BFD tunnel down between Edge and ESXi when Edge uses trunk logical switch
search cancel

BFD tunnel down between Edge and ESXi when Edge uses trunk logical switch


Article ID: 316664


Updated On:


VMware NSX Networking


The following criteria are met
  • NSX-T Data Center 2.x
  • The Edge Node VM is running on an ESXi host prepared for NSX T
  • The Edge and ESXi TEPs are on separate VLANs
  • The Edge TEP interface is connected to a trunk logical switch
  • The BFD tunnel is Down between the Edge and the ESXi host where it is running
  • The BFD tunnels between the Edge and other ESXi hosts are Up


VMware NSX-T Data Center
VMware NSX-T Data Center 2.x


When an Edge runs on a prepared host the Edge TEP and Host TEP must be on separate VLANs.
BFD traffic between Edge and host and vice versa must leave the host to be routed externally.
In this case when a VLAN trunk logical switch is used, the BFD packet sent by the ESXi host is not routed to the physical network correctly. Instead the packet is sent directly to the Edge. It arrives on the Edge interface still tagged with the Host TEP VLAN and is dropped by the Edge.


This issue is resolved in VMware NSX-T Data Center 2.5.0, available at VMware Downloads .

Note: When an Edge VM runs on a prepared host connected to the same NVDS as the host TEP, all versions of NSX-T continue to require that the Edge TEP is on a separate VLAN to the Host TEP.

If the Edge must run on a prepared ESXi host then the Edge TEP interface should not use a VLAN trunk logical switch.