VMware NSX
When an edge bridge has multiple VLAN uplinks in a failover order teaming policy, a single of those uplinks should be active, i.e. receiving or transmitting traffic.
There is currently an issue in the data path that leads standby uplinks to receive VLAN traffic from the physical infrastructure and forward them in the virtual networks. This problem can create incorrect mac address table entries, leading to traffic loss. It can also cause a device in the virtual network to receive multiple copies of the same frame.
When bridging from overlay to VLAN, the uplinks used for VLAN traffic on the edge are specified using a VLAN transport zone.
To workaround this issue, ensure that there can only be one VLAN uplink active for bridging on the edge. One way of achieving this is to make sure that the edge has a single uplink in the VLAN transport zone specified for bridging.
If the VLAN transport zone has multiple uplinks, another option is to specify a failover order teaming policy including a single active uplink (no standby) when configuring the mapping of the overlay segment to a VLAN ID.
Configuring two edges in the bridge profile will ensure that there is an edge bridge failover in case the unique VLAN uplink fails, thus providing redundancy for the bridging function.