North to South traffic going through VRF gets blackholed when parent tier-0 gateway BGP is down
search cancel

North to South traffic going through VRF gets blackholed when parent tier-0 gateway BGP is down

book

Article ID: 317749

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

Symptoms:
- When parent tier-0 gateway BGP is down in an Active/Active topology, user-created tier-0 VRFs still receive traffic from North peers which gets black holed
 

Cause

When parent tier-0 gateway BGP is down, HA logic moves the backplane IP of all tier-0 VRFs to another Active Edge, so South to North Traffic doesn't get black holed.
However, BGP on tier-0 VRFs advertises the South-bound routes (Connected, NAT, etc). This creates a blackhole for North to South traffic.

Resolution

This issue is resolved in NSX 4.1.0.

Workaround:
Bring down the BGP on the affected tier-0 VRFs

Powered by Wolken Software