Types of Networks in a vApp
The virtual machines in a vApp can connect to vApp networks, which can be isolated, direct, or routed, and to organization VDC networks.
Note Organization VDCs that are backed by Networking Data Center for VMWare vSphere support routed, isolated and direct vApp networks.
Organization VDCs that are backed by Advanced Networking Data Center support isolated and direct vApp networks. You can add networks of different types to a vApp to address multiple networking scenarios.
Virtual machines in the vApp can connect to the networks that are available in a vApp. If you want to connect a virtual machine to a different network, you must first add this network to the vApp.
A vApp can include vApp networks and organization VDC networks. An isolated vApp network is contained within the vApp.
You can also route a vApp network to an organization VDC network to provide connectivity to virtual machines outside of the vApp. For routed vApp networks, you can configure network services, such as a firewall and static routing.
You can connect a vApp directly to an organization VDC network.
If you have multiple vApps that contain identical virtual machines connected to the same organization VDC network and you want to start the vApps at the same time, you can fence the vApp.Fencing the vApp allows you to power on the virtual machines without a conflict, by isolating their MAC and IP addresses.
For information, see Working with Networks in a vApp.
Edge Gateways
An edge gateway provides a routed organization VDC network with connectivity to external networks and can provide services such as load balancing, network address translation, and a firewall. Cyfuture Cloud Console supports IPv4 and IPv6 edge gateways.
Edge gateways require Networking Data Center for VMWare vSphere or Advanced Networking Data Center. This chapter includes the following topics:
- Managing Organization Virtual Data Center Networks
- Managing Data Center Group Networking with Advanced Networking Data Center
- Managing Data Center Group Networking with Networking Data Center for VMWare vSphere
- Managing Networking Data Center for VMWare vSphere Edge Gateway Services
- Managing Advanced Networking Data Center Edge Gateways
An organization VDC network with a direct connection to one of the external networks that are provisioned by the system administrator and are backed by
vSphere resources.
Virtualmachines belonging to different organization VDCs can connect to and see traffic on this network.
A direct network provides direct layer 2 connectivity to virtual machines outside of the organization VDC. Virtual machines outside of this organization VDC can connect to virtual machines in the organization VDC directly.
Note Only your system administrator can add a direct organization VDC network.
Isolated (Internal) - Isolated networks are accessible only by the same organization VDC. Only virtual machines in this organization VDC can connect to and see traffic on the internal organization VDC network. Isolated networks are supported for organization VDCs backed by Advanced Networking Data Center and for organization VDC NSX Data Center for vSphere. The isolated organization VDC network provides an organization VDC with an isolated, private network that multiple virtual machines and vApps can connect to.This network provides no connectivity to virtual machines outside the organization VDC. Machines outside of the organization VDC have no connectivity to machines in the organization VDC Routed. Routed networks are accessible only by the same organization VDC. Only virtual machines in this organization VDC can connect to this network.This network also provides controlled access to an external network. As a system administrator or an organization administrator, you can configure network address translation (NAT), firewall, and VPN settings to make specific virtual machines accessible from the external network.Can be IPv4 or IPv6.
CenterLogical Switch
Data Center and use an existing Advanced Networking Data Center logical switch. They are imported in a specific organization as an organization VDC network.
Note Only a system administrator can import an Advanced Networking Data Center network
Data Center Type Network Description
This network is part of a data center group network spanning a data center group. A data center group can comprise between one and 16 organization VDCs in a single or a multisite Cyfuture Cloud Console deployment.Virtual machines connected to this network are connected to the underlying stretched network.Data Center Group Networks Backed by Advanced Networking Data Center. Data center group networks are a type of organization VDC networks backed by NSX- T Data Center that are shared between one or more VDCs and to which vApps can connect. Data center group networks can be isolated, imported, or routed, and require Advanced Networking Data Center.
All steps for managing your organization VDC networks are documented assuming that you have more than one VDC in your environment.
View the Available Organization VDC Networks
You can view the available organization virtual data center networks.
