My last VCP-NV post looked at creating logical switches in NSX and showed two VMs connected to the logical switch. Whilst the two virtual machines connected to the switch could communicate successfully, they were unable to communicate with other devices that weren’t connected to the logical switch. This is where logical bridging and routing comes in. Although there are use cases for having isolated logical switches, it is more likely that the virtual machines will need to connect to otherdevices, either on the same network segment, but not connected to the logical switch, or devices connected to different network segments.
This post will look at logical bridging, which is useful when your subnet has a mix of physical and virtual devices that need to communicate. L2 bridging services are provided by an NSX logical router, though it’s not routing here as such, it essentially creates a link (bridge) between the NSX logical switch and a traditional port group on the host where the logical router instance is deployed.
Deploying an NSX Logical Router
Within the ‘Networking and Security’ area in the vCenter Web Client, click on ‘NSX Edges’:
Click the green ‘plus’ symbol to begin adding a new router. A screen will appear to lead you through the configuration options for the logical router:
Here we need to ensure that ‘Logical (Distributed) Router’ is selected, then give it a name and description. On the next screen, configure a password and choose whether to enable SSH and HA. I have left the default ‘Emergency’ logging level. I’m just going to deploy a single node in my lab, so won’t enable HA.
The next screen is where you choose to deploy the instance to, choosing a cluster, datastore and host:
On the next screen I have created a management interface for the router. I haven’t added any additional IP interfaces, as this will be acting as a bridge. As I don’t have any additional interfaces, I don’t need a default gateway so the next screen can be skipped past.
The final screen, ‘Ready to Complete’ gives a summary of the settings that have been chosen. Clicking ‘Finish’ on this screen will deploy the router. Once the deployment task completes you should see the router with a status of ‘Deployed’:
We can now move on to configuring the router.
Configuring NSX Logical Bridge
To start, double click on the Edge instance that has just been deployed. Once there, click on ‘Manage’ and the ‘Bridging’:
Click the green ‘plus’ symbol to add a new bridge:
Give the switch a name, then choose which logical switch and port group to bridge:
Click OK once the fields have been populated. You’ll be prompted to ‘Publish’ the changes to the router:
The logical switch should now be bridged to the chosen portgroup, providing access to the external network. Next up, Logical Routing.