A VMware Cloud Director external network provides an uplink interface that connects networks and virtual machines in the system to a network outside of the system, such as a VPN, a corporate intranet, or the public Internet. Only a system administrator can create an external network.
If you have more than one vCenter Server instance registered to the system, you can create multiple external networks, each backed either by a vSphere network, an NSX-T segment that is configured either with a VLAN or an overlay transport zone. You can also import a tier-0 gateway.
VMware Cloud Director supports IPv4 and IPv6 external networks. Dual-stack external networks are not supported.
External Networks Backed by vSphere Networks
This type of external networks can be backed either by a single vSphere network, or by multiple vSphere networks.
- External networks backed by a single vSphere instance.
To provide each consumer of the external network with a non-overlapping set of IP addresses on the vSphere network, the system administrator must configure the IP ranges on the underlying VLAN manually.
- External networks backed by multiple vSphere networks.
An external network can be backed by multiple vSphere networks. This approach can simplify the IP address management in VMware Cloud Director. You can modify the properties of an external network to change its network backings.
External networks backed by multiple vSphere networks have several constraints.
- A network can have at most one backing vSphere network on each VMware Cloud Director instance registered to the system.
- All backing network switches must be of the same type, either vSphere Distributed Switch or standard switch.
- Each network must be on a different switch.
An external network can be backed by an imported NSX-T Data Center tier-0 gateway.
You can also create an external network that is backed by a VRF-lite tier-0 gateway in NSX-T Data Center.
A virtual routing and forwarding (VRF) gateway is created from a parent tier-0 gateway. It has its own routing tables.
Multiple VRF gateways can exist within the same tier-0 gateway at the same time. Because of that, adding a VRF-backed tier-0 gateway makes possible the creation of a fully routed network topology in a VDC by scaling out a tier-0 gateway in NSX-T Data Center.
For information about VRF gateways, see NSX-T Data Center Administration Guide.
External networks backed by an NSX-T Data Center Segment
An external network can be backed by an imported NSX-T segment that is configured either with a VLAN or an overlay transport zone. In NSX-T Data Center, segments are virtual layer 2 domains. A segment was earlier called a logical switch.