Prerequisites
Verify that you are an organization administrator, system administrator, or that you are assigned a role that includes an equivalent set of rights.
Procedure
In the top navigation bar, click Networking.
Results
In the Networks tab, you see a list of the available networks that you can filter by various criteria.
What to do next
You can add an organization VDC network. You can also edit, increase the scope, delete, or reset an existing organization VDC network.
Add an Isolated Organization Virtual Data Center Network
You can add an isolated organization VDC network, which is accessible only by this organization. This network provides no connectivity to virtual machines outside this organization. Virtual machines outside of this organization have no connectivity to the virtual machines in the organization.
You can add a mix of isolated and routed organization VDC networks to meet the needs of your organization. For example, you can isolate a network that contains sensitive information and have a separate network that is associated with an edge gateway and connected to the Internet.
You can create an isolated VDC network that is backed by a network pool. Your service provider can also create an isolated VDC network that is backed by advanced networking logical switch.
You can create only an IPv4 isolated organization VDC network.
Prerequisites
This operation requires the rights included in the predefined Organization Administrator role or an equivalent set of rights.
Procedure
1 In the top navigation bar, click Networking.
2 On the Networks tab, click New.
3 On the Scope page, select Organization Virtual Data Center, select a VDC in which to create the network, and click Next.
4 On the Select Network Type page, select Isolated and click Next.
5 Enter a meaningful name for the network.
6 Enter the Classless Inter-Domain Routing (CIDR) settings for the network.
Use the format network_gateway_IP_address/subnet_prefix_length, for example,
192.167.1.1/24.
7 Enter a description of the organization VDC network.
8 (Optional) If the VDC in which you create the network is backed by Networking Data Center for VMWare vSphere, toggle on the Shared option to make the organization VDC network available to other organization VDCs within the same organization.
One potential use case for this option is when an application exists within an Organization VDC that has a reservation or allocation pool set as the allocation model. In this case, it might not have enough room to run more virtual machines. As a solution, you can create a secondary Organization VDC with pay-as-you-go and run more virtual machines on that network on a temporary basis.
Note The Organization VDCs must be backed by the same Provider VDC.
9 Click Next.
10 (Optional) To reserve one or more IP addresses for assignment to virtual machines that require static IP addresses, configure the Static IP Pools for the network.
a Enter the IP address or range of IP addresses, and click Add. To add multiple static IP addresses or ranges, repeat this step.
b (Optional) To modify or remove IP addresses and ranges, click Modify or Remove.
11 Click Next.
12 (Optional) Configure the DNS settings
|
Option |
Action |
|
Primary DNS |
Enter the IP address for your primary DNS server. |
|
Secondary DNS |
Enter the IP address for your secondary DNS server. |
|
DNS Suffix |
Enter your DNS suffix. The DNS suffix is the DNS name without including the host name. |
.
13 Click Next.
14 On the Ready to Complete page, review your settings, and click Finish.
Add a Routed Organization Virtual Data Center Network
To control the access to an external network, you can add a routed organization VDC network. System administrators and organization administrators can configure network address translation (NAT), firewall, and VPN settings to make specific virtual machines accessible from the external network.
You can add a mix of routed and isolated organization VDC networks to meet the needs of your organization. For example, you can add a network that is associated with an edge gateway and connected to the Internet, while having an isolated network that contains sensitive information.
You can add an IPv4 or IPv6 routed organization VDC network.
Prerequisites
This operation requires the rights included in the predefined Organization Administrator role or an equivalent set of rights.
Procedure
1 In the top navigation bar, click Networking.
2 On the Networks tab, click New.
3 On the Scope page, select Organization Virtual Data Center, select a VDC in which to create the network, and click Next.
4 On the Select Network Type page, select Routed and click Next.
5 Enter a meaningful name for the network.
6 Enter the Classless Inter-Domain Routing (CIDR) settings for the network.
Use the format network_gateway_IP_address/subnet_prefix_length, for example,
192.167.1.1/24.
