VMware Cloud Foundation uses a software-defined networking (SDN) product called NSX. NSX allows you to create virtual networks, routing, and load balancing for your virtual machines. It automates the process of setting up the virtual network and connecting your virtual machines to the physical network.

NSX Edge nodes are special appliances that provide important networking services in a VMware Cloud Foundation environment. These services include load balancing, NAT, VPN, and connecting to the physical network.

When setting up a VMware Cloud Foundation Consolidated Management/Workload domain, you need to decide the type, number, and placement of these NSX Edge nodes. This is based on the specific networking requirements of your workloads.

Some services, like the main gateway, are limited to a single instance per NSX Edge node. But most networking services can run on the same Edge node.

The NSX Edge nodes are grouped together into edge clusters. This creates a pool of resources that can be used for the various networking services.

The NSX Edge nodes can be deployed as virtual appliances or installed on physical hardware.

In summary, you need to carefully plan the NSX Edge nodes for your VMware Cloud Foundation environment to ensure the required networking services are provided in an efficient and reliable way.

A link to the VMware by Broadcom documentation: LINK

An NSX Edge cluster with 2-tier routing provides north-south routing and network services in the management domain and VI workload domains. Add multiple NSX Edge clusters to a workload domain for scalability and resiliency.

An NSX Edge cluster is a logical grouping of NSX Edge nodes run on a vSphere cluster. NSX supports a 2-tier routing model.

Component	Connectivity	Description
Tier-0 logical router	Northbound	The tier-0 logical router connects to one or more physical routers or layer 3 switches and serves as a gateway to the physical infrastructure.
	Southbound	The tier-0 logical router connects to one or more tier-1 logical routers or directly to one or more logical switches.
Tier-1 logical router	Northbound	The tier-1 logical router connects to a tier-0 logical router.
	Southbound	The tier-1 logical router connects to one or more logical switches.

This post will provide information about the prerequisites and how to setup NSX Edge Nodes with VCF.

In VCF SDDC Manager UI we head over to the consolidated cluster that we have created during the initial setup of VCF.

Select Workload Domains, and then click Management domain. and then, the ACTIONS menu and Add Edge Cluster.

We then get a list of prerequisites that is important to first make sure all are met. I struggled abit with the BGP peering in my physical side, where I want to peer NSX with EdgeMAX Pro.

In my case I have prepared so that the VLAN for the Edges TEP and Uplinks will be accordingly.

Name	Mgmt IP VLAN 70	Edge TEP VLAN 71	EDGE Uplink1 VLAN 75	Edge Uplink2 VLAN 76
Edge01	192.168.70.118	192.168.71.118, 119	192.168.75.10	192.168.76.10
Edge02	192.168.70.119	192.168.71.120, 121	192.168.75.11	192.168.76.11

BGP Requirements
Purpose	Value
Top of Rack 1 – IP Address	192.168.71.1
Top of Rack 1 – Autonomous System ID	64500
Top of Rack 1 – BGP Neighbor Password	—–
NSX Edge Nodes Autonomous System ID	64501
BGP Timers – Hold Down Time	180
BGP Timers – Keep Alive Time	60

It’s a good use to have a spreadsheet with all the various settings when going ahead and configuring the Edges.

Continuing the Edge setup in VCF we click on the begin button, and fill out the information for a minimum of 2 Edges.

One this is done we continue with the next step and let VCF continue with the validation and deployment of the Edges.

We click Finish and then we can monitor the deployment in the vCenter and in the SDDC Manager.

Everything is done when the Edges are Active in SDDC, also we can go into the NSX Manager and verify we have T0 and T1s setup and the BGP peering sessions are Established.

What to do next

In NSX Manager, you can create segments connected to the NSX Edge cluster’s tier-1 gateway. You can connect workload virtual machines to these segments to provide north-south and east-west connectivity.