To control the access to an external network, you can add a routed organization VDC network. System administrators and organization administrators can configure network address translation (NAT), firewall, and VPN settings to make specific virtual machines accessible from the external network.

You can add a mix of routed and isolated organization VDC networks to meet the needs of your organization. For example, you can add a network that is associated with an edge gateway and connected to the Internet, while having an isolated network that contains sensitive information.

You can add an IPv4 or IPv6 routed organization VDC network.

Prerequisites

This operation requires the rights included in the predefined Organization Administrator role or an equivalent set of rights.

Procedure

  1. In the top navigation bar, click Networking.
  2. On the Networks tab, click New.
  3. On the Scope page, select Organization Virtual Data Center, select a VDC in which to create the network, and click Next.
  4. On the Select Network Type page, select Routed and click Next.
  5. Enter a meaningful name for the network.
  6. Enter the Classless Inter-Domain Routing (CIDR) settings for the network.
    Use the format network_gateway_IP_address/ subnet_prefix_length, for example, 192.167.1.1/24.
  7. Enter a description of the organization VDC network.
  8. (Optional) If the VDC in which you create the network is backed by NSX Data Center for vSphere, toggle on the Shared option to make the organization VDC network available to other organization VDCs within the same organization.
    One potential use case is when an application within an Organization VDC has a reservation or allocation pool set as the allocation model. In this case, it might not have enough room to run more virtual machines. As a solution, you can create a secondary Organization VDC with pay-as-you-go and run more virtual machines on that network on a temporary basis.
    Note: The Organization VDCs must share the same network pool.
  9. Click Next.
  10. On the Edge Connection page, select an edge gateway with which to associate the organization VDC network.
    If the organization VDC includes more than one edge gateway, you must select an edge gateway for this network to connect to. To support another routed network, the Edge Gateway must show a value of at least 1 in the # Available Networks column.
  11. From the Interface Type drop-down menu, select the interface type.
    Option Description
    Internal Connects to one of the Edge gateway's internal interfaces.

    The maximum number of networks that are allowed is 9.

    Distributed Creates the network on a distributed logical router connected to this edge gateway.

    The maximum number of networks that are allowed is 400.

    Subinterface Extends an organization VDC network. VMware Cloud Director identifies the network to use to extend through L2 VPN.

    VMware Cloud Director, with the help of NSX network virtualization, creates a trunk interface type for this network. The maximum number of networks that are allowed is 200.

  12. (Optional) To enable tagging of guest VLANs on this network, toggle on the Guest VLAN Allowed option.
  13. Click Next.
  14. (Optional) To reserve one or more IP addresses for assignment to virtual machines that require static IP addresses, configure the Static IP Pools for the network.
    1. Enter the IP address or range of IP addresses, and click Add.
      To add multiple static IP addresses or ranges, repeat this step.
    2. (Optional) To modify or remove IP addresses and ranges, click Modify or Remove.
  15. Click Next.
  16. (Optional) Configure the DNS settings.
    Option Action
    Primary DNS Enter the IP address for your primary DNS server.
    Secondary DNS Enter the IP address for your secondary DNS server.
    DNS Suffix Enter your DNS suffix.

    The DNS suffix is the DNS name without including the host name.

  17. Click Next.
  18. On the Ready to Complete page, review your settings, and click Finish.