Transport zones dictate which hosts transport nodes and, therefore, which VMs can participate in the use of a particular network. A transport zone does this by limiting the hosts that can see a segment—and, therefore, which VMs can be attached to the segment. A transport zone can span one or more host clusters. Also, a host transport node can be associated to multiple transport zones.

An NSX environment can contain one or more transport zones based on your requirements. A host can belong to multiple transport zones. A segment can belong to only one transport zone.

NSX does not allow connection of VMs that are in different transport zones in the Layer 2 network. The span of a segment is limited to a transport zone.

Both host transport nodes and NSX Edge nodes use Overlay and VLAN transport zones. Host transport nodes connect to VDS switches while N-VDS switch is configured on NSX Edge transport nodes.

The VLAN transport zone is used by the NSX Edge and host transport nodes for its VLAN uplinks. When an NSX Edge is added to a VLAN transport zone, a VLAN N-VDS is installed on the NSX Edge.
Note: vMotion is not supported between two segments or logical switches on different VLAN transport zones.

Procedure

  1. From a browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address> or https://<nsx-manager-fqdn>.
  2. Select System > Fabric > Transport Zones > Add Zone.
  3. Enter a name for the transport zone and optionally a description.
  4. For the Traffic Type drop-down menu, specify whether the transport zone is for overlay or VLAN traffic.

    The options are Overlay Backed, VLAN, and Overlay Standard.

    For a transport zone to forward IPv6 traffic, it must be set for an overlay traffic type.

  5. For overlay transport zones, specify the forwarding mode which determines the underlay transport protocol for the traffic encapsulation.

    The forwarding mode can be for IPv4 or IPv6.

    Note: Dual stack (both IPv4 and IPv6) is not supported.
  6. (Optional) In the VLANs field, specify the VLAN IDs or range of VLANs IDs that are allowable for use.
    For example, entering 1-1000, 2000-3000, 4094 would allow VLAN IDs 1 through 1000, 2000 through 3000, and 4094.

    Segments of the transport zone must have VLANs within the specified ranges or match the specified values.

  7. (Optional) For VLAN transport zones, you can take one of the following actions based on the NSX release version:
    • NSX 4.1.1 and earlier: Enter the uplink teaming policy names. These named teaming policies can be used by segments attached to the VLAN transport zone which in turn use the named teaming policy specified in uplink profiles to direct traffic. For more information, see Configure Named Teaming Policy.
      Note: If you define named teaming policies, ensure that you enter the exact named teaming policy name in associated VLAN segments and uplink profiles as well. If segments do not find a matching named teaming policy, then NSX uses the default uplink teaming policy.
    • NSX 4.1.2 and later: Select the uplink teaming policy from the drop-down list. These named teaming policies can be used by segments attached to the VLAN transport zone which in turn use the named teaming policy specified in uplink profiles to direct traffic. For more information, see Configure Named Teaming Policy.
  8. After you add the transport zone, go to the Transport Zones page and view the newly added transport zone either from the UI or by running the following API command.
    GET /policy/api/v1/global-infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/transport-zones 
    {
 "sort_ascending": true,
 "sort_by": "display_name",
 "result_count": 1,
 "results": [
   {
    "tz_type": "OVERLAY_BACKED",
     "is_default": true,
     "transport_zone_profile_paths": [
       "/infra/transport-zone-profiles/tzp"
   ],
     "nested_nsx": false,
     "resource_type": "PolicyTransportZone",
     "id": "tz",
     "display_name": "tz",
     "path": "/infra/sites/default/enforcement-points/default/transport-zones/tz",
     "relative_path": "tz",
     "parent_path": "/infra/sites/default/enforcement-points/default",
     "unique_id": "8f4a026d-e3f5-4f23-a3ef-46309d573dc1",
     "marked_for_delete": false,
     "overridden": false,
     "_create_user": "admin",
     "_create_time": 1607501697823,
     "_last_modified_user": "admin",
     "_last_modified_time": 1607582307987,
     "_system_owned": false,
     "_protection": "NOT_PROTECTED",
     "_revision": 5
   }
 ]
}

What to do next

Optionally, create a custom transport-zone profile and bind it to the transport zone. You can create custom transport-zone profiles using the (deprecated) PATCH /api/v1/infra/transport-zone-profiles API. There is no UI workflow for creating a transport-zone profile. After the transport-zone profile is created, you can attach it to the transport zone with the PATCH https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points/nsxt-ep/transport-zones/<transport-zone-id> API.

{
  "tz_type": "OVERLAY_BACKED",
  "is_default": true,
  "nested_nsx": false,
  "transport_zone_profile_paths": [
  "/infra/transport-zone-profiles/tzp"
  ]
}