• Immediately following the implementation of BGP Route Maps on a Tier-0 Gateway, one or more subnets become unreachable from outside the NSX environment.
• BGP neighbor status remains "Established," but the specific prefix is missing from the advertised routes (OutPfx in BGP neighbor summary).
• Reverting the route map configuration restores connectivity.

• VMware NSX 4.x

• The connectivity loss is caused by the omission of specific subnets from the IP Prefix List associated with the Route Map.
• In NSX, Prefix Lists and Route Maps operate on a default-deny basis.
• When a Route Map is applied to a BGP neighbor or redistribution rule, any prefix that is not explicitly matched and permitted by the associated Prefix List is automatically denied and will not be advertised.

To provide connectivity, you must explicitly permit the affected subnet within the Prefix List configuration.

1. Log in to the NSX Manager UI.
2. Navigate to Networking > Routing > IP Prefix Lists.
3. Locate and Edit the Prefix List assigned to the active Route Map.
4. Add a new rule to the list:
   • Network: [Enter the missing subnet]
   • Action: Permit
5. Ensure the rule is positioned correctly within the list (rules are processed top-to-bottom).
6. Click Save.
7. Verify the fix:
   • On the NSX Edge CLI, run: get logical-routers to find the VRF ID for the Tier-0 SR.
   • Enter the VRF: vrf <ID>
   • Check BGP advertisements: get bgp neighbor <neighbor-ip> advertised-routes
   • Confirm the missing prefix is now listed.

• Create an NSX IP Prefix List
• Routes installed on T0 gateway despite the attached deny prefix list for the subnet — Explains matching logic for exact vs. longer prefixes.