7 Enter a description of the organization VDC network.
8 (Optional) If the VDC in which you create the network is backed by Networking Data Center for VMWare vSphere, toggle on the Shared option to make the organization VDC network available to other organization VDCs within the same organization.
One potential use case is when an application within an Organization VDC has a reservation or allocation pool set as the allocation model. In this case, it might not have enough room to run more virtual machines. As a solution, you can create a secondary Organization VDC with pay-as-you-go and run more virtual machines on that network on a temporary basis.
Note The Organization VDCs must share the same network pool.
9 Click Next.
10 On the Edge Connection page, select an edge gateway with which to associate the organization VDC network.
If the organization VDC includes more than one edge gateway, you must select an edge gateway for this network to connect to. To support another routed network, the Edge Gateway must show a value of at least 1 in the # Available Networks column.
11 From the Interface Type drop-down menu, select the interface type.
|
Option |
Description |
|
Internal |
Connects to one of the Edge gateway's internal interfaces. The maximum number of networks that are allowed is 9. |
|
Distributed |
Creates the network on a distributed logical router connected to this edge gateway. The maximum number of networks that are allowed is 400. |
|
Subinterface |
Extends an organization VDC network. Cyfuture Cloud Console identifies the network to use to extend through L2 VPN. Cyfuture Cloud Console, with the help of Networking network virtualization, creates a trunk interface type for this network. The maximum number of networks that are allowed is 200. |
12 (Optional) To enable tagging of guest VLANs on this network, toggle on the Guest VLAN Allowed option.
13 Click Next.
14 (Optional) To reserve one or more IP addresses for assignment to virtual machines that require static IP addresses, configure the Static IP Pools for the network.
a Enter the IP address or range of IP addresses, and click Add. To add multiple static IP addresses or ranges, repeat this step.
b (Optional) To modify or remove IP addresses and ranges, click Modify or Remove.
15 Click Next.
16 (Optional) Configure the DNS settings.
|
Option |
Action |
|
Primary DNS |
Enter the IP address for your primary DNS server. |
|
Secondary DNS |
Enter the IP address for your secondary DNS server. |
|
DNS Suffix |
Enter your DNS suffix. The DNS suffix is the DNS name without including the host name. |
17 Click Next.
18 On the Ready to Complete page, review your settings, and click Finish.
Add a Direct Organization Virtual Data Center Network
To connect to an external network by a direct route, System administrators can set up a direct connection.
Starting with Cyfuture Cloud Console 10.2.2, direct network creation is supported in organization CYFUTURE CLOUD (CC) backed by Advanced Networking Data Center and by Networking Data Center for VMWare vSphere.
If you log in to the Cyfuture Cloud Tenant Portal as an organization administrator and attempt to create a direct organization virtual data center network, you receive a warning message that you have insufficient rights.
Prerequisites
Verify that you have system administrator rights.
Procedure
1 In the top navigation bar, click Networking.
2 On the Networks tab, click New.
3 On the Scope page, select Organization Virtual Data Center, select a VDC in which to create the network, and click Next.
4 On the Network Type page, select Direct and click Next.
5 Enter a meaningful name for the network.
6 Enter a description of the organization VDC network.
7 (Optional) To make the organization VDC network available to other organization VDCs within the same organization, toggle on the Shared option.
8 On the External Network Connection page, select the external network to which you want your new organization virtual data center network to connect directly, and click Next.
9 On the Ready to Complete page, review your settings, and click Finish.
Add an Organization VDC Network with an Imported Advanced Networking Data Center Logical Switch
System administrators can create an organization VDC network by importing a logical switch from an associated Advanced Networking Manager instance.
Prerequisites
Verify that you have system administrator rights.
Verify that the provider virtual data center that backs the target organization virtual data center is associated with an Advanced Networking Manager instance.
You must create at least one Advanced Networking logical switch that is not in use by other organization virtual data center networks.
For information about creating and configuring Advanced Networking logical switches, see the Advanced Networking Data Center Administration Guide.
