The Tier-0 gateway in the NSX-T Edge cluster provides a gateway service between the logical and physical network in VMware Cloud Foundation. The NSX-T Edge cluster can back multiple Tier-0 gateways.

1. In a Web browser, log in to the user interface of NSX-T Manager.

   Setting	Value
   URL	https://sfo01wnsx01.sfo01.rainpole.local
   User name	admin
   Password	nsx_admin_password

2. On the main navigation bar, click Networking.
3. In the navigation pane, click Tier-0 gateways.
4. Create the Tier-0 gateway.
   1. On the Tier-0 gateways page, click Add Tier-0 gateway.
   2. Configure the settings and click Save.

      Setting	Value
      Name	sfo01-w-tier0-01
      High Availability Mode	Active-Active
      Edge Cluster	sfo-w-edge-cluster01

5. Configure route re-distribution.
   1. Expand Route Re-Distribution and click Set.
   2. On the Set route re-distribution dialog box, select all Tier-0 subnets and Advertised Tier-1 subnet sources, and click Apply.
   3. On the Add Tier-0 gateway page, in the Route re-distribution section, click Save.
6. Add the uplink interfaces to the NSX-T Edge nodes.
   1. Expand Interfaces and click Set.
   2. In the Set interfaces dialog box, click Add interface, configure the settings, and click Save.

      Name	Type	IP Address / Mask	Connected to (Segment)	Edge Node	MTU
      sfo01wesg01-Uplink01	External	172.16.47.2/24	sfo01-w-uplink01	sfo01wesg01	9000
      sfo01wesg01-Uplink02	External	172.16.48.2/24	sfo01-w-uplink02	sfo01wesg01	9000
      sfo01wesg02-Uplink01	External	172.16.47.3/24	sfo01-w-uplink01	sfo01wesg02	9000
      sfo01wesg02-Uplink02	External	172.16.48.3/24	sfo01-w-uplink02	sfo01wesg02	9000
      sfo02wesg01-Uplink01	External	172.16.67.2/24	sfo02-w-uplink01	sfo02wesg01	9000
      sfo02wesg01-Uplink02	External	172.16.68.2/24	sfo02-w-uplink02	sfo02wesg01	9000
      sfo02wesg02-Uplink01	External	172.16.67.3/24	sfo02-w-uplink01	sfo02wesg02	9000
      sfo02wesg02-Uplink02	External	172.16.68.3/24	sfo02-w-uplink02	sfo02wesg02	9000

   3. Repeat this step for the remaining interfaces and click Close.
   4. On the Add Tier-0 gateway page, in the Interfaces section, click Close.
7. Create an IP prefix list.
   1. Expand Routing.
   2. In the IP prefix list section, click Set.
   3. In the Set IP prefix list dialog box, click Add IP prefix list.
   4. Enter Any-Prefix as the Name and click Set.
   5. In the Set prefixes dialog box, click Add Prefix, configure the settings, click Add and click Apply.

      Setting	Value
      Network	any
      Action	Permit

   6. In the Set IP prefix list dialog box, click Save and click Close.
8. Create a route map.
   1. Expand Routing.
   2. In the Route maps section, click Set.
   3. In the Set route maps dialog box, click Add route map.
   4. Enter az2-route-map for Name.
   5. In the Match criteria column, click Set.
   6. On the Set match criteria dialog box, click Add match criteria, configure the settings, click Add and click Apply.

      Setting	Value
      Type	IP Prefix
      Members	Any-Prefix
      AS path prepend	65000
      Action	Permit

   7. In the Set route maps dialog box, click Save and click Close.
9. Configure BGP.
   1. Expand BGP, configure the settings, and click Save.

      Setting	Value
      Local AS	65000
      BGP	On
      Graceful Restart	Disable
      Graceful Restart Timer	180
      Graceful Restart Stale Timer	600
      Inter SR iBGP	On
      ECMP	On
      Multipath Relax	On

   2. Click Set for BGP neighbors.
   3. In the Set BGP neighbors dialog box, click Add BGP neighbor, configure the settings for the first neighbour, and click Save.

      IP Address	BFD	Remote AS	Hold Down Time	Keep Alive Time	Password	Out Filter	In Filter
      172.16.47.1	Disabled	65001	12	4	bgp_password	-	-
      172.16.48.1	Disabled	65001	12	4	bgp_password	-	-
      172.16.67.1	Disabled	65002	12	4	bgp_password	az2-route-map	az2-route-map
      172.16.68.1	Disabled	65002	12	4	bgp_password	az2-route-map	az2-route-map

      Note: Enable BFD if the network supports and is configured for BFD.
   4. Repeat for the other neighbor, click Save and click Close.
   5. On the Add Tier-0 gateway page, in the BGP section, click Close editing.
10. Generate a BGP summary for the Tier-0 gateway.
    1. On the main navigation bar, click Advanced networking & security.
    2. In the navigation pane, click Routers and select sfo-w-tier0-01.
    3. From the Actions drop-down menu, select Generate BGP summary.
    4. Verify that each transport node has five established connections: one to each neighbor in its availability zone and one to each of the other three transport nodes.