Network Design for the NSX-T Edge Nodes for the Management Domain

In each region, you implement an NSX-T Edge configuration with a single N-VDS. You connect the uplink network interfaces of the edge appliance to VLAN trunk port groups that are connected to particular physical NICs on the host.

The NSX-T Edge node contains an NSX-T managed virtual switch called an N-VDS. This internal N-VDS is used to define traffic flow through the interfaces of the edge node. An N-VDS can be connected to one or more interfaces. Interfaces cannot be shared between N-VDS instances.

If you plan to deploy a multi-region SDDC, apply the same network design to the NSX-T Edge cluster in the recovery and other additional regions.

The NSX-T Edge appliance is configured with a single N-VDS. The N-VDS has segments for uplink and overlay to the edge. The vNICs of the edge appliance are connected to the management distributed switch. eth0 is for management traffic and is connected to the management distributed port group. fp-eth0 and fp-eth1 are for uplink and overlay traffic, and are connected to the uplink distributed port groups. The distributed switch then provides connection to the top of rack switches over the two NICs of the ESXi host. — Figure 1. NSX-T Edge Network Configuration

Table 1. Design Decisions on the Network Configuration of the NSX-T Edge Appliances
Decision ID	Design Decision	Design Justification	Design Implication
SDDC-MGMT-VI-SDN-045	Connect the management interface `eth0` of each NSX-T Edge node to the management VLAN.	Provides connection to the NSX-T Manager cluster.	None.
SDDC-MGMT-VI-SDN-046	Connect the `fp-eth0` interface of each NSX-T Edge appliance to a VLAN trunk port group pinned to physical NIC 0 of the host, with the ability to failover to physical NIC 1. Connect the `fp-eth1` interface of each NSX-T Edge appliance to a VLAN trunk port group pinned to physical NIC 1 of the host, with the ability to failover to physical NIC 0. Leave the `fp-eth2` interface of each NSX-T Edge appliance unused.	Because VLAN trunk port groups pass traffic for all VLANs, VLAN tagging can occur in the NSX-T Edge node itself for easy post-deployment configuration. By using two separate VLAN trunk port groups, you can direct traffic from the edge node to a particular host network interface and top of rack switch as needed.	None.
SDDC-MGMT-VI-SDN-047	Use a single N-VDS in the NSX-T Edge nodes.	Simplifies deployment of the edge nodes. The same N-VDS switch design can be used regardless of edge form factor. Supports multiple TEP interfaces in the edge node. vSphere Distributed Switch is not supported in the edge node.	None.