NSX-T Bare Metal Edge bridge does not support multiple VLAN uplinks
search cancel

NSX-T Bare Metal Edge bridge does not support multiple VLAN uplinks

book

Article ID: 326361

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

Symptoms:
When configuring an edge bridge on a bare metal edge with multiple VLAN uplinks in a failover order teaming policy, the users might experience traffic loss or duplicate frames.

Environment

VMware NSX-T Data Center 2.5.x
VMware NSX-T Data Center

Cause

When an edge bridge has multiple VLAN uplinks in a failover order teaming policy, a single of those uplinks should be active, i.e. receiving or transmitting traffic. There is currently an issue in the data path that leads standby uplinks to receive VLAN traffic from the physical infrastructure and forward them in the virtual networks. This problem can create incorrect mac address table entries, leading to traffic loss. It can also cause a device in the virtual network to receive multiple copies of the same frame.

Resolution

When bridging from overlay to VLAN, the uplinks used for VLAN traffic on the edge are specified using a VLAN transport zone.
To workaround this issue, ensure that there can only be one VLAN uplink active for bridging on the edge.
One way of achieving this is to make sure that the edge has a single uplink in the VLAN transport zone specified for bridging.
If the VLAN transport zone has multiple uplinks, another option is to specify a failover order teaming policy including a single active uplink (no standby) when configuring the mapping of the overlay segment to a VLAN ID.
Configuring two edges in the bridge profile will ensure that there is an edge bridge failover in case the unique VLAN uplink fails, thus providing redundancy for the bridging function.