Procedure
1 In the top navigation bar, click Networking.
2 On the Networks tab, click New.
3 On the Scope page, select Organization Virtual Data Center, select a VDC in which to create the network, and click Next.
4 On the Network Type page, select Imported, then select Advanced Networking Logical Switch, and click
Next.
5 From the list of available Advanced Networking logical switches, select the target switch, and click Next.
6 Enter a meaningful name for the network.
7 Enter the Classless Inter-Domain Routing (CIDR) settings for the network.
Use the format network_gateway_IP_address/subnet_prefix_length, for example,
192.167.1.1/24.
If the switch is configured with a subnet, this information is prepopulated.
8 Enter a description of the organization VDC network.
9 Click Next.
10 (Optional) Configure the DNS settings and the static IP pool. You can add multiple IP addresses and IP ranges.
11 Click Next.
12 On the Ready to Complete page, review your settings, and click Finish.
Edit the General Settings of an Organization Virtual Data Center Network
You can modify the properties of organization VDC networks.
Prerequisites
Verify that you are an organization administrator, system administrator, or that you are assigned a role that includes an equivalent set of rights.
Procedure
1 In the top navigation bar, click Networking.
2 On the Networks tab, click the name of the organization VDC network that you want to edit.
3 On the General tab, click Edit.
a Edit the name and the description of the network.
b If the VDC in which you created the network is backed by Networking Data Center for VMWare vSphere, toggle on or off the Shared option to make the organization VDC network available to other organization VDCs within the same organization.
4 Click Save.
Connect an Organization Virtual Data Center Network to an Edge Gateway
After you create an organization VDC network, you can connect the network to an edge gateway.
Starting with version 10.1, Cyfuture Cloud Console supports connecting to an edge gateway for organization VDC networks that are backed by either Networking Data Center for VMWare vSphere or Advanced Networking Data Center.
Prerequisites
This operation requires either one of the predefined organization administrator or system administrator roles, or a role that includes the Organization VDC Network: Edit Properties and the VDC Group: View right published to the organization.
Procedure
1 In the top navigation bar, click Networking.
2 Click the name of the organization VDC network that you want to connect to an edge gateway.
3 On the General tab, click Edit.
4 Click Connection.
5 Connect the network to an edge gateway.
a Toggle on the Connect to an edge gateway option.
b Select the edge gateway to connect to from the list of available edge gateways.
c Select the interface type.
d To allow a guest VLAN, toggle the Guest VLAN Allowed option.
6 Click Save.
Results
The organization VDC network connects to an edge gateway and converts from isolated to routed.
Disconnect an Organization Cyfuture Cloud Console Network from an Edge Gateway
By disconnecting an organization VDC network from an edge gateway, you can convert it from routed to isolated.
Starting with version 10.1, connecting to and disconnecting from an edge gateway is supported for organization VDC networks that are backed by either Networking Data Center for VMWare vSphere or Advanced Networking Data Center.
Prerequisites
This operation requires either one of the predefined organization administrator or system administrator roles, or a role that includes the Organization VDC Network: Edit Properties right.
Procedure
1 In the top navigation bar, click Networking.
2 Click the name of the organization VDC network that you want to disconnect.
3 On the General tab, click Edit.
4 Click Connection.
5 To disconnect the network from the edge gateway, toggle off the Connect to an edge gateway option.
6 Click Save.
Results
You disconnected the organization VDC network from an edge gateway. The organization VDC network is converted from routed to isolated.
Convert the Interface of a Routed Organization VDC Network
You can change the interface of a network from internal to subinterface or distributed routing, for example, by editing the network properties.
Note Cross-VDC networks cannot be converted.
Prerequisites
This operation requires the rights included in the predefined Organization Administrator role or an equivalent set of rights.
