vCD - Networking made easy

Updated: 2021-03-24

• Table of Contents:
  • vCD Network Types
    • External
    • Organization
    • vApp
  • Example Network
    • Configuration
    • Add Network to vApp
    • Add Network to VM

vCD Network Types

• External networks are backed by vSphere networks therefore created by a system administrator. These networks provide uplinks to networks outside of vCD. In the current implementation of VMWare Solutions on IBM Cloud there are two networks visible to vDC users:
  
  • Service network (e.g. dal12-w02-service01) - this network is used to allow virtual datacenter VMs to access IBM Cloud internal services.
  • Tenant External (e.g. dal12-w02-tenant-external) - this network is used to allow virtual datacenter VMs to access the public internet.

  From the datacenter view
  Edges > edge-YOUREDGE > External Networks > Networks & subnets

  
  

• Organization networks are backed by NSX Data Center for vSphere which can be created by an vDC organization administrator or higher privileged user. These networks provide various access levels within the vDC organization. These types are:
  • Direct - direct layer 2 external network connectivity to virtual machines outside of the organization vDC (currently not available for VMWare Solutions on IBM Cloud).
  • Isolated (Internal) - a private network that only organization virtual machines and vApps can connect to.
  • Routed - a network that provides controlled access to external networks by use of network address translation (NAT), firewall, and VPN settings.
  • Imported - logical network segments that are created in NSX-T Data Center and use an existing NSX-T Data Center logical switch (currently not available for VMWare Solutions on IBM Cloud).

  From the datacenter view
  Networking > Networks > New

  

  For Isolated and Routed networks there are some additional options to consider. If the Shared option is enabled for the network this means that it can be accessible from any vDC with the organization.

  

  For Routed networks there are some additional Interface Types that are important to understand:

  • Internal - Connects to one of the Edge gateway’s internal interfaces. The maximum number of networks that are allowed is 9.
  • Distributed - Creates the network on a distributed logical router connected to this edge gateway. The maximum number of networks that are allowed is 400.
  • Subinterface - Extends an organization VDC network. VMware Cloud Director identifies the network to use to extend through L2 VPN. vCD, with the help of NSX network virtualization, creates a trunk interface type for this network. The maximum number of networks that are allowed is 200.

  

• vApp networks are created as part of the vApp by an user with vApp Author rights or a higher privileged user.

  VApp networks can also be connected to Organization networks. The connections can be direct or fenced. Fencing allows identical virtual machines in different vApps to be powered on without conflict by isolating the MAC and IP addresses of the virtual machines.

  When fencing is enabled and the vApp is powered on, an isolated network is created from the organization virtual data center network pool. An edge gateway is created and attached to the isolated network and the organization virtual data center network. Traffic going to and from the virtual machines pass through the edge gateway, which translates the IP address using NAT and proxy-AR. This allows a router to pass traffic between two networks by using the same IP space.

  

Example Network

Based on all of the information above, I will show an example of creating a routed network.

Configuration

Going to create the following type of network:

• Network Type: Routed
• Name: 172.16.10.0
• Network CIDR: 172.16.10.0/24
• Gateways CIDR: 172.16.10.1/24
• Interface Type: Subinterface
• Static IP Pools: 172.16.10.10 - 172.16.10.20
• DNS: 161.26.0.10, 161.26.0.11

NOTE: Classless Inter-Domain Routing (CIDR)

To create the newtork, go to Networking > Network > New

select Routed

enter Name, Gateway CIDR. Description is optional and shared is not required for this example.

select the vDC edge (should only be one), and select interface (Subinterface in this case). Guest VLAN Allowed is not required for this example.

add the Gateway CIDR and Static IP Pools.

add IBM Cloud DNS

Select Finish to create the network

View newly created network

Next steps for this shiney new network will be to attach VMs to it and start banging away slamming some packets!

TO_BE_CONTINUED

Add Network to vApp

Add Network to VM

Note the information described in this example are guidelines. There are multiple ways to configure the various parts of the example. Please adjust accordingly for your needs.

VMWare vCloud Director
Main Page