ALB VIP and SNAT Static routes will not be advertised to Tier-0 from Tier-1 after upgrading to NSX-T 3.1 or 3.1.2 versions
search cancel

ALB VIP and SNAT Static routes will not be advertised to Tier-0 from Tier-1 after upgrading to NSX-T 3.1 or 3.1.2 versions

book

Article ID: 317522

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

Symptoms:
  • Cannot access ALB VIP from T0 or external networks
  • Users will lose access to ALB backend servers


Environment

VMware NSX-T Data Center 3.x
VMware NSX-T Data Center

Cause


AVI LB VIP and LB SNAT routes were added to Tier-1 router using "ALB_VIP" and "ALB_SNAT" tags respectively on Tier-1 static route. Prior to NSX-T 3.1, these routes had to be advertised using "Advertise All Static Routes" flag. From NSX-T 3.1, for advertising these routes we need to enable "All LB VIP Routes" and "All LB SNAT Routes" on the T1 logical router.

Resolution



Workaround:
  • Apply this workaround before NSX-T upgrade to avoid disruption
  • Enable “All LB VIP Routes” and “All SNAT IP Routes” advertisement on Tier-1 router
  • Similarly, check “LB VIP” and “LB SNAT IP” under Tier-0 “Route Re-distribution”
Note: Same workaround can be implemented even after NSX-T upgrade. However, Traffic will be disrupted until we apply the workaround steps.

Steps to implement the workaround:
  • Edit Tier-1 Gateway and enable “All LB VIP Routes” and “All SNAT IP Routes” options under “Route Advertisement” and save the configuration
image.png
  • Edit Tier-0 Gateway and check “LB VIP” and “LB SNAT IP” route advertisements under “Route Re-distribution”
image.png
  • Now ALB VIP and ALB SNAT static routes should be advertised to Tier-0 and BGP peer routers


Additional Information

Impact/Risks:

ALB VIP traffic will be disrupted if “All LB VIP Routes” and “All SNAT IP Routes” route redistribution options are not enabled

image.png

Powered by Wolken Software