Configuring OSPF between Logical and Edge routers on VMware NSX

On Distributed routing on VMware NSX the following topology has been deployed:


The next step is adding an Edge router which can manage external traffic. On a next post the Edge router will be bridged to a physical network. The expected topology will be the following:


Open the Web Client and go to “Networking & Security ->Logical Switches” and add a new segment:


Then go to “Networking & Security -> NSX Edges” and add a “Edge Service Gateway”

nsx_ospf_3Set admin password, enable SSH and HA:


Select where to deploy the edge router:

nsx_ospf_6 And attach the edge router to the new logical switch:


Skip (for now) the default gateway and firewall configuration.

While the new edge router is deploying, connect the distributed router to the new logical switch. Go to “Networking & Security -> NSX Edges”, double click on the LDR and go to “Settings -> Interfaces”. Add a new interface connected to the new logical switch:


Type must be “Uplink” not “Internal”. OSPF can be configured on “Uplink” interfaces only.

Go to “Routing -> Global Configuration” and edit “Dynamic Routing Configuration”. Set an unique router ID and publish changes:


Go to “Routing -> OSPF” and add a new area 0:


Map now the LIF facing the external logical switch to Area 0:


Click on the “Edit” button and enable OSPF setting protocol and forwarding address:


Use the IP address of the LIF facing the new (external) logical switch as forwarding address and another IP address on the same subnet as protocol address:


The protocol address is assigned to the control VM. The control VM is a VM deployed with the distributed router which manages the control plane (in this case OSPF neighbor adjacencies and update the routing table).

Finally publish changes to the LDR.

Now go back to the edge router (“Netwroking & Security -> NSX Edges” and double click on the edge router), go to “Manage -> Routing -> Global Configuration”, enable the router ID and publish changes:


Open now the OSPF tab, and configure the interface facing the external logical switch for OSPF:


Press now the “Edit” button, enable OSPF and “Default Originate”:


OSPF should now be active and the edge router should have all networks connected to the DLR. Default gateway on DLR is not present because the edge router doesn’t have it yet.

VM1 and VM2 cannot ping the edge router because it’s configure with a firewall by default.

The Connecting Edge Router to physical LAN using VMware NSX will show how to connect the edge router to the external (physical) network.