Procedure
1 In the top navigation bar, click Networking.
2 Click the name of the organization VDC network that you want to edit.
3 On the General tab, click Edit.
4 Click Connection.
5 From the Interface Type drop-down menu, select the interface type.
|
Option |
Description |
|
Internal |
Connects to one of the Edge gateway's internal interfaces. The maximum number of networks that are allowed is 9. |
|
Distributed |
Creates the network on a distributed logical router connected to this edge gateway. The maximum number of networks that are allowed is 400. |
|
Subinterface |
Extends an organization VDC network. Cyfuture Cloud Console identifies the network to use to extend through L2 VPN. Cyfuture Cloud Console, with the help of Networking network virtualization, creates a trunk interface type for this network. The maximum number of networks that are allowed is 200. |
6 Click Save.
View the IP Addresses Used for an Organization Virtual Data Center Network
You can view a list of the IP addresses from an organization virtual data center network IP pool that are currently in use.
Prerequisites
Verify that you are an organization administrator, system administrator, or that you are assigned a role that includes an equivalent set of rights.
Verify that your network is an isolated or routed organization virtual data center network.
Procedure
1 In the top navigation bar, click Networking.
2 Click the name of the network for which you want to see the used IP addresses.
3 In the IP Management section, click IP Usage to see which IP addresses are currently in use.
Add IP Addresses to an Organization Virtual Data Center Network IP Pool
If an organization virtual data center network is running out of IP addresses, you can add more addresses to its IP pool.
You cannot add IP addresses to external organization virtual data center networks that have a direct connection.
Prerequisites
Verify that you are an organization administrator, system administrator, or that you are assigned a role that includes an equivalent set of rights.
Verify that your network is an isolated or routed organization virtual data center network.
Procedure
1 In the top navigation bar, click Networking.
2 Click the name of the network that you want to edit.
3 In the IP Management section, click the Static IP Pools tab.
4 Click the Edit button on the right.
In the Edit network window, you see the gateway CIDR and the IP address ranges, if any.
5 In the Static IP Pools text box, enter the IP address or range of IP addresses and click Add.
Note For cross-VDC networks, the IP addresses must not overlap with the IP addresses that are assigned to the other organization VDC networks from the same stretched network.
6 Click Save.
Results
The IP address or range of IP addresses are added to the network IP pool.
Edit or Remove IP Ranges Used in an Organization Virtual Data Center Network
If an organization virtual data center network contains IP addresses that you no longer need, you can edit the addresses or delete them from the IP pool.
Prerequisites
Verify that you are an organization administrator, system administrator, or that you are assigned a role that includes an equivalent set of rights.
Verify that your network is an isolated or routed organization virtual data center network.
Procedure
1 In the top navigation bar, click Networking.
2 Click the name of the network that you want to edit.
3 In the IP Management section, click Static IP Pools.
4 Click the Edit button on the right.
5 To modify an IP range, select the range, make the necessary edits, and click Modify.
6 To remove an IP range, select the range, and click Remove.
7 Click Save.
Edit the DNS Settings of an Organization Virtual Data Center Network
You can edit the DNS settings of an organization virtual data center network.
Prerequisites
Verify that you are an organization administrator, system administrator, or that you are assigned a role that includes an equivalent set of rights.
Verify that your network is an isolated or routed organization virtual data center network.
Procedure
1 In the top navigation bar, click Networking.
2 Click the name of the network that you want to edit.
3 In the IP Management section, click DNS.
4 Click the Edit button on the right.
5 Edit the primary DNS, the secondary DNS, and the DNS suffix information as necessary.
6 Click Save.
Configure DHCP Settings for an Isolated Organization Virtual Data Center Network
You can edit the DHCP settings of an isolated organization VDC network that is backed by Networking Data Center for VMWare vSphere. The DHCP service of an organization VDC network provides IP addresses from its address pool to VM NICs that are configured to request an address from DHCP. The service provides the address when the virtual machine powers on.Starting with version 10.2, Cyfuture Cloud Console supports DHCP settings for both IPv4 and IPv6. You can configure IPv6 settings by using the Cyfuture Cloud Console API.
Prerequisites
Verify that you are an organization administrator, system administrator, or that you are assigned a role that includes an equivalent set of rights.
