I'm currently trying to figure out a routing issue. This is still a development setup to see if the design is viable.
The deployment is a single vCenter with managers on one side. Each side has its own Edges, T0 and T1 networks. Both sides can access the internet without issue through the T0 and upstream firewall (Next Hop). However, I can't get either side to talk to each other. The trace seems to stop on the T1-T0 network (10.64.0.0) but I'm wondering if its actually the upstream Firewall thats not configured correctly. The firewalls between sites are directly connected on L3 and I have no access to anything upstream of the T0 to troubleshoot and I don't want to go pointing fingers without first discounting the NSX configuration. I can access local external networks and the wider the internet without issue. I've got an OSFP relationship with the upstream Firewall at each location for sharing all my locally attached T1 segments and have been told the firewalls know about the segments (Hence the internet access works) I've got a static route for 0.0.0.0/0 to next hop which is the GW on the firewall so all unknown traffic should go to the upstream firewall. The issue might be that the two Firewalls aren't sharing the routes they've each learnt from NSX T0 at each site for the locally attached Segements.
Below is a trace flow which shows where the traffic is stopping.
Thanks for responding and the suggestion. Each firewall can reach their respected local T1 Segments and the edge routers can ping their local firewalls attached to the T0. I've requested they test that each firewall can also reach the subnets on the other end as I don't think that was tested at the time so I'll request this.
I've got a static route as they don't send me a default route from the firewall, they send me all the connected physical subnets and the remote T1 is listed.
