Problem

When upgrading an NSX Edge, if the rule is not configured on both uplinks, the traffic will not be redirected to the service VM.

Cause

Traffic is not redirected to the service VM, due to different gateway firewall rules being applied at the active and standby edge node.

Solution

Create the same Gateway Firewall rule and apply it to both the active and the standby edges of the edge cluster.
To check the ruleset on the edge uplinks, run the CLI command get firewall <uuid> ruleset type pbr rules.