VMware NSX

I'm encountering a challenge in my NSX Manager environment when it comes to the propagation of static routes to Tier-1 Gateways. I have configured a static route at the Tier-0 Gateway level, but it doesn't seem to be applied automatically to the associated Tier-1 Gateway. As a result, traffic appears to be dropped, and I have to allow it manually.

Could someone please guide me on the proper configuration steps to ensure that static routes defined at the Tier-0 level are propagated and applied to Tier-1 Gateways seamlessly? Additionally, are there any specific troubleshooting steps I should follow to identify and resolve this issue?

Any insights or recommendations would be greatly appreciated.
i add a photo

Please check if your static routes for redistribution is checked under BGP

It appears that you are mixing up routes and firewall policies here. Adding a route will not create a firewall policy for that traffic. If you see traffic being dropped by the firewall, you'll have to create a policy. If you're unsure if the firewall is the cause, Traceflow might help you out.

Additionally, as far as I know, T0 do not distribute anything down to T1's as the T0 is the default route for all T1's attached to it. A T1 can propagate it's own local routes and networks towards the T0.

I did not fully understand. could you be more descriptive? what configs should i do?

Hi,

You can Edit Tier-0 Gateway and Set Route Redistribution as follow:

This is Step 15 in Documentation procedure to Add a Tier-0 Gateways
https://docs.vmware.com/en/VMware-NSX/4.1/administration/GUID-7B0CD287-C5EB-493C-A57F-EEA8782A741A.html#procedure-2

Cheers,

this does not solve the problem, the rules are redistributed, but they drop automatically. We already have the configuration you wrote

did it work ? keen to know thanks

no, it doesnot work. rule automatically drop.