Making EVE-NG Management cloud (cloud0) work in vcloud / NSX-T

This guide provides the essential NSX-T segment configuration requirements for running EVE-NG Management Cloud successfully. Like other network lab solutions (such as GNS3) EVE-NG uses nested virtualisation to host virtual network devices. Within EVE-NG, these devices can be exposed to real networks through a bridge interface, in this case the management cloud (cloud0). In a vCloud Director / NSX-T environmont this does not work out of the box.

NSX-T Segment Requirements

The following two profile configurations are mandatory for EVE-NG Management Cloud to work properly on an NSX-T segment. Without these configurations, virtual devices may experience connectivity issues.

IP Discovery Profile Configuration

Requirement 1: Custom IP Discovery Profile

The NSX-T segment must be configured with a custom IP Discovery Profile that has ARP discovery enabled and a higher ARP IP discovery limit than the default setting. Navigate to Networking → Segments → Profiles → IP Discovery Profiles and create a new profile with the following specifications: Example configuration: 
Profile Name: EVE-NG-IP-Discovery
ARP Discovery: Enabled
ARP IP Discovery Limit: 1000 (higher than default which is 1)
DHCP Snooping: Enabled (optional)
VMTools Discovery: Enabled (optional)
The increased ARP IP discovery limit is critical because EVE-NG creates multiple virtual devices, each with unique IP addresses that need to be discovered and tracked by NSX-T.

MAC Discovery Profile Configuration

Requirement 2: MAC Discovery Profile

The NSX-T segment must have a MAC Discovery Profile that allows for MAC learning with a limit higher than 1. The default limit is typically already higher than 1, but it should be verified and potentially increased for EVE-NG environments. Navigate to Networking → Segments → Profiles → MAC Discovery Profiles and ensure the profile meets these specifications: Example configuration: 
Profile Name: EVE-NG-MAC-Discovery
MAC Learning: Enabled
MAC Learning Limit: 500 (higher than 1, recommended 500+)
Unknown Unicast Flooding: Enabled
MAC Learning Timeout: 300 seconds
This configuration is essential because EVE-NG virtual devices generate numerous unique MAC addresses that must be learned and maintained by the NSX-T infrastructure.

Implementation Steps

Step 1: Create the IP Discovery Profile

Access the NSX-T Manager interface and navigate to the IP Discovery Profiles section to create the custom profile with the specifications above.

Step 2: Verify or Create MAC Discovery Profile

Check existing MAC Discovery Profiles or create a new one ensuring MAC learning is enabled with appropriate limits for your EVE-NG environment.

Step 3: Apply Profiles to the segment the first primary interface of EVE-NG

Edit your target NSX-T segment and apply both the custom IP Discovery Profile and MAC Discovery Profile to the segment configuration.

Step 4: Verify Configuration

After applying the profiles, test EVE-NG virtual device connectivity to ensure MAC addresses are being learned correctly and devices can communicate properly. Sometimes, rebooting the EVE-NG VM can help to for traffic generation and thus having the IP addresses being discovered by NSX-T.