• External network communication fails when an NSX Edge VM and an overlay-connected workload VM are running on the same ESXi host.
• Moving the workload VM to a different ESXi host via vMotion immediately restores connectivity.
• "Unknown Unicast Flooding" is disabled.

VMware NSX

This issue is caused by limitations in Source MAC address learning on the NSX Edge uplink vNIC.

When the VM and Edge reside on the same host, communication is completed internally within the host's switch. In certain configurations such as using NSX VLAN segments for Edge uplinks, the Edge's uplink vNIC may fail to learn the Source MAC address of the co-located VM.

When return traffic such as ICMP Reply arrives, the destination MAC address is treated as an "Unknown Unicast" because it is not in the Edge's MAC table. If the MAC Discovery segment profile has "Unknown Unicast Flooding" set to Disabled, the packet is dropped.

Enable “Unknown Unicast Flooding”.
1. With admin privileges, log in to NSX Manager.
2. Select Networking > Segments > Segment Profiles.
3. Click Add Segment Profile and select MAC Discovery.
4. Enable “Unknown Unicast Flooding”.

When configuring the L2 Bridge, refer to the documentation below and configure settings according to the applicable scenario.
Configure an Edge VM for Bridging