Configure and Deploy an NSX Edge Transport Node

You can add an NSX Edge virtual machine (VM) to the NSX fabric and proceed to configure it as an NSX Edge transport node VM.

Prerequisites

Verify that you have created transport zones, edge uplink profile, and edge TEP IP pool.

Procedure

Log in to the NSX Manager.
Select System > Fabric > Nodes > Edge Transport Nodes > Add Edge VM.
In Name and Description, enter a name for the NSX Edge.
For example, nsx-edge-1
Enter the host name or FQDN from vCenter Server.
For example, nsx-edge-1.lab.com.
Select Large form factor.
In Credentials, enter the CLI and the root passwords for the NSX Edge. Your passwords must comply with the password strength restrictions.
- At least 12 characters.
- At least one lower-case letter.
- At least one upper-case letter.
- At least one digit.
- At least one special character.
- At least five different characters.
- Default password complexity rules are enforced by the Linux PAM module.
Enable Allow SSH Login for CLI and Root credentials.

In Configure Deployment, configure the following properties:

Option	Description
Compute Manager	Select the compute manager from the drop-down menu. For example, select `vCenter`.
Cluster	Select the cluster from drop-down menu. For example, select `Compute-Cluster`.
Datastore	Select the shared datastore from the list. For example, `vsanDatastore`.

Configure the node settings.

Option	Description
IP Assignment	Select Static. Enter the values for: Management IP: Enter the IP address on the same VLAN as the vCenter Server management network. For example, `10.197.79.146/24`. Default gateway: The default gateway of the management network. For example, `10.197.79.253`.
Management Interface	Click Select interface, and select the vSphere Distributed Switch port group on the same VLAN as the management network from the drop-down menu that you created previously. For example, `DPortGroup-MGMT`.

In Configure NSX, click Add Switch to configure the switch properties.
Use the default name for the Edge Switch Name.
For example, nvds1.
Select the transport zone to which the transport node belongs.
Select the overlay transport zones created previously.

For example, nsx-overlay-transportzone.
Select the edge uplink profile created previously.
For example, EDGE-UPLINK-PROFILE.
Select Use IP Pool in IP Assignment.
Select the edge TEP IP pool created previously.
For example, EDGE-TEP-IP-POOL.
In the Teaming Policy Switch Mapping section, the uplink to the edge uplink profiles created previously.
For example, for Uplink1, select DPortGroup-EDGE-TEP.

Repeat steps 10-16, to add a new switch.

For example, configure the following values:

Property	Value
Edge Switch Name	`nvds2`
Transport Zone	`nsx-vlan-transportzone`
Edge uplink profile	`EDGE-UPLINK-PROFILE`
Teaming Policy Switch Mapping	`DPortGroup-EDGE-UPLINK`

Click Finish.
Repeat steps 2–18 for a second NSX Edge VM.
View the connection status on the Edge Transport Nodes page.

Create an NSX Edge Cluster

To ensure that at least one NSX Edge is always available, create an NSX Edge cluster.

Procedure

Log in to the NSX Manager.
Select System > Fabric > Nodes > Edge Clusters > Add.
Enter the NSX Edge cluster name.
For example, EDGE-CLUSTER.
Select the default NSX Edge cluster profile from the drop-down menu.
Select nsx-default-edge-high-availability-profile.
In Member Type drop-down menu, select the Edge Node.
From the Available column, select the NSX Edge VMs previously created, and click the right-arrow to move them to the Selected column.
For example, nsx-edge-1 and nsx-edge-2.
Click Save.

Create a Tier-0 Uplink Segment

The tier-0 uplink segment provides the North-South connectivity from NSX to the physical infrastructure.

Prerequisites

Verify that you have created a Tier-0 gateway.

Procedure

Log in to the NSX Manager.
Select Networking > Segments > Add Segment.
Enter a name for the segment.
For example, TIER-0-LS-UPLINK.
Select the transport zone previously created.
For example, select nsx-vlan-transportzone.
Toggle the Admin Status to enable it.
Enter a VLAN ID of the Tier-0 gateway.
For example, 1089.
Click Save.

Create a Tier-0 Gateway

The tier-0 gateway is the NSX logical router that provides the North-South connectivity for the NSX logical networking to the physical infrastructure. vSphere IaaS control plane supports multiple tier-0 gateways on multiple NSX Edge clusters in the same transport zone.

A tier-0 gateway has downlink connections to tier-1 gateways and external connections to physical networks.

You can configure the HA (high availability) mode of a tier-0 gateway to be active-active or active-standby. The following services are only supported in active-standby mode:

NAT
Load balancing
Stateful firewall
VPN

Proxy ARP is automatically enabled on a tier-0 gateway when a NAT rule or a load balancer VIP uses an IP address from the subnet of the tier-0 gateway external interface. By enabling proxy-ARP, hosts on the overlay segments and hosts on a VLAN segment can exchange network traffic together without implementing any change in the physical networking fabric.

Before NSX 3.2, proxy ARP is supported on a tier-0 gateway in only an active-standby configuration. Starting in NSX 3.2, proxy ARP is also supported on a tier-0 gateway in an active-active configuration.

For more information, see the NSX Administration Guide.

Prerequisites

Verify that you have created an NSX Edge cluster.

Procedure

Log in to the NSX Manager.
Select Networking > Tier-0 Gateways.
Click Add Tier-0 Gateway.
Enter a name for the tier-0 gateway.
For example, Tier-0_VWT.
Select an active-standby HA mode.
In active-standby mode, the elected active member processes all traffic. If the active member fails, a new member is elected to be active.
Select the NSX Edge cluster previously created.
For example, select EDGE-CLUSTER.
Click Save.
The tier-0 gateway is created.
Select Yes to continue with the configuration.
Configure interfaces.
1. Expand Interfaces and click Set.
2. Click Add Interface.
3. Enter a name.
  For example, enter the name TIER-0_VWT-UPLINK1.
4. Select Type as External.
5. Enter an IP address from the Edge Logical Router – Uplink VLAN. The IP address must be different from the management IP address configured for the NSX Edge VMs previously created.
  For example, 10.197.154.1/24.
6. In Connected To, select the tier-0 uplink segment previously created.
  For example, TIER-0-LS-UPLINK
7. Select an NSX Edge node from the list.
  For example, nsx-edge-1.
8. Click Save.
9. Repeat steps a - h for the second interface.
  For example, create a second uplink TIER-0_VWT-UPLINK2 with IP address 10.197.154.2/24 connected to nsx-edge-2 Edge node.
10. Click Close.
To configure high availability, click Set in HA VIP Configuration.
1. Click ADD HA VIP CONFIGURATION.
2. Enter the IP addess.
  For example, 10.197.154.3/24
3. Select the interfaces.
  For example, TIER-0_WVT-UPLINK1 and TIER-0_WVT-UPLINK2
4. Click Add and Apply.
To configure routing, click Routing.
1. Click Set in Static Routes.
2. Click ADD STATIC ROUTE.
3. Enter a name.
  For example, DEFAULT-STATIC-ROUTE.
4. Enter 0.0.0.0/0 for network IP address.
5. To configure next hops, click Set Next Hops and then Add Next Hop.
6. Enter the IP address of the next hop router. Typically, this is the default gateway of the management network VLAN from the NSX Edge logical router uplink VLAN.
  For example, 10.197.154.253.
7. Click Add and Apply and SAVE.
8. Click Close.
To verify connectivity, make sure that an external device in the physical architecture can ping the uplinks that you configured.

What to do next

Configure a Supervisor. See Deploy a One-Zone Supervisor with NSX Networking