NSX for vSphere offers VXLAN to Layer 2 VLAN bridging capabilities with the data path contained entirely in the ESXi hypervisor. The bridge runs on the ESXi host where the DLR control VM is located. Multiple bridges per DLR are supported.

Virtual to Physical Interface Type Design Decision

Decision ID

Design Decision

Design Justification

Design Implications


Place all virtual machines, both management and tenant, on VXLAN-backed networks unless you must satisfy an explicit requirement to use VLAN-backed port groups for these virtual machines. If VLAN-backed port groups are required, connect physical workloads that need to communicate to virtualized workloads to routed VLAN LIFs on a DLR.

Bridging and routing are not possible on the same logical switch. As a result, it makes sense to attach a VLAN LIF to a distributed router or ESG and route between the physical and virtual machines. Use bridging only where virtual machines need access only to the physical machines on the same Layer 2.

Access to physical workloads is routed via the DLR or ESG.