Verify that your network is an isolated organization virtual data center network.
Verify that your network is backed by Networking Data Center for VMWare vSphere.
Procedure
1 In the top navigation bar, click Networking.
2 Click the name of the network that you want to edit.
3 In the IP Management section, click DHCP.
4 To enable DHCP, click Edit on the right of DHCP Pools Service.
5 Toggle on the DHCP Pools Service and click Save.
Addresses requested by DHCP clients are pulled from a DHCP pool.
6 Create a DHCP pool for the network.
a Click New.
b Enter an IP address range for the pool. The IP address range that you specify cannot overlap with the static IP address pool for the organization virtual data center.
c Specify the default lease time for the DHCP addresses in seconds.The default value is 3,600 seconds.
d Specify the maximum lease time for the DHCP addresses in seconds. This is the maximum length of time that the DHCP-assigned IP addresses are leased to the virtual machines. The default value is 7,200 seconds.
7 Click Save.
Add a DHCP Pool to a Routed Organization Virtual Data Center Network Backed by Advanced Networking Data Center
You can add DHCP pools to a routed organization VDC network that is backed by Advanced Networking Data Center.
Note- Deleting or updating DHCP pools is not supported for organization VDC networks backed by Advanced Networking Data Center.
Prerequisites
These operations require the predefined organization administrator or system administrator roles or a role that includes an equivalent set of rights.
Verify that your network is a routed organization virtual data center network.
Verify that your network is backed by Advanced Networking Data Center.
Procedure
1 In the top navigation bar, click Networking.
2 Click the name of the network that you want to edit.
3 In the IP Management section, click DHCP.
4 To add a DHCP pool, click New.
5 Enter an IPv4 address range for the pool.
6 Click Save.
Edit or Delete an Existing DHCP Pool for an Isolated Organization Virtual Data Center Network Backed by Networking Data Center for VMWare vSphere
If you no longer need a DHCP pool within your isolated organization virtual data center network, you can either delete the pool that is backed by Networking Data Center for VMWare vSphere, or edit it.
Prerequisites
Verify that you are an organization administrator, system administrator, or that you are assigned a role that includes an equivalent set of rights.
Verify that your network is an isolated organization virtual data center network.
Verify that the organization virtual data center network is backed by Networking Data Center for VMWare vSphere.
Procedure
1 In the top navigation bar, click Networking.
2 Click the name of the network that you want to edit.
3 Click the IP Management section, click DHCP.
4 Edit or delete an existing DHCP pool.
|
Option |
Action |
|
Edit a DHCP pool. |
1 Select the DHCP pool that you want to edit. 2 Click the Edit button. 3 Update the IP address range for the pool. 4 Edit the default lease time for the DHCP addresses in seconds. 5 Edit the maximum lease time for the DHCP addresses in seconds. 6 Click Save. |
|
Delete a DHCP pool. |
1 Select the DHCP pool that you want to delete. 2 Click the Delete button. |
Reset an Organization Virtual Data Center Network
If the network services, such as DHCP settings or firewall settings which are associated with an organization virtual data center network are not working as expected, you can reset the network.
When you reset the organization virtual data center network, you force the network DHCP service gateway to be redeployed. This operation results in a temporary disruption of the DHCP services and no network services are available while the network is resetting.
Prerequisites
This operation requires the rights included in the predefined Organization Administrator role or an equivalent set of rights.
The network is not connected to any virtual machines, vApps, or other networks.
Procedure
1 In the top navigation bar, click Networking.
2 Select an organization VDC network.
3 Click Reset and confirm the reset operation
Delete an Organization Virtual Data Center Network
If you no longer need an organization virtual data center network, you can delete the network.
Prerequisites
This operation requires the rights included in the predefined Organization Administrator role or an equivalent set of rights. The network is not connected to virtual machines, vApps, or other networks.
Procedure
1 In the top navigation bar, click Networking.
2 Click the radio button next to the name of the target network and click Delete
3 To confirm, click OK.