I'm encountering a challenge in my NSX Manager environment when it comes to the propagation of static routes to Tier-1 Gateways. I have configured a static route at the Tier-0 Gateway level, but it doesn't seem to be applied automatically to the associated Tier-1 Gateway. As a result, traffic appears to be dropped, and I have to allow it manually.
Could someone please guide me on the proper configuration steps to ensure that static routes defined at the Tier-0 level are propagated and applied to Tier-1 Gateways seamlessly? Additionally, are there any specific troubleshooting steps I should follow to identify and resolve this issue?
Any insights or recommendations would be greatly appreciated.
i add a photo
Please check if your static routes for redistribution is checked under BGP
It appears that you are mixing up routes and firewall policies here. Adding a route will not create a firewall policy for that traffic. If you see traffic being dropped by the firewall, you'll have to create a policy. If you're unsure if the firewall is the cause, Traceflow might help you out.
Additionally, as far as I know, T0 do not distribute anything down to T1's as the T0 is the default route for all T1's attached to it. A T1 can propagate it's own local routes and networks towards the T0.
I did not fully understand. could you be more descriptive? what configs should i do?
Hi,
You can Edit Tier-0 Gateway and Set Route Redistribution as follow:
This is Step 15 in Documentation procedure to Add a Tier-0 Gateways
https://docs.vmware.com/en/VMware-NSX/4.1/administration/GUID-7B0CD287-C5EB-493C-A57F-EEA8782A741A.h...
Cheers,
this does not solve the problem, the rules are redistributed, but they drop automatically. We already have the configuration you wrote
did it work ? keen to know thanks
no, it doesnot work. rule automatically drop.