To control the access to an external network, you can add a routed organization VDC network. System administrators and organization administrators can configure network address translation (NAT), firewall, and VPN settings to make specific virtual machines accessible from the external network.

You can add a mix of routed and isolated organization VDC networks to meet the needs of your organization. For example, you can add a network that is associated with an edge gateway and connected to the Internet, while having an isolated network that contains sensitive information.

You can add an IPv4 or IPv6 routed organization VDC network.

Prerequisites

This operation requires the rights included in the predefined Organization Administrator role or an equivalent set of rights.

Procedure

  1. On the Virtual Datacenters dashboard screen, click the card of the virtual data center you want to explore, and select Networks from the left panel.
  2. Click Add.
  3. On the Select Network Type page, select Routed and click Next.
  4. Enter a meaningful name for your organization VDC network.
  5. Enter the Classless Inter-Domain Routing (CIDR) settings for the routed organization VDC network.

    Use the format network_gateway_IP_address/subnet_prefix_length, for example, 192.167.1.1/24.

  6. (Optional) Enter a description of the organization VDC network.
  7. (Optional) To make the organization VDC network available to other organization VDCs within the same organization, toggle on the Shared option.
    One potential use case is when an application within an Organization VDC has a reservation or allocation pool set as the allocation model. In this case, it might not have enough room to run more virtual machines. As a solution, you can create a secondary Organization VDC with pay-as-you-go and run more virtual machines on that network on a temporary basis.
    Note: The Organization VDCs must share the same network pool.
  8. Click Next.
  9. On the Edge Connection page, select an edge gateway with which to associate the organization VDC network.
    If the organization VDC includes more than one edge gateway, you must select an edge gateway for this network to connect to. To support another routed network, the Edge Gateway must show a value of at least 1 in the # Available Networks column.
  10. From the Interface Type drop-down menu, select the interface type.
    Option Description
    Internal Connects to one of the Edge gateway's internal interfaces.

    The maximum number of networks that are allowed is 9.

    Distributed Creates the network on a distributed logical router connected to this edge gateway.

    The maximum number of networks that are allowed is 400.

    Subinterface Extends an organization VDC network. vCloud Director identifies the network to use to extend through L2 VPN.

    vCloud Director, with the help of NSX network virtualization, creates a trunk interface type for this network. The maximum number of networks that are allowed is 200.

  11. (Optional) To enable tagging of guest VLANs on this network, toggle on the Guest VLAN Allowed option.
  12. Click Next.
  13. (Optional) To reserve one or more IP addresses for assignment to virtual machines that require static IP addresses, configure the Static IP Pools for the network.
    1. Enter the IP address or range of IP addresses, and click Add.
    2. To add multiple static IP addresses or ranges, repeat this step.
    3. (Optional) To modify or remove IP addresses and ranges, click Modify or Remove.
  14. Click Next.
  15. (Optional) Configure the DNS settings.
    Option Action
    Primary DNS Enter the IP address for your primary DNS server.
    Secondary DNS Enter the IP address for your secondary DNS server.
    DNS Suffix Enter your DNS suffix. The DNS suffix is the DNS name without including the hostname.
  16. Click Next.
  17. On the Ready to Complete page, review the organization VDC network settings that you have provided, and click Finish.